$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft File: 1CVu3CvBHIRdtQe3wKiTVEYutj0.mft (raw, json) Hash identifier: IvDjXC2dPHUDefZWvCmR/vMXT6yT5XFmOBvA+DksZiQ= Subject key identifier: 81:B8:40:EB:BD:89:90:6A:F5:59:FC:11:21:6C:D0:48:C0:16:73:62 Authority key identifier: D4:25:6E:DC:2B:C1:1C:84:5D:B5:07:B7:C0:A8:93:54:46:2E:B6:3D Certificate issuer: /CN=A9170DA5/serialNumber=D4256EDC2BC11C845DB507B7C0A89354462EB63D Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft Manifest number: 3A Signing time: Sun 19 Oct 2025 10:58:55 +0000 Manifest this update: Sun 19 Oct 2025 10:58:54 +0000 Manifest next update: Sun 26 Oct 2025 10:58:54 +0000 Files and hashes: 1: 1CVu3CvBHIRdtQe3wKiTVEYutj0.crl (hash: pet40OlKR8+mAIJT81+P34vP/lbXxOqaotM6xU+6j5A=) 2: F91ECAD6571B11F093AD0C10C4F9AE02.roa (hash: YCsx3bwrgpHgvu8ysYuX5SuZfquoTIQRzefkEGq5/wA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.crl rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:58:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=D4256EDC2BC11C845DB507B7C0A89354462EB63D Validity Not Before: Oct 19 10:58:54 2025 GMT Not After : Oct 26 10:58:54 2025 GMT Subject: CN=68f4c46f-33f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:fd:9f:e4:a1:ee:a0:87:4e:ea:38:dc:82:dc: ab:81:af:87:1a:c8:3a:18:8e:9c:c1:8a:f1:66:3f: 5a:73:7a:ca:bd:fc:4b:94:26:a1:a1:17:0b:3b:b4: f2:43:7f:4e:01:fa:81:1b:0f:f0:59:91:91:73:fe: 90:01:81:01:67:e8:85:9f:ca:b3:75:5b:d2:08:8b: 46:e4:57:78:c6:d3:40:c4:5e:46:b5:47:15:da:79: b2:18:15:e4:b7:2a:4b:bc:eb:61:5d:6d:2c:8d:d6: 20:ef:bc:5c:1c:28:e3:2d:70:ac:f6:f6:7c:e8:2e: 67:4d:da:bb:fc:72:ca:e7:f7:dd:cc:ac:66:0b:da: 69:57:bb:93:2d:38:20:1e:99:c0:83:6b:41:50:d9: 51:9a:cc:2f:68:01:ea:d5:21:5c:03:64:31:04:bb: a8:df:5d:f6:44:41:94:60:c1:53:9f:f2:9e:3d:b1: 0a:85:28:0d:b4:ab:38:b6:63:7a:e5:da:39:8d:01: ed:a5:19:7c:b1:9e:3f:cb:b4:7c:2c:88:16:aa:7d: 88:cf:d1:6e:0a:6c:40:d7:38:01:bd:5e:b6:1b:2f: fb:1d:1c:40:fe:e8:dd:c8:60:88:d6:c5:59:16:14: 0a:63:48:b2:18:46:43:98:f5:b7:e9:2a:1a:44:62: 82:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:B8:40:EB:BD:89:90:6A:F5:59:FC:11:21:6C:D0:48:C0:16:73:62 X509v3 Authority Key Identifier: keyid:D4:25:6E:DC:2B:C1:1C:84:5D:B5:07:B7:C0:A8:93:54:46:2E:B6:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:41:d4:6f:ce:2e:c5:92:7b:28:21:80:a7:f3:c4:44:63:33: 