$ rpki-client -vvf rpki.apnic.net/member_repository/A9174EC5/82335A20D95A11EFA02FB46FC4F9AE02/Ol4QKeZcY2gSMttn2AU90vaU5h8.mft File: Ol4QKeZcY2gSMttn2AU90vaU5h8.mft (raw, json) Hash identifier: c09XvgPTG8CmndUKxlasfP5iRCkrUN1pAyPeukzINe8= Subject key identifier: 68:69:5A:F7:63:DE:BA:C7:8E:51:EC:D8:42:BA:81:71:30:14:B5:08 Authority key identifier: 3A:5E:10:29:E6:5C:63:68:12:32:DB:67:D8:05:3D:D2:F6:94:E6:1F Certificate issuer: /CN=A9174EC5/serialNumber=3A5E1029E65C63681232DB67D8053DD2F694E61F Certificate serial: 8E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ol4QKeZcY2gSMttn2AU90vaU5h8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9174EC5/82335A20D95A11EFA02FB46FC4F9AE02/Ol4QKeZcY2gSMttn2AU90vaU5h8.mft Manifest number: 8C Signing time: Sun 19 Oct 2025 09:51:10 +0000 Manifest this update: Sun 19 Oct 2025 09:51:09 +0000 Manifest next update: Sun 26 Oct 2025 09:51:09 +0000 Files and hashes: 1: Ol4QKeZcY2gSMttn2AU90vaU5h8.crl (hash: KIZRp0l+nXXjJGTkjwBmSGeqfivQW8l4TNmPsgvZWKI=) 2: 3154E9E8993A11F0837A6E45C4F9AE02.roa (hash: kx9lWNj7NgSUFsuMfRCJDT7t5wBdkdtWpvVdEqQ2TDo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9174EC5/82335A20D95A11EFA02FB46FC4F9AE02/Ol4QKeZcY2gSMttn2AU90vaU5h8.crl rsync://rpki.apnic.net/member_repository/A9174EC5/82335A20D95A11EFA02FB46FC4F9AE02/Ol4QKeZcY2gSMttn2AU90vaU5h8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ol4QKeZcY2gSMttn2AU90vaU5h8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:51:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 142 (0x8e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9174EC5, serialNumber=3A5E1029E65C63681232DB67D8053DD2F694E61F Validity Not Before: Oct 19 09:51:09 2025 GMT Not After : Oct 26 09:51:09 2025 GMT Subject: CN=68f4b48d-0bf3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:72:b3:26:17:85:d3:4f:84:ed:da:e5:1e:2a: f3:99:72:69:e2:bf:8b:d5:ae:53:c3:5c:e7:38:dd: d1:1f:d4:88:ea:68:e3:e4:24:d0:bb:45:2c:af:8d: 4a:f7:b3:8b:e8:5b:9d:54:3a:88:bc:06:05:33:93: dd:1d:32:b4:8f:10:32:e9:fa:12:3f:5e:d3:1d:f9: 67:76:1e:13:17:bd:52:6e:a9:58:a2:70:d0:9c:6d: f7:15:61:eb:6f:45:60:c0:67:db:49:6c:7c:64:5d: dd:91:59:2d:5f:d4:e9:cb:1b:1e:c3:c8:c6:cf:0d: 58:38:b0:2c:36:9f:84:71:7f:96:3e:b0:18:55:fc: 7c:cc:9c:ba:64:35:fd:db:63:01:9e:23:24:7a:8a: 32:ee:d3:4f:3a:9b:53:fc:56:94:fa:7c:fa:b0:1c: 01:89:23:c0:3d:6c:11:f2:d5:1e:d5:61:43:dc:69: 5a:57:33:db:90:2f:70:50:ff:e1:cd:f6:d4:80:59: b1:23:97:51:b3:de:b3:62:3f:4b:d2:65:12:4e:bc: b5:07:d2:af:27:db:27:4b:21:70:f5:03:b9:6c:65: f1:cf:a7:a0:21:d1:8e:3e:4f:27:9f:ea:47:11:a1: 24:32:44:87:8e:f5:a6:8e:7f:f6:36:48:b4:b6:36: da:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:69:5A:F7:63:DE:BA:C7:8E:51:EC:D8:42:BA:81:71:30:14:B5:08 X509v3 Authority Key Identifier: