$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft File: Ikchh2oR4tOkuYshvIT3jmT-yEY.mft (raw, json) Hash identifier: 2Fo4Rt8A1AplR7j96O7x/0WW9biIuZ61sAL1CFmRBO0= Subject key identifier: 7A:14:13:7C:0A:30:5D:49:66:B1:E5:47:DF:15:46:A2:5B:3D:4E:72 Authority key identifier: 22:47:21:87:6A:11:E2:D3:A4:B9:8B:21:BC:84:F7:8E:64:FE:C8:46 Certificate issuer: /CN=A91CEE6D/serialNumber=224721876A11E2D3A4B98B21BC84F78E64FEC846 Certificate serial: 11 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft Manifest number: 10 Signing time: Sun 19 Oct 2025 11:31:50 +0000 Manifest this update: Sun 19 Oct 2025 11:31:49 +0000 Manifest next update: Sun 26 Oct 2025 11:31:49 +0000 Files and hashes: 1: Ikchh2oR4tOkuYshvIT3jmT-yEY.crl (hash: jd+t2fH9aWR4G7UiUqlMoBAm1bKRipnYJ6jc4xGgK1c=) 2: 09F2A296A02E11F08BC71221C4F9AE02.roa (hash: 6x2cZtG1O8RYzD8OGoXsH+NShNfzIbk96k46lysq5xU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.crl rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:31:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 17 (0x11) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEE6D, serialNumber=224721876A11E2D3A4B98B21BC84F78E64FEC846 Validity Not Before: Oct 19 11:31:49 2025 GMT Not After : Oct 26 11:31:49 2025 GMT Subject: CN=68f4cc25-cad4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:5c:e3:25:36:55:29:7e:86:c5:3c:16:a1:e3: 34:a2:c6:7d:ac:81:fc:f6:2b:ed:27:16:07:41:be: 53:16:5b:85:42:db:d0:4e:3a:f4:f2:16:cd:d9:70: c6:32:3e:7d:40:eb:b2:e7:e7:7f:5f:9c:63:aa:45: 3d:d9:06:77:81:a0:9b:01:fe:bc:0e:06:28:0b:6f: f5:66:e1:f0:46:c2:0c:75:7f:fa:57:79:ac:81:16: 5f:17:ef:ca:44:60:fb:02:b0:a6:44:e1:cd:0b:3b: 6c:5c:9d:d1:1c:e6:9c:0c:ca:aa:a5:22:c9:77:cd: ac:c7:f5:de:fe:1e:3f:1c:fc:a2:8f:fd:e1:2d:91: e6:53:2e:8d:b4:76:1f:b1:9a:b9:20:27:d3:79:68: ff:a6:18:85:26:55:2e:2b:fa:88:9b:94:ea:bc:af: d7:e5:72:1a:d9:6f:50:40:3f:a6:dd:d5:c1:e9:bd: 9e:75:a4:e9:17:d2:d8:cb:a1:fc:f5:69:63:28:aa: 00:0b:01:18:66:98:c7:d0:60:7f:b2:57:9b:65:5a: e7:a1:d4:79:4c:d4:0e:af:1d:cf:8e:bf:6e:45:c3: e6:d3:e6:e7:42:f0:ae:e2:fd:b2:e7:5e:3f:00:b3: 71:fd:3a:b9:74:df:18:c1:a6:ff:b9:f2:d8:d0:76: f1:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:14:13:7C:0A:30:5D:49:66:B1:E5:47:DF:15:46:A2:5B:3D:4E:72 X509v3 Authority Key Identifier: keyid:22:47:21:87:6A:11:E2:D3:A4:B9:8B:21:BC:84:F7:8E:64:FE:C8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:7d:ec:60:0c:b1:7d:0a:36:ac:c1:0e:89:a4:64:4a:f0:cc: 