$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft File: 0aHv0iQTWusJg56ovbjNxZnOZX8.mft (raw, json) Hash identifier: N2JeyIx7dOIIBSLzKbftsoyfL/5AnTDGqitFOSG8EUY= Subject key identifier: 9A:43:6B:80:08:17:27:46:88:90:8C:8A:0C:F3:C2:AB:2F:73:45:B5 Authority key identifier: D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F Certificate issuer: /CN=A917D9FC/serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Certificate serial: 04DA Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft Manifest number: 04D5 Signing time: Fri 24 Oct 2025 16:52:09 +0000 Manifest this update: Fri 24 Oct 2025 16:52:08 +0000 Manifest next update: Fri 31 Oct 2025 16:52:08 +0000 Files and hashes: 1: 0aHv0iQTWusJg56ovbjNxZnOZX8.crl (hash: czWRfhwLRt8tWRV548rK0UgKt4pwgWAYI1u2BoO1aQk=) 2: AD94C92242BA11ECB1E8FF11C4F9AE02.roa (hash: v+UfHJBNUMJhgU+Hq/Ni7UlIWeTPSw4kY7gKtnOeoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 16:52:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1242 (0x4da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Validity Not Before: Oct 24 16:52:08 2025 GMT Not After : Oct 31 16:52:08 2025 GMT Subject: CN=68fbaeb8-1cf6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:41:2c:dc:0e:8f:65:a6:00:f9:2e:7d:09:85: 0e:73:95:ab:00:5c:ad:fa:af:57:7d:2e:df:66:0f: 01:41:a1:f3:4e:6c:3c:9f:73:32:a2:79:79:fd:22: 63:7c:76:cc:db:a3:e5:42:b3:95:61:36:06:68:ed: 75:4b:cd:1d:9c:9f:dd:1d:f1:87:5e:b6:25:92:c5: 9e:a4:5b:42:d9:63:ce:25:5f:ed:ac:02:e4:76:ed: 87:bd:12:ef:bd:07:70:a2:7d:fd:93:1e:9e:65:95: 54:96:2b:c0:2e:1a:7c:02:67:f1:26:58:aa:a2:6d: ac:12:24:21:21:12:86:d0:3b:30:78:c8:47:94:12: b0:f5:d3:72:fe:70:1e:0f:9f:3d:78:b2:20:c7:6c: 21:43:2c:45:5d:e3:3c:8d:7a:cb:e8:3c:dd:34:59: ae:9a:35:06:6f:68:aa:f5:59:e3:b3:db:18:16:b2: fb:df:1b:ee:76:57:b7:30:5b:45:29:4f:e2:5d:4d: 7e:7b:54:84:c9:60:ef:0e:5c:aa:dd:66:b8:79:ef: 0a:d1:35:d5:25:60:b7:b3:fe:85:84:0c:14:5f:c3: fd:0a:6c:57:9a:f2:54:8e:72:52:e8:e7:e5:13:64: f5:96:98:aa:c2:45:b0:06:3b:be:6c:c3:df:40:93: e6:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:43:6B:80:08:17:27:46:88:90:8C:8A:0C:F3:C2:AB:2F:73:45:B5 X509v3 Authority Key Identifier: keyid:D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:d4:ba:77:7e:0f:73:26:b7:f9:61:4a:ef:4b:11:3c:82:0d: aa:b5:f3:fd:d5:0e:3a:af:37:27:5d:0f:c1:9b:45:92:1c:7e: 5e:3f:cd:df:a0:ae:1f:cf:df:ce:14:11:73:c1:41:14:d7:df: e3:c3:1d:47:11:11:b5:6b:da:92:78:3c:12:36:b0:d2:ef:e9: cc:b3:bc:d1:4b:b4:b3:3e:be:a9:f0:4e:83:3b:e3:c9:4a:8b: 77:7d:a6:7e:17:e1:f8:15:2d:44:1e:03:dc:5d:fb:c7:05:10: 3a:84:44:14:c7:8d:fb:33:d7:74:1c:0d:be:b4:dc:2e:9a:79: 54:73:96:2a:80:c0:07:70:d1:6f:6c:eb:c6:23:41:92:fa:bc: b6:71:34:91:41:a7:47:05:75:31:59:57:a7:f8:7a:51:f1:e1: 0f:aa:0b:ab:5f:5d:1e:62:c2:8f:e6:6c:48:2b:1a:6a:77:ba: 3a:69:76:a4:a0:71:3b:2d:b9:05:e3:fd:df:12:a7:52:ce:18: 9f:89:fa:f7:75:cc:87:87:83:b7:16:11:4e:39:21:25:35:69: d6:6b:78:88:66:3a:8a:4b:af:ed:d0:10:10:25:45:8b:6e:bd: 00:01:58:1e:8f:71:81:17:e3:d5:e5:41:8a:3b:92:f7:91:f0: 41:f0:7a:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKEQxQTFFRkQyMjQxMzVBRUIwOTgzOUVBOEJEQjhDREM1 OTlDRTY1N0YwHhcNMjUxMDI0MTY1MjA4WhcNMjUxMDMxMTY1MjA4WjAYMRYwFAYD VQQDEw02OGZiYWViOC0xY2Y2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzEEs3A6PZaYA+S59CYUOc5WrAFyt+q9XfS7fZg8BQaHzTmw8n3Myonl5/SJj fHbM26PlQrOVYTYGaO11S80dnJ/dHfGHXrYlksWepFtC2WPOJV/trALkdu2HvRLv vQdwon39kx6eZZVUlivALhp8AmfxJliqom2sEiQhIRKG0DsweMhHlBKw9dNy/nAe D589eLIgx2whQyxFXeM8jXrL6DzdNFmumjUGb2iq9Vnjs9sYFrL73xvudle3MFtF KU/iXU1+e1SEyWDvDlyq3Wa4ee8K0TXVJWC3s/6FhAwUX8P9CmxXmvJUjnJS6Ofl E2T1lpiqwkWwBju+bMPfQJPm5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJpDa4AI FydGiJCMigzzwqsvc0W1MB8GA1UdIwQYMBaAFNGh79IkE1rrCYOeqL24zcWZzmV/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy83QTMwMkQwMDQy QjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1c0pnNTZvdmJqTnhabk9a WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBhSHYwaVFUV3VzSmc1Nm92YmpOeFpuT1pYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlGQy83QTMwMkQwMDQyQjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1 c0pnNTZvdmJqTnhabk9aWDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAK1Lp3fg9zJrf5YUrvSxE8gg2qtfP91Q46rzcnXQ/Bm0WSHH5eP83f oK4fz9/OFBFzwUEU19/jwx1HERG1a9qSeDwSNrDS7+nMs7zRS7SzPr6p8E6DO+PJ Sot3faZ+F+H4FS1EHgPcXfvHBRA6hEQUx437M9d0HA2+tNwumnlUc5YqgMAHcNFv bOvGI0GS+ry2cTSRQadHBXUxWVen+HpR8eEPqgurX10eYsKP5mxIKxpqd7o6aXak oHE7LbkF4/3fEqdSzhififr3dcyHh4O3FhFOOSElNWnWa3iIZjqKS6/t0BAQJUWL br0AAVgej3GBF+PV5UGKO5L3kfBB8Hrl -----END CERTIFICATE-----Generated at Sat Oct 25 09:04:28 2025 by rpki-client