$ rpki-client -vvf rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft File: nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft (raw, json) Hash identifier: rgln7+Tyzyv1L+eDa0I4wOQlwGw+pCrio55UTwOxaV4= Subject key identifier: 9A:65:0E:45:56:53:37:7A:C7:62:09:74:14:84:69:7A:BC:60:DF:69 Authority key identifier: 9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD Certificate issuer: /CN=A9185D34/serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Certificate serial: 0857 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft Manifest number: 084A Signing time: Sat 18 Oct 2025 21:57:15 +0000 Manifest this update: Sat 18 Oct 2025 21:57:15 +0000 Manifest next update: Sat 25 Oct 2025 21:57:15 +0000 Files and hashes: 1: nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl (hash: aMSUYrI78hy1KIL8aExl9z9IaD614lZLkcVpTOD9umI=) 2: C1171FCAB1B111ECBA7F614FC4F9AE02.roa (hash: 5pc4Fgf96yhJHg1dXqyOkvTiTCFOmyYqtcguriQDwlE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:57:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2135 (0x857) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185D34, serialNumber=9EC1216D256416403CB5C53E7345530F83272CDD Validity Not Before: Oct 18 21:57:15 2025 GMT Not After : Oct 25 21:57:15 2025 GMT Subject: CN=68f40d3b-43ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:78:0b:1d:54:c1:97:53:3c:9a:70:2b:43:bf: 23:fe:6d:ab:ab:5d:4d:73:12:25:fe:23:da:c0:85: 34:28:ec:65:5b:c8:d7:20:f4:8a:9f:a8:69:ec:a8: f4:01:ba:a0:1f:11:5b:bd:3e:91:0f:5f:bb:67:ef: 95:81:8b:5b:56:2c:d2:83:bd:bb:c8:50:0b:b9:34: fe:71:03:2c:02:88:83:f2:5d:c5:e6:45:62:49:2e: dc:b8:19:96:c7:dd:ee:96:8e:2f:e8:33:0e:1c:1f: f8:7f:a3:52:8b:2c:13:58:36:d6:50:62:d5:32:a1: d8:be:0b:2f:21:3a:2d:10:44:49:2f:23:dc:59:32: 6f:76:af:6a:c0:60:45:b7:db:b8:4c:2b:5a:9f:4b: b5:74:9f:97:8c:11:6f:01:30:3f:8f:7f:1b:1e:fe: 05:ec:86:4a:f1:6a:28:41:ae:33:d3:b0:8d:4e:6c: af:bf:d6:aa:43:ba:16:2f:54:1a:5e:23:29:0a:e9: 56:96:1c:2a:21:84:32:cc:2f:b9:16:30:7a:37:59: 86:30:8d:38:af:76:20:b3:26:ea:74:d8:49:81:a2: 1d:6e:50:07:d3:97:2d:af:c9:b6:c1:29:0a:df:85: ff:b2:1c:38:91:8f:1e:9a:ed:35:59:e9:fb:07:76: d3:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:65:0E:45:56:53:37:7A:C7:62:09:74:14:84:69:7A:BC:60:DF:69 X509v3 Authority Key Identifier: keyid:9E:C1:21:6D:25:64:16:40:3C:B5:C5:3E:73:45:53:0F:83:27:2C:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/nsEhbSVkFkA8tcU-c0VTD4MnLN0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185D34/DBA87858E6A011EAA8544B43C4F9AE02/nsEhbSVkFkA8tcU-c0VTD4MnLN0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 