$ rpki-client -vvf rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft File: 1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft (raw, json) Hash identifier: psggBkF62CcCyJF7boMuq7j1erzVHph0QNRx7q0IHCs= Subject key identifier: 0D:0C:98:22:8F:40:0E:21:74:22:85:FF:02:1E:DB:5D:F7:EF:81:6D Authority key identifier: D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 Certificate issuer: /CN=A917AAAD/serialNumber=D617D4710482C7F775752057DC8682259B319C78 Certificate serial: 0823 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft Manifest number: 0813 Signing time: Fri 24 Oct 2025 21:47:10 +0000 Manifest this update: Fri 24 Oct 2025 21:47:10 +0000 Manifest next update: Fri 31 Oct 2025 21:47:10 +0000 Files and hashes: 1: 1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl (hash: LPpkNbMesYVs689RD9Re/+bbmYDznsuIs8ix2ZKugT4=) 2: CB42F018F7C311EA8A722484C4F9AE02.roa (hash: +VXknte/mN+kJG0OMjeV9YUPJK6A2pn0gyb+jl0GEBE=) 3: CAB0B6B2F7C311EA8A722484C4F9AE02.roa (hash: rWjXWilCzwscxUrzYHy2y+RbO91zzbJS7wnbS9Z8TVM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 21:47:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2083 (0x823) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AAAD, serialNumber=D617D4710482C7F775752057DC8682259B319C78 Validity Not Before: Oct 24 21:47:10 2025 GMT Not After : Oct 31 21:47:10 2025 GMT Subject: CN=68fbf3de-bffd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:95:33:1e:df:9b:5c:e6:cb:fa:4b:4a:d4:f6:e4: e3:c5:76:ab:5c:5e:41:83:8c:b2:76:96:57:b7:23: 2a:8e:7e:15:20:93:1f:79:8d:13:03:c3:99:d4:97: 6a:0d:a9:27:fa:1e:b8:c7:a5:42:19:b2:f0:5a:05: 12:e8:74:b4:47:43:2d:f5:20:b6:a5:38:f5:28:c6: 62:e7:48:8f:5e:16:6e:e7:66:fc:c4:2f:55:33:b5: 53:17:c6:1b:d4:c4:00:6f:8d:0e:bd:73:3e:68:31: 2e:b6:fd:6f:0c:35:36:10:f8:71:cb:64:e0:2f:ae: be:84:4c:31:a6:41:a9:45:e1:e9:6e:e3:aa:83:a3: 88:76:e7:9f:91:2c:aa:3a:9d:f2:45:bd:d2:2f:00: 67:30:1e:6c:ab:3f:27:a7:f8:c5:fb:57:c4:b9:a5: d1:cb:74:7e:f2:6a:09:79:39:25:99:95:ae:4c:25: b0:e6:0b:8a:95:b8:cf:1b:e2:ea:fd:28:b2:96:b4: e7:f8:c8:07:39:5b:b0:4a:e0:38:3c:b3:12:41:3f: 34:bc:31:ae:b6:f4:f5:0e:c1:29:c5:01:d7:2d:13: 24:56:c0:c1:f5:81:af:a2:01:60:8d:c3:1e:b1:b3: a5:aa:4f:2f:38:4b:ef:95:ad:3e:e3:46:24:87:5e: 69:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0D:0C:98:22:8F:40:0E:21:74:22:85:FF:02:1E:DB:5D:F7:EF:81:6D X509v3 Authority Key Identifier: keyid:D6:17:D4:71:04:82:C7:F7:75:75:20:57:DC:86:82:25:9B:31:9C:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1hfUcQSCx_d1dSBX3IaCJZsxnHg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AAAD/E3B2B644F7C111EA8275CB66C4F9AE02/1hfUcQSCx_d1dSBX3IaCJZsxnHg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:44:36:c6:90:c1:b6:a1:f4:20:d9:21:d0:14:5c:0b:20:40: