$ rpki-client -vvf rpki.apnic.net/member_repository/A9128918/E98FDFD4F67211E991ED0B16C4F9AE02/JQN3X6w6b0cjTLgypjf8EIKkfEQ.mft File: JQN3X6w6b0cjTLgypjf8EIKkfEQ.mft (raw, json) Hash identifier: wYVT1Ee80ljciqSRcddRmXe1khyBqHtvdCKFs6qvigA= Subject key identifier: 13:E9:DC:56:FF:4F:49:F7:04:29:B1:F4:A1:40:79:C6:83:ED:59:3A Authority key identifier: 25:03:77:5F:AC:3A:6F:47:23:4C:B8:32:A6:37:FC:10:82:A4:7C:44 Certificate issuer: /CN=A9128918/serialNumber=2503775FAC3A6F47234CB832A637FC1082A47C44 Certificate serial: 0D05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQN3X6w6b0cjTLgypjf8EIKkfEQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128918/E98FDFD4F67211E991ED0B16C4F9AE02/JQN3X6w6b0cjTLgypjf8EIKkfEQ.mft Manifest number: 0CED Signing time: Tue 28 Oct 2025 18:04:18 +0000 Manifest this update: Tue 28 Oct 2025 18:04:18 +0000 Manifest next update: Tue 04 Nov 2025 18:04:18 +0000 Files and hashes: 1: JQN3X6w6b0cjTLgypjf8EIKkfEQ.crl (hash: RhEjWJk1rWzFynpvzF8IoXvzn4uaF6s8qRbe3o6VRQo=) 2: DA0A5C9280BE11EB88ED2418C4F9AE02.roa (hash: bJm8x/jB8mtzKPQKI3Nnf1xFyPp1oMwYrBpRRhfwUbw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128918/E98FDFD4F67211E991ED0B16C4F9AE02/JQN3X6w6b0cjTLgypjf8EIKkfEQ.crl rsync://rpki.apnic.net/member_repository/A9128918/E98FDFD4F67211E991ED0B16C4F9AE02/JQN3X6w6b0cjTLgypjf8EIKkfEQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQN3X6w6b0cjTLgypjf8EIKkfEQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 18:04:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3333 (0xd05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128918, serialNumber=2503775FAC3A6F47234CB832A637FC1082A47C44 Validity Not Before: Oct 28 18:04:18 2025 GMT Not After : Nov 4 18:04:18 2025 GMT Subject: CN=690105a2-d6bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:7c:e4:0d:8f:84:f3:00:e0:33:7a:2e:08:18: 5f:1e:fd:9d:ad:b8:3a:c8:b6:e3:e9:d6:74:d2:c9: 31:ee:eb:2d:84:7a:57:0f:b9:0b:16:7f:52:4d:19: f8:72:eb:f5:0d:4c:94:57:5e:2b:6b:3c:31:8d:6d: c0:3c:82:14:96:ff:a9:c9:1b:f7:e0:0b:d6:1d:14: 69:ae:83:d0:58:d4:13:01:45:4c:42:14:12:ea:02: 40:f0:d6:5e:98:60:ae:55:ce:1a:12:45:74:4c:d5: 9c:1a:2e:6a:d8:ef:c7:68:0a:67:61:b7:e7:96:85: 78:24:5d:71:78:84:61:27:c5:88:4e:33:a6:07:34: 1c:b6:7c:16:cb:90:fb:fa:e8:9a:e8:0c:43:0b:d2: 13:41:57:79:5b:65:c6:33:2b:6b:b8:5d:49:5f:f2: 95:4b:7c:92:92:63:84:83:b3:95:b5:66:13:dd:92: 72:23:88:02:99:0d:d0:1e:1e:12:55:94:fd:e8:d2: 33:cc:32:12:69:5a:17:b7:d7:1a:68:7b:ac:1a:d7: da:a6:e1:d5:91:eb:37:46:ac:ad:2f:6d:de:88:3f: fb:e9:01:d1:32:96:a8:68:4b:e5:33:6d:ee:4f:e5: 6f:30:6a:a5:3e:ae:4f:7e:6a:f4:0e:ff:40:3f:18: 77:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:E9:DC:56:FF:4F:49:F7:04:29:B1:F4:A1:40:79:C6:83:ED:59:3A X509v3 Authority Key Identifier: keyid:25:03:77:5F:AC:3A:6F:47:23:4C:B8:32:A6:37:FC:10:82:A4:7C:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128918/E98FDFD4F67211E991ED0B16C4F9AE02/JQN3X6w6b0cjTLgypjf8EIKkfEQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JQN3X6w6b0cjTLgypjf8EIKkfEQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128918/E98FDFD4F67211E991ED0B16C4F9AE02/JQN3X6w6b0cjTLgypjf8EIKkfEQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d5:8b:97:f9:b4:4e:4e:f1:88:84:47:fb:f2:26:24:ba:86:89: f3:ac:f6:ce:69:e2:e2:43:62:02:e4:ac:0b:3f:28:02:ab:a3: a6:27:37:f5:70:1c:3b:91:c4:4a:e6:be:f4:e9:ff:42:ee:e2: 29:83:a0:e7:7d:7b:33:9f:1a:31:46:69:d4:76:02:7a:38:72: 7e:a5:26:ba:db:a1:72:c5:54:e2:c8:48:3a:82:f2:d3:6e:6c: fd:8f:42:35:99:bf:9c:4d:cd:8b:c2:21:45:86:68:26:4e:73: f1:45:7f:40:63:24:c5:58:34:ef:8e:2d:a7:5f:f1:a9:4d:70: 28:2f:7b:27:6b:fc:62:83:22:9a:27:85:db:0b:7b:17:22:58: 64:ae:16:23:6e:59:20:ff:00:e7:b4:a9:dd:6b:9d:bc:c9:22: 9e:46:2a:49:e5:d9:69:f2:53:ea:8d:f0:22:dd:f8:c3:ff:ee: 9f:42:e5:c5:f0:0b:37:38:44:c7:f7:22:1d:4d:70:4c:14:43: ce:11:6e:da:60:53:f4:f2:2c:22:74:9c:1e:82:7b:78:e3:ca: a2:36:4e:ae:07:a2:20:fb:0c:a9:53:d3:ce:2c:ba:0f:a1:05: 40:3c:ed:6d:dc:e5:38:dd:90:b7:da:8e:d8:d3:db:50:d0:6e: 48:55:1d:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDQUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg5MTgxMTAvBgNVBAUTKDI1MDM3NzVGQUMzQTZGNDcyMzRDQjgzMkE2MzdGQzEw ODJBNDdDNDQwHhcNMjUxMDI4MTgwNDE4WhcNMjUxMTA0MTgwNDE4WjAYMRYwFAYD VQQDEw02OTAxMDVhMi1kNmJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtXzkDY+E8wDgM3ouCBhfHv2drbg6yLbj6dZ00skx7usthHpXD7kLFn9STRn4 cuv1DUyUV14razwxjW3APIIUlv+pyRv34AvWHRRproPQWNQTAUVMQhQS6gJA8NZe mGCuVc4aEkV0TNWcGi5q2O/HaApnYbfnloV4JF1xeIRhJ8WITjOmBzQctnwWy5D7 +uia6AxDC9ITQVd5W2XGMytruF1JX/KVS3ySkmOEg7OVtWYT3ZJyI4gCmQ3QHh4S VZT96NIzzDISaVoXt9caaHusGtfapuHVkes3RqytL23eiD/76QHRMpaoaEvlM23u T+VvMGqlPq5Pfmr0Dv9APxh3MQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBPp3Fb/ T0n3BCmx9KFAecaD7Vk6MB8GA1UdIwQYMBaAFCUDd1+sOm9HI0y4MqY3/BCCpHxE MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODkxOC9FOThGREZENEY2 NzIxMUU5OTFFRDBCMTZDNEY5QUUwMi9KUU4zWDZ3NmIwY2pUTGd5cGpmOEVJS2tm RVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pRTjNYNnc2YjBjalRMZ3lwamY4RUlLa2ZFUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODkxOC9FOThGREZENEY2NzIxMUU5OTFFRDBCMTZDNEY5QUUwMi9KUU4zWDZ3NmIw Y2pUTGd5cGpmOEVJS2tmRVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDVi5f5tE5O8YiER/vyJiS6honzrPbOaeLiQ2IC5KwLPygCq6OmJzf1 cBw7kcRK5r706f9C7uIpg6DnfXsznxoxRmnUdgJ6OHJ+pSa626FyxVTiyEg6gvLT bmz9j0I1mb+cTc2LwiFFhmgmTnPxRX9AYyTFWDTvji2nX/GpTXAoL3sna/xigyKa J4XbC3sXIlhkrhYjblkg/wDntKnda528ySKeRipJ5dlp8lPqjfAi3fjD/+6fQuXF 8As3OETH9yIdTXBMFEPOEW7aYFP08iwidJwegnt448qiNk6uB6Ig+wypU9POLLoP oQVAPO1t3OU43ZC32o7Y09tQ0G5IVR1X -----END CERTIFICATE-----Generated at Wed Oct 29 05:21:44 2025 by rpki-client