$ rpki-client -vvf rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.mft File: QeLjUgZMov-eIcSENVrALkQHJY0.mft (raw, json) Hash identifier: fdKHVn9MUXpS1jP8qdRvNPJXdQunsTFkxcdjk1OhWqo= Subject key identifier: BC:C3:33:09:B8:B2:A6:74:3E:F9:41:AC:6C:A2:1D:B3:ED:CA:2E:FC Authority key identifier: 41:E2:E3:52:06:4C:A2:FF:9E:21:C4:84:35:5A:C0:2E:44:07:25:8D Certificate issuer: /CN=A9131D5E/serialNumber=41E2E352064CA2FF9E21C484355AC02E4407258D Certificate serial: 05D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeLjUgZMov-eIcSENVrALkQHJY0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.mft Manifest number: 05D0 Signing time: Sun 19 Oct 2025 00:40:57 +0000 Manifest this update: Sun 19 Oct 2025 00:40:57 +0000 Manifest next update: Sun 26 Oct 2025 00:40:57 +0000 Files and hashes: 1: QeLjUgZMov-eIcSENVrALkQHJY0.crl (hash: Iy7Kg1ZiY0vpC18NaODbRfGJJlL4NG5FWJYW/GOSzfw=) 2: 9B41336A9ABB11EC9D11861FC4F9AE02.roa (hash: JjNvo6+sKFXJO5jB79ObwXmzISqdgMEQqhlFwLrXnJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.crl rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeLjUgZMov-eIcSENVrALkQHJY0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:40:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1495 (0x5d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9131D5E, serialNumber=41E2E352064CA2FF9E21C484355AC02E4407258D Validity Not Before: Oct 19 00:40:57 2025 GMT Not After : Oct 26 00:40:57 2025 GMT Subject: CN=68f43399-e693 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:0d:e4:f6:02:9f:f3:3c:b5:4b:8e:c8:d7:3b: 19:75:9c:84:e6:41:76:bb:40:0f:95:90:f6:ba:55: 24:a2:a7:de:95:16:c0:84:69:10:6e:7b:38:c3:14: 0b:15:6c:90:15:80:66:9f:f3:bd:ca:c1:71:cc:48: a6:47:7e:cc:db:b4:37:d0:95:2e:db:65:ee:ba:3c: 80:60:fc:89:33:b7:ed:a7:54:58:20:0f:8e:08:3b: 62:e8:44:e1:d6:fe:e2:9c:e2:70:4c:4c:c5:9e:46: a2:bd:bb:10:76:0d:32:91:9b:38:ac:88:2a:df:4b: 49:20:5a:bf:c0:12:59:7d:5d:40:2a:2f:a8:87:4b: a4:c0:60:13:4c:31:e0:9e:fa:b9:4e:4a:f3:1c:4f: c7:9d:5d:9f:80:d6:a3:d8:59:50:5b:9a:75:be:22: fd:64:45:a2:48:80:01:ec:1f:f2:28:6f:65:67:82: 2a:98:59:75:78:44:fe:82:6e:67:ec:8a:41:56:e8: 42:1b:37:6a:d4:38:89:48:40:25:f2:c6:c8:20:64: 61:00:b0:b3:a2:09:e0:13:41:98:7c:f3:cb:13:84: ec:4d:4d:98:a3:2e:1a:8d:59:4e:f0:9b:90:25:5f: 34:7c:2d:51:08:20:aa:50:7a:d0:3b:8b:ba:b9:48: 25:f1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:C3:33:09:B8:B2:A6:74:3E:F9:41:AC:6C:A2:1D:B3:ED:CA:2E:FC X509v3 Authority Key Identifier: