$ rpki-client -vvf rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft File: IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft (raw, json) Hash identifier: 9bzXVcYUbNGShBQTtngQinGEQyL713KCC8Ri2c0A4gs= Subject key identifier: D4:2C:7A:32:9B:EA:17:AD:1B:2D:D8:35:A7:0D:62:22:C8:65:1F:CA Authority key identifier: 22:45:AD:91:54:3A:DD:AD:78:12:3D:D4:15:D6:59:BB:52:D5:FB:62 Certificate issuer: /CN=A9195BA9/serialNumber=2245AD91543ADDAD78123DD415D659BB52D5FB62 Certificate serial: 0A0D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft Manifest number: 0A01 Signing time: Sat 18 Oct 2025 20:51:24 +0000 Manifest this update: Sat 18 Oct 2025 20:51:23 +0000 Manifest next update: Sat 25 Oct 2025 20:51:23 +0000 Files and hashes: 1: IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl (hash: gZkWzBSqpHS3pQipxe49SJAn442pgtRngFnFODZ/5Rs=) 2: 543CDDF0839011EAB5B82263C4F9AE02.roa (hash: PG+DCY3DsnT1DiiJh/CX8LITvJqbEq/+Av+Qqgc42Yc=) 3: 54DD69FA839011EAB5B82263C4F9AE02.roa (hash: YJ7W6HYFgOqdoVWF2hJtmCaUJf59puKnAmoMTngU5VA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 20:51:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2573 (0xa0d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9195BA9, serialNumber=2245AD91543ADDAD78123DD415D659BB52D5FB62 Validity Not Before: Oct 18 20:51:23 2025 GMT Not After : Oct 25 20:51:23 2025 GMT Subject: CN=68f3fdcc-f1b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:33:ac:a7:8f:ab:a1:a9:3d:5c:2e:d5:28:d7: fd:f2:be:a0:b3:70:14:30:8f:68:38:1c:15:73:82: 19:5c:51:5c:fe:5d:6f:32:c2:d2:83:99:0e:59:e7: 65:c6:43:05:4a:fe:f5:19:e1:a9:c6:3e:9c:2e:6a: 7a:bf:dc:c9:41:7e:54:cd:7d:d1:6a:a2:93:fe:40: 10:11:90:1a:1f:fb:aa:8a:10:7d:8a:95:cf:80:c9: e2:8d:ba:d1:bf:2b:03:fc:da:b9:a3:b7:6f:d9:d7: 9a:a9:ec:53:5f:14:a9:ed:9c:66:c5:88:3d:41:f1: c5:2f:9e:7e:67:88:10:bc:53:47:08:36:39:0f:dd: 6f:c0:5e:b2:f1:b6:58:8a:ca:7e:55:06:66:44:6b: 04:ec:87:0a:44:7e:f0:24:c1:7a:05:46:44:3d:d9: 6e:9d:87:eb:0a:7c:2f:3e:c8:cb:ef:cc:02:b4:6e: 57:54:e4:6a:80:93:bc:85:e8:b9:4c:b7:0a:22:8b: dd:c9:59:c7:dc:51:fa:6c:79:8b:59:f4:cb:db:a3: 7e:e5:d8:b6:bf:52:9e:38:36:52:39:ea:b1:36:9d: cd:c5:76:bf:05:d4:a0:6b:6e:a7:e1:b4:2a:2c:e0: 7b:55:8e:6b:b4:6c:a7:0f:d7:71:aa:77:f8:9c:8e: c0:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:2C:7A:32:9B:EA:17:AD:1B:2D:D8:35:A7:0D:62:22:C8:65:1F:CA X509v3 Authority Key Identifier: keyid:22:45:AD:91:54:3A:DD:AD:78:12:3D:D4:15:D6:59:BB:52:D5:FB:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IkWtkVQ63a14Ej3UFdZZu1LV-2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9195BA9/D891478C838E11EA8CEA0960C4F9AE02/IkWtkVQ63a14Ej3UFdZZu1LV-2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:f5:e0:30:06:9e:2b:b8:92:e2:db:b6:4a:5a:f0:f6:7c:85: 96:ca:75:6a:30:a5:70:54:fe:27:d9:28:9e:38:aa:51:61:2a: 60:bd:4c:85:81:d0:17:4f:19:1e:7b:43:36:9c:a0:26:e9:31: 11:ce:0c:b3:54:7e:fe:63:b2:20:a0:b6:cb:ea:4b:d7:be:a7: 66:58:64:1d:9d:91:12:29:92:2d:9c:9d:e5:e5:5f:74:19:99: 21:3c:a3:b9:f6:0c:28:94:66:d7:a1:34:09:86:5a:11:7f:5a: 8b:44:2e:90:b6:40:99:af:a9:e1:f1:9f:0f:02:4c:03:ea:be: e1:81:80:76:8f:44:30:81:86:cc:40:a8:0d:fc:b2:0f:0c:58: 4d:c3:df:e5:c7:a6:a2:b6:e0:3c:df:12:f1:07:a4:21:23:49: 4c:fc:9b:cd:18:88:cd:df:e5:6a:e8:cc:b1:77:05:71:db:eb: 02:91:91:f7:5d:73:9e:06:98:2f:84:44:5f:98:75:c0:b3:72: a2:d1:ff:51:0d:99:00:09:bd:e2:0d:3a:f4:54:bb:3c:c7:ae: 8a:22:50:93:98:06:cd:1e:a9:8a:d9:d3:1f:b5:52:c2:c8:13: 69:ad:5b:9c:89:b1:32:8e:a4:c6:f2:22:48:c8:4e:6d:ef:be: 28:6b:eb:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTVCQTkxMTAvBgNVBAUTKDIyNDVBRDkxNTQzQUREQUQ3ODEyM0RENDE1RDY1OUJC NTJENUZCNjIwHhcNMjUxMDE4MjA1MTIzWhcNMjUxMDI1MjA1MTIzWjAYMRYwFAYD VQQDEw02OGYzZmRjYy1mMWIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtDOsp4+roak9XC7VKNf98r6gs3AUMI9oOBwVc4IZXFFc/l1vMsLSg5kOWedl xkMFSv71GeGpxj6cLmp6v9zJQX5UzX3RaqKT/kAQEZAaH/uqihB9ipXPgMnijbrR vysD/Nq5o7dv2deaqexTXxSp7ZxmxYg9QfHFL55+Z4gQvFNHCDY5D91vwF6y8bZY isp+VQZmRGsE7IcKRH7wJMF6BUZEPdlunYfrCnwvPsjL78wCtG5XVORqgJO8hei5 TLcKIovdyVnH3FH6bHmLWfTL26N+5di2v1KeODZSOeqxNp3NxXa/BdSga26n4bQq LOB7VY5rtGynD9dxqnf4nI7ANQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNQsejKb 6hetGy3YNacNYiLIZR/KMB8GA1UdIwQYMBaAFCJFrZFUOt2teBI91BXWWbtS1fti MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NUJBOS9EODkxNDc4Qzgz OEUxMUVBOENFQTA5NjBDNEY5QUUwMi9Ja1d0a1ZRNjNhMTRFajNVRmRaWnUxTFYt MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lrV3RrVlE2M2ExNEVqM1VGZFpadTFMVi0ySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NUJBOS9EODkxNDc4QzgzOEUxMUVBOENFQTA5NjBDNEY5QUUwMi9Ja1d0a1ZRNjNh MTRFajNVRmRaWnUxTFYtMkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDQ9eAwBp4ruJLi27ZKWvD2fIWWynVqMKVwVP4n2SieOKpRYSpgvUyF gdAXTxkee0M2nKAm6TERzgyzVH7+Y7IgoLbL6kvXvqdmWGQdnZESKZItnJ3l5V90 GZkhPKO59gwolGbXoTQJhloRf1qLRC6QtkCZr6nh8Z8PAkwD6r7hgYB2j0QwgYbM QKgN/LIPDFhNw9/lx6aituA83xLxB6QhI0lM/JvNGIjN3+Vq6MyxdwVx2+sCkZH3 XXOeBpgvhERfmHXAs3Ki0f9RDZkACb3iDTr0VLs8x66KIlCTmAbNHqmK2dMftVLC yBNprVucibEyjqTG8iJIyE5t774oa+vE -----END CERTIFICATE-----Generated at Mon Oct 20 19:48:00 2025 by rpki-client