keyid:3A:5E:10:29:E6:5C:63:68:12:32:DB:67:D8:05:3D:D2:F6:94:E6:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9174EC5/82335A20D95A11EFA02FB46FC4F9AE02/Ol4QKeZcY2gSMttn2AU90vaU5h8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ol4QKeZcY2gSMttn2AU90vaU5h8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9174EC5/82335A20D95A11EFA02FB46FC4F9AE02/Ol4QKeZcY2gSMttn2AU90vaU5h8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:52:2a:44:fa:34:de:1d:98:79:42:b8:44:36:d6:71:96:41: 56:99:db:d9:53:ab:99:c3:ba:a3:2e:ff:4a:b8:e6:07:4e:70: 78:88:a1:44:26:f3:db:f2:9d:54:75:e8:bb:f8:96:cb:e8:92: f2:e4:6c:0c:38:a6:02:eb:3f:40:82:80:b9:a8:7b:ff:81:c5: db:a4:85:3a:a7:29:62:2f:98:2b:f9:e0:7c:04:b0:0a:12:5a: 03:ea:c7:60:83:58:cb:2d:0d:1a:d9:45:09:aa:c2:92:dc:a9: b0:b8:94:f3:37:81:e0:2c:e2:2d:ae:10:be:4e:b9:11:a7:b9: da:c0:a3:9b:0b:62:42:cf:92:b0:25:ff:b6:62:52:6a:ed:7b: 0e:f9:ea:1b:7c:ba:b0:8c:70:ff:a6:7e:c8:f2:d3:e7:b4:88: fe:45:c4:95:29:21:73:a8:04:58:5d:02:5f:98:16:44:33:19: 5e:a8:f1:a4:db:76:02:68:6c:03:df:8a:29:ad:d6:fb:e7:72: cb:35:22:96:4c:b1:c3:42:61:bd:91:23:65:e1:84:0d:9c:84: e7:a7:fc:78:03:7e:ba:b0:78:dc:76:3b:ff:47:0a:24:86:32: b0:07:a2:64:f0:10:0d:60:96:2f:54:76:c6:f3:79:b6:a8:de: de:70:2d:d6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAI4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzRFQzUxMTAvBgNVBAUTKDNBNUUxMDI5RTY1QzYzNjgxMjMyREI2N0Q4MDUzREQy RjY5NEU2MUYwHhcNMjUxMDE5MDk1MTA5WhcNMjUxMDI2MDk1MTA5WjAYMRYwFAYD VQQDEw02OGY0YjQ4ZC0wYmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq3KzJheF00+E7drlHirzmXJp4r+L1a5Tw1znON3RH9SI6mjj5CTQu0Usr41K 97OL6FudVDqIvAYFM5PdHTK0jxAy6foSP17THflndh4TF71SbqlYonDQnG33FWHr b0VgwGfbSWx8ZF3dkVktX9Tpyxsew8jGzw1YOLAsNp+EcX+WPrAYVfx8zJy6ZDX9 22MBniMkeooy7tNPOptT/FaU+nz6sBwBiSPAPWwR8tUe1WFD3GlaVzPbkC9wUP/h zfbUgFmxI5dRs96zYj9L0mUSTry1B9KvJ9snSyFw9QO5bGXxz6egIdGOPk8nn+pH EaEkMkSHjvWmjn/2Nki0tjbaJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGhpWvdj 3rrHjlHs2EK6gXEwFLUIMB8GA1UdIwQYMBaAFDpeECnmXGNoEjLbZ9gFPdL2lOYf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NEVDNS84MjMzNUEyMEQ5 NUExMUVGQTAyRkI0NkZDNEY5QUUwMi9PbDRRS2VaY1kyZ1NNdHRuMkFVOTB2YVU1 aDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL09sNFFLZVpjWTJnU010dG4yQVU5MHZhVTVoOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NEVDNS84MjMzNUEyMEQ5NUExMUVGQTAyRkI0NkZDNEY5QUUwMi9PbDRRS2VaY1ky Z1NNdHRuMkFVOTB2YVU1aDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6UipE+jTeHZh5QrhENtZxlkFWmdvZU6uZw7qjLv9KuOYHTnB4iKFE JvPb8p1Udei7+JbL6JLy5GwMOKYC6z9AgoC5qHv/gcXbpIU6pyliL5gr+eB8BLAK EloD6sdgg1jLLQ0a2UUJqsKS3KmwuJTzN4HgLOItrhC+TrkRp7nawKObC2JCz5Kw Jf+2YlJq7XsO+eobfLqwjHD/pn7I8tPntIj+RcSVKSFzqARYXQJfmBZEMxleqPGk 23YCaGwD34oprdb753LLNSKWTLHDQmG9kSNl4YQNnITnp/x4A366sHjcdjv/Rwok hjKwB6Jk8BANYJYvVHbG83m2qN7ecC3W -----END CERTIFICATE-----Generated at Tue Oct 21 02:26:25 2025 by rpki-client