$ rpki-client -vvf rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/h17HLkbyzRY_Brgi5wQSmu_jGRA.mft File: h17HLkbyzRY_Brgi5wQSmu_jGRA.mft (raw, json) Hash identifier: 3WVlmnw4lyLK5aBZUxx2Z9OB5rISdCz4H+rwu2ycz0E= Subject key identifier: 0A:6A:87:43:3F:48:C0:CD:23:C3:35:1D:71:2D:63:0C:7A:94:3E:BA Authority key identifier: 87:5E:C7:2E:46:F2:CD:16:3F:06:B8:22:E7:04:12:9A:EF:E3:19:10 Certificate issuer: /CN=A917C716/serialNumber=875EC72E46F2CD163F06B822E704129AEFE31910 Certificate serial: 3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h17HLkbyzRY_Brgi5wQSmu_jGRA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/h17HLkbyzRY_Brgi5wQSmu_jGRA.mft Manifest number: 0405 Signing time: Sun 19 Oct 2025 03:41:10 +0000 Manifest this update: Sun 19 Oct 2025 03:41:10 +0000 Manifest next update: Sun 26 Oct 2025 03:41:10 +0000 Files and hashes: 1: h17HLkbyzRY_Brgi5wQSmu_jGRA.crl (hash: KMFkBhNzrDgAR4bd/Kh+xdCcQVxGPhiEvEas6vgMPAk=) 2: 9BC8AC96555C11F0AF866966C4F9AE02.roa (hash: aBG6SO8r5rIticJAwQ3F1F0hRoqPZrUVOKMtrK+PpMA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/h17HLkbyzRY_Brgi5wQSmu_jGRA.crl rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/h17HLkbyzRY_Brgi5wQSmu_jGRA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h17HLkbyzRY_Brgi5wQSmu_jGRA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 03:41:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 63 (0x3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C716, serialNumber=875EC72E46F2CD163F06B822E704129AEFE31910 Validity Not Before: Oct 19 03:41:10 2025 GMT Not After : Oct 26 03:41:10 2025 GMT Subject: CN=68f45dd6-60ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:70:59:45:cc:77:eb:07:49:85:ce:2a:10:4c: bf:63:ad:29:ed:cd:d6:31:67:ff:3d:36:2a:4a:30: 6a:30:10:a9:5a:de:b9:cb:e9:4a:66:a4:0d:97:ef: a3:a2:5b:5a:14:69:70:b2:fa:91:f2:3a:c1:9f:6d: ab:71:98:35:c1:02:57:ce:80:26:7c:15:7d:7f:41: cb:0f:bf:af:25:9b:39:10:d7:88:79:c0:97:00:e0: 3b:29:d9:24:e5:ef:b3:1a:6d:b0:34:84:eb:15:41: 10:ac:c0:75:29:67:fb:37:e6:a7:a5:f2:dd:de:cf: ff:22:44:d1:7c:a0:8b:53:2c:6b:46:1d:75:6e:57: db:47:f6:fe:12:d8:63:cc:6d:bb:c9:e6:f6:18:04: f6:e3:fd:59:22:73:c7:13:e0:5b:f6:65:58:25:e4: ea:0f:41:ed:82:8e:f5:90:b4:47:47:f1:f7:fa:68: 2a:33:fd:64:70:3d:64:ec:e1:18:dc:df:00:3b:26: a3:39:26:8a:59:c4:46:66:fa:b9:e9:d0:6d:59:3e: a2:bd:f6:32:97:43:a4:2e:51:39:da:a4:83:b4:87: e8:21:ca:a5:10:b5:da:1e:ad:8c:b2:ec:68:85:24: c4:88:8a:b2:87:07:fa:8c:e2:dc:10:3f:33:54:5d: 36:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:6A:87:43:3F:48:C0:CD:23:C3:35:1D:71:2D:63:0C:7A:94:3E:BA X509v3 Authority Key Identifier: keyid:87:5E:C7:2E:46:F2:CD:16:3F:06:B8:22:E7:04:12:9A:EF:E3:19:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/h17HLkbyzRY_Brgi5wQSmu_jGRA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h17HLkbyzRY_Brgi5wQSmu_jGRA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C716/4DB9CAC4140211EDB9663415C4F9AE02/h17HLkbyzRY_Brgi5wQSmu_jGRA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:0d:fb:7a:a6:dc:13:67:a5:88:b9:2b:11:c9:51:0d:46:3b: d2:24:cf:e3:49:2c:55:b5:7c:50:92:69:8a:a7:41:b9:01:a4: f8:37:a4:98:dd:4e:c5:22:fe:68:dd:a1:6c:af:a4:55:2e:75: 92:a6:42:ed:a7:36:2e:e7:60:76:47:87:80:fa:8c:b1:75:ef: f9:73:76:87:f1:62:67:56:38:d4:b7:59:ab:4a:d0:74:6e:4b: 0e:ac:1b:e8:0b:6f:10:2b:31:fa:72:52:95:51:e2:0a:bf:5f: 3e:8a:3c:e3:1c:7c:e6:a5:33:f3:52:be:28:90:23:be:ca:2c: 50:72:83:fe:27:cd:1a:2e:7e:d9:42:a3:43:32:88:98:ff:51: 3b:e2:9a:62:06:87:2b:04:f1:32:7b:9d:96:ee:60:5a:b2:2d: 39:ca:31:18:18:df:99:e6:89:31:08:50:b9:72:ee:b5:b7:c5: ee:64:72:0c:a6:bb:05:58:8e:52:26:f1:f9:10:d9:db:c9:21: 81:33:fd:a5:c4:c2:cd:ea:8b:55:eb:8a:80:04:a0:4b:cb:a0: 01:b6:69:9c:c1:4a:c0:6c:66:18:e5:c3:cf:24:c4:2e:2a:1e: 11:92:43:bc:ef:27:c9:07:8b:5b:72:14:47:06:5d:c6:6e:be: 05:24:d0:a7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 QzcxNjExMC8GA1UEBRMoODc1RUM3MkU0NkYyQ0QxNjNGMDZCODIyRTcwNDEyOUFF RkUzMTkxMDAeFw0yNTEwMTkwMzQxMTBaFw0yNTEwMjYwMzQxMTBaMBgxFjAUBgNV BAMTDTY4ZjQ1ZGQ2LTYwZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4cFlFzHfrB0mFzioQTL9jrSntzdYxZ/89NipKMGowEKla3rnL6UpmpA2X76Oi W1oUaXCy+pHyOsGfbatxmDXBAlfOgCZ8FX1/QcsPv68lmzkQ14h5wJcA4Dsp2STl 77MabbA0hOsVQRCswHUpZ/s35qel8t3ez/8iRNF8oItTLGtGHXVuV9tH9v4S2GPM bbvJ5vYYBPbj/Vkic8cT4Fv2ZVgl5OoPQe2CjvWQtEdH8ff6aCoz/WRwPWTs4Rjc 3wA7JqM5JopZxEZm+rnp0G1ZPqK99jKXQ6QuUTnapIO0h+ghyqUQtdoerYyy7GiF JMSIirKHB/qM4twQPzNUXTYZAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUCmqHQz9I wM0jwzUdcS1jDHqUProwHwYDVR0jBBgwFoAUh17HLkbyzRY/Brgi5wQSmu/jGRAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdDNzE2LzREQjlDQUM0MTQw MjExRURCOTY2MzQxNUM0RjlBRTAyL2gxN0hMa2J5elJZX0JyZ2k1d1FTbXVfakdS QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaDE3SExrYnl6UllfQnJnaTV3UVNtdV9qR1JBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdD NzE2LzREQjlDQUM0MTQwMjExRURCOTY2MzQxNUM0RjlBRTAyL2gxN0hMa2J5elJZ X0JyZ2k1d1FTbXVfakdSQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHAN+3qm3BNnpYi5KxHJUQ1GO9Ikz+NJLFW1fFCSaYqnQbkBpPg3pJjd TsUi/mjdoWyvpFUudZKmQu2nNi7nYHZHh4D6jLF17/lzdofxYmdWONS3WatK0HRu Sw6sG+gLbxArMfpyUpVR4gq/Xz6KPOMcfOalM/NSviiQI77KLFByg/4nzRouftlC o0MyiJj/UTvimmIGhysE8TJ7nZbuYFqyLTnKMRgY35nmiTEIULly7rW3xe5kcgym uwVYjlIm8fkQ2dvJIYEz/aXEws3qi1XrioAEoEvLoAG2aZzBSsBsZhjlw88kxC4q HhGSQ7zvJ8kHi1tyFEcGXcZuvgUk0Kc= -----END CERTIFICATE-----Generated at Mon Oct 20 10:34:26 2025 by rpki-client