$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: Ml98J3cQn24Vayp8jkg7+12c5CFc8KcrKRcXaL5AQc0= Subject key identifier: C6:22:60:C4:B3:20:9C:7E:10:3C:B0:01:96:D1:05:6A:35:4A:7C:4F Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 04AC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 0498 Signing time: Wed 22 Oct 2025 17:27:31 +0000 Manifest this update: Wed 22 Oct 2025 17:27:30 +0000 Manifest next update: Wed 29 Oct 2025 17:27:30 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: Vh9EnBzgQDzr7weMqJbLlXifPcU52OLtZbQkQANxp4Y=) 2: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: BSTa7sI/Wxp7paF8iFEhYcOXczYzjvqpGs3tFatgPsE=) 3: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: EM7EONiwHXhiPFzyfONkaOBX/AROwU9rjV4ETvuVQDQ=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: TLiIvWlCkSUznKaCtTmASc45uAF4Q8KIvn7LhcKxI18=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HMDK7qPjAO3ncQEJzX6SKnODDt4e7glxidti8sfhV1k=) 6: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Z/SQA8GAHBj69mDXnfsLMK8qu+tlZ5LxlzdXDGduFGo=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: AfGxVPGE0X5aiSEnPrV13VcxuUAvslUoJjsgWW+PD9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 17:27:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1196 (0x4ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Oct 22 17:27:30 2025 GMT Not After : Oct 29 17:27:30 2025 GMT Subject: CN=68f91403-b748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:0c:51:31:cc:05:32:f4:f5:00:7c:27:d9:27: 25:f3:b1:60:8c:36:9b:87:4b:09:1b:fa:e8:ac:14: ed:75:c3:0b:df:9b:b1:5b:83:da:fa:55:d3:88:ae: e7:76:ba:26:fe:11:19:3d:b5:87:51:db:05:cd:fa: 8c:00:56:1e:e1:b7:58:72:59:b8:2c:19:e7:91:03: 3a:b3:8c:d1:f3:28:53:ac:a2:07:13:de:44:7f:6c: e3:00:4a:3b:5f:38:92:ef:c2:12:63:09:13:4c:15: db:3b:1c:88:0f:36:1f:79:cf:77:9a:0e:10:4c:eb: b8:c5:f6:14:a2:60:df:8b:4f:47:ca:fa:c2:46:14: 60:6f:db:b8:85:7f:ed:a9:e2:a9:a5:a9:88:0e:77: ed:a3:d1:9f:bd:19:88:83:97:28:9f:08:be:13:43: 39:e6:16:34:ff:60:39:c2:d0:4a:e9:28:da:22:83: de:29:18:13:a1:2f:8e:ce:6b:6a:82:f8:62:48:4d: cf:68:2a:73:0c:e6:0f:c2:eb:ef:d8:06:0a:04:dc: b4:af:c8:6b:bd:43:c8:c4:4a:30:ad:39:e4:51:c6: 2d:7f:fe:22:fc:b9:ae:64:a6:c3:f3:7d:43:f6:bc: 06:0e:15:57:52:f7:d8:a3:a2:7a:e7:bd:35:f1:9c: 2b:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:22:60:C4:B3:20:9C:7E:10:3C:B0:01:96:D1:05:6A:35:4A:7C:4F X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:02:66:ec:ec:a7:72:02:e0:90:32:c7:66:a8:4c:b5:93:2a: d9:a0:89:3f:ab:49:a7:db:fe:a3:8d:06:6a:41:84:c0:c7:7d: 43:8e:de:90:aa:31:49:74:93:66:57:88:ac:56:e7:2a:0e:f6: 8a:75:2f:74:10:2e:94:3b:e8:8b:f8:46:ae:00:20:48:73:fe: ff:7f:6f:85:cf:2b:c8:b8:1b:e7:21:82:a2:2f:75:e7:0f:14: 09:f3:04:eb:85:5c:01:19:78:ba:0f:ba:ca:60:20:79:3b:e6: 0d:7d:a4:41:60:eb:bc:83:8e:2b:c9:d3:4c:c4:a8:e0:46:8e: 04:45:86:5d:9a:89:5f:4e:f0:a7:89:64:42:64:8d:6f:c1:31: a5:b5:79:63:02:bb:31:bc:49:e6:c4:1b:fe:b3:2e:e8:b8:41: e0:10:93:c9:1a:d4:ad:68:6a:70:56:18:0f:89:8e:0b:0f:e8: ad:77:74:b7:b8:7e:05:ef:16:9c:f6:c5:cb:d9:69:d6:29:43: c0:b5:b3:84:cc:28:6a:45:3c:2d:7f:e2:b0:b1:96:5f:21:a6: 19:86:2a:d3:5b:ba:34:cc:f9:55:f2:c4:e0:d1:2f:f0:30:b1: 63:80:bc:39:bb:d7:be:2e:7e:c5:1e:21:e1:f7:d2:3f:25:93: ce:47:66:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjUxMDIyMTcyNzMwWhcNMjUxMDI5MTcyNzMwWjAYMRYwFAYD VQQDEw02OGY5MTQwMy1iNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2wxRMcwFMvT1AHwn2Scl87FgjDabh0sJG/rorBTtdcML35uxW4Pa+lXTiK7n drom/hEZPbWHUdsFzfqMAFYe4bdYclm4LBnnkQM6s4zR8yhTrKIHE95Ef2zjAEo7 XziS78ISYwkTTBXbOxyIDzYfec93mg4QTOu4xfYUomDfi09HyvrCRhRgb9u4hX/t qeKppamIDnfto9GfvRmIg5conwi+E0M55hY0/2A5wtBK6SjaIoPeKRgToS+Ozmtq gvhiSE3PaCpzDOYPwuvv2AYKBNy0r8hrvUPIxEowrTnkUcYtf/4i/LmuZKbD831D 9rwGDhVXUvfYo6J657018ZwrhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMYiYMSz IJx+EDywAZbRBWo1SnxPMB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUAmbs7KdyAuCQMsdmqEy1kyrZoIk/q0mn2/6jjQZqQYTAx31Djt6Q qjFJdJNmV4isVucqDvaKdS90EC6UO+iL+EauACBIc/7/f2+FzyvIuBvnIYKiL3Xn DxQJ8wTrhVwBGXi6D7rKYCB5O+YNfaRBYOu8g44rydNMxKjgRo4ERYZdmolfTvCn iWRCZI1vwTGltXljArsxvEnmxBv+sy7ouEHgEJPJGtStaGpwVhgPiY4LD+itd3S3 uH4F7xac9sXL2WnWKUPAtbOEzChqRTwtf+KwsZZfIaYZhirTW7o0zPlV8sTg0S/w MLFjgLw5u9e+Ln7FHiHh99I/JZPOR2Yp -----END CERTIFICATE-----Generated at Thu Oct 23 22:21:12 2025 by rpki-client