$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft File: CB6icKn0s2sOyJai0hSO5Ok-Xys.mft (raw, json) Hash identifier: fjcKiOupZn+nIe5eg5ee1NGXjQXiTD05ZoK8uVnmX0Q= Subject key identifier: 9E:80:C1:44:6C:F1:80:E3:F4:DC:1F:62:31:A5:42:6E:1C:D4:CA:6D Authority key identifier: 08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B Certificate issuer: /CN=A91BB921/serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Certificate serial: 0173 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft Manifest number: 0171 Signing time: Sun 19 Oct 2025 06:29:09 +0000 Manifest this update: Sun 19 Oct 2025 06:29:09 +0000 Manifest next update: Sun 26 Oct 2025 06:29:09 +0000 Files and hashes: 1: CB6icKn0s2sOyJai0hSO5Ok-Xys.crl (hash: +mi/oXHbSuBpQtw45Cf6rUIM14ghFNZV5I6NU8Bp9hk=) 2: 5A387584756311EEA256FD57C4F9AE02.roa (hash: UFjrfeuvHWS1oxtfXr6IVRfPvTnGzzV9TdVJHu2o8cI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:29:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 371 (0x173) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB921, serialNumber=081EA270A9F4B36B0EC896A2D2148EE4E93E5F2B Validity Not Before: Oct 19 06:29:09 2025 GMT Not After : Oct 26 06:29:09 2025 GMT Subject: CN=68f48535-beac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:6f:62:4b:dc:cd:1d:cd:39:d5:a1:2e:95:a4: ea:01:dc:48:84:b6:01:d0:79:a9:f5:8d:d6:77:15: 59:1f:dd:db:84:60:61:53:ce:c1:a4:86:4a:c0:77: 63:dd:ab:46:07:b7:d0:2e:f9:1c:bc:55:07:b4:1c: 6d:a2:6c:b7:34:8c:55:4f:76:8c:35:7d:ae:9c:5b: 6c:06:2d:93:9f:2f:60:ee:c2:83:b1:c4:82:a3:76: ba:cc:39:28:d5:99:bf:74:7f:2c:49:77:09:97:33: 3d:a4:0a:95:78:51:08:82:c3:96:84:4d:d2:4f:eb: e7:05:e2:f5:1e:3b:8e:3f:c5:25:c4:b9:86:a4:fb: 5b:68:9c:25:61:e2:e3:33:3c:85:ba:01:da:17:b1: 6e:d6:d1:93:c5:0a:c9:d7:09:a8:e5:64:37:e5:94: 81:8d:49:d6:02:24:e2:29:f4:de:35:9b:25:58:17: 60:2a:01:80:88:09:0a:e0:07:60:8a:48:16:76:92: 65:39:d7:34:56:b4:f9:e7:07:69:0d:a4:18:f2:b6: c7:ca:34:45:43:47:9c:c0:e6:a9:9f:86:9d:47:ee: aa:b4:cb:6d:06:a3:97:ee:bd:ba:82:c8:7c:86:42: 76:e9:73:b6:c3:e3:a2:93:8b:df:89:ce:74:46:78: 24:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:80:C1:44:6C:F1:80:E3:F4:DC:1F:62:31:A5:42:6E:1C:D4:CA:6D X509v3 Authority Key Identifier: keyid:08:1E:A2:70:A9:F4:B3:6B:0E:C8:96:A2:D2:14:8E:E4:E9:3E:5F:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CB6icKn0s2sOyJai0hSO5Ok-Xys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB921/DDB8E14C756211EEBB825257C4F9AE02/CB6icKn0s2sOyJai0hSO5Ok-Xys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:7a:59:f3:3a:29:c5:45:fc:74:fa:49:38:0c:36:52:c3:c9: 