$ rpki-client -vvf rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft File: hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft (raw, json) Hash identifier: r7/2eQWqXzROKVTQxCPt0UkKMpsZ/H6B7BTjy+z+G9Q= Subject key identifier: 38:BA:13:E2:87:8B:6F:EE:DE:A3:B8:E2:55:0A:AF:AC:17:44:04:86 Authority key identifier: 84:8A:79:AB:50:41:E7:1C:E6:22:50:B5:7F:C1:E0:F5:49:78:C9:3A Certificate issuer: /CN=A918EC78/serialNumber=848A79AB5041E71CE62250B57FC1E0F54978C93A Certificate serial: 0AC7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft Manifest number: 0AC1 Signing time: Sat 18 Oct 2025 20:24:27 +0000 Manifest this update: Sat 18 Oct 2025 20:24:26 +0000 Manifest next update: Sat 25 Oct 2025 20:24:26 +0000 Files and hashes: 1: hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.crl (hash: eAnJ/Iv34Oaaz85KeY0mvZJX/3XSwJC0rXo4LhXca+Q=) 2: BF77D1785DCB11EA880A7643C4F9AE02.roa (hash: H4kc+9yjECNKJF53s7PJuRCRHGgJ3Wfs6TYEVDFyAU4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.crl rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:24:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2759 (0xac7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EC78, serialNumber=848A79AB5041E71CE62250B57FC1E0F54978C93A Validity Not Before: Oct 18 20:24:26 2025 GMT Not After : Oct 25 20:24:26 2025 GMT Subject: CN=68f3f77a-29cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:1a:98:3a:5c:18:d4:ab:96:b5:0e:03:57:a4: fd:a7:ba:61:08:b0:84:50:e1:52:46:02:8b:14:53: 70:75:e7:af:01:cc:f3:a4:61:97:51:31:a7:a7:59: d5:65:fc:49:18:7c:81:18:82:08:10:18:11:fd:21: d1:4d:11:c2:0c:c6:aa:a0:44:5d:a9:10:a3:38:c3: ac:26:d0:7c:7a:be:6f:38:cc:13:1e:f5:16:f5:85: 2a:90:6e:b7:01:63:ba:53:be:58:12:88:8f:4e:68: 0a:f1:c6:31:10:aa:99:e4:08:31:8b:15:31:cf:99: d7:97:e5:54:71:5b:da:9d:90:d5:a4:89:4b:3d:7e: 06:e1:f3:95:0f:f8:df:e3:18:ad:cd:ad:9b:ca:47: 59:65:34:2b:df:fc:07:7e:41:b4:e8:93:2e:1b:9e: af:fc:e8:49:86:68:30:5d:85:6d:06:26:cc:50:b4: 55:03:2a:3c:8e:74:29:73:80:40:97:2a:92:ba:de: 45:ff:fe:8b:67:b4:b0:70:91:d2:85:e6:74:12:79: 3c:65:c6:4a:83:b8:2d:aa:dc:37:8d:a0:a8:1b:ae: ee:72:50:aa:a8:be:3f:74:49:f5:7a:46:f0:ad:70: b6:7f:b5:e9:9f:95:92:c4:e3:9b:4b:a1:6a:38:f4: 93:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:BA:13:E2:87:8B:6F:EE:DE:A3:B8:E2:55:0A:AF:AC:17:44:04:86 X509v3 Authority Key Identifier: keyid:84:8A:79:AB:50:41:E7:1C:E6:22:50:B5:7F:C1:E0:F5:49:78:C9:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EC78/192EFF085DCB11EA84E02943C4F9AE02/hIp5q1BB5xzmIlC1f8Hg9Ul4yTo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 