$ rpki-client -vvf rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft File: QrsPPBhH5li75BQYSUzonOjjRIg.mft (raw, json) Hash identifier: kBNsoNrEGqoaOQJuP3+mFClPWEPudXBAqZE7njJJ6FU= Subject key identifier: 81:2A:65:4A:F9:04:78:FB:8D:29:0E:01:62:5B:43:5D:2F:DC:F9:18 Authority key identifier: 42:BB:0F:3C:18:47:E6:58:BB:E4:14:18:49:4C:E8:9C:E8:E3:44:88 Certificate issuer: /CN=A9172506/serialNumber=42BB0F3C1847E658BBE41418494CE89CE8E34488 Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft Manifest number: D2 Signing time: Sun 19 Oct 2025 08:46:05 +0000 Manifest this update: Sun 19 Oct 2025 08:46:05 +0000 Manifest next update: Sun 26 Oct 2025 08:46:05 +0000 Files and hashes: 1: QrsPPBhH5li75BQYSUzonOjjRIg.crl (hash: XoS1+VApDG5MWj6CV9Xti8u50mxlwIiX5S3fii9zKN8=) 2: DD75C9BC6EDF11EF90C49A5FC4F9AE02.roa (hash: ribPo1yuX+hIqHtl1PCEzGGO/yQznd+mDINBcQhxFF0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.crl rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:46:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172506, serialNumber=42BB0F3C1847E658BBE41418494CE89CE8E34488 Validity Not Before: Oct 19 08:46:05 2025 GMT Not After : Oct 26 08:46:05 2025 GMT Subject: CN=68f4a54d-41f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:16:b1:e0:2f:ce:55:0f:aa:a5:1a:56:66:fa: a2:8f:2b:5b:75:d6:f2:27:29:2f:33:01:9d:3e:de: f1:94:e3:75:b1:11:6c:a7:8a:cd:fd:95:e9:c5:6a: 54:f5:50:b1:68:1a:be:9e:e7:b0:ca:5a:86:2f:a8: 4d:71:62:81:44:8c:b7:ed:ac:0d:1a:c8:5a:40:bd: 61:39:8e:5f:81:cf:9e:d3:74:b4:8b:c4:58:90:da: 1e:de:39:0e:f6:df:5d:93:52:d1:00:2b:15:0f:41: d6:d5:03:e7:bd:58:2f:6d:a9:00:cf:10:27:41:2c: 77:3f:bd:29:08:ef:45:e2:5d:24:cf:2c:dd:55:56: a4:01:d7:8f:34:9f:e0:f0:1f:85:7a:b7:4b:e7:f7: 33:4f:5a:2b:40:84:64:d8:45:f5:eb:d8:bf:1b:65: 1a:df:56:0e:73:32:9c:00:fb:e7:86:05:1c:61:04: 6f:fc:28:7b:7d:4a:d0:81:16:21:aa:f0:56:f8:44: 09:00:82:3f:67:f5:1d:97:4f:8b:37:51:68:40:07: 43:e3:55:81:ba:ba:f2:5b:d4:be:b4:52:b6:15:73: 7c:76:02:3b:fc:f3:c2:49:30:0a:21:ac:01:17:e1: cd:d1:d8:86:24:1c:2c:d4:22:64:67:58:5c:17:97: 89:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:2A:65:4A:F9:04:78:FB:8D:29:0E:01:62:5B:43:5D:2F:DC:F9:18 X509v3 Authority Key Identifier: keyid:42:BB:0F:3C:18:47:E6:58:BB:E4:14:18:49:4C:E8:9C:E8:E3:44:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QrsPPBhH5li75BQYSUzonOjjRIg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172506/B04908CE6EDE11EFAAC2CB5DC4F9AE02/QrsPPBhH5li75BQYSUzonOjjRIg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:ed:5a:1b:df:4a:da:4c:e5:c1:0d:fc:ae:8d:b1:91:89:46: