$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: K77Mp9HcETUAXFL5OxvW4G1/5TOHuTLoqAo9kr6P0+A= Subject key identifier: 72:57:A3:04:12:26:BB:8F:4E:BC:3D:93:02:99:17:72:3D:6C:77:EA Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0C23 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0C19 Signing time: Sat 18 Oct 2025 19:32:18 +0000 Manifest this update: Sat 18 Oct 2025 19:32:18 +0000 Manifest next update: Sat 25 Oct 2025 19:32:18 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: SdXlMm7G5Fj1cKmWyYq10yijiMPxdmr73rAHZCsPBLg=) 2: 021496F2A4EC11F0A8EB5F7EC4F9AE02.roa (hash: k+6bL1sigdhJhsvVBlCJkl8BzQ8/uafB/3pyO3zl0nM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:32:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3107 (0xc23) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Oct 18 19:32:18 2025 GMT Not After : Oct 25 19:32:18 2025 GMT Subject: CN=68f3eb42-b0a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:62:a4:17:b0:80:a0:c3:21:89:21:4c:d0:8d: 63:41:a0:85:0c:a6:0d:56:63:92:7f:ca:f8:58:1f: b7:08:97:51:7a:4c:22:a3:eb:7e:53:a1:b5:4e:b1: 53:ae:61:bd:ee:36:20:bb:c9:e0:cb:54:10:16:d2: 47:46:b6:f4:52:97:11:e3:73:04:1e:c0:4f:cb:ad: 6e:55:2c:5b:38:1c:eb:35:da:7e:8d:d6:bd:d1:92: e2:a9:68:15:52:91:46:32:c7:b9:bf:8f:78:f7:8a: ef:87:ad:a3:60:bd:ec:9d:53:2b:c2:29:15:b8:61: cd:ef:26:c0:59:43:88:39:88:51:14:02:d4:ed:25: 1c:9b:6f:b6:dd:1b:8e:33:3b:82:28:22:91:5a:6c: 63:d5:14:bb:e1:35:f8:76:82:8e:c8:00:59:2b:41: 39:f2:44:69:f8:cc:2e:13:e4:07:0b:95:f6:2b:e7: c8:c0:2d:59:37:ae:ac:e3:38:cf:4c:b3:03:32:3f: 26:9e:51:6a:84:39:92:d1:15:3a:d0:b5:81:27:0d: fb:11:6f:cb:86:db:a8:3d:93:fc:12:24:4b:2e:3a: 07:84:1b:ee:b2:25:96:da:c9:d4:45:b7:30:d1:aa: f7:4d:b1:8f:e9:e4:68:9a:3f:ed:13:ef:1c:c9:fa: 2d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 72:57:A3:04:12:26:BB:8F:4E:BC:3D:93:02:99:17:72:3D:6C:77:EA X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption dd:ae:39:26:30:53:b4:c3:f7:58:fb:0c:39:af:ec:e0:8d:70: 25:1b:93:15:c3:07:70:21:c3:98:9a:b3:f7:89:09:7a:02:b6: a9:87:3f:74:83:a2:08:2b:3c:d3:00:72:c0:10:23:13:5b:2d: 1c:8d:a3:dd:ae:b2:b0:bb:2d:ba:14:ec:ef:1d:3a:19:b6:4b: ad:f6:5a:df:88:6c:9c:72:00:68:c9:73:72:c4:dd:06:3b:68: 31:71:bb:ea:9f:14:85:1a:90:31:99:0e:d5:17:d3:1f:1c:7e: 7b:e0:49:51:d2:d5:e4:f6:6e:c0:88:88:aa:fa:66:e0:11:6e: 94:17:2e:ef:85:af:cd:bb:55:91:30:a3:54:e4:ad:06:01:00: bf:ce:9e:3b:3f:95:2c:88:9f:8f:0d:29:70:49:4c:7e:ea:11: 20:4a:2b:07:ac:c5:72:17:38:9d:4f:ec:3a:9b:bc:7b:1a:a7: 6b:26:29:0c:2b:bb:41:3c:ed:7e:87:d4:b8:ab:1c:e2:7d:2a: 2a:3b:50:4d:48:5a:14:1e:9d:36:5b:82:e4:45:a7:fd:98:dc: 7b:e2:11:32:f6:8e:11:5e:5c:2a:90:a0:7b:df:5e:46:ef:76: b8:b9:bd:f2:51:02:e6:55:a9:5b:ef:36:74:b2:45:c6:f7:57: eb:16:b6:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUxMDE4MTkzMjE4WhcNMjUxMDI1MTkzMjE4WjAYMRYwFAYD VQQDEw02OGYzZWI0Mi1iMGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt2KkF7CAoMMhiSFM0I1jQaCFDKYNVmOSf8r4WB+3CJdRekwio+t+U6G1TrFT rmG97jYgu8ngy1QQFtJHRrb0UpcR43MEHsBPy61uVSxbOBzrNdp+jda90ZLiqWgV UpFGMse5v49494rvh62jYL3snVMrwikVuGHN7ybAWUOIOYhRFALU7SUcm2+23RuO MzuCKCKRWmxj1RS74TX4doKOyABZK0E58kRp+MwuE+QHC5X2K+fIwC1ZN66s4zjP TLMDMj8mnlFqhDmS0RU60LWBJw37EW/LhtuoPZP8EiRLLjoHhBvusiWW2snURbcw 0ar3TbGP6eRomj/tE+8cyfotiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHJXowQS JruPTrw9kwKZF3I9bHfqMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDdrjkmMFO0w/dY+ww5r+zgjXAlG5MVwwdwIcOYmrP3iQl6Araphz90 g6IIKzzTAHLAECMTWy0cjaPdrrKwuy26FOzvHToZtkut9lrfiGyccgBoyXNyxN0G O2gxcbvqnxSFGpAxmQ7VF9MfHH574ElR0tXk9m7AiIiq+mbgEW6UFy7vha/Nu1WR MKNU5K0GAQC/zp47P5UsiJ+PDSlwSUx+6hEgSisHrMVyFzidT+w6m7x7GqdrJikM K7tBPO1+h9S4qxzifSoqO1BNSFoUHp02W4LkRaf9mNx74hEy9o4RXlwqkKB7315G 73a4ub3yUQLmValb7zZ0skXG91frFrZr -----END CERTIFICATE-----Generated at Sun Oct 19 23:31:57 2025 by rpki-client