$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft File: 0aHv0iQTWusJg56ovbjNxZnOZX8.mft (raw, json) Hash identifier: m1+K5JNlL/KK6IO3S/uM2YqI0TXe+x94Uegb7m05ZDM= Subject key identifier: 50:54:A2:7E:0C:30:3E:ED:07:7D:84:A5:DC:B0:D2:AC:68:25:71:56 Authority key identifier: D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F Certificate issuer: /CN=A917D9FC/serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Certificate serial: 04D6 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft Manifest number: 04D1 Signing time: Sat 18 Oct 2025 16:54:24 +0000 Manifest this update: Sat 18 Oct 2025 16:54:24 +0000 Manifest next update: Sat 25 Oct 2025 16:54:24 +0000 Files and hashes: 1: 0aHv0iQTWusJg56ovbjNxZnOZX8.crl (hash: DT0zla6m6fE3j8hQlU/1pwqEDa2FQzSwNhgcQDRL9Sg=) 2: AD94C92242BA11ECB1E8FF11C4F9AE02.roa (hash: v+UfHJBNUMJhgU+Hq/Ni7UlIWeTPSw4kY7gKtnOeoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:54:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1238 (0x4d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Validity Not Before: Oct 18 16:54:24 2025 GMT Not After : Oct 25 16:54:24 2025 GMT Subject: CN=68f3c640-6bc9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:93:57:e1:eb:3a:e4:76:d6:ee:c6:1e:cb:cc: 7b:68:ac:96:5f:09:89:ea:78:f5:04:e1:89:ba:8a: 40:f9:03:25:cb:da:ac:19:00:05:7c:ae:2e:55:15: 79:b4:1e:0f:7c:65:c8:59:a0:4b:27:29:ed:47:65: de:ac:7f:b5:55:96:f1:34:15:02:05:99:7b:f9:61: c4:54:79:6c:03:16:53:69:9f:d4:0f:80:02:cf:4c: 87:f4:e6:a8:a5:bb:92:41:b3:1e:02:97:fe:c6:b0: 5e:a0:58:01:ab:c3:8d:df:78:6f:a3:77:77:29:7c: 10:60:98:5b:cb:d4:0b:f5:9a:69:c5:40:64:d5:07: 77:8a:a0:fc:a8:c6:7d:17:9b:28:d2:07:3d:52:b4: 63:a6:30:07:f2:e3:97:a1:76:a1:d9:5c:37:30:71: 6e:ee:f1:cf:17:96:62:19:49:fa:e5:10:ae:80:cd: 9e:db:cd:b3:1f:d3:ac:7b:af:41:0f:5f:b7:89:c0: bc:59:1c:be:97:8c:cd:31:10:60:b3:63:11:58:4c: 37:4e:35:7a:ec:d6:61:ef:54:37:54:27:8d:b2:c6: dc:a9:47:c7:8c:8a:79:03:cc:20:bb:76:f6:d8:c7: e4:37:34:59:38:0a:94:9f:e1:cc:1f:ac:9e:33:f8: a0:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:54:A2:7E:0C:30:3E:ED:07:7D:84:A5:DC:B0:D2:AC:68:25:71:56 X509v3 Authority Key Identifier: keyid:D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:5a:cf:90:0c:52:39:86:11:9b:71:29:ce:2c:5e:78:d3:e8: 84:6f:24:4d:fd:c9:12:b8:fe:8f:10:fd:96:22:0e:2b:ad:86: 3c:71:bb:e3:3c:40:c4:3c:ce:22:00:fb:ba:0c:40:b3:33:17: cf:5b:fe:fd:0f:25:be:76:1a:4f:60:a6:1a:ed:e3:74:84:43: d9:dc:a6:d4:08:86:f3:0f:09:c4:de:6c:95:e8:d0:57:05:da: 49:ab:62:ef:0a:3c:87:0f:b0:17:b4:e1:e5:25:05:b9:75:b3: e5:d6:21:83:05:6f:e2:fd:55:68:56:ca:e5:38:10:0f:ea:2b: e9:c1:66:1d:5a:02:c5:04:59:47:02:b6:5d:93:09:2d:57:3b: 61:6e:84:47:a1:c9:e3:88:43:c8:8b:19:cb:5f:5a:5a:25:43: 10:ec:b9:97:ed:b5:42:65:84:19:d2:57:f3:17:dd:62:a1:7a: d1:a7:e0:07:d4:11:b2:75:55:c3:21:7b:20:65:6f:a5:7a:c6: 41:fa:ca:d3:6c:0f:9a:bb:7a:c9:6c:06:2a:87:95:70:ee:8c: 16:c5:5c:fd:1c:59:c8:4a:c3:01:73:7e:77:f0:ee:57:41:bb: d7:d3:29:b5:cc:c4:91:ae:be:a0:50:54:81:4f:3b:5a:45:43: b0:17:da:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBNYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKEQxQTFFRkQyMjQxMzVBRUIwOTgzOUVBOEJEQjhDREM1 OTlDRTY1N0YwHhcNMjUxMDE4MTY1NDI0WhcNMjUxMDI1MTY1NDI0WjAYMRYwFAYD VQQDEw02OGYzYzY0MC02YmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmJNX4es65HbW7sYey8x7aKyWXwmJ6nj1BOGJuopA+QMly9qsGQAFfK4uVRV5 tB4PfGXIWaBLJyntR2XerH+1VZbxNBUCBZl7+WHEVHlsAxZTaZ/UD4ACz0yH9Oao pbuSQbMeApf+xrBeoFgBq8ON33hvo3d3KXwQYJhby9QL9ZppxUBk1Qd3iqD8qMZ9 F5so0gc9UrRjpjAH8uOXoXah2Vw3MHFu7vHPF5ZiGUn65RCugM2e282zH9Ose69B D1+3icC8WRy+l4zNMRBgs2MRWEw3TjV67NZh71Q3VCeNssbcqUfHjIp5A8wgu3b2 2MfkNzRZOAqUn+HMH6yeM/igLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFBUon4M MD7tB32Epdyw0qxoJXFWMB8GA1UdIwQYMBaAFNGh79IkE1rrCYOeqL24zcWZzmV/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy83QTMwMkQwMDQy QjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1c0pnNTZvdmJqTnhabk9a WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBhSHYwaVFUV3VzSmc1Nm92YmpOeFpuT1pYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlGQy83QTMwMkQwMDQyQjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1 c0pnNTZvdmJqTnhabk9aWDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDFWs+QDFI5hhGbcSnOLF540+iEbyRN/ckSuP6PEP2WIg4rrYY8cbvj PEDEPM4iAPu6DECzMxfPW/79DyW+dhpPYKYa7eN0hEPZ3KbUCIbzDwnE3myV6NBX BdpJq2LvCjyHD7AXtOHlJQW5dbPl1iGDBW/i/VVoVsrlOBAP6ivpwWYdWgLFBFlH ArZdkwktVzthboRHocnjiEPIixnLX1paJUMQ7LmX7bVCZYQZ0lfzF91ioXrRp+AH 1BGydVXDIXsgZW+lesZB+srTbA+au3rJbAYqh5Vw7owWxVz9HFnISsMBc3538O5X QbvX0ym1zMSRrr6gUFSBTztaRUOwF9om -----END CERTIFICATE-----Generated at Mon Oct 20 18:22:37 2025 by rpki-client