$ rpki-client -vvf rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft File: cmIg2YvMfcZqPM83Z36go9sJDaQ.mft (raw, json) Hash identifier: +lUPwce4yEonxMbk7Ay+jHepVP7eOG8rfU5q3cUF58Y= Subject key identifier: 0B:0F:00:76:9A:03:FA:63:23:69:FF:6D:0C:EC:E1:6B:9E:D0:AD:C5 Authority key identifier: 72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 Certificate issuer: /CN=A914AE22/serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Certificate serial: 0C24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft Manifest number: 0C1A Signing time: Mon 20 Oct 2025 19:22:42 +0000 Manifest this update: Mon 20 Oct 2025 19:22:41 +0000 Manifest next update: Mon 27 Oct 2025 19:22:41 +0000 Files and hashes: 1: cmIg2YvMfcZqPM83Z36go9sJDaQ.crl (hash: VyppR3HBIsJxoLSFW/maBA1zfZeZ3NyWAgqn/KTgfr0=) 2: 021496F2A4EC11F0A8EB5F7EC4F9AE02.roa (hash: k+6bL1sigdhJhsvVBlCJkl8BzQ8/uafB/3pyO3zl0nM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 19:22:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3108 (0xc24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914AE22, serialNumber=726220D98BCC7DC66A3CCF37677EA0A3DB090DA4 Validity Not Before: Oct 20 19:22:41 2025 GMT Not After : Oct 27 19:22:41 2025 GMT Subject: CN=68f68c02-4bca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:b8:15:a8:ac:c3:e5:60:b2:c6:f3:68:c4:0e: 6d:19:13:3c:cd:ba:5b:e5:0f:02:5a:14:03:c8:09: 37:88:83:b0:d5:de:c8:a3:7c:a6:f6:39:f7:af:f3: 2a:b7:86:00:5e:8b:53:4b:bb:c1:bf:be:1c:9a:1f: c3:50:47:cd:07:42:c9:ac:2f:c0:63:b7:3e:ce:18: 3f:84:a7:ef:5b:48:5c:ce:2b:a3:ec:39:b9:06:2d: 59:e2:e7:cf:1d:15:2f:3b:fe:ba:28:15:2d:2c:59: 67:33:b3:d0:44:73:1f:2d:fa:44:fd:ea:56:d0:5d: 1f:0b:e3:e1:8f:4c:27:82:32:1f:d5:e4:5b:8c:49: 49:c3:ab:cc:fa:d4:22:5d:52:e6:45:2a:d1:cc:5f: 7f:e9:64:34:b4:01:e6:f2:6e:24:51:96:2c:1b:b7: 50:65:79:26:ac:d1:b4:3c:6a:81:ab:57:0a:e7:85: 12:e9:cb:05:56:4c:42:1f:35:49:f2:ae:2e:32:48: e3:05:6d:5b:4c:73:f4:31:a9:10:fa:8a:cd:25:b0: 94:a5:77:fa:f8:6b:50:fd:31:93:ad:48:4d:be:97: 96:5c:fd:35:39:05:d0:54:d7:4a:56:c0:ed:b3:1a: 24:68:2f:d8:10:6e:0e:7d:fd:9a:b1:17:24:82:14: 12:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0B:0F:00:76:9A:03:FA:63:23:69:FF:6D:0C:EC:E1:6B:9E:D0:AD:C5 X509v3 Authority Key Identifier: keyid:72:62:20:D9:8B:CC:7D:C6:6A:3C:CF:37:67:7E:A0:A3:DB:09:0D:A4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cmIg2YvMfcZqPM83Z36go9sJDaQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914AE22/B178439E1BBF11EAB6A74F71C4F9AE02/cmIg2YvMfcZqPM83Z36go9sJDaQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:54:ac:31:11:fc:ea:24:3a:b1:d9:6b:99:63:5c:bb:9d:e3: fc:6c:83:96:67:8c:73:60:50:f5:e4:a9:c5:06:88:3b:c0:e1: 4b:32:a9:6a:c2:2d:24:59:30:7b:ff:7b:d2:0c:53:20:f0:93: 75:87:6c:50:1c:9b:13:28:fe:a5:30:1e:aa:93:77:0f:89:31: 50:2f:ff:e9:84:ad:d8:df:af:75:ca:2d:d9:f9:63:e2:16:dd: 63:e8:a0:14:3c:c0:35:47:4f:9d:a3:72:e4:c9:ed:0f:e2:55: 95:dd:9c:3e:13:c5:d7:15:c1:4a:bb:16:7a:7f:0e:4a:50:6d: 93:f1:93:68:e8:be:da:f6:f5:09:e1:e8:76:05:1d:8a:1c:e1: 36:3c:86:11:df:2f:86:2d:27:ee:62:37:b7:ce:b4:d4:41:fe: c5:a9:95:07:73:c3:32:0b:7a:41:d0:76:7b:96:dc:8e:45:aa: c7:9b:7e:e8:af:98:bc:81:75:43:01:34:d0:4d:17:39:e9:08: 21:0e:e2:4d:67:fe:92:6f:82:a1:d9:a4:24:2b:d9:c2:ed:4b: 8d:01:33:7e:a4:8f:70:0a:be:37:cb:63:bc:c2:30:0f:3f:ab: 12:ee:6d:6c:3b:51:f4:3b:80:45:e7:18:90:13:8d:94:a5:95: 39:1a:34:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDCQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEFFMjIxMTAvBgNVBAUTKDcyNjIyMEQ5OEJDQzdEQzY2QTNDQ0YzNzY3N0VBMEEz REIwOTBEQTQwHhcNMjUxMDIwMTkyMjQxWhcNMjUxMDI3MTkyMjQxWjAYMRYwFAYD VQQDEw02OGY2OGMwMi00YmNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqbgVqKzD5WCyxvNoxA5tGRM8zbpb5Q8CWhQDyAk3iIOw1d7Io3ym9jn3r/Mq t4YAXotTS7vBv74cmh/DUEfNB0LJrC/AY7c+zhg/hKfvW0hcziuj7Dm5Bi1Z4ufP HRUvO/66KBUtLFlnM7PQRHMfLfpE/epW0F0fC+Phj0wngjIf1eRbjElJw6vM+tQi XVLmRSrRzF9/6WQ0tAHm8m4kUZYsG7dQZXkmrNG0PGqBq1cK54US6csFVkxCHzVJ 8q4uMkjjBW1bTHP0MakQ+orNJbCUpXf6+GtQ/TGTrUhNvpeWXP01OQXQVNdKVsDt sxokaC/YEG4Off2asRckghQS6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAsPAHaa A/pjI2n/bQzs4Wue0K3FMB8GA1UdIwQYMBaAFHJiINmLzH3GajzPN2d+oKPbCQ2k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0QUUyMi9CMTc4NDM5RTFC QkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZjWnFQTTgzWjM2Z285c0pE YVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NtSWcyWXZNZmNacVBNODNaMzZnbzlzSkRhUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 QUUyMi9CMTc4NDM5RTFCQkYxMUVBQjZBNzRGNzFDNEY5QUUwMi9jbUlnMll2TWZj WnFQTTgzWjM2Z285c0pEYVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1VKwxEfzqJDqx2WuZY1y7neP8bIOWZ4xzYFD15KnFBog7wOFLMqlq wi0kWTB7/3vSDFMg8JN1h2xQHJsTKP6lMB6qk3cPiTFQL//phK3Y3691yi3Z+WPi Ft1j6KAUPMA1R0+do3Lkye0P4lWV3Zw+E8XXFcFKuxZ6fw5KUG2T8ZNo6L7a9vUJ 4eh2BR2KHOE2PIYR3y+GLSfuYje3zrTUQf7FqZUHc8MyC3pB0HZ7ltyORarHm37o r5i8gXVDATTQTRc56QghDuJNZ/6Sb4Kh2aQkK9nC7UuNATN+pI9wCr43y2O8wjAP P6sS7m1sO1H0O4BF5xiQE42UpZU5GjTs -----END CERTIFICATE-----Generated at Tue Oct 21 19:45:09 2025 by rpki-client