$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: SWJkhr8tOytuptAmjP450T+RXN2tzGFzoRIgpnDvIjQ= Subject key identifier: 05:B0:2D:C8:5B:55:B3:64:4A:5B:44:82:EE:A3:45:07:43:DA:2F:A2 Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 04AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 0496 Signing time: Sat 18 Oct 2025 17:35:12 +0000 Manifest this update: Sat 18 Oct 2025 17:35:12 +0000 Manifest next update: Sat 25 Oct 2025 17:35:12 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: QwpyQJ48xiDoyKcuWOucQlxj7CD1+djh0oxrICIPCOI=) 2: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: BSTa7sI/Wxp7paF8iFEhYcOXczYzjvqpGs3tFatgPsE=) 3: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: EM7EONiwHXhiPFzyfONkaOBX/AROwU9rjV4ETvuVQDQ=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: TLiIvWlCkSUznKaCtTmASc45uAF4Q8KIvn7LhcKxI18=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HMDK7qPjAO3ncQEJzX6SKnODDt4e7glxidti8sfhV1k=) 6: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Z/SQA8GAHBj69mDXnfsLMK8qu+tlZ5LxlzdXDGduFGo=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: AfGxVPGE0X5aiSEnPrV13VcxuUAvslUoJjsgWW+PD9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 17:35:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1194 (0x4aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Oct 18 17:35:12 2025 GMT Not After : Oct 25 17:35:12 2025 GMT Subject: CN=68f3cfd0-27e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:28:06:da:85:da:6a:c1:d2:10:1b:9f:c0:1c: 3c:15:87:3a:a4:48:a8:45:6d:29:4a:cf:f0:74:4b: b6:ef:1d:7b:7a:10:27:5f:87:2f:8e:61:d4:0f:d5: ea:29:df:00:03:c8:9d:d6:f8:2b:2a:11:bb:9f:db: 34:f7:54:75:84:2f:11:03:02:5a:7b:24:5c:0d:40: 23:b2:a4:76:8d:a6:80:28:fb:57:da:90:af:d8:b6: 9e:d0:3c:fb:a3:d5:84:68:ad:5d:95:9b:e2:71:6e: 86:2f:67:37:88:4f:75:9c:ce:e0:e9:16:a3:7b:53: 56:f5:78:5f:01:8e:87:d6:63:d8:9d:ba:72:88:c4: c4:76:77:3e:44:31:14:06:eb:e8:68:6d:f2:f3:6d: 49:92:df:79:b0:b9:b3:24:04:7a:86:ad:f4:78:38: 3a:8b:08:2f:45:6a:f8:c5:a7:7d:27:fa:73:ba:d8: 76:1b:c6:4d:08:6f:59:63:1f:7c:30:ee:95:b7:e1: db:4a:84:18:ab:ba:af:af:ef:a4:5a:9d:ff:67:7d: 60:eb:74:d7:a9:27:94:f4:41:70:bf:e9:f8:d0:14: ab:4f:fc:25:f7:44:3d:7e:dc:4b:8f:5a:fd:d0:60: 75:f9:3d:3f:3f:9e:26:2a:a1:cd:e3:d1:03:89:23: bd:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:B0:2D:C8:5B:55:B3:64:4A:5B:44:82:EE:A3:45:07:43:DA:2F:A2 X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:a9:78:06:b4:fd:d5:6b:c2:85:52:d7:3d:60:d8:54:35:d9: 43:2f:64:ec:f3:9e:30:1c:bf:05:d1:12:a7:b9:8c:05:fc:27: ad:03:05:d7:6e:d4:ec:3c:6f:01:35:e2:be:ec:99:fa:90:23: 79:f6:fe:fd:ae:f9:d5:6e:b1:29:9b:e3:84:ae:a5:93:17:ee: 4e:7c:69:57:e0:b1:06:ad:cc:0b:e5:79:66:be:7a:11:9e:e6: 94:2c:db:74:36:3e:57:7c:97:18:b5:72:41:a1:d4:65:48:5d: 8e:3b:6e:ed:ca:4b:55:6d:b4:12:7f:23:28:54:05:77:83:68: 6e:c1:8d:44:84:5a:f7:a5:f5:5f:a7:e5:d4:b7:32:00:77:52: 00:de:34:cc:fe:7c:77:c2:9f:b1:23:be:09:51:e9:54:bb:79: 87:54:5f:cf:3d:f2:0b:c9:c2:b0:00:52:da:fd:f1:23:59:44: 10:86:62:b7:9c:c8:32:5b:fb:ad:2e:fd:ac:9c:ea:80:81:e9: c0:96:c7:82:eb:56:fd:9a:ba:f5:dc:c0:71:7f:ba:58:b7:c0: bd:a1:04:d7:4b:64:cf:8b:d5:70:16:37:45:fa:8c:75:2e:82: cd:9b:a1:d5:d1:40:ce:22:26:d9:bf:e2:8d:d8:55:1a:0d:32: 5f:d6:d6:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjUxMDE4MTczNTEyWhcNMjUxMDI1MTczNTEyWjAYMRYwFAYD VQQDEw02OGYzY2ZkMC0yN2U0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuigG2oXaasHSEBufwBw8FYc6pEioRW0pSs/wdEu27x17ehAnX4cvjmHUD9Xq Kd8AA8id1vgrKhG7n9s091R1hC8RAwJaeyRcDUAjsqR2jaaAKPtX2pCv2Lae0Dz7 o9WEaK1dlZvicW6GL2c3iE91nM7g6Raje1NW9XhfAY6H1mPYnbpyiMTEdnc+RDEU BuvoaG3y821Jkt95sLmzJAR6hq30eDg6iwgvRWr4xad9J/pzuth2G8ZNCG9ZYx98 MO6Vt+HbSoQYq7qvr++kWp3/Z31g63TXqSeU9EFwv+n40BSrT/wl90Q9ftxLj1r9 0GB1+T0/P54mKqHN49EDiSO9RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAWwLchb VbNkSltEgu6jRQdD2i+iMB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAqXgGtP3Va8KFUtc9YNhUNdlDL2Ts854wHL8F0RKnuYwF/CetAwXX btTsPG8BNeK+7Jn6kCN59v79rvnVbrEpm+OErqWTF+5OfGlX4LEGrcwL5XlmvnoR nuaULNt0Nj5XfJcYtXJBodRlSF2OO27tyktVbbQSfyMoVAV3g2huwY1EhFr3pfVf p+XUtzIAd1IA3jTM/nx3wp+xI74JUelUu3mHVF/PPfILycKwAFLa/fEjWUQQhmK3 nMgyW/utLv2snOqAgenAlseC61b9mrr13MBxf7pYt8C9oQTXS2TPi9VwFjdF+ox1 LoLNm6HV0UDOIibZv+KN2FUaDTJf1tYY -----END CERTIFICATE-----Generated at Mon Oct 20 08:53:56 2025 by rpki-client