$ rpki-client -vvf rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft File: PG7AmwlfpfUTYVEIpUR8rLcasaE.mft (raw, json) Hash identifier: owHuy6WfwBJjEcYq07ahmsMK+PsDVDBZqtS0xInOYbk= Subject key identifier: 35:3E:9D:F7:2C:37:47:63:C0:09:20:69:7E:40:01:05:37:91:B8:A1 Authority key identifier: 3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 Certificate issuer: /CN=A917E4BA/serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Certificate serial: 0B05 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft Manifest number: 0AFF Signing time: Mon 20 Oct 2025 20:05:56 +0000 Manifest this update: Mon 20 Oct 2025 20:05:55 +0000 Manifest next update: Mon 27 Oct 2025 20:05:55 +0000 Files and hashes: 1: PG7AmwlfpfUTYVEIpUR8rLcasaE.crl (hash: sVjF+7Fzc4fmcOrT1rNhW9MA0MUgC8FbF00BDa4SL6Y=) 2: 66F91334ED4911ED9A90391BC4F9AE02.roa (hash: DjUQP/nHkYcgIi1MW0o7fyHbM5U6rKdni2IBdc+KG/Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:05:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2821 (0xb05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E4BA, serialNumber=3C6EC09B095FA5F513615108A5447CACB71AB1A1 Validity Not Before: Oct 20 20:05:55 2025 GMT Not After : Oct 27 20:05:55 2025 GMT Subject: CN=68f69623-d8c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:5d:06:70:3e:a5:41:1a:ac:33:6f:6f:59:0f: 86:34:cc:d5:b9:a5:1d:34:5f:f7:9e:e3:73:7d:2c: 87:43:8c:10:be:5f:bd:90:d8:0d:27:cf:17:b4:5c: c0:2a:60:3d:c1:75:35:f2:5f:69:ed:d6:fe:d0:7e: e2:96:44:10:5a:25:26:b6:53:90:e5:d2:6f:5c:25: ab:15:c5:cb:cf:35:42:37:74:70:84:41:dc:f5:7e: df:06:07:32:f2:c7:f3:cb:44:79:37:69:67:31:0f: ef:31:bc:63:fd:56:0a:33:51:44:6d:72:63:c4:59: 72:75:73:54:f6:f5:54:43:b0:0e:aa:1e:44:45:ee: 59:17:18:0b:e9:4e:71:44:de:fd:e1:1f:81:f4:06: 0f:e3:f7:0e:1d:b3:35:bc:8e:be:1d:ed:c1:49:0e: 66:54:8c:10:86:a8:de:f1:08:79:5f:d3:8b:84:fe: a7:7a:ae:45:c0:07:1d:d7:0e:b3:3f:bb:07:14:ee: e2:f2:f5:98:d5:3f:2a:92:fb:e8:4a:c3:f2:f9:88: 39:bb:75:52:a6:63:ee:f6:d4:83:f1:71:5b:63:71: 2b:af:43:ac:67:69:9c:42:43:ad:da:07:71:ca:bb: 16:9e:37:42:aa:ef:63:1d:29:41:74:4a:ea:09:48: 1e:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 35:3E:9D:F7:2C:37:47:63:C0:09:20:69:7E:40:01:05:37:91:B8:A1 X509v3 Authority Key Identifier: keyid:3C:6E:C0:9B:09:5F:A5:F5:13:61:51:08:A5:44:7C:AC:B7:1A:B1:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PG7AmwlfpfUTYVEIpUR8rLcasaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E4BA/C952AC9E52DC11EA82601B0FC4F9AE02/PG7AmwlfpfUTYVEIpUR8rLcasaE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:7a:0d:09:03:99:fd:ff:e9:59:4e:a8:79:72:68:7f:f7:5d: 