$ rpki-client -vvf rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft File: D2tHILCjVyLYXzRG79R0C9NBg04.mft (raw, json) Hash identifier: sDHLvcZDihPeUilZKoWl3zTPZAaFrse3xFDOlBd6aZg= Subject key identifier: B1:46:C6:80:E8:84:FC:52:11:89:CD:E8:9C:7C:D7:9B:AF:F9:C5:47 Authority key identifier: 0F:6B:47:20:B0:A3:57:22:D8:5F:34:46:EF:D4:74:0B:D3:41:83:4E Certificate issuer: /CN=A91850AD/serialNumber=0F6B4720B0A35722D85F3446EFD4740BD341834E Certificate serial: D7 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D2tHILCjVyLYXzRG79R0C9NBg04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft Manifest number: D6 Signing time: Sun 19 Oct 2025 08:38:44 +0000 Manifest this update: Sun 19 Oct 2025 08:38:44 +0000 Manifest next update: Sun 26 Oct 2025 08:38:44 +0000 Files and hashes: 1: D2tHILCjVyLYXzRG79R0C9NBg04.crl (hash: /rgP+GYS4z3hXn15s87IZdSKGM7H1hBJ/PobOjycSHc=) 2: CD1FB5C2643611EFA2C41948C4F9AE02.roa (hash: 2LzL+Qzx3p8kIBRv0QRWzi2huUwOzt6OF9O+pNxeoDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.crl rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D2tHILCjVyLYXzRG79R0C9NBg04.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:38:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 215 (0xd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91850AD, serialNumber=0F6B4720B0A35722D85F3446EFD4740BD341834E Validity Not Before: Oct 19 08:38:44 2025 GMT Not After : Oct 26 08:38:44 2025 GMT Subject: CN=68f4a394-15f6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:22:c1:38:ab:87:e9:4d:1c:5c:9e:56:69:9e: 4a:98:32:98:77:e3:34:65:2c:8d:7f:37:96:bd:be: 49:29:52:bf:bd:ec:83:ef:35:c8:1c:c7:3f:22:42: 18:f1:a5:26:8f:f9:d7:e0:b1:95:4c:89:72:20:3a: f8:bb:a3:58:27:bf:a4:80:e0:d1:4a:92:d6:60:f1: 96:6b:f7:5e:5f:0e:2d:05:0a:b5:91:04:1b:a8:cf: 1d:ed:eb:cf:0c:23:48:b4:35:a5:2b:04:50:3a:fb: e7:94:ed:8c:09:2a:c7:43:ad:cf:1a:6d:93:bd:b8: df:6b:20:09:1e:42:c6:35:d1:70:9f:8b:64:36:48: ec:a8:29:f7:3b:03:9e:ca:57:1b:0b:73:ef:34:2d: c4:20:53:c5:4e:37:aa:fa:0a:b7:32:23:f1:f5:23: ac:d5:08:fb:92:dd:a8:2b:52:ed:d5:c5:fd:ef:1c: b7:05:80:10:c3:d8:7d:62:19:dc:e9:cb:01:39:5c: 5c:a8:2f:ef:17:18:9a:c9:71:a9:10:10:e0:85:45: 79:07:53:18:5a:69:20:a5:af:e8:b4:d3:77:f5:88: 84:c9:5c:59:2d:07:c2:df:eb:03:57:95:00:24:a9: 55:60:56:c3:b8:f2:1c:79:b0:34:3a:de:d2:f2:70: 25:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:46:C6:80:E8:84:FC:52:11:89:CD:E8:9C:7C:D7:9B:AF:F9:C5:47 X509v3 Authority Key Identifier: