$ rpki-client -vvf rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft File: CmH1ryEJpoNhH7ogbyCM7-NImCE.mft (raw, json) Hash identifier: RLTWa9nbg2zfjThPq0+u1SNxzBgso+kkNe0vOC0cA2s= Subject key identifier: 00:B2:CB:34:7A:84:0C:7B:C0:07:F0:F0:18:7A:04:5B:6C:2E:82:6C Authority key identifier: 0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 Certificate issuer: /CN=A91559AC/serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Certificate serial: 0AD1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft Manifest number: 0B2E Signing time: Sat 18 Oct 2025 20:25:56 +0000 Manifest this update: Sat 18 Oct 2025 20:25:55 +0000 Manifest next update: Sat 25 Oct 2025 20:25:55 +0000 Files and hashes: 1: CmH1ryEJpoNhH7ogbyCM7-NImCE.crl (hash: /xFsajfJHp+PDcOatnk4sDN+NaYa4LH0SLGDIjEyBTg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:25:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2769 (0xad1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91559AC, serialNumber=0A61F5AF2109A683611FBA206F208CEFE3489821 Validity Not Before: Oct 18 20:25:55 2025 GMT Not After : Oct 25 20:25:55 2025 GMT Subject: CN=68f3f7d3-aa62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:31:13:cf:61:06:c9:5a:cd:01:4d:3a:c6:13: 65:26:c5:e7:ea:66:62:a0:81:76:bc:4a:43:4b:2a: 20:4b:74:fb:79:fe:cd:d0:e5:41:f9:3e:95:21:ec: d6:81:13:26:2b:89:e0:3b:18:0c:38:b1:bb:46:4d: af:26:92:5d:9b:89:a4:39:c4:fd:4a:e0:2b:eb:0d: a0:f2:62:37:c4:8c:7b:bc:a5:35:84:8d:fa:e6:d1: 40:68:de:c5:da:08:52:a1:bb:e1:9b:f7:97:42:81: 3e:68:a6:3c:c1:7b:f4:e0:2e:6a:23:02:59:a9:90: 29:4e:2b:80:8b:33:9e:72:8c:48:9c:80:9e:eb:36: 5a:5e:7b:90:ea:98:2a:ff:da:d3:0e:45:0b:5d:58: 14:96:2c:8c:f3:b1:9d:d9:d7:e9:6c:40:6e:4c:99: ec:95:6f:be:f0:c7:7e:3d:f8:de:9a:01:6e:da:49: f3:e1:5c:fd:55:9f:bf:b3:ef:c1:34:16:59:c7:a3: 61:c3:f8:27:f7:10:a2:37:fa:f1:7d:e2:d1:73:70: 82:85:14:7e:f2:03:c2:d8:ae:82:99:1d:3b:c1:c5: e5:e0:a9:fd:b3:8b:68:19:92:bd:5f:aa:73:1d:97: 3b:eb:25:5c:e1:77:35:f9:9d:66:09:ed:2a:e3:13: 94:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:B2:CB:34:7A:84:0C:7B:C0:07:F0:F0:18:7A:04:5B:6C:2E:82:6C X509v3 Authority Key Identifier: keyid:0A:61:F5:AF:21:09:A6:83:61:1F:BA:20:6F:20:8C:EF:E3:48:98:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmH1ryEJpoNhH7ogbyCM7-NImCE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91559AC/C06135165F8D11EAB500BD64C4F9AE02/CmH1ryEJpoNhH7ogbyCM7-NImCE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:6a:a0:81:f6:4a:b3:ad:90:fc:9a:de:fe:28:1c:a6:af:3e: 