$ rpki-client -vvf rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft File: cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft (raw, json) Hash identifier: zqVB5yoRHAW/FlO3+UkSTeGjtckx/d+OmeeUQSEgeyE= Subject key identifier: 33:97:C1:7F:C2:FF:92:31:44:5D:50:0F:A9:FC:A1:37:09:A5:46:76 Authority key identifier: 70:D2:60:1C:B0:D0:FA:4F:9C:5F:0E:02:86:D8:B6:AF:D9:23:5A:06 Certificate issuer: /CN=A9130F21/serialNumber=70D2601CB0D0FA4F9C5F0E0286D8B6AFD9235A06 Certificate serial: 67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft Manifest number: 65 Signing time: Sun 19 Oct 2025 10:24:32 +0000 Manifest this update: Sun 19 Oct 2025 10:24:32 +0000 Manifest next update: Sun 26 Oct 2025 10:24:32 +0000 Files and hashes: 1: cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl (hash: 3O1ZaUNdU4Pyph0TL0n97l5KV0bABBn0zxe84y+0i6Q=) 2: 42CFB44C141411F0BAD16274C4F9AE02.roa (hash: SIbGv61TK6nlTBlpPzTxiHyFUxN8Qwjf/RzPAJKF8+o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:24:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 103 (0x67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9130F21, serialNumber=70D2601CB0D0FA4F9C5F0E0286D8B6AFD9235A06 Validity Not Before: Oct 19 10:24:32 2025 GMT Not After : Oct 26 10:24:32 2025 GMT Subject: CN=68f4bc60-ed8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:ff:39:4b:30:a8:f7:f4:b8:e2:59:11:36:d4: 87:42:2b:27:55:68:44:ac:2f:d0:8e:83:a3:60:c5: 3a:13:b4:2e:93:a7:d2:31:ad:7f:f6:b9:c9:dc:48: 1b:fb:76:16:ae:de:be:b8:51:95:88:e7:6a:0f:93: e7:22:c4:a1:be:a2:5c:08:15:46:9e:b9:51:5b:19: 68:af:a0:8c:05:be:86:f8:a4:84:b6:ae:1a:a0:93: b2:db:d1:3d:24:f1:10:ef:c6:50:f1:f1:2f:7f:cd: c4:43:a6:11:d6:77:a2:d0:05:ea:d0:7a:f9:97:2d: 90:10:7d:29:56:45:63:08:1e:9a:af:2b:b5:99:9e: 45:75:53:d6:99:51:c7:4f:d1:27:af:8e:c0:96:90: 5a:c3:54:ee:6e:63:32:ca:5e:0b:dc:50:c4:00:7b: 56:19:89:8e:ca:ec:77:0d:c5:1c:69:08:e8:67:a6: a0:5f:a9:b9:9f:2f:95:53:4d:3d:6c:50:bd:f1:e8: 14:e3:97:5d:ab:ec:6f:45:0f:56:c7:1f:02:96:09: db:3a:db:4f:79:4e:b9:4b:b7:a0:5f:41:f7:75:85: 5b:9f:63:b5:c2:c0:82:70:e8:bb:cc:f4:98:bf:ec: 31:52:b8:96:a0:f8:72:45:d7:49:aa:50:6f:5b:d1: 14:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:97:C1:7F:C2:FF:92:31:44:5D:50:0F:A9:FC:A1:37:09:A5:46:76 X509v3 Authority Key Identifier: keyid:70:D2:60:1C:B0:D0:FA:4F:9C:5F:0E:02:86:D8:B6:AF:D9:23:5A:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cNJgHLDQ-k-cXw4Chti2r9kjWgY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9130F21/8517FB08141311F08F1A1D73C4F9AE02/cNJgHLDQ-k-cXw4Chti2r9kjWgY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:36:3b:0c:2e:23:ca:c7:a7:11:e6:62:dd:0c:43:d3:fd:a3: 