keyid:0F:6B:47:20:B0:A3:57:22:D8:5F:34:46:EF:D4:74:0B:D3:41:83:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D2tHILCjVyLYXzRG79R0C9NBg04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:7d:1c:a1:fe:16:dd:9c:93:17:09:87:90:e3:98:d5:5b:53: c0:89:cd:8d:e0:1b:37:cc:5c:b8:fe:82:ef:83:d8:39:8d:7e: 48:ca:cb:a1:0e:1c:fd:6c:5e:1b:86:a0:f3:21:61:06:64:f8: 72:80:44:d0:af:c2:62:f8:06:16:88:2a:c9:09:93:d5:a2:1f: 54:eb:f8:34:0e:42:25:a8:16:a7:0e:34:6f:45:8c:55:d9:53: 45:88:1d:1b:6c:66:03:2f:d7:f8:60:a4:a9:c3:b1:fb:f6:2d: c1:cf:d9:bf:da:3c:ed:95:6f:00:ff:8c:31:39:ae:39:68:47: 7b:94:3e:6f:0b:a7:c4:0b:23:aa:4c:22:86:6f:c4:4a:f1:36: 61:7a:c0:82:a5:e0:2f:22:57:a1:f5:a7:1c:e0:51:c0:f5:9f: 40:42:92:63:14:8d:f0:56:c3:43:66:e8:bc:da:68:89:59:b0: ad:5d:5e:4a:74:8c:50:c4:7e:24:2c:f2:64:96:1f:58:88:9d: 3e:24:c2:91:75:96:34:a9:c6:bc:38:2c:b1:f4:b9:c5:54:84: ce:c3:51:b6:cc:77:63:f3:3c:ab:26:1f:3b:fa:4b:d0:fe:20: 14:ef:c4:f4:da:12:57:ff:b2:de:0c:6f:5b:31:9f:3f:07:12: 89:3e:6a:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODUwQUQxMTAvBgNVBAUTKDBGNkI0NzIwQjBBMzU3MjJEODVGMzQ0NkVGRDQ3NDBC RDM0MTgzNEUwHhcNMjUxMDE5MDgzODQ0WhcNMjUxMDI2MDgzODQ0WjAYMRYwFAYD VQQDEw02OGY0YTM5NC0xNWY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsiLBOKuH6U0cXJ5WaZ5KmDKYd+M0ZSyNfzeWvb5JKVK/veyD7zXIHMc/IkIY 8aUmj/nX4LGVTIlyIDr4u6NYJ7+kgODRSpLWYPGWa/deXw4tBQq1kQQbqM8d7evP DCNItDWlKwRQOvvnlO2MCSrHQ63PGm2TvbjfayAJHkLGNdFwn4tkNkjsqCn3OwOe ylcbC3PvNC3EIFPFTjeq+gq3MiPx9SOs1Qj7kt2oK1Lt1cX97xy3BYAQw9h9Yhnc 6csBOVxcqC/vFxiayXGpEBDghUV5B1MYWmkgpa/otNN39YiEyVxZLQfC3+sDV5UA JKlVYFbDuPIcebA0Ot7S8nAlwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLFGxoDo hPxSEYnN6Jx815uv+cVHMB8GA1UdIwQYMBaAFA9rRyCwo1ci2F80Ru/UdAvTQYNO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTBBRC82MEVCRTFBQzY0 MzQxMUVGODQyRkM2MjBDNEY5QUUwMi9EMnRISUxDalZ5TFlYelJHNzlSMEM5TkJn MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0QydEhJTENqVnlMWVh6Ukc3OVIwQzlOQmcwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NTBBRC82MEVCRTFBQzY0MzQxMUVGODQyRkM2MjBDNEY5QUUwMi9EMnRISUxDalZ5 TFlYelJHNzlSMEM5TkJnMDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADfRyh/hbdnJMXCYeQ45jVW1PAic2N4Bs3zFy4/oLvg9g5jX5Iysuh Dhz9bF4bhqDzIWEGZPhygETQr8Ji+AYWiCrJCZPVoh9U6/g0DkIlqBanDjRvRYxV 2VNFiB0bbGYDL9f4YKSpw7H79i3Bz9m/2jztlW8A/4wxOa45aEd7lD5vC6fECyOq TCKGb8RK8TZhesCCpeAvIleh9acc4FHA9Z9AQpJjFI3wVsNDZui82miJWbCtXV5K dIxQxH4kLPJklh9YiJ0+JMKRdZY0qca8OCyx9LnFVITOw1G2zHdj8zyrJh87+kvQ /iAU78T02hJX/7LeDG9bMZ8/BxKJPmoG -----END CERTIFICATE-----Generated at Tue Oct 21 08:09:14 2025 by rpki-client