44:31:d4:2b:5e:e7:96:92:53:80:b2:be:69:9a:41:cd:d4:4c: dc:f5:4e:47:62:c0:86:a1:b2:3a:73:d9:2e:33:ce:68:2d:ff: b3:d3:46:cc:07:b0:4c:65:36:61:39:17:8b:96:05:cf:e2:3a: 72:1a:74:10:b6:fa:6f:e8:3d:38:e0:8d:90:73:10:da:d8:9d: bb:19:b8:79:51:c2:86:1b:f7:3c:a0:22:ac:26:a9:a8:80:a7: 5a:11:b8:9b:ee:1c:8b:87:5a:66:00:0a:e0:f7:af:0a:4c:b4: 25:15:f7:19:7f:8f:1a:3c:3d:4f:cd:84:72:5b:1f:bf:50:c5: df:a9:75:d1:29:14:fe:3c:b5:df:3c:0f:1e:83:e3:44:1d:30: 02:8e:29:0e:08:1b:69:1e:3a:0f:4e:4d:02:fa:03:92:17:40: 98:b8:39:a5:be:b5:dd:a5:bf:b6:d9:ca:02:4e:09:79:ed:68: 3c:99:59:68:c5:12:7c:c8:d6:1d:d5:92:d4:5b:3f:a9:bd:34: 00:44:a5:b2:ff:b6:37:14:a1:5d:8a:c6:2a:b9:ec:e2:f9:ab: f7:43:ba:7e:13:c8:d6:3d:9a:1f:50:77:94:2c:0e:83:24:ad: 8a:7c:ee:bd:40:1e:bf:f0:04:b6:fd:3d:9d:4f:36:8f:f9:46: ee:0b:ad:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCscwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEVDNzgxMTAvBgNVBAUTKDg0OEE3OUFCNTA0MUU3MUNFNjIyNTBCNTdGQzFFMEY1 NDk3OEM5M0EwHhcNMjUxMDE4MjAyNDI2WhcNMjUxMDI1MjAyNDI2WjAYMRYwFAYD VQQDEw02OGYzZjc3YS0yOWNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0hqYOlwY1KuWtQ4DV6T9p7phCLCEUOFSRgKLFFNwdeevAczzpGGXUTGnp1nV ZfxJGHyBGIIIEBgR/SHRTRHCDMaqoERdqRCjOMOsJtB8er5vOMwTHvUW9YUqkG63 AWO6U75YEoiPTmgK8cYxEKqZ5AgxixUxz5nXl+VUcVvanZDVpIlLPX4G4fOVD/jf 4xitza2bykdZZTQr3/wHfkG06JMuG56v/OhJhmgwXYVtBibMULRVAyo8jnQpc4BA lyqSut5F//6LZ7SwcJHSheZ0Enk8ZcZKg7gtqtw3jaCoG67uclCqqL4/dEn1ekbw rXC2f7Xpn5WSxOObS6FqOPSTlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDi6E+KH i2/u3qO44lUKr6wXRASGMB8GA1UdIwQYMBaAFISKeatQQecc5iJQtX/B4PVJeMk6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RUM3OC8xOTJFRkYwODVE Q0IxMUVBODRFMDI5NDNDNEY5QUUwMi9oSXA1cTFCQjV4em1JbEMxZjhIZzlVbDR5 VG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJcDVxMUJCNXh6bUlsQzFmOEhnOVVsNHlUby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RUM3OC8xOTJFRkYwODVEQ0IxMUVBODRFMDI5NDNDNEY5QUUwMi9oSXA1cTFCQjV4 em1JbEMxZjhIZzlVbDR5VG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBEMdQrXueWklOAsr5pmkHN1Ezc9U5HYsCGobI6c9kuM85oLf+z00bM B7BMZTZhOReLlgXP4jpyGnQQtvpv6D044I2QcxDa2J27Gbh5UcKGG/c8oCKsJqmo gKdaEbib7hyLh1pmAArg968KTLQlFfcZf48aPD1PzYRyWx+/UMXfqXXRKRT+PLXf PA8eg+NEHTACjikOCBtpHjoPTk0C+gOSF0CYuDmlvrXdpb+22coCTgl57Wg8mVlo xRJ8yNYd1ZLUWz+pvTQARKWy/7Y3FKFdisYquezi+av3Q7p+E8jWPZofUHeULA6D JK2KfO69QB6/8AS2/T2dTzaP+UbuC60R -----END CERTIFICATE-----Generated at Mon Oct 20 19:24:55 2025 by rpki-client