8c:52:bf:3f:57:45:60:6a:cb:91:b1:b6:0e:e3:38:3a:91:88: 13:d4:e3:1c:91:45:ea:4f:0a:ab:eb:8c:c7:31:c5:28:66:e9: 9e:1e:4e:c5:74:85:af:e4:df:88:a6:46:8a:f3:cc:7f:82:69: 9b:79:6a:74:73:f2:fd:6b:f8:6d:91:ff:5f:33:3a:98:c1:87: 0b:eb:80:f9:5a:d1:3e:13:81:e2:ea:10:24:d3:f7:fd:c5:de: c9:78:c3:f2:8d:b4:8f:e9:70:05:47:b7:f0:ad:55:35:4e:a3: ec:8d:70:b7:cd:c7:0b:9c:3d:5d:c1:f2:61:e4:fb:5b:ac:6f: c4:ad:f6:4f:0e:bd:4b:9d:f6:7b:23:01:af:d8:30:b7:20:b9: 5b:f5:05:7d:54:fd:72:11:9e:8d:e7:e3:74:5b:09:93:02:a2: 35:a7:4b:3a:cd:df:40:74:b4:88:3d:d6:29:6a:e1:ad:4f:bb: 76:31:a4:04:03:63:a1:1d:bc:3e:9c:2d:a5:a6:69:3c:eb:6a: 17:43:db:2a:ab:a4:f9:b1:e1:2b:08:e2:8f:35:f7:d1:ce:6c: 95:f3:04:70:d1:43:79:b1:11:89:0d:1e:a0:85:8b:f7:94:f9: 9f:9d:5d:80 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBETANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RUU2RDExMC8GA1UEBRMoMjI0NzIxODc2QTExRTJEM0E0Qjk4QjIxQkM4NEY3OEU2 NEZFQzg0NjAeFw0yNTEwMTkxMTMxNDlaFw0yNTEwMjYxMTMxNDlaMBgxFjAUBgNV BAMTDTY4ZjRjYzI1LWNhZDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDmXOMlNlUpfobFPBah4zSixn2sgfz2K+0nFgdBvlMWW4VC29BOOvTyFs3ZcMYy Pn1A67Ln539fnGOqRT3ZBneBoJsB/rwOBigLb/Vm4fBGwgx1f/pXeayBFl8X78pE YPsCsKZE4c0LO2xcndEc5pwMyqqlIsl3zazH9d7+Hj8c/KKP/eEtkeZTLo20dh+x mrkgJ9N5aP+mGIUmVS4r+oiblOq8r9flchrZb1BAP6bd1cHpvZ51pOkX0tjLofz1 aWMoqgALARhmmMfQYH+yV5tlWueh1HlM1A6vHc+Ov25Fw+bT5udC8K7i/bLnXj8A s3H9Orl03xjBpv+58tjQdvFXAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUehQTfAow XUlmseVH3xVGols9TnIwHwYDVR0jBBgwFoAUIkchh2oR4tOkuYshvIT3jmT+yEYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFRTZELzUxMTEwQUZFOTc2 NTExRjA5MjNBNjcwQ0M0RjlBRTAyL0lrY2hoMm9SNHRPa3VZc2h2SVQzam1ULXlF WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWtjaGgyb1I0dE9rdVlzaHZJVDNqbVQteUVZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF RTZELzUxMTEwQUZFOTc2NTExRjA5MjNBNjcwQ0M0RjlBRTAyL0lrY2hoMm9SNHRP a3VZc2h2SVQzam1ULXlFWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAL197GAMsX0KNqzBDomkZErwzIxSvz9XRWBqy5Gxtg7jODqRiBPU4xyR RepPCqvrjMcxxShm6Z4eTsV0ha/k34imRorzzH+CaZt5anRz8v1r+G2R/18zOpjB hwvrgPla0T4TgeLqECTT9/3F3sl4w/KNtI/pcAVHt/CtVTVOo+yNcLfNxwucPV3B 8mHk+1usb8St9k8OvUud9nsjAa/YMLcguVv1BX1U/XIRno3n43RbCZMCojWnSzrN 30B0tIg91ilq4a1Pu3YxpAQDY6EdvD6cLaWmaTzrahdD2yqrpPmx4SsI4o8199HO bJXzBHDRQ3mxEYkNHqCFi/eU+Z+dXYA= -----END CERTIFICATE-----Generated at Mon Oct 20 17:59:14 2025 by rpki-client