$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft File: CIaR8feL2c7-2A021lDWd2emvbA.mft (raw, json) Hash identifier: ip0nlxjrEvWJNce24X+Yw3NPPYeisEaILo7KjlpPrFA= Subject key identifier: 66:CD:3D:2E:41:29:C9:91:DA:FA:0A:EA:F6:BC:19:DC:FE:55:F0:3F Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Certificate serial: 07D8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft Manifest number: 07D2 Signing time: Sat 18 Oct 2025 22:27:25 +0000 Manifest this update: Sat 18 Oct 2025 22:27:24 +0000 Manifest next update: Sat 25 Oct 2025 22:27:24 +0000 Files and hashes: 1: CIaR8feL2c7-2A021lDWd2emvbA.crl (hash: aSZ5obfQvQ12L5j2bVtK9eUX2EbZpksaO3lkrEFtVxI=) 2: F126F04A11A911EBB5A4DD83C4F9AE02.roa (hash: 7u9lFldLGtHyxwH20hTfSxqKwvd+3v0Fn/UDNDaczHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:27:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2008 (0x7d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DA4A, serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Validity Not Before: Oct 18 22:27:24 2025 GMT Not After : Oct 25 22:27:24 2025 GMT Subject: CN=68f4144c-c25c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:2f:ee:89:23:26:00:7d:ec:e9:b2:55:33:0c: 16:d1:69:50:7b:84:dc:c5:c4:9c:27:2a:ae:32:00: a8:18:cf:ad:3e:0d:c4:aa:c5:3e:91:f8:00:bc:0a: bb:82:c4:54:20:f6:82:4f:ba:fa:74:b5:81:81:62: e9:57:5e:89:51:bf:a1:c8:82:5b:8e:74:84:06:b6: 1e:15:d7:62:70:45:12:db:4d:6a:bc:95:52:89:4a: 1e:58:9e:d2:cf:a9:54:ee:63:bb:1b:1a:cd:77:2b: 6b:18:91:65:ca:d5:16:37:73:c8:73:1e:07:d7:fb: d8:ed:cf:40:ca:8a:3b:dc:ad:14:a9:55:d1:d5:a1: 85:e9:a8:5d:88:b5:74:e8:25:f7:56:13:ea:86:2a: 61:2e:c4:8b:3f:93:7b:bf:bd:0c:c7:0c:4a:56:ae: e5:b2:90:5b:89:97:9f:b0:69:9c:cb:a2:78:21:29: 57:00:b6:61:b9:61:00:bf:c8:09:d1:c2:3e:68:3e: cf:31:ac:43:27:e8:eb:e2:45:fc:d4:d1:a7:5a:98: 8d:f7:91:ba:14:a2:28:98:1a:4a:03:a8:86:85:bf: f5:31:86:35:2e:d2:94:d2:9f:3d:14:60:33:2f:88: 48:79:ec:fc:18:a1:aa:be:34:5d:6d:61:aa:e1:71: 79:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:CD:3D:2E:41:29:C9:91:DA:FA:0A:EA:F6:BC:19:DC:FE:55:F0:3F X509v3 Authority Key Identifier: keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:20:4d:fc:e3:5f:29:35:d8:23:fb:f1:b1:79:4c:5d:f1:b9: 08:27:7d:46:03:ce:60:8b:03:68:25:4a:60:d6:8a:87:ad:ca: 8e:a7:00:bf:d5:e9:e6:32:37:7d:2d:7f:d7:d4:dd:27:c9:a3: fc:45:a7:f2:0b:0f:b0:0e:13:a1:3d:91:36:d1:fb:80:10:bc: e9:bf:06:b1:5f:38:04:75:4c:80:00:87:f6:b1:18:dc:36:63: 5b:9b:2b:36:92:4f:94:1e:dc:3c:bd:c4:ad:6c:25:9d:ae:4d: 9b:da:1b:6a:fc:bb:a0:3c:d5:bb:0d:1e:57:46:5c:9f:62:e3: 09:2c:09:51:23:ef:a1:46:84:4b:6f:88:60:4a:f5:14:f4:1f: 52:02:69:81:e7:6e:04:ec:68:e5:52:65:5e:91:5c:a9:95:a9: 1f:3f:2f:e2:fc:6b:99:bc:ca:a4:d2:b1:11:1d:26:a3:25:36: af:15:ed:a8:61:04:08:32:23:27:bf:ee:b4:3f:06:e0:95:31: cc:0e:fc:41:4a:25:42:fb:35:a7:fc:98:d2:5a:d0:0f:49:79: 67:38:43:ee:d0:34:40:5a:81:1d:fd:93:81:17:cc:4b:78:31: 9c:3e:c9:b7:a8:84:81:dc:db:ab:ab:99:f5:af:5f:f5:d2:28: c0:de:99:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB9gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3 NjdBNkJEQjAwHhcNMjUxMDE4MjIyNzI0WhcNMjUxMDI1MjIyNzI0WjAYMRYwFAYD VQQDEw02OGY0MTQ0Yy1jMjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApi/uiSMmAH3s6bJVMwwW0WlQe4TcxcScJyquMgCoGM+tPg3EqsU+kfgAvAq7 gsRUIPaCT7r6dLWBgWLpV16JUb+hyIJbjnSEBrYeFddicEUS201qvJVSiUoeWJ7S z6lU7mO7GxrNdytrGJFlytUWN3PIcx4H1/vY7c9Ayoo73K0UqVXR1aGF6ahdiLV0 6CX3VhPqhiphLsSLP5N7v70MxwxKVq7lspBbiZefsGmcy6J4ISlXALZhuWEAv8gJ 0cI+aD7PMaxDJ+jr4kX81NGnWpiN95G6FKIomBpKA6iGhb/1MYY1LtKU0p89FGAz L4hIeez8GKGqvjRdbWGq4XF5iwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGbNPS5B KcmR2voK6va8Gdz+VfA/MB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12 YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REE0QS8wNTFEQUY1QTBEQzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJj Ny0yQTAyMWxEV2QyZW12YkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMIE38418pNdgj+/GxeUxd8bkIJ31GA85giwNoJUpg1oqHrcqOpwC/ 1enmMjd9LX/X1N0nyaP8RafyCw+wDhOhPZE20fuAELzpvwaxXzgEdUyAAIf2sRjc NmNbmys2kk+UHtw8vcStbCWdrk2b2htq/LugPNW7DR5XRlyfYuMJLAlRI++hRoRL b4hgSvUU9B9SAmmB524E7GjlUmVekVyplakfPy/i/GuZvMqk0rERHSajJTavFe2o YQQIMiMnv+60PwbglTHMDvxBSiVC+zWn/JjSWtAPSXlnOEPu0DRAWoEd/ZOBF8xL eDGcPsm3qISB3Nurq5n1r1/10ijA3plc -----END CERTIFICATE-----Generated at Mon Oct 20 12:08:05 2025 by rpki-client