$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft File: dNRNlor0Y--xfAgNX60BDErAl6o.mft (raw, json) Hash identifier: uIbm+sScCiWZfusypBk34krNF12GvcUwR2K3C5vrSSw= Subject key identifier: 2A:BD:F3:44:A1:31:BF:61:D7:66:FA:E7:01:F5:A4:E4:DE:0A:C5:98 Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 0697 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft Manifest number: 068A Signing time: Sat 18 Oct 2025 20:28:00 +0000 Manifest this update: Sat 18 Oct 2025 20:28:00 +0000 Manifest next update: Sat 25 Oct 2025 20:28:00 +0000 Files and hashes: 1: dNRNlor0Y--xfAgNX60BDErAl6o.crl (hash: MArPhwj6BnYof30t6LCynaK5MCGxJ13iy1oSV5F/VdU=) 2: 11C0D5DA9B4011EB9C1BFC4EC4F9AE02.roa (hash: c7+1xl97Qj2WBa7uEaRi3C9ZQy4QYdknXZBQu0sbmag=) 3: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (hash: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:27:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1687 (0x697) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: Oct 18 20:28:00 2025 GMT Not After : Oct 25 20:28:00 2025 GMT Subject: CN=68f3f850-2e9c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:7c:93:a0:79:66:17:7f:68:20:55:d9:4f:52: 05:24:7b:ff:bd:b7:d8:5a:75:7f:11:5d:dc:91:09: dc:69:ca:dc:a7:76:0c:32:e8:ec:3a:9c:b6:35:e1: 1b:76:66:ac:de:49:3e:e8:c1:35:8d:63:01:38:16: 72:6e:9c:e3:90:72:9f:50:e2:5a:4a:1f:5b:af:7f: 9e:be:1b:b1:5f:af:ab:9a:40:34:ba:e7:7e:46:ae: 68:da:8a:1f:76:fb:ce:70:f8:0a:82:f5:85:67:91: e8:3c:cb:c4:23:67:f7:66:fe:61:6e:50:5d:6d:9c: 15:41:cb:09:b4:64:c2:3c:be:12:d8:8c:15:ac:d2: 8c:47:df:cc:c2:d8:03:6a:92:4c:20:eb:90:6c:da: e1:fc:ae:95:2e:25:16:2c:6d:23:d3:ea:3c:1d:f0: ab:88:cc:f4:5b:6f:40:c0:c7:a4:e8:9a:a3:d8:19: 3d:81:45:ba:1a:13:93:20:3c:4d:61:70:ab:64:34: 42:37:38:20:f7:ea:81:01:b3:5c:1d:a1:65:00:b0: 80:2e:8f:db:03:88:de:93:6a:bd:fd:bd:15:92:6d: 51:79:53:83:aa:86:fc:cc:43:d0:5c:af:93:43:b7: 64:2e:91:95:c2:5d:14:2d:bb:c6:7a:e5:4c:0f:9b: 0f:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:BD:F3:44:A1:31:BF:61:D7:66:FA:E7:01:F5:A4:E4:DE:0A:C5:98 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:c9:e2:2d:8b:48:8c:a7:20:9b:ef:74:72:0a:1c:e8:a4:2f: 30:54:40:9c:db:0a:f3:36:c3:7b:21:1d:5e:ad:15:a0:95:ae: 9c:2e:48:7f:bb:15:c0:b6:5a:88:76:1b:64:8f:98:0f:56:6b: de:f7:8b:05:04:ed:f6:ad:d7:ab:e2:87:2a:6e:1b:c0:8c:ec: 8a:38:1d:f1:83:a1:01:1d:75:e5:1f:b4:27:b9:38:69:31:2e: 62:d6:22:60:e9:4f:6b:66:5d:82:33:2e:ca:7f:2d:3c:9d:bc: 25:69:37:98:3c:81:71:cb:9f:0e:8a:47:ab:fd:e9:97:51:6d: 05:6f:55:92:7c:56:ff:03:6c:c9:f5:73:2d:65:dd:9a:d5:b9: ce:39:7d:83:04:b6:e1:1e:af:eb:e3:ca:6b:d8:cf:aa:6e:9e: d3:05:6f:58:1a:a2:e0:e3:d8:6c:64:b9:6f:40:b0:23:8f:6b: a4:41:6f:4e:24:da:b0:39:fd:ce:ee:84:cd:0a:c2:93:df:ac: 73:25:8e:b5:5d:eb:f6:d3:78:b0:31:3f:68:3e:05:c2:76:d8: 7b:be:b9:2f:c9:8b:00:47:7c:de:c4:b9:50:09:e9:09:dd:5e: 5b:34:01:7c:57:81:1b:a4:f7:ae:44:56:d9:91:d8:4f:f8:d6: f9:93:0e:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUxMDE4MjAyODAwWhcNMjUxMDI1MjAyODAwWjAYMRYwFAYD VQQDEw02OGYzZjg1MC0yZTljMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs3yToHlmF39oIFXZT1IFJHv/vbfYWnV/EV3ckQncacrcp3YMMujsOpy2NeEb dmas3kk+6ME1jWMBOBZybpzjkHKfUOJaSh9br3+evhuxX6+rmkA0uud+Rq5o2oof dvvOcPgKgvWFZ5HoPMvEI2f3Zv5hblBdbZwVQcsJtGTCPL4S2IwVrNKMR9/MwtgD apJMIOuQbNrh/K6VLiUWLG0j0+o8HfCriMz0W29AwMek6Jqj2Bk9gUW6GhOTIDxN YXCrZDRCNzgg9+qBAbNcHaFlALCALo/bA4jek2q9/b0Vkm1ReVODqob8zEPQXK+T Q7dkLpGVwl0ULbvGeuVMD5sPSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCq980Sh Mb9h12b65wH1pOTeCsWYMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC82RUZDMEJFRTk4NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFkt LXhmQWdOWDYwQkRFckFsNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA9yeIti0iMpyCb73RyChzopC8wVECc2wrzNsN7IR1erRWgla6cLkh/ uxXAtlqIdhtkj5gPVmve94sFBO32rder4ocqbhvAjOyKOB3xg6EBHXXlH7QnuThp MS5i1iJg6U9rZl2CMy7Kfy08nbwlaTeYPIFxy58Oiker/emXUW0Fb1WSfFb/A2zJ 9XMtZd2a1bnOOX2DBLbhHq/r48pr2M+qbp7TBW9YGqLg49hsZLlvQLAjj2ukQW9O JNqwOf3O7oTNCsKT36xzJY61Xev203iwMT9oPgXCdth7vrkvyYsAR3zexLlQCekJ 3V5bNAF8V4EbpPeuRFbZkdhP+Nb5kw5E -----END CERTIFICATE-----Generated at Mon Oct 20 13:41:03 2025 by rpki-client