$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: 6aW9OX3zZDu+UG1EC/qw0EZ4jpOa6xpYjIWZ8a0LOcU= Subject key identifier: 8C:C7:6D:ED:D3:CD:73:AD:85:C9:42:2E:A9:3B:B1:1D:CC:49:1E:9C Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AD8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2BD6 Signing time: Sat 18 Oct 2025 16:12:29 +0000 Manifest this update: Sat 18 Oct 2025 16:12:28 +0000 Manifest next update: Sat 25 Oct 2025 16:12:28 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: exD+m5o1iWsB9Vylu3fyAtTXRtpp4ieFfQ+MDpjmOfI=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:12:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2776 (0xad8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Oct 18 16:12:28 2025 GMT Not After : Oct 25 16:12:28 2025 GMT Subject: CN=68f3bc6d-5fbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:05:df:66:5a:93:de:ee:13:5d:78:e5:f4:a9: 6e:61:2c:5f:bf:17:84:09:5b:d1:79:24:c0:33:5d: 4b:39:0f:3c:02:24:b8:d3:a9:a1:16:b1:95:ff:37: 5a:5c:15:a4:64:dc:9b:48:0b:07:d8:8e:a1:3a:1e: f0:9c:4d:27:d4:d0:8c:6e:2f:62:77:4d:20:89:67: 00:c5:dc:fd:2c:47:23:bd:ca:bc:9d:c7:d8:36:d4: 70:0e:c3:17:a9:ea:e7:56:c6:64:7e:d3:66:97:d6: 48:d5:8c:1a:6a:cc:d3:39:27:b5:b6:9a:8d:76:c0: de:d6:a5:51:24:4b:6f:b2:db:9d:2f:c5:ff:0e:18: f4:a0:e2:bc:76:8b:1b:8a:ba:04:44:9f:50:e8:85: d7:25:bc:16:38:c0:95:af:26:84:62:5e:b7:8d:59: 3e:bd:aa:dd:4e:64:c1:12:8e:2f:4f:82:9b:32:84: 77:ec:86:fe:0c:aa:4c:01:fd:d1:10:04:e1:a7:46: db:fe:b1:2b:3b:87:fb:c7:45:9d:3d:3e:c6:99:2d: 7e:38:a8:53:04:b9:f1:35:7c:ef:f8:b9:fe:fd:00: a0:d0:69:21:56:1d:fb:c0:1d:41:7b:e4:32:0d:24: 44:0b:f1:6a:67:33:88:d7:03:97:f6:49:11:21:26: 97:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8C:C7:6D:ED:D3:CD:73:AD:85:C9:42:2E:A9:3B:B1:1D:CC:49:1E:9C X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:1d:22:56:e5:8d:50:6e:86:92:92:e6:15:f9:c5:55:e5:21: 93:9e:28:79:d7:b0:82:2b:c1:93:3b:5f:ac:32:ac:e6:2e:48: e8:22:2b:c4:7e:a0:7a:78:3f:90:87:a7:2a:f2:e3:71:ae:18: 2e:83:c9:eb:0f:20:ab:f9:a6:40:3e:9b:18:66:3b:aa:c1:0f: 16:5c:78:c8:52:1d:9c:a7:b5:c3:97:28:07:3d:81:d8:5a:f1: d4:4d:08:3c:f7:c0:1e:c6:5d:cf:bc:2b:9f:2b:8c:9f:20:dc: 33:46:d2:be:49:99:70:12:83:10:c1:4b:7f:24:a1:79:61:ad: 0f:16:19:79:9d:eb:c6:0e:fc:00:dd:40:05:38:d4:13:e4:e4: 4c:79:37:28:4b:8b:0e:73:26:5b:62:b1:e0:04:70:18:a1:7e: 8b:31:1e:09:8b:1e:21:b0:8c:f7:92:5a:65:f1:77:ed:1e:16: 80:af:7f:25:31:e6:bc:ff:7c:8e:55:61:6a:dd:ac:a1:8e:de: 7e:0b:04:62:3f:ce:d2:de:1e:ca:a5:36:e4:ed:5a:ee:f2:e7: 43:db:84:6b:11:96:6e:5c:ee:f6:86:a0:6f:12:53:62:28:15: d2:57:20:93:38:5b:7c:6d:07:07:25:a9:15:ad:74:5f:e5:fe: 8a:11:44:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCtgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUxMDE4MTYxMjI4WhcNMjUxMDI1MTYxMjI4WjAYMRYwFAYD VQQDEw02OGYzYmM2ZC01ZmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxgXfZlqT3u4TXXjl9KluYSxfvxeECVvReSTAM11LOQ88AiS406mhFrGV/zda XBWkZNybSAsH2I6hOh7wnE0n1NCMbi9id00giWcAxdz9LEcjvcq8ncfYNtRwDsMX qernVsZkftNml9ZI1YwaaszTOSe1tpqNdsDe1qVRJEtvstudL8X/Dhj0oOK8dosb iroERJ9Q6IXXJbwWOMCVryaEYl63jVk+vardTmTBEo4vT4KbMoR37Ib+DKpMAf3R EAThp0bb/rErO4f7x0WdPT7GmS1+OKhTBLnxNXzv+Ln+/QCg0GkhVh37wB1Be+Qy DSREC/FqZzOI1wOX9kkRISaXXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIzHbe3T zXOthclCLqk7sR3MSR6cMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCHSJW5Y1QboaSkuYV+cVV5SGTnih517CCK8GTO1+sMqzmLkjoIivE fqB6eD+Qh6cq8uNxrhgug8nrDyCr+aZAPpsYZjuqwQ8WXHjIUh2cp7XDlygHPYHY WvHUTQg898Aexl3PvCufK4yfINwzRtK+SZlwEoMQwUt/JKF5Ya0PFhl5nevGDvwA 3UAFONQT5ORMeTcoS4sOcyZbYrHgBHAYoX6LMR4Jix4hsIz3klpl8XftHhaAr38l Mea8/3yOVWFq3ayhjt5+CwRiP87S3h7KpTbk7Vru8udD24RrEZZuXO72hqBvElNi KBXSVyCTOFt8bQcHJakVrXRf5f6KEURn -----END CERTIFICATE-----Generated at Mon Oct 20 13:34:16 2025 by rpki-client