$ rpki-client -vvf rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft File: PFRw6B-koZCHAh0K130zbOvipo0.mft (raw, json) Hash identifier: SP8ynNX8a8VQMAINlHOHpZxLtDEn++/6KXFYYPjdVgw= Subject key identifier: EE:F4:A1:E7:A7:B3:4C:77:F7:0D:69:BE:3C:67:44:D7:E6:82:60:90 Authority key identifier: 3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D Certificate issuer: /CN=A9143CB3/serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D Certificate serial: 1B2D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft Manifest number: 1B2A Signing time: Mon 20 Oct 2025 16:36:14 +0000 Manifest this update: Mon 20 Oct 2025 16:36:13 +0000 Manifest next update: Mon 27 Oct 2025 16:36:13 +0000 Files and hashes: 1: PFRw6B-koZCHAh0K130zbOvipo0.crl (hash: dvjk4RjyQvzUGB3M2c6uKTnlTc10N3pyAqm+MbcSTio=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 16:36:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6957 (0x1b2d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143CB3, serialNumber=3C5470E81FA4A19087021D0AD77D336CEBE2A68D Validity Not Before: Oct 20 16:36:13 2025 GMT Not After : Oct 27 16:36:13 2025 GMT Subject: CN=68f664fe-af00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ca:a5:91:fc:5f:cc:4b:26:c7:f2:5e:db:e1: 6c:0c:86:ad:4f:22:a0:8a:79:af:e3:54:ed:16:0c: e0:30:1d:8c:ab:b2:ab:12:09:cf:c4:c9:4c:a1:b2: f7:67:e6:4b:4b:cb:a1:4a:80:82:ec:2f:d2:49:80: 7b:94:fb:1a:24:95:58:01:fe:f2:f8:89:02:f2:9b: e7:c0:74:fd:a3:f0:d6:87:64:cb:83:5a:04:63:f0: fe:f0:65:4a:b7:3f:86:ee:25:12:b4:ba:b0:06:bb: 07:b1:95:97:7c:d1:11:62:c9:50:42:fa:8f:9d:77: 8b:31:91:4a:dd:5e:72:47:e2:71:f2:82:4f:12:a9: d2:7e:d1:9c:79:60:91:d5:ef:b8:2f:1e:f3:53:85: 0b:cc:0f:c5:44:f9:31:f8:c1:3e:2e:cd:51:e1:3d: 45:d7:82:b6:12:24:ee:4e:8f:30:d0:3d:ef:14:90: df:d3:30:41:b7:76:d3:d2:2e:1d:ce:ae:98:58:98: bd:39:64:f2:f4:06:a1:a3:35:69:b9:e0:12:48:c0: e1:81:58:17:e2:e2:51:ed:31:7a:65:be:60:bb:9b: 8c:fa:af:2e:10:4e:56:0b:be:22:45:c4:af:80:1b: ce:ae:57:de:6f:d7:d6:93:34:c7:f4:cc:c0:87:b5: 25:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:F4:A1:E7:A7:B3:4C:77:F7:0D:69:BE:3C:67:44:D7:E6:82:60:90 X509v3 Authority Key Identifier: keyid:3C:54:70:E8:1F:A4:A1:90:87:02:1D:0A:D7:7D:33:6C:EB:E2:A6:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PFRw6B-koZCHAh0K130zbOvipo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143CB3/1516679E259D11E785D3250AC4F9AE02/PFRw6B-koZCHAh0K130zbOvipo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:0a:c4:b7:16:83:1c:dc:dd:56:79:0c:e1:c0:89:56:6a:89: