$ rpki-client -vvf rpki.apnic.net/member_repository/A9123E38/6B91EDA0536C11EAA5C2790CC4F9AE02/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.mft File: 0JTSRxQ1Lg680_iCdSMoJ7xqyJA.mft (raw, json) Hash identifier: kd7WqlS1vIm3LjBmwL6Th4xQ0X2VDULMQkKS/QRRVDI= Subject key identifier: 17:21:B5:09:B4:B9:BD:F6:63:4B:8B:89:30:20:58:AE:02:C3:C9:23 Authority key identifier: D0:94:D2:47:14:35:2E:0E:BC:D3:F8:82:75:23:28:27:BC:6A:C8:90 Certificate issuer: /CN=A9123E38/serialNumber=D094D24714352E0EBCD3F88275232827BC6AC890 Certificate serial: 0AFB Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9123E38/6B91EDA0536C11EAA5C2790CC4F9AE02/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.mft Manifest number: 0AF9 Signing time: Sat 18 Oct 2025 17:04:45 +0000 Manifest this update: Sat 18 Oct 2025 17:04:45 +0000 Manifest next update: Sat 25 Oct 2025 17:04:45 +0000 Files and hashes: 1: 0JTSRxQ1Lg680_iCdSMoJ7xqyJA.crl (hash: ZyTygruPKt/LIfxKodj/AvOpm+P3bMaw9I8IrjMVTJ4=) 2: DC25591636C011F0A9DAF53EC4F9AE02.roa (hash: X6qLGESMHlCjgInNJuuQgeTL462kIXu1+dGUahA9Gs8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9123E38/6B91EDA0536C11EAA5C2790CC4F9AE02/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.crl rsync://rpki.apnic.net/member_repository/A9123E38/6B91EDA0536C11EAA5C2790CC4F9AE02/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 17:04:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2811 (0xafb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9123E38, serialNumber=D094D24714352E0EBCD3F88275232827BC6AC890 Validity Not Before: Oct 18 17:04:45 2025 GMT Not After : Oct 25 17:04:45 2025 GMT Subject: CN=68f3c8ad-e866 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:cf:b2:8e:98:f1:0a:28:0e:d1:18:44:6e:7e: 92:8b:19:93:17:4a:7a:c7:5b:15:9b:cb:05:6a:81: 43:2c:7b:b0:4f:a7:f3:ab:54:f8:cf:1c:17:db:3e: c5:44:d3:2f:9d:f4:84:2b:2c:c5:4d:e9:83:05:a0: 2f:eb:66:bc:4c:f5:73:e1:fb:5a:0d:de:99:b7:9d: 39:c6:15:4a:a0:a9:0a:0a:d3:11:2f:80:51:d5:00: cb:b0:44:db:d5:2d:b2:c3:a0:d8:de:20:ba:1d:54: 75:87:15:6f:46:2e:fe:08:10:c0:9d:35:1c:cb:2f: db:ab:c2:83:2c:fa:38:c4:9a:2c:65:69:3f:b0:1f: cb:d4:f9:e4:07:48:41:80:d8:7e:f6:73:f9:26:8c: 6d:9b:1f:ef:66:ba:ed:8d:91:31:1a:73:c3:0b:ce: 4f:bb:40:0d:48:36:bd:40:f0:2f:a2:f7:74:a7:43: 6f:56:0a:c7:29:ee:e0:21:1b:74:11:5b:17:e6:a2: de:0b:f0:5b:74:c2:e6:2d:d6:02:a4:ad:7e:93:19: c0:e1:80:19:e4:d4:60:6a:3d:cd:92:84:8c:ad:ef: ab:b6:34:56:78:da:15:80:99:96:93:df:f6:49:cb: 0f:58:66:dc:68:a6:4f:e5:7b:e3:bd:e1:ee:c4:4a: 9d:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:21:B5:09:B4:B9:BD:F6:63:4B:8B:89:30:20:58:AE:02:C3:C9:23 X509v3 Authority Key Identifier: keyid:D0:94:D2:47:14:35:2E:0E:BC:D3:F8:82:75:23:28:27:BC:6A:C8:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9123E38/6B91EDA0536C11EAA5C2790CC4F9AE02/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9123E38/6B91EDA0536C11EAA5C2790CC4F9AE02/0JTSRxQ1Lg680_iCdSMoJ7xqyJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:0c:cd:7a:87:f9:fd:2b:a6:50:78:d5:a1:79:0d:4e:84:49: f6:bd:6d:db:1c:df:bd:2d:84:ac:62:ef:7e:37:31:0a:df:2a: 27:93:e2:87:3a:30:0f:6c:d0:08:20:35:b3:fd:43:37:e3:59: df:96:77:a6:7e:ca:47:c5:f1:01:16:7a:8e:c7:d3:75:cb:99: f8:53:68:fe:be:af:ea:43:73:78:d6:7f:5d:51:2e:c7:80:32: d2:b1:a7:75:6d:51:38:26:75:28:36:ab:ea:23:0c:2c:1e:7c: 71:e5:ca:02:96:35:7c:69:02:b0:c4:d9:b7:d5:d6:4a:3d:85: dc:cf:f5:05:5e:4b:07:a4:c2:65:89:41:1d:31:61:a5:e0:5f: 24:46:a0:74:0a:be:72:06:76:42:bd:0d:7c:53:14:c1:f3:c2: b7:34:45:25:58:f7:14:e8:63:53:8b:cd:6e:1f:5b:c0:e7:48: 38:b8:cb:a6:c9:ad:47:48:2c:95:61:ba:a7:80:30:2b:26:12: 7f:23:40:aa:d6:d1:55:04:fb:fb:fd:0b:e3:dd:9a:a8:14:18: d9:7e:b0:c9:92:8d:97:f7:82:77:28:af:3a:6e:be:33:bd:0b: 01:60:4c:de:fc:b8:e0:f9:3a:9a:89:ef:63:a7:33:93:a6:3b: c0:30:cb:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjNFMzgxMTAvBgNVBAUTKEQwOTREMjQ3MTQzNTJFMEVCQ0QzRjg4Mjc1MjMyODI3 QkM2QUM4OTAwHhcNMjUxMDE4MTcwNDQ1WhcNMjUxMDI1MTcwNDQ1WjAYMRYwFAYD VQQDEw02OGYzYzhhZC1lODY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7M+yjpjxCigO0RhEbn6SixmTF0p6x1sVm8sFaoFDLHuwT6fzq1T4zxwX2z7F RNMvnfSEKyzFTemDBaAv62a8TPVz4ftaDd6Zt505xhVKoKkKCtMRL4BR1QDLsETb 1S2yw6DY3iC6HVR1hxVvRi7+CBDAnTUcyy/bq8KDLPo4xJosZWk/sB/L1PnkB0hB gNh+9nP5Joxtmx/vZrrtjZExGnPDC85Pu0ANSDa9QPAvovd0p0NvVgrHKe7gIRt0 EVsX5qLeC/BbdMLmLdYCpK1+kxnA4YAZ5NRgaj3NkoSMre+rtjRWeNoVgJmWk9/2 ScsPWGbcaKZP5XvjveHuxEqdjQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBchtQm0 ub32Y0uLiTAgWK4Cw8kjMB8GA1UdIwQYMBaAFNCU0kcUNS4OvNP4gnUjKCe8asiQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyM0UzOC82QjkxRURBMDUz NkMxMUVBQTVDMjc5MENDNEY5QUUwMi8wSlRTUnhRMUxnNjgwX2lDZFNNb0o3eHF5 SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBKVFNSeFExTGc2ODBfaUNkU01vSjd4cXlKQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy M0UzOC82QjkxRURBMDUzNkMxMUVBQTVDMjc5MENDNEY5QUUwMi8wSlRTUnhRMUxn NjgwX2lDZFNNb0o3eHF5SkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkDM16h/n9K6ZQeNWheQ1OhEn2vW3bHN+9LYSsYu9+NzEK3yonk+KH OjAPbNAIIDWz/UM341nflnemfspHxfEBFnqOx9N1y5n4U2j+vq/qQ3N41n9dUS7H gDLSsad1bVE4JnUoNqvqIwwsHnxx5coCljV8aQKwxNm31dZKPYXcz/UFXksHpMJl iUEdMWGl4F8kRqB0Cr5yBnZCvQ18UxTB88K3NEUlWPcU6GNTi81uH1vA50g4uMum ya1HSCyVYbqngDArJhJ/I0Cq1tFVBPv7/Qvj3ZqoFBjZfrDJko2X94J3KK86br4z vQsBYEze/Ljg+Tqaie9jpzOTpjvAMMuP -----END CERTIFICATE-----Generated at Mon Oct 20 16:17:03 2025 by rpki-client