$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: IOXXBAiNvzvUIjCkqtVhHPqwARnn88p9ETSnp93mXxg= Subject key identifier: 5B:AC:98:33:C2:69:AC:C0:9B:06:0E:39:88:7B:C9:43:10:6A:1F:84 Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 09D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 09CE Signing time: Sat 18 Oct 2025 21:00:00 +0000 Manifest this update: Sat 18 Oct 2025 20:59:59 +0000 Manifest next update: Sat 25 Oct 2025 20:59:59 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: z8htNMv0XcN7SMe0fDykzYGqk6DUm6FtwqAMChpui5c=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:59:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2520 (0x9d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Oct 18 20:59:59 2025 GMT Not After : Oct 25 20:59:59 2025 GMT Subject: CN=68f3ffcf-8672 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:1e:f5:0d:9e:db:86:26:aa:6f:da:a1:29:c7: 36:81:6c:d1:c6:2b:40:1e:0e:35:0d:53:64:d5:be: 0d:f1:b9:9c:ec:c7:4b:fa:4b:13:4b:84:80:f6:78: 27:09:a5:75:99:d7:56:bb:32:a3:54:2a:e1:50:ae: 0e:86:7b:cb:55:19:34:eb:ec:24:2d:29:cb:a2:e3: 7b:56:75:01:71:a8:80:5a:1c:5e:d0:7d:af:9a:d3: 8f:b2:a5:e1:d1:51:d7:0c:fc:f6:c1:ce:6b:9d:22: 3f:0f:58:b2:69:e5:a2:75:69:65:9d:74:21:57:44: a9:12:77:b7:ba:50:98:b9:89:75:a8:2d:25:cd:02: a7:27:8b:4b:6f:0f:5e:bc:70:d1:1e:b9:eb:07:8a: bb:22:61:3a:e9:28:48:59:1a:0a:2e:64:31:61:4a: 47:58:bf:3f:d1:6c:ea:99:94:94:45:35:11:19:99: 10:ea:67:44:a7:90:91:7c:6b:9d:54:48:78:f4:d6: 8f:0e:15:db:e7:bd:4f:24:0d:9c:de:2f:ea:87:98: 92:1e:4c:ba:56:1a:7f:b8:a4:a1:36:ee:16:64:58: 98:d3:70:07:62:75:78:f6:97:cb:13:91:fd:2d:4a: 3e:af:b4:83:8b:6b:dc:f0:42:02:64:25:f8:b1:09: 40:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:AC:98:33:C2:69:AC:C0:9B:06:0E:39:88:7B:C9:43:10:6A:1F:84 X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5e:5e:20:79:b7:3e:3d:ac:d1:ba:27:25:cb:ab:46:61:a3:0f: 23:6b:cc:03:d6:a0:ac:8d:4e:d1:ac:39:34:80:af:d3:8f:03: 8e:6f:f0:fc:eb:85:14:07:23:a7:08:d9:2d:b7:f9:11:c7:ae: 17:e5:7d:ed:bf:2d:f9:cc:ef:39:cf:5b:53:eb:90:cc:5e:87: b0:59:07:84:1e:23:d7:d9:85:fc:65:95:e4:47:38:1f:a3:40: 12:21:38:17:22:7a:e9:1b:c4:82:93:cf:ea:eb:9f:67:6b:55: 64:9f:9d:23:c8:37:dc:b3:58:b0:b9:e9:28:37:91:4a:9f:b2: dc:63:87:1f:5e:e4:24:05:f0:fc:bf:e3:d0:71:30:15:ad:ec: a2:53:e2:43:ef:b8:b3:bf:fb:5f:b0:60:9e:0c:64:1f:11:f7: fa:ba:1d:70:aa:5f:15:ce:40:6b:e4:f8:61:b8:01:9e:2b:ce: a8:55:25:75:3e:64:20:a1:d4:c1:2d:fc:18:ee:f3:b4:e4:8c: 80:2d:ac:95:a4:77:db:eb:4f:aa:79:30:da:35:7b:6b:6c:b8: 7e:22:29:b6:b4:54:5a:ef:88:18:ba:ae:88:29:1b:6d:c5:45: 26:b4:59:68:f4:5b:f8:8e:cd:a9:2b:f3:09:c0:d4:39:48:12: ce:86:73:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUxMDE4MjA1OTU5WhcNMjUxMDI1MjA1OTU5WjAYMRYwFAYD VQQDEw02OGYzZmZjZi04NjcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3h71DZ7bhiaqb9qhKcc2gWzRxitAHg41DVNk1b4N8bmc7MdL+ksTS4SA9ngn CaV1mddWuzKjVCrhUK4OhnvLVRk06+wkLSnLouN7VnUBcaiAWhxe0H2vmtOPsqXh 0VHXDPz2wc5rnSI/D1iyaeWidWllnXQhV0SpEne3ulCYuYl1qC0lzQKnJ4tLbw9e vHDRHrnrB4q7ImE66ShIWRoKLmQxYUpHWL8/0WzqmZSURTURGZkQ6mdEp5CRfGud VEh49NaPDhXb571PJA2c3i/qh5iSHky6Vhp/uKShNu4WZFiY03AHYnV49pfLE5H9 LUo+r7SDi2vc8EICZCX4sQlAuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFusmDPC aazAmwYOOYh7yUMQah+EMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBeXiB5tz49rNG6JyXLq0Zhow8ja8wD1qCsjU7RrDk0gK/TjwOOb/D8 64UUByOnCNktt/kRx64X5X3tvy35zO85z1tT65DMXoewWQeEHiPX2YX8ZZXkRzgf o0ASITgXInrpG8SCk8/q659na1Vkn50jyDfcs1iwuekoN5FKn7LcY4cfXuQkBfD8 v+PQcTAVreyiU+JD77izv/tfsGCeDGQfEff6uh1wql8VzkBr5PhhuAGeK86oVSV1 PmQgodTBLfwY7vO05IyALayVpHfb60+qeTDaNXtrbLh+Iim2tFRa74gYuq6IKRtt xUUmtFlo9Fv4js2pK/MJwNQ5SBLOhnMq -----END CERTIFICATE-----Generated at Mon Oct 20 09:37:41 2025 by rpki-client