e5:ac:25:42:76:4e:7c:0b:0b:96:b5:83:ac:d1:53:14:0e:03: e2:77:63:14:41:8d:ad:f7:65:f9:ff:16:86:ad:b6:11:92:09: 57:12:74:5b:d4:92:69:9a:80:97:f8:65:7d:a0:7a:61:e4:69: ee:28:64:c1:e4:f8:31:eb:46:0e:fa:b0:26:29:19:51:9d:1d: b4:01:c5:d5:38:29:f8:d4:59:fd:6d:cb:9d:1d:b2:76:f0:25: 07:a8:08:c3:d5:b7:42:bc:eb:5e:b2:3c:ed:69:b8:18:e9:3d: 2a:bb:6f:95:af:0b:33:09:07:d6:a1:95:59:c1:3e:3a:23:6a: c6:a1:b8:71:ba:b5:96:1c:89:1a:08:0e:3c:ef:3e:52:8f:bd: 7a:23:e3:af:75:45:68:38:46:33:f0:45:43:93:2b:8e:e7:1d: 0f:cd:7f:30:8c:e1:c0:7a:e1:1f:dd:72:64:b5:88:43:bc:10: 1b:7f:c0:5c:77:f9:1e:66:72:2a:4c:15:50:b7:10:30:05:bc: 24:cf:e3:07:8a:12:36:24:1d:fc:97:e1:c4:8a:b3:01:fe:dc: 10:30:42:c5:de:32:6a:d6:6d:30:49:78:97:69:19:26:e9:66: 7f:68:af:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGy0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNDQjMxMTAvBgNVBAUTKDNDNTQ3MEU4MUZBNEExOTA4NzAyMUQwQUQ3N0QzMzZD RUJFMkE2OEQwHhcNMjUxMDIwMTYzNjEzWhcNMjUxMDI3MTYzNjEzWjAYMRYwFAYD VQQDEw02OGY2NjRmZS1hZjAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8sqlkfxfzEsmx/Je2+FsDIatTyKginmv41TtFgzgMB2Mq7KrEgnPxMlMobL3 Z+ZLS8uhSoCC7C/SSYB7lPsaJJVYAf7y+IkC8pvnwHT9o/DWh2TLg1oEY/D+8GVK tz+G7iUStLqwBrsHsZWXfNERYslQQvqPnXeLMZFK3V5yR+Jx8oJPEqnSftGceWCR 1e+4Lx7zU4ULzA/FRPkx+ME+Ls1R4T1F14K2EiTuTo8w0D3vFJDf0zBBt3bT0i4d zq6YWJi9OWTy9AahozVpueASSMDhgVgX4uJR7TF6Zb5gu5uM+q8uEE5WC74iRcSv gBvOrlfeb9fWkzTH9MzAh7UlpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO70oeen s0x39w1pvjxnRNfmgmCQMB8GA1UdIwQYMBaAFDxUcOgfpKGQhwIdCtd9M2zr4qaN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0NCMy8xNTE2Njc5RTI1 OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29aQ0hBaDBLMTMwemJPdmlw bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BGUnc2Qi1rb1pDSEFoMEsxMzB6Yk92aXBvMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0NCMy8xNTE2Njc5RTI1OUQxMUU3ODVEMzI1MEFDNEY5QUUwMi9QRlJ3NkIta29a Q0hBaDBLMTMwemJPdmlwbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCwCsS3FoMc3N1WeQzhwIlWaonlrCVCdk58CwuWtYOs0VMUDgPid2MU QY2t92X5/xaGrbYRkglXEnRb1JJpmoCX+GV9oHph5GnuKGTB5Pgx60YO+rAmKRlR nR20AcXVOCn41Fn9bcudHbJ28CUHqAjD1bdCvOtesjztabgY6T0qu2+VrwszCQfW oZVZwT46I2rGobhxurWWHIkaCA487z5Sj716I+OvdUVoOEYz8EVDkyuO5x0PzX8w jOHAeuEf3XJktYhDvBAbf8Bcd/keZnIqTBVQtxAwBbwkz+MHihI2JB38l+HEirMB /twQMELF3jJq1m0wSXiXaRkm6WZ/aK/d -----END CERTIFICATE-----Generated at Mon Oct 20 21:26:29 2025 by rpki-client