$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: zRK7+RyWFrZhKnv4QOwfsy/aqvVq4BCft7iuDkTXdPo= Subject key identifier: A5:73:42:98:92:FB:BE:94:2C:81:02:AE:39:14:AE:41:EF:22:A0:5B Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0CA7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C96 Signing time: Mon 20 Oct 2025 19:00:23 +0000 Manifest this update: Mon 20 Oct 2025 19:00:22 +0000 Manifest next update: Mon 27 Oct 2025 19:00:22 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: J51nE3eFa9CSWb2WOjFQxQSISziRepUEhbQvzawJ2r4=) 2: 2CF214DC93A611F0B9B44571C4F9AE02.roa (hash: gDTlO8JdKBOhrYpdJ9YbTAbJbDClxcUd9QV6sNxI620=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:23:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3239 (0xca7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Oct 20 19:00:22 2025 GMT Not After : Oct 27 19:00:22 2025 GMT Subject: CN=68f686c7-5a2e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:de:30:23:5d:cd:1a:6e:dd:33:73:a1:16:e4: aa:d7:1f:e1:20:dd:21:ce:4e:6c:a7:fd:7c:79:76: 1b:86:fd:7b:93:88:bf:c2:d2:57:03:2b:07:df:0f: 3d:d8:22:83:e0:05:a2:60:24:7a:70:3d:a1:2d:96: 4a:60:51:47:d3:d5:ab:33:c6:8e:c0:23:28:1b:a1: 75:90:3e:19:82:24:b8:13:32:ed:06:3a:97:45:ec: 75:20:93:68:c4:18:1e:ce:f9:98:53:63:58:42:ba: 8f:c2:2d:06:d0:1c:f9:f5:bf:9b:56:43:70:25:f5: 14:0c:81:ce:00:4e:52:ba:71:04:e0:24:79:bb:f1: 87:15:51:0a:8f:ed:eb:67:a3:fd:40:49:f4:f4:56: 73:b1:de:93:72:da:f1:6e:74:96:38:ac:96:83:9d: f4:76:49:66:3a:0a:2a:78:33:5e:e3:5d:61:dc:de: 4a:04:6f:ce:14:30:03:74:3c:a6:85:d8:bc:35:0b: ed:6b:16:c9:05:44:56:33:cc:f7:6a:e3:57:ee:27: cb:40:d0:9c:4f:6e:97:02:0a:5f:e9:03:e5:cd:5d: 79:b4:90:d1:5c:fb:00:24:1d:fc:81:e0:c3:6d:71: 8c:de:72:ea:84:0d:8e:5f:03:e8:c1:cf:ca:b8:e7: 2e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:73:42:98:92:FB:BE:94:2C:81:02:AE:39:14:AE:41:EF:22:A0:5B X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:c5:5f:a2:b0:bf:ad:12:10:e8:0b:b0:29:c1:12:22:d8:8f: 84:0a:13:7c:46:d3:4e:4b:e6:6e:65:b1:a5:0f:7f:65:83:aa: 69:df:89:e9:b4:bd:3b:bc:14:f0:b4:60:77:66:67:d3:ee:d4: 4a:b7:86:b3:1e:82:1b:34:ed:37:da:69:6b:5a:1a:7b:89:4a: 60:d4:48:2b:6e:77:a6:6b:d7:a4:fd:b2:59:c3:55:a3:11:4d: 5e:a6:85:ee:7e:3a:81:3f:33:30:38:99:c0:24:ce:ac:ff:ed: 0f:59:f9:0f:16:76:e6:42:3f:ce:93:f4:ef:86:49:b1:cf:f0: 9c:2f:4d:6c:a2:f5:83:8f:e0:77:e3:e6:e8:8d:60:0f:da:f4: 9f:ae:25:c6:94:cc:81:97:2b:fb:76:71:d5:cf:17:b0:e8:e1: 5d:b2:bb:db:82:7f:a9:15:68:0e:bd:b8:80:4b:77:a6:90:7c: 67:9a:cd:46:fe:c1:49:df:5a:60:78:91:24:0a:f7:d1:fb:e7: a1:0b:5c:4b:a6:a3:79:26:d5:63:d6:93:c9:be:1f:fc:2f:e3: d0:bc:ba:bc:a0:c7:74:30:20:33:4d:08:b3:ba:7d:ea:7d:19: 89:15:d3:4e:ff:57:b7:d2:79:c5:dc:48:ca:b8:a8:eb:6b:aa: 5d:10:e6:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUxMDIwMTkwMDIyWhcNMjUxMDI3MTkwMDIyWjAYMRYwFAYD VQQDEw02OGY2ODZjNy01YTJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmd4wI13NGm7dM3OhFuSq1x/hIN0hzk5sp/18eXYbhv17k4i/wtJXAysH3w89 2CKD4AWiYCR6cD2hLZZKYFFH09WrM8aOwCMoG6F1kD4ZgiS4EzLtBjqXRex1IJNo xBgezvmYU2NYQrqPwi0G0Bz59b+bVkNwJfUUDIHOAE5SunEE4CR5u/GHFVEKj+3r Z6P9QEn09FZzsd6TctrxbnSWOKyWg530dklmOgoqeDNe411h3N5KBG/OFDADdDym hdi8NQvtaxbJBURWM8z3auNX7ifLQNCcT26XAgpf6QPlzV15tJDRXPsAJB38geDD bXGM3nLqhA2OXwPowc/KuOcuVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKVzQpiS +76ULIECrjkUrkHvIqBbMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpxV+isL+tEhDoC7ApwRIi2I+EChN8RtNOS+ZuZbGlD39lg6pp34np tL07vBTwtGB3ZmfT7tRKt4azHoIbNO032mlrWhp7iUpg1Egrbnema9ek/bJZw1Wj EU1epoXufjqBPzMwOJnAJM6s/+0PWfkPFnbmQj/Ok/Tvhkmxz/CcL01sovWDj+B3 4+bojWAP2vSfriXGlMyBlyv7dnHVzxew6OFdsrvbgn+pFWgOvbiAS3emkHxnms1G /sFJ31pgeJEkCvfR++ehC1xLpqN5JtVj1pPJvh/8L+PQvLq8oMd0MCAzTQizun3q fRmJFdNO/1e30nnF3EjKuKjra6pdEOZx -----END CERTIFICATE-----Generated at Mon Oct 20 21:37:36 2025 by rpki-client