$ rpki-client -vvf rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft File: Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft (raw, json) Hash identifier: URvaBg43QduZ64wNeSO+8Jzm+QETqrQ91O4ge4piP7A= Subject key identifier: C5:6D:30:65:A9:72:E0:EA:F2:A1:75:14:38:88:C8:9B:92:B8:88:8A Authority key identifier: 43:C3:CF:11:74:BD:72:B4:34:C6:92:8B:8A:BE:BF:05:D6:31:3F:40 Certificate issuer: /CN=A9198D20/serialNumber=43C3CF1174BD72B434C6928B8ABEBF05D6313F40 Certificate serial: 0C16 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q8PPEXS9crQ0xpKLir6_BdYxP0A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft Manifest number: 0C0F Signing time: Mon 20 Oct 2025 19:24:54 +0000 Manifest this update: Mon 20 Oct 2025 19:24:53 +0000 Manifest next update: Mon 27 Oct 2025 19:24:53 +0000 Files and hashes: 1: Q8PPEXS9crQ0xpKLir6_BdYxP0A.crl (hash: 19ncHdw9LIVptOH0Q/KHO+9Uw9WguvV5Knrt2bl3RN8=) 2: EE985C561CEA11EA8B382C0BC4F9AE02.roa (hash: /clDM2qDPD5uC0RxJEAiWWigew7J9uL+PN4x0Vi4eF0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.crl rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q8PPEXS9crQ0xpKLir6_BdYxP0A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 19:24:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3094 (0xc16) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9198D20, serialNumber=43C3CF1174BD72B434C6928B8ABEBF05D6313F40 Validity Not Before: Oct 20 19:24:53 2025 GMT Not After : Oct 27 19:24:53 2025 GMT Subject: CN=68f68c86-339e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:d8:93:a6:2e:96:59:b6:65:ba:97:44:f6:cc: e8:33:ed:5e:0f:5f:ac:ba:24:d7:37:44:bb:c4:2b: 00:0d:f9:e2:0c:81:30:4c:6b:05:78:b8:db:bc:9a: b4:f7:a4:8b:d6:1f:bc:2d:d9:ca:79:69:2e:0b:61: a1:a1:ed:43:be:9b:0d:07:77:2f:7b:57:84:d2:d0: 01:48:f1:bd:87:d8:9e:a5:15:60:49:1b:9e:e1:df: dd:36:6e:ad:87:2a:55:43:a1:7d:ff:08:ba:0d:e3: 6f:a9:b9:d2:60:46:18:1f:eb:99:35:e0:ed:0f:da: 05:c0:9f:ba:7e:6b:7d:80:4b:77:93:f7:e2:99:d6: 6f:e8:e4:f7:48:95:fe:a7:d7:d2:15:d3:3a:06:b4: 7d:26:ea:56:00:fb:c2:65:2b:b1:d6:73:d2:36:b7: 00:2c:96:a5:26:1c:a5:b4:8d:4d:7c:19:06:09:1b: 9b:2c:52:5b:ec:b1:c3:0a:31:9d:ca:25:4e:24:c5: 6a:c1:db:27:55:cc:1a:83:97:fd:6c:f4:56:ee:59: da:72:c8:b0:97:54:55:d4:e5:56:5f:c6:55:bd:90: 08:8a:c8:1c:8e:cb:dc:fd:95:b8:a6:89:81:9c:23: 43:c7:c4:e6:50:19:ca:91:b8:c6:3a:71:f3:de:75: 16:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:6D:30:65:A9:72:E0:EA:F2:A1:75:14:38:88:C8:9B:92:B8:88:8A X509v3 Authority Key Identifier: keyid:43:C3:CF:11:74:BD:72:B4:34:C6:92:8B:8A:BE:BF:05:D6:31:3F:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Q8PPEXS9crQ0xpKLir6_BdYxP0A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9198D20/3F7703C21CE911EA98897487C4F9AE02/Q8PPEXS9crQ0xpKLir6_BdYxP0A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:3a:80:0d:48:e2:52:03:03:de:4d:f3:5f:79:a7:f4:05:1a: 6e:11:0c:af:ce:42:8f:17:c1:54:2d:28:61:f3:19:c2:73:c9: 38:d2:c9:fb:12:a1:59:ba:19:4b:56:3a:9e:b9:a6:02:44:03: 7e:29:ae:84:25:6c:14:e8:5b:70:d9:49:ac:f0:9d:fe:7e:75: a8:76:5b:cd:e3:d5:fc:60:28:66:96:e0:7c:bb:23:82:c5:ff: e9:70:f1:1c:16:13:d2:09:23:71:f9:5f:ce:a9:a1:e9:41:5f: 73:00:90:e8:e2:7a:f5:51:bb:eb:4c:74:f0:44:ba:bb:a5:35: 4c:bd:ac:9f:fb:11:ae:bd:fa:13:52:eb:34:e9:4b:84:f0:95: 6d:98:f8:b9:92:d7:46:c6:c9:c7:dd:3d:fc:7b:b6:b1:28:af: d2:0a:93:5f:c2:1a:56:ee:ec:aa:11:13:4e:49:66:d9:fe:03: b3:54:7d:09:e7:43:d7:a4:dc:d9:1e:c3:42:f3:fb:dd:65:fb: 85:a4:ae:90:c4:ce:70:dc:c3:68:72:1b:e1:89:13:70:29:f9: 4b:99:8b:65:43:00:eb:64:21:5d:9e:1f:92:54:92:99:77:68: ab:b8:67:1e:cc:c6:87:e3:e4:9a:0d:05:07:31:c9:fb:a1:86: 49:73:cc:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDBYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OThEMjAxMTAvBgNVBAUTKDQzQzNDRjExNzRCRDcyQjQzNEM2OTI4QjhBQkVCRjA1 RDYzMTNGNDAwHhcNMjUxMDIwMTkyNDUzWhcNMjUxMDI3MTkyNDUzWjAYMRYwFAYD VQQDEw02OGY2OGM4Ni0zMzllMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq9iTpi6WWbZlupdE9szoM+1eD1+suiTXN0S7xCsADfniDIEwTGsFeLjbvJq0 96SL1h+8LdnKeWkuC2Ghoe1DvpsNB3cve1eE0tABSPG9h9iepRVgSRue4d/dNm6t hypVQ6F9/wi6DeNvqbnSYEYYH+uZNeDtD9oFwJ+6fmt9gEt3k/fimdZv6OT3SJX+ p9fSFdM6BrR9JupWAPvCZSux1nPSNrcALJalJhyltI1NfBkGCRubLFJb7LHDCjGd yiVOJMVqwdsnVcwag5f9bPRW7lnacsiwl1RV1OVWX8ZVvZAIisgcjsvc/ZW4pomB nCNDx8TmUBnKkbjGOnHz3nUWlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMVtMGWp cuDq8qF1FDiIyJuSuIiKMB8GA1UdIwQYMBaAFEPDzxF0vXK0NMaSi4q+vwXWMT9A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OEQyMC8zRjc3MDNDMjFD RTkxMUVBOTg4OTc0ODdDNEY5QUUwMi9ROFBQRVhTOWNyUTB4cEtMaXI2X0JkWXhQ MEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1E4UFBFWFM5Y3JRMHhwS0xpcjZfQmRZeFAwQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OEQyMC8zRjc3MDNDMjFDRTkxMUVBOTg4OTc0ODdDNEY5QUUwMi9ROFBQRVhTOWNy UTB4cEtMaXI2X0JkWXhQMEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMOoANSOJSAwPeTfNfeaf0BRpuEQyvzkKPF8FULShh8xnCc8k40sn7 EqFZuhlLVjqeuaYCRAN+Ka6EJWwU6Ftw2Ums8J3+fnWodlvN49X8YChmluB8uyOC xf/pcPEcFhPSCSNx+V/OqaHpQV9zAJDo4nr1UbvrTHTwRLq7pTVMvayf+xGuvfoT Uus06UuE8JVtmPi5ktdGxsnH3T38e7axKK/SCpNfwhpW7uyqERNOSWbZ/gOzVH0J 50PXpNzZHsNC8/vdZfuFpK6QxM5w3MNochvhiRNwKflLmYtlQwDrZCFdnh+SVJKZ d2iruGcezMaH4+SaDQUHMcn7oYZJc8zr -----END CERTIFICATE-----Generated at Tue Oct 21 00:54:18 2025 by rpki-client