$ rpki-client -vvf rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft File: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft (raw, json) Hash identifier: e42qbJzkYRzvmD+oGv9EA4x/E+2O9wSYppn85kcCf2I= Subject key identifier: 8A:34:BA:7A:F1:C9:66:33:A3:09:6F:F7:1F:D7:8C:A9:08:72:AD:A9 Authority key identifier: DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD Certificate issuer: /CN=A9147CA8/serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Certificate serial: 2A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft Manifest number: 2A Signing time: Sun 19 Oct 2025 11:14:34 +0000 Manifest this update: Sun 19 Oct 2025 11:14:33 +0000 Manifest next update: Sun 26 Oct 2025 11:14:33 +0000 Files and hashes: 1: 3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl (hash: HJOJOVS4X/XYPRzNBN8MRDjDlvQK4GK6suPOtDV/F5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:14:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 42 (0x2a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147CA8, serialNumber=DD280828FF0996A8CBEF29BF0D914DF252DF1CBD Validity Not Before: Oct 19 11:14:33 2025 GMT Not After : Oct 26 11:14:33 2025 GMT Subject: CN=68f4c819-2a40 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:6f:91:12:53:64:41:e6:16:41:6d:69:9c:dc: d3:98:47:24:9f:5b:27:4b:27:09:af:14:cf:54:59: 29:19:bc:30:9e:29:b0:a9:38:69:78:0a:6d:c5:d6: c4:67:48:f9:b5:4a:63:e1:b9:d3:21:98:00:78:bb: 60:fa:20:3a:d0:5d:67:4e:2f:8a:46:75:f1:33:a9: ec:17:89:96:20:64:11:ff:39:32:93:3a:96:91:69: 95:f5:ee:79:24:93:d2:73:cc:bf:00:45:1e:23:10: e8:48:7c:96:ed:83:0c:8c:96:88:9e:4d:c7:a9:8d: 90:1f:66:ab:57:b4:b6:11:67:3a:cd:5c:0c:c1:b4: 20:2d:5c:9d:2b:b7:56:ae:87:7f:db:a2:31:6d:15: 1a:be:87:1e:30:cf:66:d9:b7:87:76:f6:83:ca:f9: 23:3f:d5:c4:68:7c:82:42:42:ab:c9:9e:6a:8c:c3: 82:fe:b5:b4:ca:d9:8d:25:fc:6d:36:78:07:a2:08: bf:13:5d:c7:57:0a:72:38:4b:0d:92:a6:b6:e4:09: 8a:43:49:ec:46:fc:b8:7d:22:04:42:d8:3c:3e:cf: 1a:48:df:a2:82:22:45:61:53:47:5d:b0:21:89:2f: 79:30:44:fc:44:d3:35:47:a9:c9:71:ed:35:cd:50: d0:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:34:BA:7A:F1:C9:66:33:A3:09:6F:F7:1F:D7:8C:A9:08:72:AD:A9 X509v3 Authority Key Identifier: keyid:DD:28:08:28:FF:09:96:A8:CB:EF:29:BF:0D:91:4D:F2:52:DF:1C:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3SgIKP8JlqjL7ym_DZFN8lLfHL0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147CA8/6A9E915C6EE911F0B301F667C4F9AE02/3SgIKP8JlqjL7ym_DZFN8lLfHL0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:e2:5a:a3:cc:92:25:74:e0:38:03:ac:a0:32:1a:cb:4f:90: bb:34:15:c9:9c:f7:45:74:1d:a7:1a:6f:f1:0d:00:2a:72:d9: 1e:19:1d:a7:68:53:f4:de:ec:80:2b:21:2c:f7:08:98:45:6b: 39:3d:f4:b9:1c:2d:e8:ef:a7:fa:7e:78:88:92:ff:91:ae:55: 17:c8:83:8c:5d:5b:84:0c:f3:a5:6d:87:2b:aa:e9:84:45:10: 08:33:b8:2f:27:c9:01:d5:f8:bd:3e:37:1d:29:46:65:fa:4b: 3a:e3:e7:d4:bb:61:0a:2d:6f:2c:28:22:06:04:ed:1a:86:44: 71:40:cf:fd:25:37:29:15:0f:4c:2f:8d:bb:b7:ca:6f:8d:6b: b1:33:0e:f3:43:1a:12:63:b4:33:56:9f:83:e0:51:01:9d:d0: 01:23:9a:32:dc:c1:52:2b:9a:36:13:e8:e5:96:83:df:47:34: af:c2:58:60:e7:1c:a0:9d:42:04:9f:00:ff:26:b9:95:57:27: 34:63:76:42:b9:7a:8b:36:63:4a:76:65:4c:d3:6f:5c:00:e9: dd:28:fb:30:cf:46:f2:89:90:75:28:d8:f0:5c:f9:b6:c2:15: f6:b3:b4:f9:b0:93:76:1d:fc:4c:57:38:76:ec:ba:dd:96:d2: fa:be:81:c6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 N0NBODExMC8GA1UEBRMoREQyODA4MjhGRjA5OTZBOENCRUYyOUJGMEQ5MTRERjI1 MkRGMUNCRDAeFw0yNTEwMTkxMTE0MzNaFw0yNTEwMjYxMTE0MzNaMBgxFjAUBgNV BAMTDTY4ZjRjODE5LTJhNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDKb5ESU2RB5hZBbWmc3NOYRySfWydLJwmvFM9UWSkZvDCeKbCpOGl4Cm3F1sRn SPm1SmPhudMhmAB4u2D6IDrQXWdOL4pGdfEzqewXiZYgZBH/OTKTOpaRaZX17nkk k9JzzL8ARR4jEOhIfJbtgwyMloieTcepjZAfZqtXtLYRZzrNXAzBtCAtXJ0rt1au h3/bojFtFRq+hx4wz2bZt4d29oPK+SM/1cRofIJCQqvJnmqMw4L+tbTK2Y0l/G02 eAeiCL8TXcdXCnI4Sw2SprbkCYpDSexG/Lh9IgRC2Dw+zxpI36KCIkVhU0ddsCGJ L3kwRPxE0zVHqclx7TXNUNBhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUijS6evHJ ZjOjCW/3H9eMqQhyrakwHwYDVR0jBBgwFoAU3SgIKP8JlqjL7ym/DZFN8lLfHL0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3Q0E4LzZBOUU5MTVDNkVF OTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFqTDd5bV9EWkZOOGxMZkhM MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM1NnSUtQOEpscWpMN3ltX0RaRk44bExmSEwwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQ3 Q0E4LzZBOUU5MTVDNkVFOTExRjBCMzAxRjY2N0M0RjlBRTAyLzNTZ0lLUDhKbHFq TDd5bV9EWkZOOGxMZkhMMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEbiWqPMkiV04DgDrKAyGstPkLs0Fcmc90V0Hacab/ENACpy2R4ZHado U/Te7IArISz3CJhFazk99LkcLejvp/p+eIiS/5GuVRfIg4xdW4QM86Vthyuq6YRF EAgzuC8nyQHV+L0+Nx0pRmX6Szrj59S7YQotbywoIgYE7RqGRHFAz/0lNykVD0wv jbu3ym+Na7EzDvNDGhJjtDNWn4PgUQGd0AEjmjLcwVIrmjYT6OWWg99HNK/CWGDn HKCdQgSfAP8muZVXJzRjdkK5eos2Y0p2ZUzTb1wA6d0o+zDPRvKJkHUo2PBc+bbC FfaztPmwk3Yd/ExXOHbsut2W0vq+gcY= -----END CERTIFICATE-----Generated at Mon Oct 20 01:47:14 2025 by rpki-client