$ rpki-client -vvf rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft File: ihHrdksVeFOdbtOykDv2H0wIAHw.mft (raw, json) Hash identifier: W23Lqr5hItVd1fKhM9uD0rvPP++4qi9Tc39uze4aCn8= Subject key identifier: DD:60:3B:4D:3C:CB:F8:3C:79:2E:45:92:83:E7:43:D8:8E:7D:6A:07 Authority key identifier: 8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C Certificate issuer: /CN=A914CC0F/serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C Certificate serial: 57 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft Manifest number: 57 Signing time: Sat 18 Oct 2025 21:05:20 +0000 Manifest this update: Sat 18 Oct 2025 21:05:20 +0000 Manifest next update: Sat 25 Oct 2025 21:05:20 +0000 Files and hashes: 1: ihHrdksVeFOdbtOykDv2H0wIAHw.crl (hash: PpqwhicSUen/sTZPWxdFo6/o3QMeOyXXagLFj8NhCpE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:05:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 87 (0x57) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914CC0F, serialNumber=8A11EB764B1578539D6ED3B2903BF61F4C08007C Validity Not Before: Oct 18 21:05:20 2025 GMT Not After : Oct 25 21:05:20 2025 GMT Subject: CN=68f40110-e752 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:cd:c7:1f:2a:89:48:13:03:c2:2b:03:de:67: dd:73:78:2a:5f:b0:20:de:12:bf:7b:04:ea:6b:23: 0b:fa:1c:5d:f6:cf:d3:5b:5e:02:b0:7a:c2:21:22: b9:31:5c:0c:9e:47:15:e8:42:74:74:85:05:74:a6: d4:1d:d5:4b:3a:35:e0:09:60:46:7d:e6:e1:8a:68: a2:07:89:58:7c:a3:46:2a:98:a8:88:5b:17:28:a0: 16:30:ca:57:2f:b0:12:e1:cb:ea:ed:60:6f:2e:57: 83:46:a7:2e:41:8c:72:0a:19:ef:37:d2:95:7e:88: 72:9f:90:39:98:59:e0:71:7c:59:5d:c6:32:35:a1: ba:1b:c7:9a:3c:52:af:0f:99:02:14:e0:8f:88:b3: c4:9c:f7:bc:36:a8:bf:92:9a:48:ee:20:55:42:f6: 23:e1:29:f0:f4:9d:d2:1e:9a:d4:da:8b:ae:cb:8a: f7:cc:61:e1:53:5c:72:c5:33:de:31:3d:12:f3:10: 22:b1:98:2f:52:bd:6d:e3:e5:a1:86:0c:5e:0b:95: 1a:d4:48:2c:2c:a7:74:01:bb:f7:d0:1e:0d:45:d1: 67:30:6b:81:53:52:7a:e5:95:e4:c2:96:d4:75:a9: 88:fc:04:10:39:63:61:ce:d3:01:8b:93:d4:9a:12: 04:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:60:3B:4D:3C:CB:F8:3C:79:2E:45:92:83:E7:43:D8:8E:7D:6A:07 X509v3 Authority Key Identifier: keyid:8A:11:EB:76:4B:15:78:53:9D:6E:D3:B2:90:3B:F6:1F:4C:08:00:7C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ihHrdksVeFOdbtOykDv2H0wIAHw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CC0F/49E996C42C6211F0A9B1C65AC4F9AE02/ihHrdksVeFOdbtOykDv2H0wIAHw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:f2:c5:c1:0b:ae:f5:ab:3e:af:bc:48:8c:98:71:f2:23:aa: 