$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft File: ciYIDnxlJSNDlihmsxOfAjhyxAI.mft (raw, json) Hash identifier: BtC6OS4ZzuXrCVMSMBW1il7UHiS0qEpl72xl1lSuAJw= Subject key identifier: 09:ED:A6:02:54:6A:ED:5C:BC:6D:03:1F:A1:7F:02:29:6A:9D:ED:4D Authority key identifier: 72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 Certificate issuer: /CN=A91ED596/serialNumber=7226080E7C65252343962866B3139F023872C402 Certificate serial: E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft Manifest number: DE Signing time: Sun 19 Oct 2025 08:29:56 +0000 Manifest this update: Sun 19 Oct 2025 08:29:55 +0000 Manifest next update: Sun 26 Oct 2025 08:29:55 +0000 Files and hashes: 1: ciYIDnxlJSNDlihmsxOfAjhyxAI.crl (hash: xUdTp8BC6Le/gizfj6Psxfy75od/smVvKdQ3FnCBgn8=) 2: C0C401905AE311EF90924C30C4F9AE02.roa (hash: YxY/TXb7ZV7RLnxJEIm3XTlQ67ELpalTGoTZTqConuI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:29:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 224 (0xe0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED596, serialNumber=7226080E7C65252343962866B3139F023872C402 Validity Not Before: Oct 19 08:29:55 2025 GMT Not After : Oct 26 08:29:55 2025 GMT Subject: CN=68f4a183-a3cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:36:fb:a7:27:31:13:08:f2:1b:c6:dc:92:22: 1b:1c:25:fe:70:02:20:86:75:25:0a:65:a7:76:c3: 68:7c:79:4f:6e:78:03:87:de:b7:59:fe:50:79:cb: 42:f4:43:f9:47:f8:56:22:1a:e2:6b:33:52:85:0f: fe:9c:c1:10:d9:f2:d7:2e:93:45:89:80:e6:96:9f: 3f:ee:2d:38:d5:74:f1:26:70:34:7c:f5:2f:6b:87: 65:16:a6:11:aa:73:80:53:de:10:44:32:f9:da:47: 60:10:ce:c4:4b:92:7e:ee:04:44:c0:37:85:e4:f4: de:ee:fe:96:bc:78:4f:89:74:00:33:e3:6b:70:75: 7c:61:f3:1f:73:b6:ef:9f:26:55:21:79:10:f8:61: c9:0a:11:d2:63:c1:6c:8a:7f:0d:42:60:64:d6:95: 5a:fd:f8:20:6c:cc:58:4d:e5:1c:b7:90:9b:69:b7: a3:a4:b1:ef:4b:4f:0b:f9:5e:2d:12:93:29:54:2b: ad:61:aa:6b:a8:e1:f8:dd:ea:00:a9:1c:17:d0:9f: b7:ed:45:4c:da:87:fd:4d:3d:a5:14:86:95:1c:cf: e1:c1:70:aa:1d:56:c2:87:13:da:a9:a1:6a:c2:23: cd:82:c3:d7:fb:56:01:a5:57:18:49:8c:f2:06:c4: e4:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:ED:A6:02:54:6A:ED:5C:BC:6D:03:1F:A1:7F:02:29:6A:9D:ED:4D X509v3 Authority Key Identifier: keyid:72:26:08:0E:7C:65:25:23:43:96:28:66:B3:13:9F:02:38:72:C4:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ciYIDnxlJSNDlihmsxOfAjhyxAI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED596/0DE23E165AE311EF932C232FC4F9AE02/ciYIDnxlJSNDlihmsxOfAjhyxAI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:27:e5:19:0c:7e:e5:5b:9a:c7:cd:37:f7:96:ce:6d:7a:be: 