$ rpki-client -vvf rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft File: CStU0vnpbT_OHwwNuzGxuCyNLOA.mft (raw, json) Hash identifier: uo8wBXsuNEum6O8fQ+ViCtmpYiFqNO3pip1n2XRsUIA= Subject key identifier: 3B:21:AA:CA:A8:66:94:33:2C:94:9F:7A:5B:95:F4:DE:1F:BF:4A:E1 Authority key identifier: 09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 Certificate issuer: /CN=A9122EA2/serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Certificate serial: 0226 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft Manifest number: 021A Signing time: Sun 19 Oct 2025 04:33:32 +0000 Manifest this update: Sun 19 Oct 2025 04:33:31 +0000 Manifest next update: Sun 26 Oct 2025 04:33:31 +0000 Files and hashes: 1: CStU0vnpbT_OHwwNuzGxuCyNLOA.crl (hash: KhKreIgTpJXF4HCMB21X4nJjPsUU4o2fH+CJI/IiAzM=) 2: C20F71E0992A11EEBDE4AF84C4F9AE02.roa (hash: csl85VTomjs4iPv8bKOFHRUkLivByj84d/cWaa81y8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:33:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 550 (0x226) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122EA2, serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Validity Not Before: Oct 19 04:33:31 2025 GMT Not After : Oct 26 04:33:31 2025 GMT Subject: CN=68f46a1b-3e25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:6d:4f:51:6f:c2:65:5a:11:c0:df:60:0f:32: d0:76:10:61:68:0f:b7:b8:21:be:df:6c:9e:2b:e0: dd:83:b6:0a:2f:08:9d:ef:b7:b6:1e:b1:94:3b:70: d9:e1:ec:95:11:e7:fa:bd:0b:b5:da:2d:4b:c5:3c: cd:67:38:44:77:07:f4:19:cf:b0:e1:39:ed:62:c5: c3:8c:47:e2:cc:42:5c:4d:6a:5b:84:98:36:74:22: c5:1e:b5:80:0c:9a:3a:fe:85:5c:94:5a:a1:c9:22: cc:78:76:63:c5:14:f3:b4:77:32:c8:9b:c9:7c:c7: 90:67:c6:00:22:83:1d:8d:8a:ee:18:c7:a8:60:dc: 53:d6:b1:2c:8b:a8:74:53:cc:f4:e3:4f:c8:d0:c5: 74:86:01:0c:31:36:86:b6:5d:4f:b5:30:ef:88:bd: 20:4d:9b:1e:75:a8:28:cd:d3:a0:6d:91:5d:06:68: eb:bb:ba:28:6d:55:dc:c0:b7:9a:80:b1:69:20:e8: 4e:7a:3b:47:eb:df:ef:4f:5b:05:7e:27:1c:b5:aa: 1c:b3:c4:a2:5b:1b:4d:58:0a:32:63:1d:76:8e:bd: fc:de:b9:2c:30:89:f5:84:8d:ee:d8:06:59:52:07: e1:33:26:3c:25:33:c0:74:c0:32:84:71:93:a5:ef: 91:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:21:AA:CA:A8:66:94:33:2C:94:9F:7A:5B:95:F4:DE:1F:BF:4A:E1 X509v3 Authority Key Identifier: keyid:09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:7c:55:9c:42:74:ad:c5:6c:45:a6:b3:d2:72:cb:df:81:03: e9:cd:1a:88:dd:66:1c:b0:03:ef:25:d2:6b:f7:e2:46:2c:73: 34:00:be:67:d5:e3:f1:81:ed:c4:7e:aa:af:6b:8d:0b:5a:93: d3:d7:27:38:6e:26:25:ee:32:c9:8e:f5:f7:e7:c6:5a:4a:6c: dc:18:14:eb:0a:5e:74:0c:80:c2:2d:83:80:d7:d3:f6:db:34: 71:de:99:e6:39:5e:97:84:96:1c:29:ee:ac:3a:93:42:d7:31: a4:c3:b6:85:61:33:ae:62:38:bd:91:ec:01:dd:f8:f3:e9:d5: 9e:69:f7:75:8b:78:80:5f:d2:2f:a0:74:3a:30:dd:80:65:40: 68:96:43:f1:88:5f:23:4e:29:6a:13:7a:50:1b:81:a4:46:17: 67:12:63:81:fd:c3:95:a8:ee:c1:18:c1:9e:46:a7:da:3f:91: 7c:13:41:3a:92:3e:33:8d:76:ab:87:36:53:50:83:89:b0:f5: f3:b6:c1:d2:45:1a:e9:99:ea:9b:d0:e9:84:1c:f0:77:65:b0: fd:22:7e:d4:10:b7:8f:92:e6:44:05:21:6d:d7:2c:fb:a6:8a: 56:f4:a3:f5:ad:5d:1f:50:69:5d:a5:57:71:e3:b5:bf:06:b4: 02:1f:fc:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJFQTIxMTAvBgNVBAUTKDA5MkI1NEQyRjlFOTZEM0ZDRTFGMEMwREJCMzFCMUI4 MkM4RDJDRTAwHhcNMjUxMDE5MDQzMzMxWhcNMjUxMDI2MDQzMzMxWjAYMRYwFAYD VQQDEw02OGY0NmExYi0zZTI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy21PUW/CZVoRwN9gDzLQdhBhaA+3uCG+32yeK+Ddg7YKLwid77e2HrGUO3DZ 4eyVEef6vQu12i1LxTzNZzhEdwf0Gc+w4TntYsXDjEfizEJcTWpbhJg2dCLFHrWA DJo6/oVclFqhySLMeHZjxRTztHcyyJvJfMeQZ8YAIoMdjYruGMeoYNxT1rEsi6h0 U8z040/I0MV0hgEMMTaGtl1PtTDviL0gTZsedagozdOgbZFdBmjru7oobVXcwLea gLFpIOhOejtH69/vT1sFficctaocs8SiWxtNWAoyYx12jr383rksMIn1hI3u2AZZ UgfhMyY8JTPAdMAyhHGTpe+RwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDshqsqo ZpQzLJSfeluV9N4fv0rhMB8GA1UdIwQYMBaAFAkrVNL56W0/zh8MDbsxsbgsjSzg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkVBMi8xNTI1MzQxNDg1 NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJUX09Id3dOdXpHeHVDeU5M T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NTdFUwdm5wYlRfT0h3d051ekd4dUN5TkxPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MkVBMi8xNTI1MzQxNDg1NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJU X09Id3dOdXpHeHVDeU5MT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABfFWcQnStxWxFprPScsvfgQPpzRqI3WYcsAPvJdJr9+JGLHM0AL5n 1ePxge3Efqqva40LWpPT1yc4biYl7jLJjvX358ZaSmzcGBTrCl50DIDCLYOA19P2 2zRx3pnmOV6XhJYcKe6sOpNC1zGkw7aFYTOuYji9kewB3fjz6dWeafd1i3iAX9Iv oHQ6MN2AZUBolkPxiF8jTilqE3pQG4GkRhdnEmOB/cOVqO7BGMGeRqfaP5F8E0E6 kj4zjXarhzZTUIOJsPXztsHSRRrpmeqb0OmEHPB3ZbD9In7UELePkuZEBSFt1yz7 popW9KP1rV0fUGldpVdx47W/BrQCH/wL -----END CERTIFICATE-----Generated at Sun Oct 19 23:32:26 2025 by rpki-client