$ rpki-client -vvf rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.mft File: J_xj2GH0aU96L5UfsShH4H-qkHI.mft (raw, json) Hash identifier: BJGrWZ6rZaoxHXU+QEGhr03g1BfaVU5YU9iR9PCAy6U= Subject key identifier: C5:99:96:2D:72:B9:DC:BD:E3:3C:AC:BC:E7:8F:C8:11:FA:31:C2:47 Authority key identifier: 27:FC:63:D8:61:F4:69:4F:7A:2F:95:1F:B1:28:47:E0:7F:AA:90:72 Certificate issuer: /CN=A9125F95/serialNumber=27FC63D861F4694F7A2F951FB12847E07FAA9072 Certificate serial: 1DD1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J_xj2GH0aU96L5UfsShH4H-qkHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.mft Manifest number: 1DC8 Signing time: Wed 22 Oct 2025 16:20:14 +0000 Manifest this update: Wed 22 Oct 2025 16:20:14 +0000 Manifest next update: Wed 29 Oct 2025 16:20:14 +0000 Files and hashes: 1: J_xj2GH0aU96L5UfsShH4H-qkHI.crl (hash: aNSVYqFJQYMxTK9Qn6Wzm4DYCm6cZYkCXynso/wSf/M=) 2: A17F07705FA311EAB1BB612CC4F9AE02.roa (hash: syqFyO0I3Vmcn5bJeGcao6zGLsNLne0ee+UOpu0s0a0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.crl rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J_xj2GH0aU96L5UfsShH4H-qkHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 16:20:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7633 (0x1dd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125F95, serialNumber=27FC63D861F4694F7A2F951FB12847E07FAA9072 Validity Not Before: Oct 22 16:20:14 2025 GMT Not After : Oct 29 16:20:14 2025 GMT Subject: CN=68f9043e-b511 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:42:42:5e:a5:51:78:8d:2f:cf:f2:32:81:93: f7:8b:30:6c:18:b0:f5:89:ce:c0:94:c9:b1:9e:2a: 22:e7:72:db:75:f6:4e:89:b9:9f:a6:41:c8:95:5d: 13:5c:fa:a4:20:bd:21:1c:1a:f2:91:09:d4:9e:6a: 79:c2:51:cc:1e:05:51:f0:d9:df:d2:0c:00:cc:38: 71:4a:11:84:67:3b:ea:cb:d7:b4:95:52:fd:13:90: 67:ba:69:22:28:a0:4f:0c:8f:56:21:b3:bf:71:8b: 7c:ab:0e:5a:69:4f:9f:39:37:5f:9a:73:57:1a:6b: 2c:2f:ff:9a:73:1f:dc:ed:b8:b0:f2:fa:7d:69:71: 25:5c:61:0f:2b:10:ba:1c:e7:f2:16:fd:9d:b0:5c: 07:c5:b6:4d:37:00:45:29:de:97:dc:98:3a:b8:5b: 98:6a:77:4c:a1:1f:4f:4f:9a:41:5e:19:20:73:7e: 8f:1b:0f:77:d7:0a:94:b9:36:25:4e:5c:23:1a:f8: f1:a9:1d:50:79:0e:da:ca:db:d7:7a:4a:57:99:fe: 1f:2a:ce:d0:22:b5:be:6a:58:87:e0:13:1b:d8:37: 0e:2f:36:45:90:5a:8e:28:68:3b:f6:62:a2:d6:1f: b4:e6:e1:3f:a8:00:61:6f:c4:30:9e:44:ec:6e:fc: 1a:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:99:96:2D:72:B9:DC:BD:E3:3C:AC:BC:E7:8F:C8:11:FA:31:C2:47 X509v3 Authority Key Identifier: