$ rpki-client -vvf rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft File: Icv-KamU2PngPkxNRObPW2SLeOw.mft (raw, json) Hash identifier: hEaTjwCnzi1lEANA7Bz8QMGm892OwRS3f0t4cBuplPQ= Subject key identifier: 07:77:F8:25:4A:A1:94:2A:B3:1B:A7:3F:A1:7E:15:A3:C0:B1:04:3F Authority key identifier: 21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC Certificate issuer: /CN=A91272F9/serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Certificate serial: 1313 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft Manifest number: 12FE Signing time: Sat 18 Oct 2025 17:32:16 +0000 Manifest this update: Sat 18 Oct 2025 17:32:15 +0000 Manifest next update: Sat 25 Oct 2025 17:32:15 +0000 Files and hashes: 1: Icv-KamU2PngPkxNRObPW2SLeOw.crl (hash: O1LYerVdFPvlkIcIJkXwnIUEUdpJMoXPUVj298YKUsQ=) 2: AA5A77C88DB811EBA0613421C4F9AE02.roa (hash: F64rTtQK62WkoJ4T7LBeaKOnYlMCrnrGJqKnlzvZNxc=) 3: A5393FF2E70911E8B4D19B84C4F9AE02.roa (hash: V0JrvauXWXNDpsL43DjdmMpgmoTrusHbq711Y8hqbp8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 17:32:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4883 (0x1313) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91272F9, serialNumber=21CBFE29A994D8F9E03E4C4D44E6CF5B648B78EC Validity Not Before: Oct 18 17:32:15 2025 GMT Not After : Oct 25 17:32:15 2025 GMT Subject: CN=68f3cf20-d34c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:94:c9:54:79:22:d6:db:36:b6:b4:33:03:c7: e6:36:2f:87:82:48:42:dc:5a:14:ef:da:d0:93:7b: 71:78:1e:a9:a6:02:6c:88:54:e7:49:7e:08:7e:9c: 31:93:90:d6:e9:d2:4e:d9:94:81:1f:14:55:21:53: 1c:25:7d:6e:5c:75:4f:dd:4b:34:19:a1:7d:a3:f2: cb:39:40:4c:ed:3d:ca:b1:cf:bc:8f:a8:ce:86:59: e9:05:cd:5c:b3:25:de:f8:d2:9d:46:fa:e4:02:49: d0:0d:fc:63:ba:be:67:e5:5b:d6:b2:61:08:d1:1a: b3:b2:2b:27:22:c2:19:44:0e:cf:4e:d8:d5:ec:68: 56:7c:59:b0:7b:dd:70:c9:79:d3:31:54:40:ba:01: 18:e8:6b:65:b8:18:49:b0:22:87:c7:9d:1b:24:7f: 29:5a:b7:ba:75:2d:05:6a:cd:f8:81:4b:07:af:4e: 8d:64:ab:4e:83:66:6d:a9:2d:d0:b9:d8:59:69:18: b5:a8:eb:5c:06:f6:82:d2:12:36:b8:17:47:20:c4: 00:5a:30:0d:c3:79:0b:38:68:dd:7d:0b:9b:7c:21: a2:a8:bc:41:bb:1d:27:c4:11:5f:6c:b4:8d:c1:c5: cc:e9:22:80:49:3b:2e:9b:4f:fb:63:f8:17:1a:9d: 05:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:77:F8:25:4A:A1:94:2A:B3:1B:A7:3F:A1:7E:15:A3:C0:B1:04:3F X509v3 Authority Key Identifier: keyid:21:CB:FE:29:A9:94:D8:F9:E0:3E:4C:4D:44:E6:CF:5B:64:8B:78:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Icv-KamU2PngPkxNRObPW2SLeOw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91272F9/D2ED49C2C26D11E8BABE1165C4F9AE02/Icv-KamU2PngPkxNRObPW2SLeOw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:18:d1:3a:c7:73:f3:21:5d:7d:7c:b7:29:12:5d:f7:85:5b: