$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: BVutiF9YHKTq0ulJnqDcS6GmkgrC/LAr+M2/orfuosw= Subject key identifier: 82:E1:72:45:DC:FD:ED:0B:95:FD:B3:B0:2B:0C:04:88:74:2B:7C:4A Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0D53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0D4B Signing time: Mon 20 Oct 2025 18:33:03 +0000 Manifest this update: Mon 20 Oct 2025 18:33:02 +0000 Manifest next update: Mon 27 Oct 2025 18:33:02 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: ieFuEUbqqv+7VJI241vGoO7ikbMobGk5aAw3vo4nN3Q=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: zkAhSZ57x5i2z1ecY4hViVs+riusX3XK2gSVsFUEBsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:33:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3411 (0xd53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00, serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: Oct 20 18:33:02 2025 GMT Not After : Oct 27 18:33:02 2025 GMT Subject: CN=68f6805f-b081 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:09:d4:37:a0:d0:2c:05:49:2c:5c:17:59:af: 33:52:16:f5:cc:de:57:00:8f:de:a8:04:ad:24:5b: cd:18:c5:82:f3:32:4e:a4:6b:82:5a:83:79:17:4a: e9:d7:0c:d0:e2:6a:80:78:83:4f:02:1e:2a:fa:db: 4a:59:48:3a:2b:9e:ca:92:a3:15:cc:04:d8:b8:58: a5:60:b7:4e:8e:61:1c:b8:7c:f4:10:4e:3b:9d:ab: 61:82:39:32:3b:fc:e7:4d:17:51:fe:3a:a1:bb:14: c6:a3:14:3b:71:49:66:ca:9c:8f:15:42:07:dd:3e: e3:2b:f1:5c:d1:a6:77:76:6d:c7:25:f7:50:97:11: 0e:1c:9e:88:ee:0f:53:45:35:70:c8:46:4d:c4:92: 5e:d5:e4:ae:39:ba:46:52:ce:0a:e5:9c:70:88:cc: be:4d:51:82:67:96:bc:64:e9:94:a0:24:0e:ed:c2: 46:d8:74:4b:b4:25:06:38:29:15:9c:fd:9d:1b:83: 38:99:6e:0a:55:ef:a2:69:8a:34:9f:24:00:04:a8: 0c:1d:c9:63:56:0e:83:26:92:84:d2:78:14:0f:9d: e7:0c:59:16:a4:79:94:b0:d6:0d:9b:a7:3e:2a:b2: 36:ee:0f:f7:fd:25:9d:36:f4:85:3e:65:78:2b:91: df:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:E1:72:45:DC:FD:ED:0B:95:FD:B3:B0:2B:0C:04:88:74:2B:7C:4A X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:50:79:1b:47:a0:13:2a:b4:21:89:de:3a:27:5d:dc:25:f9: 43:81:6a:2e:43:50:19:cd:aa:2d:84:fe:11:06:a4:52:27:b5: c0:79:20:6a:0b:9d:4b:45:ef:91:e7:fc:96:73:1b:9c:d1:25: 20:28:d4:ff:4a:4b:5a:0f:49:7b:6d:bb:04:99:b2:62:5f:c2: 2f:17:58:98:23:16:fa:85:f2:65:eb:8f:bb:34:5c:4c:ad:41: e7:7a:d6:96:70:9f:1d:62:bc:04:7f:83:23:a7:a4:5c:cf:64: 4c:dc:53:8b:89:f2:2d:25:c8:2c:bf:3d:f5:89:d7:7e:e3:7c: 95:b6:e5:4f:cc:81:80:fd:9f:cb:ba:ea:ca:df:bb:cc:80:4b: a1:25:53:18:0f:a5:1c:d6:9f:63:af:1e:c1:d1:7a:f3:3a:50: 24:3c:cb:55:9e:74:54:93:cf:1c:64:2d:d6:9a:1e:3a:6a:91: a0:04:e2:25:d7:60:8e:38:64:fc:2b:37:f1:60:59:24:36:72: 29:31:0b:07:0e:f7:de:72:48:d4:70:06:de:ae:80:98:2e:ae: 43:92:20:38:80:a2:8a:cf:49:ce:7d:6c:68:a5:a7:31:5c:6f: b3:a9:2c:93:44:5d:06:7f:22:e2:c5:3c:5b:d9:38:e7:b9:71: 43:64:19:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjUxMDIwMTgzMzAyWhcNMjUxMDI3MTgzMzAyWjAYMRYwFAYD VQQDEw02OGY2ODA1Zi1iMDgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvwnUN6DQLAVJLFwXWa8zUhb1zN5XAI/eqAStJFvNGMWC8zJOpGuCWoN5F0rp 1wzQ4mqAeINPAh4q+ttKWUg6K57KkqMVzATYuFilYLdOjmEcuHz0EE47nathgjky O/znTRdR/jqhuxTGoxQ7cUlmypyPFUIH3T7jK/Fc0aZ3dm3HJfdQlxEOHJ6I7g9T RTVwyEZNxJJe1eSuObpGUs4K5ZxwiMy+TVGCZ5a8ZOmUoCQO7cJG2HRLtCUGOCkV nP2dG4M4mW4KVe+iaYo0nyQABKgMHcljVg6DJpKE0ngUD53nDFkWpHmUsNYNm6c+ KrI27g/3/SWdNvSFPmV4K5Hf5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFILhckXc /e0Llf2zsCsMBIh0K3xKMB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfUHkbR6ATKrQhid46J13cJflDgWouQ1AZzaothP4RBqRSJ7XAeSBq C51LRe+R5/yWcxuc0SUgKNT/SktaD0l7bbsEmbJiX8IvF1iYIxb6hfJl64+7NFxM rUHnetaWcJ8dYrwEf4Mjp6Rcz2RM3FOLifItJcgsvz31idd+43yVtuVPzIGA/Z/L uurK37vMgEuhJVMYD6Uc1p9jrx7B0XrzOlAkPMtVnnRUk88cZC3Wmh46apGgBOIl 12COOGT8KzfxYFkkNnIpMQsHDvfeckjUcAberoCYLq5DkiA4gKKKz0nOfWxopacx XG+zqSyTRF0GfyLixTxb2TjnuXFDZBlV -----END CERTIFICATE-----Generated at Tue Oct 21 02:25:21 2025 by rpki-client