$ rpki-client -vvf rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft File: DGhYIowwF0gr3H85geiYuVbaoCk.mft (raw, json) Hash identifier: JMP2tcuFXG4a3JJxFfuN2BKXgDQgG0A530PpNAp1G5c= Subject key identifier: F2:2E:C2:5C:66:9E:BF:5E:1D:BD:31:E3:9D:10:0E:A4:E6:70:35:05 Authority key identifier: 0C:68:58:22:8C:30:17:48:2B:DC:7F:39:81:E8:98:B9:56:DA:A0:29 Certificate issuer: /CN=A9170975/serialNumber=0C6858228C3017482BDC7F3981E898B956DAA029 Certificate serial: 4E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DGhYIowwF0gr3H85geiYuVbaoCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft Manifest number: 4D Signing time: Thu 23 Oct 2025 09:28:29 +0000 Manifest this update: Thu 23 Oct 2025 09:28:28 +0000 Manifest next update: Thu 30 Oct 2025 09:28:28 +0000 Files and hashes: 1: DGhYIowwF0gr3H85geiYuVbaoCk.crl (hash: SMsdEZox5XmWmMjahAH94AULwZMqRKslUU4HZlkvGXQ=) 2: B12A39803A2A11F09E37DB48C4F9AE02.roa (hash: k8LJciNO3nbjiZjsCJ8G57U38keqVi40DfjRW/V+QTI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.crl rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DGhYIowwF0gr3H85geiYuVbaoCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 09:28:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 78 (0x4e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170975, serialNumber=0C6858228C3017482BDC7F3981E898B956DAA029 Validity Not Before: Oct 23 09:28:28 2025 GMT Not After : Oct 30 09:28:28 2025 GMT Subject: CN=68f9f53c-951e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:d7:74:33:ee:01:8c:70:9f:ef:15:cd:0c:86: 4d:cc:d7:1e:8f:e8:18:f8:0d:9e:53:47:3d:95:e4: dd:b3:f9:c7:9b:0d:f1:63:d0:c6:ec:80:03:43:f9: a0:62:18:44:06:98:fd:7a:58:ad:49:bd:d6:0e:24: a6:f6:2c:3a:58:38:e4:6a:f9:1f:de:83:fd:9c:28: 2f:f8:18:c0:3b:3c:95:8d:6d:79:6d:ed:c0:c3:52: 90:fa:23:5d:a2:2b:a9:98:9c:7b:2b:c3:3c:d7:39: 55:1d:07:69:1d:6c:7a:4a:0e:47:3a:a7:a6:67:18: 49:12:83:8b:8d:71:18:2b:6d:ce:ee:18:71:28:ed: 90:90:2f:ab:f9:4d:fb:be:d7:46:9c:3f:96:c1:73: 0e:04:4a:cb:1a:41:33:02:37:01:67:0c:a8:ad:a6: 50:82:9b:b0:02:70:32:e7:9b:67:12:91:e8:9a:a0: 54:d3:da:29:d8:5f:ef:e7:ec:cc:e7:5a:5d:9c:9a: 40:e8:46:c9:1b:41:26:7f:c7:ff:13:47:f7:99:6d: fc:62:0a:18:84:84:bf:f3:68:5c:f3:ac:20:9e:3c: 87:94:e0:b9:41:55:17:c6:a0:ff:fd:88:af:3d:f2: e2:60:84:a7:2d:a9:a7:b8:e4:dc:43:a1:d0:d7:12: 8d:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:2E:C2:5C:66:9E:BF:5E:1D:BD:31:E3:9D:10:0E:A4:E6:70:35:05 X509v3 Authority Key Identifier: keyid:0C:68:58:22:8C:30:17:48:2B:DC:7F:39:81:E8:98:B9:56:DA:A0:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DGhYIowwF0gr3H85geiYuVbaoCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170975/67C7A42A3A2611F0BCCF5E1FC4F9AE02/DGhYIowwF0gr3H85geiYuVbaoCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:99:e6:a7:fd:b1:0f:f9:b4:82:33:99:e2:6e:ae:9a:8b:49: d2:a8:ab:98:5e:30:6c:7e:0c:01:21:59:6b:da:25:97:19:2a: bc:5a:ec:28:72:a1:4a:22:11:bf:33:7f:73:23:bc:20:32:00: f2:6f:85:d8:50:46:9a:3e:c2:88:2e:f4:f6:86:e1:fe:05:2a: ea:41:8c:3a:39:ff:f3:1a:ed:b2:37:3f:ff:d8:8b:35:f9:df: cf:88:00:04:22:69:82:e8:c4:fd:b7:8f:f6:d3:21:93:3a:bf: cf:5f:a7:52:ff:22:f4:83:b0:35:dc:c5:db:e5:b2:f8:38:27: f0:25:02:b7:2c:ed:56:9e:25:96:98:12:c0:ec:66:d4:3b:9c: 3f:37:20:48:3a:5e:cb:16:fb:35:9d:fe:16:cc:b5:eb:81:1c: e4:1b:76:00:3e:b2:b4:6e:5e:7e:cc:cc:27:6c:31:38:a6:89: 12:28:f5:ad:e5:7e:d7:a4:04:2d:59:a4:5b:57:45:25:8b:04: 5d:93:e8:97:30:06:b6:42:cd:72:80:1e:af:41:0d:87:32:d0: 9b:df:be:aa:e6:cc:85:f7:8f:9b:89:f2:a5:47:56:31:1e:86: b8:e3:32:7e:74:f3:97:c0:33:f8:bd:9d:75:2a:82:47:9a:75: 43:3f:ff:48 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MDk3NTExMC8GA1UEBRMoMEM2ODU4MjI4QzMwMTc0ODJCREM3RjM5ODFFODk4Qjk1 NkRBQTAyOTAeFw0yNTEwMjMwOTI4MjhaFw0yNTEwMzAwOTI4MjhaMBgxFjAUBgNV BAMTDTY4ZjlmNTNjLTk1MWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCm13Qz7gGMcJ/vFc0Mhk3M1x6P6Bj4DZ5TRz2V5N2z+cebDfFj0MbsgAND+aBi GEQGmP16WK1JvdYOJKb2LDpYOORq+R/eg/2cKC/4GMA7PJWNbXlt7cDDUpD6I12i K6mYnHsrwzzXOVUdB2kdbHpKDkc6p6ZnGEkSg4uNcRgrbc7uGHEo7ZCQL6v5Tfu+ 10acP5bBcw4ESssaQTMCNwFnDKitplCCm7ACcDLnm2cSkeiaoFTT2inYX+/n7Mzn Wl2cmkDoRskbQSZ/x/8TR/eZbfxiChiEhL/zaFzzrCCePIeU4LlBVRfGoP/9iK89 8uJghKctqae45NxDodDXEo1/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8i7CXGae v14dvTHjnRAOpOZwNQUwHwYDVR0jBBgwFoAUDGhYIowwF0gr3H85geiYuVbaoCkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwOTc1LzY3QzdBNDJBM0Ey NjExRjBCQ0NGNUUxRkM0RjlBRTAyL0RHaFlJb3d3RjBncjNIODVnZWlZdVZiYW9D ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvREdoWUlvd3dGMGdyM0g4NWdlaVl1VmJhb0NrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw OTc1LzY3QzdBNDJBM0EyNjExRjBCQ0NGNUUxRkM0RjlBRTAyL0RHaFlJb3d3RjBn cjNIODVnZWlZdVZiYW9Day5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADKZ5qf9sQ/5tIIzmeJurpqLSdKoq5heMGx+DAEhWWvaJZcZKrxa7Chy oUoiEb8zf3MjvCAyAPJvhdhQRpo+wogu9PaG4f4FKupBjDo5//Ma7bI3P//YizX5 38+IAAQiaYLoxP23j/bTIZM6v89fp1L/IvSDsDXcxdvlsvg4J/AlArcs7VaeJZaY EsDsZtQ7nD83IEg6XssW+zWd/hbMteuBHOQbdgA+srRuXn7MzCdsMTimiRIo9a3l ftekBC1ZpFtXRSWLBF2T6JcwBrZCzXKAHq9BDYcy0JvfvqrmzIX3j5uJ8qVHVjEe hrjjMn5085fAM/i9nXUqgkeadUM//0g= -----END CERTIFICATE-----Generated at Thu Oct 23 13:04:28 2025 by rpki-client