keyid:41:E2:E3:52:06:4C:A2:FF:9E:21:C4:84:35:5A:C0:2E:44:07:25:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QeLjUgZMov-eIcSENVrALkQHJY0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9131D5E/56DD48DED94711EB9A1A0D71C4F9AE02/QeLjUgZMov-eIcSENVrALkQHJY0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:e5:e5:74:de:7d:fa:0d:20:96:28:1b:33:4e:53:93:fd:48: ea:8d:d0:26:34:29:71:6b:7d:de:9a:ae:bf:c8:09:59:10:a7: dd:17:ef:b4:f1:54:02:3f:dd:b1:7a:71:fa:62:be:bb:87:75: b4:05:d4:32:17:a2:3f:e7:7d:83:09:38:e4:ed:5c:57:a4:da: a2:fd:74:1f:b0:18:b2:60:14:3d:a1:23:c4:94:ab:a7:e9:54: 3e:0c:26:d3:41:55:2c:e5:13:25:96:a8:9c:47:71:48:e1:74: 50:55:02:a1:11:6b:d4:cc:b3:32:3f:ff:4a:cc:e1:c9:e8:f5: da:3c:1a:56:a0:2c:a6:64:73:6c:40:52:f0:46:73:5a:5e:f6: d1:cb:41:a9:2c:72:bd:e2:a1:ac:40:2a:14:8e:ba:6d:45:0c: 21:ce:a0:5e:2f:19:23:94:f6:d9:68:eb:ce:a8:d2:cb:a4:12: d8:21:e8:8e:62:c9:51:5f:28:ab:da:2b:d2:2d:74:a1:c7:6c: 1b:b4:bf:fb:29:52:d3:bd:3d:61:00:57:1d:65:8d:65:70:12: 8a:a1:26:6a:83:8a:f8:71:87:70:03:8f:a9:55:6b:83:bc:6e: b7:a5:2c:6c:a7:c6:2e:0c:83:6c:82:b0:52:c6:93:e7:fe:3b: f7:00:a2:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzFENUUxMTAvBgNVBAUTKDQxRTJFMzUyMDY0Q0EyRkY5RTIxQzQ4NDM1NUFDMDJF NDQwNzI1OEQwHhcNMjUxMDE5MDA0MDU3WhcNMjUxMDI2MDA0MDU3WjAYMRYwFAYD VQQDEw02OGY0MzM5OS1lNjkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsQ3k9gKf8zy1S47I1zsZdZyE5kF2u0APlZD2ulUkoqfelRbAhGkQbns4wxQL FWyQFYBmn/O9ysFxzEimR37M27Q30JUu22XuujyAYPyJM7ftp1RYIA+OCDti6ETh 1v7inOJwTEzFnkaivbsQdg0ykZs4rIgq30tJIFq/wBJZfV1AKi+oh0ukwGATTDHg nvq5TkrzHE/HnV2fgNaj2FlQW5p1viL9ZEWiSIAB7B/yKG9lZ4IqmFl1eET+gm5n 7IpBVuhCGzdq1DiJSEAl8sbIIGRhALCzogngE0GYfPPLE4TsTU2Yoy4ajVlO8JuQ JV80fC1RCCCqUHrQO4u6uUgl8QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLzDMwm4 sqZ0PvlBrGyiHbPtyi78MB8GA1UdIwQYMBaAFEHi41IGTKL/niHEhDVawC5EByWN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMUQ1RS81NkRENDhERUQ5 NDcxMUVCOUExQTBENzFDNEY5QUUwMi9RZUxqVWdaTW92LWVJY1NFTlZyQUxrUUhK WTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FlTGpVZ1pNb3YtZUljU0VOVnJBTGtRSEpZMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MUQ1RS81NkRENDhERUQ5NDcxMUVCOUExQTBENzFDNEY5QUUwMi9RZUxqVWdaTW92 LWVJY1NFTlZyQUxrUUhKWTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAy5eV03n36DSCWKBszTlOT/UjqjdAmNClxa33emq6/yAlZEKfdF++0 8VQCP92xenH6Yr67h3W0BdQyF6I/532DCTjk7VxXpNqi/XQfsBiyYBQ9oSPElKun 6VQ+DCbTQVUs5RMllqicR3FI4XRQVQKhEWvUzLMyP/9KzOHJ6PXaPBpWoCymZHNs QFLwRnNaXvbRy0GpLHK94qGsQCoUjrptRQwhzqBeLxkjlPbZaOvOqNLLpBLYIeiO YslRXyir2ivSLXShx2wbtL/7KVLTvT1hAFcdZY1lcBKKoSZqg4r4cYdwA4+pVWuD vG63pSxsp8YuDINsgrBSxpPn/jv3AKI+ -----END CERTIFICATE-----Generated at Sun Oct 19 23:24:06 2025 by rpki-client