8f:88:78:13:10:90:67:5a:f9:45:b8:d0:89:f9:fe:5d:48:d1: b4:df:53:e6:4f:32:1b:1f:8f:ad:df:6c:d2:45:13:fa:75:bf: 53:aa:26:46:9b:dd:b4:75:02:5e:ab:4c:08:f8:50:3b:e2:8b: 47:b4:4e:74:84:5b:a2:82:be:b8:cc:61:84:92:70:56:fa:6d: ad:9d:c1:07:46:51:34:22:1c:2b:da:b3:05:ef:00:49:c3:f1: 82:7b:31:a3:42:33:1b:98:9f:ab:67:81:86:2e:7f:76:23:ab: 17:52:b1:fa:90:33:1a:96:99:cd:a5:31:0a:54:d2:1a:74:eb: fe:02:67:cb:4a:c1:63:bc:df:a0:31:df:c1:3b:cd:e0:a1:54: 09:80:d3:af:6f:80:db:a5:3a:5c:8e:33:db:58:0c:12:2a:9a: 73:56:97:76:b4:cd:cd:38:79:a2:b5:46:00:07:2c:b7:8b:07: 44:6f:73:9c:2c:9e:05:e0:ed:3d:68:e7:07:1d:c1:51:50:a6: 70:96:eb:83:79:f3:e0:bf:a7:67:a3:8c:98:e1:4c:82:53:ae: 30:c7:ae:aa:b8:65:95:74:ce:03:dc:9a:46:c0:29:5c:28:78: 98:ab:35:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI5MjExMTAvBgNVBAUTKDA4MUVBMjcwQTlGNEIzNkIwRUM4OTZBMkQyMTQ4RUU0 RTkzRTVGMkIwHhcNMjUxMDE5MDYyOTA5WhcNMjUxMDI2MDYyOTA5WjAYMRYwFAYD VQQDEw02OGY0ODUzNS1iZWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApm9iS9zNHc051aEulaTqAdxIhLYB0Hmp9Y3WdxVZH93bhGBhU87BpIZKwHdj 3atGB7fQLvkcvFUHtBxtomy3NIxVT3aMNX2unFtsBi2Tny9g7sKDscSCo3a6zDko 1Zm/dH8sSXcJlzM9pAqVeFEIgsOWhE3ST+vnBeL1HjuOP8UlxLmGpPtbaJwlYeLj MzyFugHaF7Fu1tGTxQrJ1wmo5WQ35ZSBjUnWAiTiKfTeNZslWBdgKgGAiAkK4Adg ikgWdpJlOdc0VrT55wdpDaQY8rbHyjRFQ0ecwOapn4adR+6qtMttBqOX7r26gsh8 hkJ26XO2w+Oik4vfic50RngkqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ6AwURs 8YDj9NwfYjGlQm4c1MptMB8GA1UdIwQYMBaAFAgeonCp9LNrDsiWotIUjuTpPl8r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjkyMS9EREI4RTE0Qzc1 NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMyc095SmFpMGhTTzVPay1Y eXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NCNmljS24wczJzT3lKYWkwaFNPNU9rLVh5cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjkyMS9EREI4RTE0Qzc1NjIxMUVFQkI4MjUyNTdDNEY5QUUwMi9DQjZpY0tuMHMy c095SmFpMGhTTzVPay1YeXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3elnzOinFRfx0+kk4DDZSw8mPiHgTEJBnWvlFuNCJ+f5dSNG031Pm TzIbH4+t32zSRRP6db9TqiZGm920dQJeq0wI+FA74otHtE50hFuigr64zGGEknBW +m2tncEHRlE0Ihwr2rMF7wBJw/GCezGjQjMbmJ+rZ4GGLn92I6sXUrH6kDMalpnN pTEKVNIadOv+AmfLSsFjvN+gMd/BO83goVQJgNOvb4DbpTpcjjPbWAwSKppzVpd2 tM3NOHmitUYAByy3iwdEb3OcLJ4F4O09aOcHHcFRUKZwluuDefPgv6dno4yY4UyC U64wx66quGWVdM4D3JpGwClcKHiYqzUC -----END CERTIFICATE-----Generated at Mon Oct 20 11:32:27 2025 by rpki-client