$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft File: cn1G1OfHecpnYSxgtGVS68IZkPs.mft (raw, json) Hash identifier: BOHMfy5ZvorsnJUKljYs6V+SdqXteXlFwfL4GA9NKto= Subject key identifier: B3:52:D2:A7:16:04:55:24:40:B5:1A:39:B6:B4:17:03:E3:0C:94:4F Authority key identifier: 72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB Certificate issuer: /CN=A91D4D97/serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Certificate serial: 0499 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft Manifest number: 0494 Signing time: Sun 19 Oct 2025 01:50:47 +0000 Manifest this update: Sun 19 Oct 2025 01:50:47 +0000 Manifest next update: Sun 26 Oct 2025 01:50:47 +0000 Files and hashes: 1: cn1G1OfHecpnYSxgtGVS68IZkPs.crl (hash: cvkDu6CcSiahJz/4/HS/9EhcFKecrB6NMGpQtkYEkNU=) 2: A9E2BE54567B11ECB346816BC4F9AE02.roa (hash: 6npCQGD8mKRcXKLy4jKCYWBhRpmmG05TZblrhBE83zM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:50:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1177 (0x499) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4D97, serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Validity Not Before: Oct 19 01:50:47 2025 GMT Not After : Oct 26 01:50:47 2025 GMT Subject: CN=68f443f7-cc01 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2e:94:00:ba:1d:a5:5a:12:13:6b:0a:65:ee: e2:80:4e:c9:d9:ba:d3:8b:bf:e7:c3:fb:7a:98:68: fd:97:0b:15:7b:70:90:51:d4:4d:31:e3:d6:9b:b3: 65:6d:c2:3b:2c:59:41:c0:74:21:cd:87:11:14:b9: 6b:43:30:07:93:bb:6c:b0:93:3f:56:cc:fd:70:5d: 79:07:ee:36:dd:fd:47:15:08:a1:dc:25:45:b9:db: 5a:84:6b:39:c8:28:ea:2b:e0:02:4a:db:00:10:69: 25:ff:ff:91:80:80:50:10:b7:57:8b:a3:a0:8d:ec: 7e:ae:9a:d0:ab:be:a0:86:07:46:34:01:5b:cd:6c: d1:01:8c:fd:8e:54:13:ac:86:fa:23:e1:61:ab:c2: c2:2f:a9:00:7c:40:37:2a:15:e4:1f:c8:76:4d:f3: 5b:85:06:66:bc:47:fd:6c:94:9a:05:22:14:f7:e0: 5f:c0:ec:a3:99:53:3f:83:8a:85:6f:83:46:e6:6f: 0e:07:4a:c5:b0:7d:a1:0d:f1:50:24:a3:f3:03:b1: 98:b2:94:18:ee:90:e9:23:08:08:45:4c:45:12:af: 7a:f3:34:ef:ac:23:cd:7c:d5:7e:da:ac:c6:6f:45: c8:58:42:c0:c9:6c:93:66:ac:d1:08:7b:2e:0c:6b: f0:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:52:D2:A7:16:04:55:24:40:B5:1A:39:B6:B4:17:03:E3:0C:94:4F X509v3 Authority Key Identifier: keyid:72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:e0:b0:82:b6:b1:f2:3c:b8:5d:14:9d:c4:d2:28:4c:40:60: ee:8d:fb:10:e5:0b:72:e9:28:b5:d4:09:32:5b:3a:d8:d5:84: 32:5e:90:a1:e1:be:eb:c3:1a:ea:20:ba:44:95:64:5b:02:01: f2:2d:06:ec:35:e3:54:9b:59:72:f9:16:4e:68:93:d9:37:ef: 49:cd:df:1b:34:d7:da:90:d0:0c:5e:c5:f7:82:30:e1:2b:9e: df:1f:ac:5a:0e:8e:a6:42:1d:2b:16:ff:da:ef:e6:09:8f:d7: eb:11:0b:a2:31:f7:04:2f:bd:da:c0:89:2c:89:04:1b:3c:e3: 80:ab:e5:aa:f6:c9:2c:0a:b4:05:65:c7:38:44:f5:1e:37:2d: fa:e0:83:2e:85:7c:2a:21:0d:74:b9:33:7e:98:4f:6f:2a:99: cb:85:b1:90:9b:3c:78:91:a3:0f:6b:a9:81:ae:65:ac:d8:c2: dc:ae:d1:39:04:e6:fb:d7:30:94:6e:e9:d6:54:da:32:d5:20: c5:fa:b8:25:43:9c:04:a4:19:88:40:a9:07:48:4a:70:25:34: 6b:9c:82:10:39:46:d5:bc:74:ec:5f:37:64:8e:3b:fb:7f:48: 58:e4:33:35:bc:50:56:11:9e:65:cb:aa:33:71:5b:5e:0f:f5: a4:cc:3b:a8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBJkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDREOTcxMTAvBgNVBAUTKDcyN0Q0NkQ0RTdDNzc5Q0E2NzYxMkM2MEI0NjU1MkVC QzIxOTkwRkIwHhcNMjUxMDE5MDE1MDQ3WhcNMjUxMDI2MDE1MDQ3WjAYMRYwFAYD VQQDEw02OGY0NDNmNy1jYzAxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsi6UALodpVoSE2sKZe7igE7J2brTi7/nw/t6mGj9lwsVe3CQUdRNMePWm7Nl bcI7LFlBwHQhzYcRFLlrQzAHk7tssJM/Vsz9cF15B+423f1HFQih3CVFudtahGs5 yCjqK+ACStsAEGkl//+RgIBQELdXi6Ogjex+rprQq76ghgdGNAFbzWzRAYz9jlQT rIb6I+Fhq8LCL6kAfEA3KhXkH8h2TfNbhQZmvEf9bJSaBSIU9+BfwOyjmVM/g4qF b4NG5m8OB0rFsH2hDfFQJKPzA7GYspQY7pDpIwgIRUxFEq968zTvrCPNfNV+2qzG b0XIWELAyWyTZqzRCHsuDGvw1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLNS0qcW BFUkQLUaOba0FwPjDJRPMB8GA1UdIwQYMBaAFHJ9RtTnx3nKZ2EsYLRlUuvCGZD7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEQ5Ny8xRjYxNDZFMDU2 NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVjcG5ZU3hndEdWUzY4SVpr UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuMUcxT2ZIZWNwbllTeGd0R1ZTNjhJWmtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEQ5Ny8xRjYxNDZFMDU2NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVj cG5ZU3hndEdWUzY4SVprUHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+4LCCtrHyPLhdFJ3E0ihMQGDujfsQ5Qty6Si11AkyWzrY1YQyXpCh 4b7rwxrqILpElWRbAgHyLQbsNeNUm1ly+RZOaJPZN+9Jzd8bNNfakNAMXsX3gjDh K57fH6xaDo6mQh0rFv/a7+YJj9frEQuiMfcEL73awIksiQQbPOOAq+Wq9sksCrQF Zcc4RPUeNy364IMuhXwqIQ10uTN+mE9vKpnLhbGQmzx4kaMPa6mBrmWs2MLcrtE5 BOb71zCUbunWVNoy1SDF+rglQ5wEpBmIQKkHSEpwJTRrnIIQOUbVvHTsXzdkjjv7 f0hY5DM1vFBWEZ5ly6ozcVteD/WkzDuo -----END CERTIFICATE-----Generated at Mon Oct 20 09:36:49 2025 by rpki-client