74:1e:45:18:d1:3e:d1:ce:4a:51:fc:70:5e:e4:27:7a:17:6c: 35:b4:00:56:d7:63:42:24:1d:fb:a6:57:d6:bb:97:62:00:4d: d3:c4:d1:e4:3f:89:16:1d:24:8e:8f:54:d5:c7:64:17:b4:43: ac:b5:ce:1d:09:60:08:ee:9f:27:b6:0f:eb:e2:5c:3e:89:1a: 2e:3b:0f:43:5c:ba:52:46:0e:ff:3a:d5:08:b0:46:d0:dc:0a: ab:80:6e:ae:86:c8:4b:13:2c:d6:cd:53:a9:09:4a:ee:f2:b9: 2b:97:48:8c:c5:37:47:ec:30:4e:86:94:2a:dc:da:ad:e9:b5: fb:a0:a9:4e:29:ed:4d:ab:1e:68:92:1a:f7:09:b5:1f:b1:c6: fb:6e:d6:09:fc:14:52:c0:54:5a:7d:dc:ff:10:51:d4:34:7a: 34:b4:e1:64:33:74:2a:73:89:2c:0d:95:e1:59:6a:f2:54:d0: d7:8a:b2:75:e0:ab:47:75:4f:d6:b0:d4:c3:0b:1d:c4:c6:11: 49:4a:bd:b5:9c:f4:aa:11:c9:e1:e6:72:14:ad:b5:6d:2d:7c: 27:1a:53:2f:16:65:26:44:db:bf:06:12:d7:e0:c6:10:11:6d: ea:12:35:66:19:da:02:1e:bb:ea:c6:8a:de:6b:a3:e4:b8:13: 62:0f:a4:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVEMzQxMTAvBgNVBAUTKDlFQzEyMTZEMjU2NDE2NDAzQ0I1QzUzRTczNDU1MzBG ODMyNzJDREQwHhcNMjUxMDE4MjE1NzE1WhcNMjUxMDI1MjE1NzE1WjAYMRYwFAYD VQQDEw02OGY0MGQzYi00M2FiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwHgLHVTBl1M8mnArQ78j/m2rq11NcxIl/iPawIU0KOxlW8jXIPSKn6hp7Kj0 AbqgHxFbvT6RD1+7Z++VgYtbVizSg727yFALuTT+cQMsAoiD8l3F5kViSS7cuBmW x93ulo4v6DMOHB/4f6NSiywTWDbWUGLVMqHYvgsvITotEERJLyPcWTJvdq9qwGBF t9u4TCtan0u1dJ+XjBFvATA/j38bHv4F7IZK8WooQa4z07CNTmyvv9aqQ7oWL1Qa XiMpCulWlhwqIYQyzC+5FjB6N1mGMI04r3YgsybqdNhJgaIdblAH05ctr8m2wSkK 34X/shw4kY8emu01Wen7B3bTHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJplDkVW Uzd6x2IJdBSEaXq8YN9pMB8GA1UdIwQYMBaAFJ7BIW0lZBZAPLXFPnNFUw+DJyzd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUQzNC9EQkE4Nzg1OEU2 QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0ZrQTh0Y1UtYzBWVEQ0TW5M TjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL25zRWhiU1ZrRmtBOHRjVS1jMFZURDRNbkxOMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUQzNC9EQkE4Nzg1OEU2QTAxMUVBQTg1NDRCNDNDNEY5QUUwMi9uc0VoYlNWa0Zr QTh0Y1UtYzBWVEQ0TW5MTjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB0HkUY0T7RzkpR/HBe5Cd6F2w1tABW12NCJB37plfWu5diAE3TxNHk P4kWHSSOj1TVx2QXtEOstc4dCWAI7p8ntg/r4lw+iRouOw9DXLpSRg7/OtUIsEbQ 3AqrgG6uhshLEyzWzVOpCUru8rkrl0iMxTdH7DBOhpQq3Nqt6bX7oKlOKe1Nqx5o khr3CbUfscb7btYJ/BRSwFRafdz/EFHUNHo0tOFkM3Qqc4ksDZXhWWryVNDXirJ1 4KtHdU/WsNTDCx3ExhFJSr21nPSqEcnh5nIUrbVtLXwnGlMvFmUmRNu/BhLX4MYQ EW3qEjVmGdoCHrvqxorea6PkuBNiD6QE -----END CERTIFICATE-----Generated at Mon Oct 20 16:15:24 2025 by rpki-client