68:89:20:7f:44:2d:a7:72:c0:dd:86:8a:34:23:7f:35:0c:e8: 86:5d:b6:7d:72:1a:38:9d:84:7e:1e:27:f8:e6:59:98:26:70: b0:a0:e2:cd:81:6d:c8:b0:97:7e:13:a9:83:4b:6d:03:66:e1: 8c:47:48:b4:de:9e:1a:c5:1e:cf:11:1a:4e:e0:89:f2:01:7a: 9f:1a:07:6a:35:d3:2f:c5:8f:c5:0a:57:2c:c6:c4:2d:1b:99: 83:99:dd:fa:2a:2f:90:2e:84:8d:e6:10:66:71:e6:a6:86:cc: 5e:31:54:91:0c:6f:f2:1b:d1:d5:1d:d0:0f:c8:36:e7:42:0c: ed:ae:77:08:8f:44:c4:ac:d9:4e:6d:3d:c4:9e:d1:68:d0:a5: b0:41:f4:d3:b9:bf:1b:09:77:52:3b:89:fa:41:0d:70:d0:71: ad:b9:89:ea:5f:10:30:18:80:c3:b9:27:e1:9d:60:49:4a:62: e5:5c:a1:f4:be:d9:e6:1f:9e:c8:c4:4f:25:bb:68:90:9b:98: 19:5a:63:75:66:73:cc:4f:fb:1e:56:0e:4d:14:ee:f5:e2:ee: 93:f8:69:2c:91:65:df:6d:ec:51:d1:2b:43:ec:a8:b5:43:1a: 61:1b:45:2a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 Q0MwRjExMC8GA1UEBRMoOEExMUVCNzY0QjE1Nzg1MzlENkVEM0IyOTAzQkY2MUY0 QzA4MDA3QzAeFw0yNTEwMTgyMTA1MjBaFw0yNTEwMjUyMTA1MjBaMBgxFjAUBgNV BAMTDTY4ZjQwMTEwLWU3NTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDRzccfKolIEwPCKwPeZ91zeCpfsCDeEr97BOprIwv6HF32z9NbXgKwesIhIrkx XAyeRxXoQnR0hQV0ptQd1Us6NeAJYEZ95uGKaKIHiVh8o0YqmKiIWxcooBYwylcv sBLhy+rtYG8uV4NGpy5BjHIKGe830pV+iHKfkDmYWeBxfFldxjI1obobx5o8Uq8P mQIU4I+Is8Sc97w2qL+SmkjuIFVC9iPhKfD0ndIemtTai67LivfMYeFTXHLFM94x PRLzECKxmC9SvW3j5aGGDF4LlRrUSCwsp3QBu/fQHg1F0Wcwa4FTUnrlleTCltR1 qYj8BBA5Y2HO0wGLk9SaEgTVAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3WA7TTzL +Dx5LkWSg+dD2I59agcwHwYDVR0jBBgwFoAUihHrdksVeFOdbtOykDv2H0wIAHww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRDQzBGLzQ5RTk5NkM0MkM2 MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZPZGJ0T3lrRHYySDB3SUFI dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvaWhIcmRrc1ZlRk9kYnRPeWtEdjJIMHdJQUh3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTRD QzBGLzQ5RTk5NkM0MkM2MjExRjBBOUIxQzY1QUM0RjlBRTAyL2loSHJka3NWZUZP ZGJ0T3lrRHYySDB3SUFIdy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBANDyxcELrvWrPq+8SIyYcfIjqmiJIH9ELadywN2GijQjfzUM6IZdtn1y GjidhH4eJ/jmWZgmcLCg4s2Bbciwl34TqYNLbQNm4YxHSLTenhrFHs8RGk7gifIB ep8aB2o10y/Fj8UKVyzGxC0bmYOZ3foqL5AuhI3mEGZx5qaGzF4xVJEMb/Ib0dUd 0A/INudCDO2udwiPRMSs2U5tPcSe0WjQpbBB9NO5vxsJd1I7ifpBDXDQca25iepf EDAYgMO5J+GdYElKYuVcofS+2eYfnsjETyW7aJCbmBlaY3Vmc8xP+x5WDk0U7vXi 7pP4aSyRZd9t7FHRK0PsqLVDGmEbRSo= -----END CERTIFICATE-----Generated at Mon Oct 20 21:26:22 2025 by rpki-client