ff:f6:df:c6:9e:b7:00:69:9d:64:87:73:e7:6b:7e:e3:a2:59: 28:04:60:0b:c4:08:18:b0:b4:f4:5c:83:7d:56:6d:6c:ff:b8: 3f:95:2c:cb:00:6b:76:09:ac:1e:88:49:7a:a3:98:75:e2:6e: 41:c5:4c:94:1d:2f:1b:9f:7a:0b:c5:fd:c2:dd:72:1f:16:17: 23:38:6e:e8:ff:1e:a1:65:cc:7e:a6:29:14:7c:3e:22:0e:b8: 08:76:d9:2c:73:2b:ac:6b:c3:a0:98:4e:6b:cf:bd:f4:30:5d: e5:2d:84:a8:8e:ec:4d:70:8f:86:2f:b3:86:28:38:b1:82:31: 01:83:98:1c:e0:ad:f7:c0:97:a0:e0:b5:07:4c:ec:e0:b6:22: 75:43:cd:d9:c5:67:1f:0f:ed:6c:38:a1:68:e1:e9:1d:d1:08: 06:fa:8f:1d:d3:47:34:97:9e:35:c5:3a:01:36:d5:f9:2c:d7: 74:d9:48:ef:b4:4f:99:d6:b2:31:a5:51:58:54:42:8e:09:b0: be:56:6a:d3:ec:02:bf:28:d4:19:46:cf:da:5c:47:d5:f3:a8: f7:58:f2:51:ce:15:59:a9:3e:10:fe:45:56:fe:2c:8e:2b:6d: 27:a0:07:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCCMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FBQUQxMTAvBgNVBAUTKEQ2MTdENDcxMDQ4MkM3Rjc3NTc1MjA1N0RDODY4MjI1 OUIzMTlDNzgwHhcNMjUxMDI0MjE0NzEwWhcNMjUxMDMxMjE0NzEwWjAYMRYwFAYD VQQDEw02OGZiZjNkZS1iZmZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlTMe35tc5sv6S0rU9uTjxXarXF5Bg4yydpZXtyMqjn4VIJMfeY0TA8OZ1Jdq Dakn+h64x6VCGbLwWgUS6HS0R0Mt9SC2pTj1KMZi50iPXhZu52b8xC9VM7VTF8Yb 1MQAb40OvXM+aDEutv1vDDU2EPhxy2TgL66+hEwxpkGpReHpbuOqg6OIduefkSyq Op3yRb3SLwBnMB5sqz8np/jF+1fEuaXRy3R+8moJeTklmZWuTCWw5guKlbjPG+Lq /SiylrTn+MgHOVuwSuA4PLMSQT80vDGutvT1DsEpxQHXLRMkVsDB9YGvogFgjcMe sbOlqk8vOEvvla0+40Ykh15pVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA0MmCKP QA4hdCKF/wIe213374FtMB8GA1UdIwQYMBaAFNYX1HEEgsf3dXUgV9yGgiWbMZx4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUFBRC9FM0IyQjY0NEY3 QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hfZDFkU0JYM0lhQ0pac3hu SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFoZlVjUVNDeF9kMWRTQlgzSWFDSlpzeG5IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUFBRC9FM0IyQjY0NEY3QzExMUVBODI3NUNCNjZDNEY5QUUwMi8xaGZVY1FTQ3hf ZDFkU0JYM0lhQ0pac3huSGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCORDbGkMG2ofQg2SHQFFwLIED/9t/GnrcAaZ1kh3Pna37jolkoBGAL xAgYsLT0XIN9Vm1s/7g/lSzLAGt2CaweiEl6o5h14m5BxUyUHS8bn3oLxf3C3XIf FhcjOG7o/x6hZcx+pikUfD4iDrgIdtkscyusa8OgmE5rz730MF3lLYSojuxNcI+G L7OGKDixgjEBg5gc4K33wJeg4LUHTOzgtiJ1Q83ZxWcfD+1sOKFo4ekd0QgG+o8d 00c0l541xToBNtX5LNd02UjvtE+Z1rIxpVFYVEKOCbC+VmrT7AK/KNQZRs/aXEfV 86j3WPJRzhVZqT4Q/kVW/iyOK20noAeK -----END CERTIFICATE-----Generated at Sat Oct 25 08:03:01 2025 by rpki-client