0a:6e:f7:92:4d:66:bd:95:78:07:cc:ef:a9:4e:46:1c:f9:9a: 39:90:e2:e0:97:6b:f7:d2:2e:4c:16:b6:aa:6f:da:4d:8a:df: 67:8d:21:e9:fb:96:6a:2b:6c:76:7d:99:ec:1f:82:30:e4:fe: 4f:27:ff:be:67:f1:b5:ce:5f:45:80:e6:dd:78:43:3c:ed:78: cc:e8:1f:51:75:63:18:6a:12:f4:1f:78:3f:16:00:6d:31:4d: fb:ef:10:fd:42:38:07:e3:35:fa:ea:15:47:6c:36:5b:dd:04: 66:2f:bd:7f:56:5c:75:4f:91:68:93:54:a3:cc:26:68:f2:ce: db:f1:4c:f1:fc:a7:40:03:38:90:f9:da:cd:e0:62:10:f3:b0: 8c:59:40:76:53:fe:ef:ce:89:af:47:ea:ef:b7:ab:c0:ab:24: 80:bc:62:a8:80:84:57:33:49:f8:c0:e2:e9:1e:1b:e6:90:5f: 89:5c:7d:70:84:65:48:95:1e:cd:d2:9e:1c:97:22:0a:e2:2f: 71:70:29:75:dc:6d:d2:e6:ec:15:bb:de:f4:e5:48:b2:aa:bc: b1:7d:53:af:70:df:8c:8d:0f:bd:08:ca:97:ef:3e:33:15:62: ae:02:de:00 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoRDQyNTZFREMyQkMxMUM4NDVEQjUwN0I3QzBBODkzNTQ0 NjJFQjYzRDAeFw0yNTEwMTkxMDU4NTRaFw0yNTEwMjYxMDU4NTRaMBgxFjAUBgNV BAMTDTY4ZjRjNDZmLTMzZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCd/Z/koe6gh07qONyC3KuBr4cayDoYjpzBivFmP1pzesq9/EuUJqGhFws7tPJD f04B+oEbD/BZkZFz/pABgQFn6IWfyrN1W9IIi0bkV3jG00DEXka1RxXaebIYFeS3 Kku862FdbSyN1iDvvFwcKOMtcKz29nzoLmdN2rv8csrn993MrGYL2mlXu5MtOCAe mcCDa0FQ2VGazC9oAerVIVwDZDEEu6jfXfZEQZRgwVOf8p49sQqFKA20qzi2Y3rl 2jmNAe2lGXyxnj/LtHwsiBaqfYjP0W4KbEDXOAG9XrYbL/sdHED+6N3IYIjWxVkW FApjSLIYRkOY9bfpKhpEYoKXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUgbhA672J kGr1WfwRIWzQSMAWc2IwHwYDVR0jBBgwFoAU1CVu3CvBHIRdtQe3wKiTVEYutj0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0M1NTk0MjRBNTcx QTExRjBCODUwNzM0MUM0RjlBRTAyLzFDVnUzQ3ZCSElSZHRRZTN3S2lUVkVZdXRq MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMUNWdTNDdkJISVJkdFFlM3dLaVRWRVl1dGowLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0M1NTk0MjRBNTcxQTExRjBCODUwNzM0MUM0RjlBRTAyLzFDVnUzQ3ZCSElS ZHRRZTN3S2lUVkVZdXRqMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHFB1G/OLsWSeyghgKfzxERjMwpu95JNZr2VeAfM76lORhz5mjmQ4uCX a/fSLkwWtqpv2k2K32eNIen7lmorbHZ9mewfgjDk/k8n/75n8bXOX0WA5t14Qzzt eMzoH1F1YxhqEvQfeD8WAG0xTfvvEP1COAfjNfrqFUdsNlvdBGYvvX9WXHVPkWiT VKPMJmjyztvxTPH8p0ADOJD52s3gYhDzsIxZQHZT/u/Oia9H6u+3q8CrJIC8YqiA hFczSfjA4ukeG+aQX4lcfXCEZUiVHs3SnhyXIgriL3FwKXXcbdLm7BW73vTlSLKq vLF9U69w34yND70IypfvPjMVYq4C3gA= -----END CERTIFICATE-----Generated at Tue Oct 21 04:49:34 2025 by rpki-client