90:68:21:2a:30:23:71:16:cf:57:95:84:2f:86:31:ea:79:16: 45:d4:8a:31:b0:63:57:51:8e:40:fc:7b:86:cc:df:a4:90:24: 7a:1f:af:1c:95:ba:d5:0e:79:8e:47:db:97:bb:c1:d6:01:c4: 05:d7:59:4a:f4:38:e3:3d:52:e7:94:49:16:bc:36:a7:db:86: 97:81:a3:bf:33:0c:fa:32:b7:8f:84:7c:64:d9:63:4f:de:df: f4:04:47:71:b5:07:bf:16:40:94:3b:7c:e2:e3:fc:76:7b:18: 3c:45:fd:45:6b:21:ad:56:11:31:98:d9:02:58:bc:97:a2:28: d0:3b:5e:2d:6f:d1:62:16:a3:15:d0:20:23:fb:f4:9a:ee:a9: 55:38:54:b3:0a:33:88:14:ef:cf:cf:05:df:37:6d:3e:9c:30: f2:3f:6d:c7:18:62:3a:4c:70:17:58:a0:a8:8c:7e:96:45:8b: 67:a7:c4:9f:fc:aa:ea:39:84:ae:a0:1e:31:6e:87:ed:15:d7: a5:46:f6:cc:de:8a:e4:e6:25:75:3c:cc:b2:42:42:b5:c9:77: f0:00:f7:68:25:63:80:28:ba:51:91:6a:7a:d4:61:7c:3e:5f: 37:04:e3:bd -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MEYyMTExMC8GA1UEBRMoNzBEMjYwMUNCMEQwRkE0RjlDNUYwRTAyODZEOEI2QUZE OTIzNUEwNjAeFw0yNTEwMTkxMDI0MzJaFw0yNTEwMjYxMDI0MzJaMBgxFjAUBgNV BAMTDTY4ZjRiYzYwLWVkOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDE/zlLMKj39LjiWRE21IdCKydVaESsL9COg6NgxToTtC6Tp9IxrX/2ucncSBv7 dhau3r64UZWI52oPk+cixKG+olwIFUaeuVFbGWivoIwFvob4pIS2rhqgk7Lb0T0k 8RDvxlDx8S9/zcRDphHWd6LQBerQevmXLZAQfSlWRWMIHpqvK7WZnkV1U9aZUcdP 0SevjsCWkFrDVO5uYzLKXgvcUMQAe1YZiY7K7HcNxRxpCOhnpqBfqbmfL5VTTT1s UL3x6BTjl12r7G9FD1bHHwKWCds62095TrlLt6BfQfd1hVufY7XCwIJw6LvM9Ji/ 7DFSuJag+HJF10mqUG9b0RTbAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUM5fBf8L/ kjFEXVAPqfyhNwmlRnYwHwYDVR0jBBgwFoAUcNJgHLDQ+k+cXw4Chti2r9kjWgYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMwRjIxLzg1MTdGQjA4MTQx MzExRjA4RjFBMUQ3M0M0RjlBRTAyL2NOSmdITERRLWstY1h3NENodGkycjlraldn WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvY05KZ0hMRFEtay1jWHc0Q2h0aTJyOWtqV2dZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMw RjIxLzg1MTdGQjA4MTQxMzExRjA4RjFBMUQ3M0M0RjlBRTAyL2NOSmdITERRLWst Y1h3NENodGkycjlraldnWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADU2OwwuI8rHpxHmYt0MQ9P9o5BoISowI3EWz1eVhC+GMep5FkXUijGw Y1dRjkD8e4bM36SQJHofrxyVutUOeY5H25e7wdYBxAXXWUr0OOM9UueUSRa8Nqfb hpeBo78zDPoyt4+EfGTZY0/e3/QER3G1B78WQJQ7fOLj/HZ7GDxF/UVrIa1WETGY 2QJYvJeiKNA7Xi1v0WIWoxXQICP79JruqVU4VLMKM4gU78/PBd83bT6cMPI/bccY YjpMcBdYoKiMfpZFi2enxJ/8quo5hK6gHjFuh+0V16VG9szeiuTmJXU8zLJCQrXJ d/AA92glY4AoulGRanrUYXw+XzcE470= -----END CERTIFICATE-----Generated at Mon Oct 20 04:48:19 2025 by rpki-client