5e:ba:14:dc:f0:5b:2a:8b:4e:a6:c2:60:80:e2:c2:59:1b:9b: 81:fd:2d:8d:d4:68:fa:2c:c8:57:28:d6:9d:30:4b:37:a9:c0: 38:e5:40:f0:87:5d:a1:d5:5b:cc:69:a2:31:25:2d:e4:c9:39: 32:7d:8b:70:dc:f0:11:ed:f5:a1:bd:c7:dc:79:f4:41:c3:08: 6d:d0:ae:33:ea:ba:56:52:cb:0f:68:09:8e:15:e1:24:3e:84: db:24:df:fd:f0:2e:e7:d7:55:4b:15:7a:83:de:34:01:4c:2a: 37:4d:00:e5:89:7d:a3:24:f7:3d:30:a8:ee:e3:16:4c:1f:02: b7:d2:4b:ed:70:56:d4:3c:79:11:6b:63:b4:bd:f1:30:1e:53: 80:9b:71:9b:1e:af:a9:c6:f5:b0:f5:07:50:0b:5f:fc:38:0c: 77:8d:66:52:0e:ee:90:ea:8b:09:b9:bb:80:f6:fe:cb:46:a0: f4:c9:83:96:c9:8f:87:02:4f:0f:7f:d3:a9:e1:be:ba:8b:1e: 33:1d:09:5a:fb:29:c8:07:3c:6a:33:58:a3:35:c1:e1:78:9f: b9:6f:f0:35:cd:39:00:ee:24:58:50:75:4c:48:5f:45:9b:28: 6b:b6:76:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCtEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTU5QUMxMTAvBgNVBAUTKDBBNjFGNUFGMjEwOUE2ODM2MTFGQkEyMDZGMjA4Q0VG RTM0ODk4MjEwHhcNMjUxMDE4MjAyNTU1WhcNMjUxMDI1MjAyNTU1WjAYMRYwFAYD VQQDEw02OGYzZjdkMy1hYTYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArDETz2EGyVrNAU06xhNlJsXn6mZioIF2vEpDSyogS3T7ef7N0OVB+T6VIezW gRMmK4ngOxgMOLG7Rk2vJpJdm4mkOcT9SuAr6w2g8mI3xIx7vKU1hI365tFAaN7F 2ghSobvhm/eXQoE+aKY8wXv04C5qIwJZqZApTiuAizOecoxInICe6zZaXnuQ6pgq /9rTDkULXVgUliyM87Gd2dfpbEBuTJnslW++8Md+PfjemgFu2knz4Vz9VZ+/s+/B NBZZx6Nhw/gn9xCiN/rxfeLRc3CChRR+8gPC2K6CmR07wcXl4Kn9s4toGZK9X6pz HZc76yVc4Xc1+Z1mCe0q4xOUzwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFACyyzR6 hAx7wAfw8Bh6BFtsLoJsMB8GA1UdIwQYMBaAFAph9a8hCaaDYR+6IG8gjO/jSJgh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NTlBQy9DMDYxMzUxNjVG OEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBvTmhIN29nYnlDTTctTklt Q0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtSDFyeUVKcG9OaEg3b2dieUNNNy1OSW1DRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NTlBQy9DMDYxMzUxNjVGOEQxMUVBQjUwMEJENjRDNEY5QUUwMi9DbUgxcnlFSnBv TmhIN29nYnlDTTctTkltQ0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJaqCB9kqzrZD8mt7+KBymrz5euhTc8Fsqi06mwmCA4sJZG5uB/S2N 1Gj6LMhXKNadMEs3qcA45UDwh12h1VvMaaIxJS3kyTkyfYtw3PAR7fWhvcfcefRB wwht0K4z6rpWUssPaAmOFeEkPoTbJN/98C7n11VLFXqD3jQBTCo3TQDliX2jJPc9 MKju4xZMHwK30kvtcFbUPHkRa2O0vfEwHlOAm3GbHq+pxvWw9QdQC1/8OAx3jWZS Du6Q6osJubuA9v7LRqD0yYOWyY+HAk8Pf9Op4b66ix4zHQla+ynIBzxqM1ijNcHh eJ+5b/A1zTkA7iRYUHVMSF9FmyhrtnaN -----END CERTIFICATE-----Generated at Sun Oct 19 23:33:16 2025 by rpki-client