f5:37:bb:e0:f4:a5:61:72:a1:b7:45:14:b2:d5:61:c4:b7:41: f4:2f:dd:b3:18:c0:35:2c:1d:c1:8f:02:2c:61:7f:22:5e:60: e2:f3:9b:ce:38:8e:08:b4:f7:04:2e:98:c1:ab:6b:c5:81:a5: 3e:c7:b3:33:93:0a:06:57:27:ea:59:21:0a:70:01:42:48:53: 55:dc:4d:8b:4b:be:8f:88:f8:f1:6e:01:b5:00:70:86:18:fa: 39:2b:5d:26:ca:64:b7:41:dd:ac:78:4a:36:af:81:48:c5:50: 59:d0:7f:9d:7b:2e:e5:c4:6b:06:8d:a0:d6:4d:b1:54:70:9e: 3e:6c:d7:82:54:f7:bc:c8:ae:b7:7c:c2:02:50:03:74:0d:da: 17:fe:aa:1b:7b:5f:91:6a:1f:3b:1a:cf:67:ad:ef:d8:ec:67: 84:34:01:df:07:2a:c0:93:ee:05:f2:4b:30:c7:ea:8f:89:eb: 03:5e:d4:1d:da:67:93:80:d3:63:9e:12:9a:a6:30:81:76:74: 53:56:c9:21:c9:e6:01:25:12:18:44:4e:c7:20:82:92:13:b6: 2b:51:02:6c:74:af:cf:11:1f:ed:4d:c9:ab:bf:79:39:fb:43: 55:c2:85:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzI1MDYxMTAvBgNVBAUTKDQyQkIwRjNDMTg0N0U2NThCQkU0MTQxODQ5NENFODlD RThFMzQ0ODgwHhcNMjUxMDE5MDg0NjA1WhcNMjUxMDI2MDg0NjA1WjAYMRYwFAYD VQQDEw02OGY0YTU0ZC00MWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnxax4C/OVQ+qpRpWZvqijytbddbyJykvMwGdPt7xlON1sRFsp4rN/ZXpxWpU 9VCxaBq+nuewylqGL6hNcWKBRIy37awNGshaQL1hOY5fgc+e03S0i8RYkNoe3jkO 9t9dk1LRACsVD0HW1QPnvVgvbakAzxAnQSx3P70pCO9F4l0kzyzdVVakAdePNJ/g 8B+FerdL5/czT1orQIRk2EX169i/G2Ua31YOczKcAPvnhgUcYQRv/Ch7fUrQgRYh qvBW+EQJAII/Z/Udl0+LN1FoQAdD41WBurryW9S+tFK2FXN8dgI7/PPCSTAKIawB F+HN0diGJBws1CJkZ1hcF5eJPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIEqZUr5 BHj7jSkOAWJbQ10v3PkYMB8GA1UdIwQYMBaAFEK7DzwYR+ZYu+QUGElM6Jzo40SI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjUwNi9CMDQ5MDhDRTZF REUxMUVGQUFDMkNCNURDNEY5QUUwMi9RcnNQUEJoSDVsaTc1QlFZU1V6b25PampS SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1Fyc1BQQmhINWxpNzVCUVlTVXpvbk9qalJJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjUwNi9CMDQ5MDhDRTZFREUxMUVGQUFDMkNCNURDNEY5QUUwMi9RcnNQUEJoSDVs aTc1QlFZU1V6b25PampSSWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBl7Vob30raTOXBDfyujbGRiUb1N7vg9KVhcqG3RRSy1WHEt0H0L92z GMA1LB3BjwIsYX8iXmDi85vOOI4ItPcELpjBq2vFgaU+x7MzkwoGVyfqWSEKcAFC SFNV3E2LS76PiPjxbgG1AHCGGPo5K10mymS3Qd2seEo2r4FIxVBZ0H+dey7lxGsG jaDWTbFUcJ4+bNeCVPe8yK63fMICUAN0DdoX/qobe1+Rah87Gs9nre/Y7GeENAHf ByrAk+4F8kswx+qPiesDXtQd2meTgNNjnhKapjCBdnRTVskhyeYBJRIYRE7HIIKS E7YrUQJsdK/PER/tTcmrv3k5+0NVwoUY -----END CERTIFICATE-----Generated at Mon Oct 20 08:26:14 2025 by rpki-client