$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft File: Psexptohoad1gV0cv-cjFLipXdk.mft (raw, json) Hash identifier: gyOcK/2xD0WlFVLxHnZICWeMjZjYQS8UpDew1sYfdBA= Subject key identifier: 17:AE:88:BF:50:D4:70:EA:B2:26:F4:24:DE:29:95:D1:DE:97:C6:21 Authority key identifier: 3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 Certificate issuer: /CN=A9170DA5/serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft Manifest number: 3A Signing time: Sun 19 Oct 2025 10:58:58 +0000 Manifest this update: Sun 19 Oct 2025 10:58:57 +0000 Manifest next update: Sun 26 Oct 2025 10:58:57 +0000 Files and hashes: 1: Psexptohoad1gV0cv-cjFLipXdk.crl (hash: wlpA/2G4hwp09zyCQy6cuDY89s/0vH/1BWqdyX7uTcI=) 2: F99E9E78571B11F093AD0C10C4F9AE02.roa (hash: Ntdzzur1e7UcFcIFXVyf4NefmktAA4cSP3KFPUhWals=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:58:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Validity Not Before: Oct 19 10:58:57 2025 GMT Not After : Oct 26 10:58:57 2025 GMT Subject: CN=68f4c471-e1e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:07:62:3d:1f:a9:88:28:11:83:e7:c6:c3:aa: a9:41:cb:7b:1a:7a:81:a6:8e:f1:56:46:cf:cf:75: fb:5d:60:26:43:7e:ca:50:3d:31:f4:41:12:76:60: e2:58:24:7d:7e:64:a1:b4:88:18:0a:51:15:00:04: 88:24:61:d4:8e:15:ba:12:6c:de:29:7b:dd:1b:95: f0:1f:df:ba:27:d5:40:f0:40:4c:5e:7d:ed:fa:d5: 7c:aa:f7:48:31:ef:63:4a:d5:36:40:ca:d6:19:72: 7c:2d:07:6c:6e:37:6d:69:47:ca:76:9e:be:7f:c7: be:a9:1d:0a:b1:8b:f0:7f:93:a4:6a:a0:f8:a8:53: 3f:b2:30:e1:68:ee:24:73:13:be:a9:d8:6e:6e:dd: b9:25:14:e5:58:ba:e9:31:9d:03:de:c5:d9:8d:8d: 3f:36:d4:db:30:2b:cd:59:c8:5f:4f:7b:48:2c:37: f7:b8:08:0b:b5:f3:6f:c8:bc:25:34:15:82:ea:21: 7a:18:00:87:3f:36:76:48:33:f9:fc:58:95:26:18: 02:ba:3e:c4:31:41:da:e2:13:e9:5c:95:2f:f8:2c: da:2b:a1:f5:cf:19:84:6b:26:a5:e6:a1:ea:ff:ef: 5a:54:cf:a3:0b:59:d4:b5:ac:7c:5b:70:21:2a:89: 98:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:AE:88:BF:50:D4:70:EA:B2:26:F4:24:DE:29:95:D1:DE:97:C6:21 X509v3 Authority Key Identifier: keyid:3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:06:83:58:ac:f0:6d:a0:70:62:18:e0:9e:50:b5:df:f1:fe: 4a:2d:4a:56:47:09:74:6c:76:db:76:f7:fa:c8:60:5f:5f:de: e5:c7:56:80:34:e4:00:16:e4:80:69:3a:4c:59:a8:b1:3f:cb: 52:30:bb:41:70:fb:53:2e:69:8b:8d:c8:aa:c8:7f:a2:78:c3: 68:fd:70:b7:76:ef:2a:bb:f3:16:56:ce:a2:ca:6a:09:ff:f6: 1b:b8:f0:ae:8d:30:27:84:29:a8:59:c4:50:40:5f:bf:cc:02: 08:fe:7a:01:cf:50:6f:00:80:33:a2:c2:8a:53:f3:d0:ec:35: 14:6e:65:ae:4b:48:6b:50:22:b9:98:bf:41:ef:8d:29:08:68: d8:bf:13:fe:02:a2:05:6a:93:88:ff:dc:c8:5d:ea:2d:96:e9: c8:68:04:fb:48:e0:89:34:98:b4:00:0d:df:80:4b:24:f9:21: 95:c2:0a:93:a9:9f:5f:f5:81:a2:d3:2a:78:ac:8f:b9:01:66: ec:38:07:90:26:9f:43:27:15:c6:f1:0f:23:34:5f:11:b5:e9: da:ca:59:50:88:1c:66:b5:7d:20:52:e2:61:16:08:2f:da:57: ad:29:ca:50:03:cc:1a:f2:f0:4d:1b:ba:8e:5d:5c:29:43:fa: fe:e4:00:8f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoM0VDN0IxQTZEQTIxQTFBNzc1ODE1RDFDQkZFNzIzMTRC OEE5NUREOTAeFw0yNTEwMTkxMDU4NTdaFw0yNTEwMjYxMDU4NTdaMBgxFjAUBgNV BAMTDTY4ZjRjNDcxLWUxZTQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDwB2I9H6mIKBGD58bDqqlBy3saeoGmjvFWRs/PdftdYCZDfspQPTH0QRJ2YOJY JH1+ZKG0iBgKURUABIgkYdSOFboSbN4pe90blfAf37on1UDwQExefe361Xyq90gx 72NK1TZAytYZcnwtB2xuN21pR8p2nr5/x76pHQqxi/B/k6RqoPioUz+yMOFo7iRz E76p2G5u3bklFOVYuukxnQPexdmNjT821NswK81ZyF9Pe0gsN/e4CAu182/IvCU0 FYLqIXoYAIc/NnZIM/n8WJUmGAK6PsQxQdriE+lclS/4LNorofXPGYRrJqXmoer/ 71pUz6MLWdS1rHxbcCEqiZilAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUF66Iv1DU cOqyJvQk3imV0d6XxiEwHwYDVR0jBBgwFoAUPsexptohoad1gV0cv+cjFLipXdkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0NFMEVEQTI2NTcx QTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2FkMWdWMGN2LWNqRkxpcFhk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHNleHB0b2hvYWQxZ1YwY3YtY2pGTGlwWGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0NFMEVEQTI2NTcxQTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2Fk MWdWMGN2LWNqRkxpcFhkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALIGg1is8G2gcGIY4J5Qtd/x/kotSlZHCXRsdtt29/rIYF9f3uXHVoA0 5AAW5IBpOkxZqLE/y1Iwu0Fw+1MuaYuNyKrIf6J4w2j9cLd27yq78xZWzqLKagn/ 9hu48K6NMCeEKahZxFBAX7/MAgj+egHPUG8AgDOiwopT89DsNRRuZa5LSGtQIrmY v0HvjSkIaNi/E/4CogVqk4j/3Mhd6i2W6choBPtI4Ik0mLQADd+ASyT5IZXCCpOp n1/1gaLTKnisj7kBZuw4B5Amn0MnFcbxDyM0XxG16drKWVCIHGa1fSBS4mEWCC/a V60pylADzBry8E0buo5dXClD+v7kAI8= -----END CERTIFICATE-----Generated at Mon Oct 20 08:00:28 2025 by rpki-client