31:8d:cf:ba:e5:a4:88:bb:3f:bc:df:1a:8b:97:1c:f4:0a:b2: 12:2f:ae:4e:ca:e9:1d:21:08:65:fb:65:47:61:86:2e:6c:bf: ba:cb:90:56:79:43:ae:6b:db:83:6c:89:2a:a9:67:7f:97:3d: f1:9d:7e:5f:09:e5:18:e7:ae:c3:e8:50:3f:bc:bb:73:82:f6: f6:5e:4d:fc:14:8a:bb:de:23:9b:45:ec:87:8f:ac:c0:e6:ef: b8:73:31:9f:45:d5:e3:9b:73:7b:ea:9a:b3:bf:64:ba:e5:b8: 45:1b:72:15:3a:dd:04:10:f2:02:ab:2b:01:39:df:53:82:c6: 23:e2:72:7d:b5:23:24:5f:69:77:95:be:26:2e:4b:5d:75:2d: da:a5:0a:e5:b7:93:bc:05:66:bf:22:9a:1b:d2:e7:3a:40:79: 17:78:65:aa:eb:ba:12:9d:8d:dd:26:d2:31:6d:32:6c:2b:6f: 05:4b:5d:09:7b:83:b7:64:e8:36:c5:14:fe:82:35:22:f0:77: 49:26:fd:2e:6f:1c:b6:29:6b:e5:6e:cb:ca:6e:e0:d3:0d:c0: 61:9f:d3:9b:e2:d0:9f:fd:51:a2:a3:ac:03:b8:0b:6f:35:10: 4e:90:ae:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ1OTYxMTAvBgNVBAUTKDcyMjYwODBFN0M2NTI1MjM0Mzk2Mjg2NkIzMTM5RjAy Mzg3MkM0MDIwHhcNMjUxMDE5MDgyOTU1WhcNMjUxMDI2MDgyOTU1WjAYMRYwFAYD VQQDEw02OGY0YTE4My1hM2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApTb7pycxEwjyG8bckiIbHCX+cAIghnUlCmWndsNofHlPbngDh963Wf5QectC 9EP5R/hWIhriazNShQ/+nMEQ2fLXLpNFiYDmlp8/7i041XTxJnA0fPUva4dlFqYR qnOAU94QRDL52kdgEM7ES5J+7gREwDeF5PTe7v6WvHhPiXQAM+NrcHV8YfMfc7bv nyZVIXkQ+GHJChHSY8Fsin8NQmBk1pVa/fggbMxYTeUct5CbabejpLHvS08L+V4t EpMpVCutYaprqOH43eoAqRwX0J+37UVM2of9TT2lFIaVHM/hwXCqHVbChxPaqaFq wiPNgsPX+1YBpVcYSYzyBsTkNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAntpgJU au1cvG0DH6F/Ailqne1NMB8GA1UdIwQYMBaAFHImCA58ZSUjQ5YoZrMTnwI4csQC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDU5Ni8wREUyM0UxNjVB RTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpTTkRsaWhtc3hPZkFqaHl4 QUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NpWUlEbnhsSlNORGxpaG1zeE9mQWpoeXhBSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDU5Ni8wREUyM0UxNjVBRTMxMUVGOTMyQzIzMkZDNEY5QUUwMi9jaVlJRG54bEpT TkRsaWhtc3hPZkFqaHl4QUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/J+UZDH7lW5rHzTf3ls5ter4xjc+65aSIuz+83xqLlxz0CrISL65O yukdIQhl+2VHYYYubL+6y5BWeUOua9uDbIkqqWd/lz3xnX5fCeUY567D6FA/vLtz gvb2Xk38FIq73iObReyHj6zA5u+4czGfRdXjm3N76pqzv2S65bhFG3IVOt0EEPIC qysBOd9TgsYj4nJ9tSMkX2l3lb4mLktddS3apQrlt5O8BWa/Ipob0uc6QHkXeGWq 67oSnY3dJtIxbTJsK28FS10Je4O3ZOg2xRT+gjUi8HdJJv0ubxy2KWvlbsvKbuDT DcBhn9Ob4tCf/VGio6wDuAtvNRBOkK65 -----END CERTIFICATE-----Generated at Mon Oct 20 07:59:10 2025 by rpki-client