2b:7e:97:e3:11:80:b3:2c:e8:37:4e:3a:74:c5:7c:0e:b3:10: bc:76:de:80:20:fb:5c:fa:1a:79:9d:7d:a2:a4:41:f6:e7:3d: 04:ef:1e:19:a8:f2:64:db:1a:02:9b:02:cc:04:38:20:f7:7e: cd:fd:11:b4:8c:d0:a5:b6:ed:da:9e:aa:08:4a:e6:ac:b3:1f: 53:e7:44:64:30:6e:0f:3b:6f:2c:63:11:71:9f:b5:88:22:66: 71:42:72:06:49:14:5b:2c:3a:84:7a:70:52:3e:5d:0a:38:82: 4e:18:01:fd:aa:92:11:9f:65:26:cc:01:28:3f:59:0d:6e:a9: fe:34:0f:34:e8:25:e5:5c:bc:42:3a:2c:88:cf:c8:96:5c:f0: a6:35:07:c8:dc:a4:b6:ba:9d:9e:7f:f3:bd:fe:81:46:e2:f3: 1c:0a:86:1e:78:e6:ef:b6:f2:b2:92:ec:d6:bb:1a:84:c2:5b: 5e:aa:e0:15:35:e1:4d:27:2e:e0:6b:b5:43:d6:f2:1d:45:41: 2c:dc:20:66:9e:9b:0e:53:37:2c:22:8f:0a:ab:9d:03:fb:5e: 3f:69:01:20:bc:d5:48:0a:e6:ac:c1:49:1b:bc:59:50:5a:43: c1:ba:d7:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCwUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0QkExMTAvBgNVBAUTKDNDNkVDMDlCMDk1RkE1RjUxMzYxNTEwOEE1NDQ3Q0FD QjcxQUIxQTEwHhcNMjUxMDIwMjAwNTU1WhcNMjUxMDI3MjAwNTU1WjAYMRYwFAYD VQQDEw02OGY2OTYyMy1kOGM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzV0GcD6lQRqsM29vWQ+GNMzVuaUdNF/3nuNzfSyHQ4wQvl+9kNgNJ88XtFzA KmA9wXU18l9p7db+0H7ilkQQWiUmtlOQ5dJvXCWrFcXLzzVCN3RwhEHc9X7fBgcy 8sfzy0R5N2lnMQ/vMbxj/VYKM1FEbXJjxFlydXNU9vVUQ7AOqh5ERe5ZFxgL6U5x RN794R+B9AYP4/cOHbM1vI6+He3BSQ5mVIwQhqje8Qh5X9OLhP6neq5FwAcd1w6z P7sHFO7i8vWY1T8qkvvoSsPy+Yg5u3VSpmPu9tSD8XFbY3Err0OsZ2mcQkOt2gdx yrsWnjdCqu9jHSlBdErqCUge9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDU+nfcs N0djwAkgaX5AAQU3kbihMB8GA1UdIwQYMBaAFDxuwJsJX6X1E2FRCKVEfKy3GrGh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTRCQS9DOTUyQUM5RTUy REMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBmVVRZVkVJcFVSOHJMY2Fz YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BHN0Ftd2xmcGZVVFlWRUlwVVI4ckxjYXNhRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTRCQS9DOTUyQUM5RTUyREMxMUVBODI2MDFCMEZDNEY5QUUwMi9QRzdBbXdsZnBm VVRZVkVJcFVSOHJMY2FzYUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxeg0JA5n9/+lZTqh5cmh/910rfpfjEYCzLOg3Tjp0xXwOsxC8dt6A IPtc+hp5nX2ipEH25z0E7x4ZqPJk2xoCmwLMBDgg937N/RG0jNCltu3anqoISuas sx9T50RkMG4PO28sYxFxn7WIImZxQnIGSRRbLDqEenBSPl0KOIJOGAH9qpIRn2Um zAEoP1kNbqn+NA806CXlXLxCOiyIz8iWXPCmNQfI3KS2up2ef/O9/oFG4vMcCoYe eObvtvKykuzWuxqEwltequAVNeFNJy7ga7VD1vIdRUEs3CBmnpsOUzcsIo8Kq50D +14/aQEgvNVICuaswUkbvFlQWkPButcP -----END CERTIFICATE-----Generated at Tue Oct 21 08:09:10 2025 by rpki-client