$ rpki-client -vvf rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft File: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft (raw, json) Hash identifier: 4gh5P8CQjJv3M7WRyiCXlHexR70x2RItDBFSDO4vOy4= Subject key identifier: E2:80:24:A0:B0:EA:75:F7:61:E0:3E:27:B4:8C:6F:97:D3:B2:D2:AD Authority key identifier: AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08 Certificate issuer: /CN=A9172CE3/serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08 Certificate serial: 04D8 Authority info access: rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft Manifest number: 04D2 Signing time: Thu 23 Oct 2025 00:58:50 +0000 Manifest this update: Thu 23 Oct 2025 00:58:49 +0000 Manifest next update: Thu 30 Oct 2025 00:58:49 +0000 Files and hashes: 1: q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl (hash: +gqdFiF2F7Oe10SvFaliw1gbSXcWfWKlDXjjMf09Qj0=) 2: 887BE0D0405D11ECA642D813C4F9AE02.roa (hash: qxVcUGlCZn4SUG82SOAXq9RSMSYslC+bAGjT3ytadTQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.crl rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/NI-bm5KnLM_Tbzxw81Z1czzI6iI.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/NI-bm5KnLM_Tbzxw81Z1czzI6iI.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 00:58:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1240 (0x4d8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172CE3, serialNumber=ABC6FBA4B784283879190DC717E34B4CD882DA08 Validity Not Before: Oct 23 00:58:49 2025 GMT Not After : Oct 30 00:58:49 2025 GMT Subject: CN=68f97dc9-b398 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:65:2d:30:74:57:d3:42:cf:d3:9f:ab:85:df: d3:2a:d9:59:b0:9b:f7:80:08:d5:49:22:d9:4c:4f: 4d:df:ae:ba:fe:d1:05:53:7d:60:9c:6e:55:af:7a: b1:c3:26:df:49:40:4f:75:d8:f0:7d:a9:09:ed:e2: f3:04:64:28:29:e7:96:2f:52:43:81:1d:8e:ec:91: 89:07:8a:88:f4:03:e9:4b:bb:78:f7:61:76:9e:85: 10:f5:b2:4b:fe:8d:6e:61:99:d7:1f:a2:03:21:14: 5e:4d:f8:41:09:a9:ac:99:6d:23:27:a1:f0:47:44: 66:83:3a:be:dc:8d:b4:c5:c8:3f:79:f3:64:77:7f: f2:5e:ef:60:22:88:63:f6:56:4d:12:cf:33:f8:7b: 1a:b6:04:e0:6a:aa:c8:dc:db:1c:d6:f2:1b:22:2d: 44:9c:c2:e2:76:86:05:3b:99:e9:f0:58:e2:e4:7b: 34:a0:38:f3:cd:2f:a8:fa:0e:27:1b:34:7a:f3:ae: 57:66:6d:9c:21:22:c1:f6:ea:ea:74:14:78:54:76: f4:77:3d:95:10:09:50:fa:ad:ee:77:38:ad:5b:29: ab:59:6e:dd:a1:4f:e6:49:c4:db:53:a7:ab:e1:d0: 99:c2:59:53:a6:01:5b:56:67:e4:e7:5f:e7:cb:a0: fa:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:80:24:A0:B0:EA:75:F7:61:E0:3E:27:B4:8C:6F:97:D3:B2:D2:AD X509v3 Authority Key Identifier: keyid:AB:C6:FB:A4:B7:84:28:38:79:19:0D:C7:17:E3:4B:4C:D8:82:DA:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B41FE6101D6611E2A62F877C72FD1FF2/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172CE3/5D7899F4405911ECA0AFAA4DC4F9AE02/q8b7pLeEKDh5GQ3HF-NLTNiC2gg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:88:ca:12:e1:e1:12:2f:a5:14:7e:a1:c9:99:e5:eb:9f:80: 38:d4:43:0d:1c:86:96:91:98:27:06:fe:56:43:b3:e6:be:94: 33:a5:97:15:25:6d:80:ee:b2:90:9d:51:8e:dc:bd:b8:f6:81: 9f:7f:d5:6c:44:30:67:c4:5d:fa:79:1c:a6:f7:fd:64:bd:d6: ea:f5:fb:75:35:9d:f0:06:85:9c:c7:b5:17:8d:0d:80:22:6d: 6f:69:dc:3c:87:19:f3:0c:07:00:fe:0b:ae:c8:fb:07:21:c6: a6:9e:35:d5:6e:56:c1:82:c4:2d:2d:73:1f:42:42:1f:5b:35: 5d:69:30:bc:5f:e9:d7:7e:22:37:07:62:4d:9c:d3:40:0e:ac: 57:88:8c:1e:d4:cb:56:cc:d5:dc:d1:8f:dc:cb:19:63:f9:22: b9:83:a1:35:6d:38:d1:2b:5a:79:b8:2a:d3:34:2f:dd:01:ee: 85:ac:36:54:17:f7:1c:45:3c:8f:ed:c1:1e:81:30:e9:81:1d: 19:7c:06:5c:c5:53:3d:ae:d9:32:b4:e5:a7:8c:d6:43:4f:63: f3:28:eb:ba:34:b9:15:a7:0f:cf:f2:a5:21:fe:da:57:51:69: 40:b6:1f:53:10:08:f8:e3:9f:c4:42:c7:f2:39:8f:50:80:a7: 05:3e:81:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzJDRTMxMTAvBgNVBAUTKEFCQzZGQkE0Qjc4NDI4Mzg3OTE5MERDNzE3RTM0QjRD RDg4MkRBMDgwHhcNMjUxMDIzMDA1ODQ5WhcNMjUxMDMwMDA1ODQ5WjAYMRYwFAYD VQQDEw02OGY5N2RjOS1iMzk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnGUtMHRX00LP05+rhd/TKtlZsJv3gAjVSSLZTE9N3666/tEFU31gnG5Vr3qx wybfSUBPddjwfakJ7eLzBGQoKeeWL1JDgR2O7JGJB4qI9APpS7t492F2noUQ9bJL /o1uYZnXH6IDIRReTfhBCamsmW0jJ6HwR0Rmgzq+3I20xcg/efNkd3/yXu9gIohj 9lZNEs8z+HsatgTgaqrI3Nsc1vIbIi1EnMLidoYFO5np8Fji5Hs0oDjzzS+o+g4n GzR6865XZm2cISLB9urqdBR4VHb0dz2VEAlQ+q3udzitWymrWW7doU/mScTbU6er 4dCZwllTpgFbVmfk51/ny6D6twIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOKAJKCw 6nX3YeA+J7SMb5fTstKtMB8GA1UdIwQYMBaAFKvG+6S3hCg4eRkNxxfjS0zYgtoI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MkNFMy81RDc4OTlGNDQw NTkxMUVDQTBBRkFBNERDNEY5QUUwMi9xOGI3cExlRUtEaDVHUTNIRi1OTFROaUMy Z2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I0MUZFNjEwMUQ2NjExRTJBNjJGODc3Qzcy RkQxRkYyL3E4YjdwTGVFS0RoNUdRM0hGLU5MVE5pQzJnZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MkNFMy81RDc4OTlGNDQwNTkxMUVDQTBBRkFBNERDNEY5QUUwMi9xOGI3cExlRUtE aDVHUTNIRi1OTFROaUMyZ2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7iMoS4eESL6UUfqHJmeXrn4A41EMNHIaWkZgnBv5WQ7PmvpQzpZcV JW2A7rKQnVGO3L249oGff9VsRDBnxF36eRym9/1kvdbq9ft1NZ3wBoWcx7UXjQ2A Im1vadw8hxnzDAcA/guuyPsHIcamnjXVblbBgsQtLXMfQkIfWzVdaTC8X+nXfiI3 B2JNnNNADqxXiIwe1MtWzNXc0Y/cyxlj+SK5g6E1bTjRK1p5uCrTNC/dAe6FrDZU F/ccRTyP7cEegTDpgR0ZfAZcxVM9rtkytOWnjNZDT2PzKOu6NLkVpw/P8qUh/tpX UWlAth9TEAj445/EQsfyOY9QgKcFPoFb -----END CERTIFICATE-----Generated at Thu Oct 23 20:14:15 2025 by rpki-client