keyid:27:FC:63:D8:61:F4:69:4F:7A:2F:95:1F:B1:28:47:E0:7F:AA:90:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J_xj2GH0aU96L5UfsShH4H-qkHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125F95/CE2AFC46A27511E69EB17774C4F9AE02/J_xj2GH0aU96L5UfsShH4H-qkHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6b:82:8e:b3:68:79:c4:d5:b3:00:06:4e:dc:53:56:54:68:68: bc:6c:02:d3:a1:ee:f6:04:2f:dc:dd:36:ef:20:96:1c:07:6e: 73:d8:36:48:6b:13:d7:fc:68:05:fd:db:ed:d4:31:d2:67:8b: 31:14:59:65:0f:c8:16:52:1b:23:8d:93:87:2a:ad:98:b7:c5: 5c:0c:81:af:c3:8a:80:11:75:61:15:16:cd:81:9e:72:0f:cc: 28:9b:6e:b0:e6:b3:55:2a:4f:aa:a3:0b:c8:24:ea:23:1a:2a: 72:e7:e9:ab:eb:bc:8e:ca:a8:ed:09:e3:3e:20:88:ed:a3:6e: 8e:9c:59:8e:9b:37:a0:62:b0:d8:c5:a5:6c:2b:87:f6:1f:1c: 37:97:45:cf:d6:f2:1d:74:3e:f6:bc:67:9e:05:f6:e9:4b:9f: a0:ec:ec:21:01:dd:2c:e0:c7:f6:47:47:60:f4:13:1c:74:f9: 73:4e:12:de:cc:ba:b1:92:b9:04:a1:cd:ff:cd:c0:6c:87:83: 3c:b8:58:63:98:58:5d:42:10:53:7d:5d:6b:ea:c3:79:ad:fe: 77:64:48:91:8a:9f:0d:dc:d4:78:93:04:46:61:4b:9e:c4:79: 23:b7:46:38:df:f0:d9:65:4e:a9:63:91:35:b5:bc:2e:85:96: 8f:fa:bb:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHdEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVGOTUxMTAvBgNVBAUTKDI3RkM2M0Q4NjFGNDY5NEY3QTJGOTUxRkIxMjg0N0Uw N0ZBQTkwNzIwHhcNMjUxMDIyMTYyMDE0WhcNMjUxMDI5MTYyMDE0WjAYMRYwFAYD VQQDEw02OGY5MDQzZS1iNTExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA40JCXqVReI0vz/IygZP3izBsGLD1ic7AlMmxnioi53LbdfZOibmfpkHIlV0T XPqkIL0hHBrykQnUnmp5wlHMHgVR8Nnf0gwAzDhxShGEZzvqy9e0lVL9E5Bnumki KKBPDI9WIbO/cYt8qw5aaU+fOTdfmnNXGmssL/+acx/c7biw8vp9aXElXGEPKxC6 HOfyFv2dsFwHxbZNNwBFKd6X3Jg6uFuYandMoR9PT5pBXhkgc36PGw931wqUuTYl TlwjGvjxqR1QeQ7aytvXekpXmf4fKs7QIrW+aliH4BMb2DcOLzZFkFqOKGg79mKi 1h+05uE/qABhb8QwnkTsbvwaAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMWZli1y udy94zysvOePyBH6McJHMB8GA1UdIwQYMBaAFCf8Y9hh9GlPei+VH7EoR+B/qpBy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUY5NS9DRTJBRkM0NkEy NzUxMUU2OUVCMTc3NzRDNEY5QUUwMi9KX3hqMkdIMGFVOTZMNVVmc1NoSDRILXFr SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pfeGoyR0gwYVU5Nkw1VWZzU2hINEgtcWtISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUY5NS9DRTJBRkM0NkEyNzUxMUU2OUVCMTc3NzRDNEY5QUUwMi9KX3hqMkdIMGFV OTZMNVVmc1NoSDRILXFrSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBrgo6zaHnE1bMABk7cU1ZUaGi8bALToe72BC/c3TbvIJYcB25z2DZI axPX/GgF/dvt1DHSZ4sxFFllD8gWUhsjjZOHKq2Yt8VcDIGvw4qAEXVhFRbNgZ5y D8wom26w5rNVKk+qowvIJOojGipy5+mr67yOyqjtCeM+IIjto26OnFmOmzegYrDY xaVsK4f2Hxw3l0XP1vIddD72vGeeBfbpS5+g7OwhAd0s4Mf2R0dg9BMcdPlzThLe zLqxkrkEoc3/zcBsh4M8uFhjmFhdQhBTfV1r6sN5rf53ZEiRip8N3NR4kwRGYUue xHkjt0Y43/DZZU6pY5E1tbwuhZaP+rsA -----END CERTIFICATE-----Generated at Thu Oct 23 20:36:50 2025 by rpki-client