c8:32:91:7b:02:21:61:0c:6f:3a:b3:ec:5c:d2:42:af:da:2c: a9:d1:03:4b:3f:ac:06:a9:f1:9b:fe:92:c7:35:5f:f1:2c:f5: e4:dc:34:82:6d:e2:a5:b5:54:14:db:3c:c2:c7:83:4c:20:e7: 12:25:5b:1e:7d:3b:c4:a1:8b:60:b2:7b:4b:4a:33:87:73:5a: 1a:c8:11:83:50:7c:a7:b5:d8:59:d4:ab:88:b2:3e:0d:de:b8: f0:14:1b:ea:80:14:c7:86:a8:37:73:4b:aa:3d:a3:b7:ed:ba: 9f:24:3a:e9:e6:96:03:46:cb:77:b4:05:d2:1a:e0:94:7c:af: 5a:2d:88:6a:9e:f4:32:04:91:5a:18:a0:0f:85:56:db:c2:20: 92:0a:25:ad:43:03:85:28:11:03:35:fe:f8:33:19:84:13:77: 8f:75:df:bf:3e:e0:71:69:fd:17:cc:0c:fa:2a:a6:d5:6e:74: ab:24:77:1f:ff:8e:30:45:26:44:ec:12:68:5c:bb:dc:b3:51: 31:6c:76:ab:2c:d1:81:89:a2:64:56:fa:6b:fc:3b:18:ea:83: 05:32:84:21:0e:43:7e:d3:b2:01:e2:a3:19:d5:1e:ed:c2:a5: 38:77:c6:4f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICExMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjcyRjkxMTAvBgNVBAUTKDIxQ0JGRTI5QTk5NEQ4RjlFMDNFNEM0RDQ0RTZDRjVC NjQ4Qjc4RUMwHhcNMjUxMDE4MTczMjE1WhcNMjUxMDI1MTczMjE1WjAYMRYwFAYD VQQDEw02OGYzY2YyMC1kMzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA05TJVHki1ts2trQzA8fmNi+HgkhC3FoU79rQk3txeB6ppgJsiFTnSX4Ifpwx k5DW6dJO2ZSBHxRVIVMcJX1uXHVP3Us0GaF9o/LLOUBM7T3Ksc+8j6jOhlnpBc1c syXe+NKdRvrkAknQDfxjur5n5VvWsmEI0RqzsisnIsIZRA7PTtjV7GhWfFmwe91w yXnTMVRAugEY6GtluBhJsCKHx50bJH8pWre6dS0Fas34gUsHr06NZKtOg2ZtqS3Q udhZaRi1qOtcBvaC0hI2uBdHIMQAWjANw3kLOGjdfQubfCGiqLxBux0nxBFfbLSN wcXM6SKASTsum0/7Y/gXGp0FdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAd3+CVK oZQqsxunP6F+FaPAsQQ/MB8GA1UdIwQYMBaAFCHL/implNj54D5MTUTmz1tki3js MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzJGOS9EMkVENDlDMkMy NkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQbmdQa3hOUk9iUFcyU0xl T3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ljdi1LYW1VMlBuZ1BreE5ST2JQVzJTTGVPdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzJGOS9EMkVENDlDMkMyNkQxMUU4QkFCRTExNjVDNEY5QUUwMi9JY3YtS2FtVTJQ bmdQa3hOUk9iUFcyU0xlT3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJGNE6x3PzIV19fLcpEl33hVvIMpF7AiFhDG86s+xc0kKv2iyp0QNL P6wGqfGb/pLHNV/xLPXk3DSCbeKltVQU2zzCx4NMIOcSJVsefTvEoYtgsntLSjOH c1oayBGDUHyntdhZ1KuIsj4N3rjwFBvqgBTHhqg3c0uqPaO37bqfJDrp5pYDRst3 tAXSGuCUfK9aLYhqnvQyBJFaGKAPhVbbwiCSCiWtQwOFKBEDNf74MxmEE3ePdd+/ PuBxaf0XzAz6KqbVbnSrJHcf/44wRSZE7BJoXLvcs1ExbHarLNGBiaJkVvpr/DsY 6oMFMoQhDkN+07IB4qMZ1R7twqU4d8ZP -----END CERTIFICATE-----Generated at Mon Oct 20 10:16:53 2025 by rpki-client