$ rpki-client -vvf rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft File: cnOFPaBj78uOxUSwMg1acHuUwIk.mft (raw, json) Hash identifier: oaNWCaGeICEhbrHXXlAOD8O6s0Kl3SKZU79Al8TqPNA= Subject key identifier: 87:19:8A:DE:D4:19:B9:AB:7D:BD:72:27:89:8A:3D:96:D6:2B:30:3B Authority key identifier: 72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 Certificate issuer: /CN=A9163824/serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Certificate serial: 0762 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft Manifest number: 2D95 Signing time: Sat 18 Oct 2025 15:55:15 +0000 Manifest this update: Sat 18 Oct 2025 15:55:14 +0000 Manifest next update: Sat 25 Oct 2025 15:55:14 +0000 Files and hashes: 1: cnOFPaBj78uOxUSwMg1acHuUwIk.crl (hash: JbO4Tmk15cRmkAUA0KvoxUiP0Pppt2HxoYwNp12kAvo=) 2: 4BB610C2E16511EC8EDF6621C4F9AE02.roa (hash: ekyxreCpgMcKP34usIZn12GGqR3mbNPPXZzJX4hQpac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:55:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1890 (0x762) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9163824, serialNumber=7273853DA063EFCB8EC544B0320D5A707B94C089 Validity Not Before: Oct 18 15:55:14 2025 GMT Not After : Oct 25 15:55:14 2025 GMT Subject: CN=68f3b862-7386 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:b4:1c:9c:20:97:b0:40:69:21:bc:08:2a:68: 61:a6:1e:1f:11:f1:8b:53:6f:a2:f5:7d:2a:a8:ed: 16:e4:e4:f1:c4:5b:0e:ec:77:aa:b4:4a:e7:29:c7: 1b:68:bc:8f:87:59:6c:09:dc:29:b4:3d:44:64:10: 59:ff:2b:f2:df:55:18:eb:03:87:aa:b3:1b:e1:fe: 55:9d:df:f6:4a:65:4f:86:19:54:cd:f7:64:90:e0: b9:44:07:4e:d5:4e:a5:7c:6c:7e:cb:0e:1c:70:7d: 2d:3e:d5:eb:c5:02:8b:33:fb:8b:df:6f:d9:ab:8e: 32:ea:b9:fb:8c:34:62:d7:58:39:7d:79:54:01:5b: eb:86:d9:3f:8a:75:57:9b:5b:73:e6:51:25:10:fe: 84:94:f6:2a:1f:b8:31:0e:c5:6c:20:dd:84:95:6d: b0:ef:c8:d7:43:33:33:ed:09:88:f7:1a:f6:dc:da: 08:88:35:76:8e:a1:ce:14:8e:fe:2e:a6:81:2a:a5: a8:4b:1c:f0:3b:1b:2f:4a:a8:10:1f:ed:49:4a:f0: 3e:85:1f:0e:20:a4:ff:dd:c6:aa:c7:b2:45:b8:39: ce:0d:08:3b:c7:eb:50:a5:81:0e:f6:b8:bd:92:d8: 0f:a1:97:f9:fe:d4:dd:f7:ac:6d:0e:3c:69:6d:25: 88:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:19:8A:DE:D4:19:B9:AB:7D:BD:72:27:89:8A:3D:96:D6:2B:30:3B X509v3 Authority Key Identifier: keyid:72:73:85:3D:A0:63:EF:CB:8E:C5:44:B0:32:0D:5A:70:7B:94:C0:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cnOFPaBj78uOxUSwMg1acHuUwIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9163824/BA0EFE52FD2511E49D93273BC4F9AE02/cnOFPaBj78uOxUSwMg1acHuUwIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:63:b1:7e:82:5e:17:6a:d8:63:3e:f6:1a:e3:41:f1:e6:fb: e6:de:ca:14:17:db:77:59:bc:0d:d5:e6:4f:c9:a7:a8:8f:0c: cf:04:b1:49:6f:3c:bd:8f:96:9e:52:c0:a7:04:62:04:3f:3f: 4d:76:ba:a5:42:71:40:0a:87:11:b0:24:e3:cc:0d:38:57:f4: cd:2c:b9:69:f4:d3:5d:6c:f0:66:c8:40:ba:e2:37:bc:d4:1d: d0:89:9f:f8:f4:fc:b5:db:c0:40:44:18:e1:e2:48:c5:8b:e5: 88:cb:cd:23:70:b6:be:c3:b1:30:ce:11:82:7b:0a:30:77:8c: 4e:8d:f3:3b:f0:05:3e:36:8e:bc:3e:54:09:4b:5b:35:24:24: b8:03:d6:25:8c:b0:59:c6:07:36:10:73:32:d3:82:3f:dc:6c: 7d:50:93:07:0d:b6:4f:f1:b8:fd:06:8a:98:8b:f8:c5:a0:fb: 9c:4c:7e:bb:32:7b:76:40:3c:a2:e5:1e:44:88:ff:fa:ae:f5: 1e:42:90:19:31:83:d7:c5:0c:7a:ed:e0:47:7f:30:66:c0:51: a6:ba:84:1c:06:06:fb:1c:10:27:5b:08:1f:f7:8a:45:4b:c9: 15:7f:91:d3:6a:53:c9:08:fe:7e:b6:a8:f2:3d:00:af:11:7f: ec:4a:21:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjM4MjQxMTAvBgNVBAUTKDcyNzM4NTNEQTA2M0VGQ0I4RUM1NDRCMDMyMEQ1QTcw N0I5NEMwODkwHhcNMjUxMDE4MTU1NTE0WhcNMjUxMDI1MTU1NTE0WjAYMRYwFAYD VQQDEw02OGYzYjg2Mi03Mzg2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0bQcnCCXsEBpIbwIKmhhph4fEfGLU2+i9X0qqO0W5OTxxFsO7HeqtErnKccb aLyPh1lsCdwptD1EZBBZ/yvy31UY6wOHqrMb4f5Vnd/2SmVPhhlUzfdkkOC5RAdO 1U6lfGx+yw4ccH0tPtXrxQKLM/uL32/Zq44y6rn7jDRi11g5fXlUAVvrhtk/inVX m1tz5lElEP6ElPYqH7gxDsVsIN2ElW2w78jXQzMz7QmI9xr23NoIiDV2jqHOFI7+ LqaBKqWoSxzwOxsvSqgQH+1JSvA+hR8OIKT/3caqx7JFuDnODQg7x+tQpYEO9ri9 ktgPoZf5/tTd96xtDjxpbSWI+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIcZit7U Gbmrfb1yJ4mKPZbWKzA7MB8GA1UdIwQYMBaAFHJzhT2gY+/LjsVEsDINWnB7lMCJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MzgyNC9CQTBFRkU1MkZE MjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4dU94VVN3TWcxYWNIdVV3 SWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuT0ZQYUJqNzh1T3hVU3dNZzFhY0h1VXdJay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MzgyNC9CQTBFRkU1MkZEMjUxMUU0OUQ5MzI3M0JDNEY5QUUwMi9jbk9GUGFCajc4 dU94VVN3TWcxYWNIdVV3SWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqY7F+gl4XathjPvYa40Hx5vvm3soUF9t3WbwN1eZPyaeojwzPBLFJ bzy9j5aeUsCnBGIEPz9NdrqlQnFACocRsCTjzA04V/TNLLlp9NNdbPBmyEC64je8 1B3QiZ/49Py128BARBjh4kjFi+WIy80jcLa+w7EwzhGCewowd4xOjfM78AU+No68 PlQJS1s1JCS4A9YljLBZxgc2EHMy04I/3Gx9UJMHDbZP8bj9BoqYi/jFoPucTH67 Mnt2QDyi5R5EiP/6rvUeQpAZMYPXxQx67eBHfzBmwFGmuoQcBgb7HBAnWwgf94pF S8kVf5HTalPJCP5+tqjyPQCvEX/sSiF2 -----END CERTIFICATE-----Generated at Mon Oct 20 16:16:24 2025 by rpki-client