$ rpki-client -vvf rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft File: dNRNlor0Y--xfAgNX60BDErAl6o.mft (raw, json) Hash identifier: hbkP5ylV9/gYawiT4eKhihJDZrOyTvDhg5m4CUx0ghg= Subject key identifier: DD:9B:B1:9E:BD:E6:59:31:E7:F5:78:A5:4F:7E:60:5F:2A:D4:0B:30 Authority key identifier: 74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA Certificate issuer: /CN=A917E0A8/serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Certificate serial: 0698 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft Manifest number: 068B Signing time: Mon 20 Oct 2025 20:16:18 +0000 Manifest this update: Mon 20 Oct 2025 20:16:17 +0000 Manifest next update: Mon 27 Oct 2025 20:16:17 +0000 Files and hashes: 1: dNRNlor0Y--xfAgNX60BDErAl6o.crl (hash: nYjyBczZ0yLL9DPpEUUrssFDZ4NAVvUTijQN8eZHH68=) 2: 11C0D5DA9B4011EB9C1BFC4EC4F9AE02.roa (hash: c7+1xl97Qj2WBa7uEaRi3C9ZQy4QYdknXZBQu0sbmag=) 3: F9C23E2A3ACB11EC9FEBB367C4F9AE02.roa (hash: nh7VvVbwlcEI7LPWlEzxHGSM7ZH4CPOm9G5I1MGrFHY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:16:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1688 (0x698) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E0A8, serialNumber=74D44D968AF463EFB17C080D5FAD010C4AC097AA Validity Not Before: Oct 20 20:16:17 2025 GMT Not After : Oct 27 20:16:17 2025 GMT Subject: CN=68f69892-91a1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:6c:74:d7:7e:a9:d6:8b:12:f8:bb:d5:d9:96: 0b:c7:8c:e8:d2:5b:01:24:c5:2f:85:72:ff:45:48: d8:b5:4b:31:b1:ac:80:8d:dd:85:c3:3a:0c:05:3e: 70:5b:ab:65:dd:35:9a:5e:8a:7c:c6:bd:4d:f7:e9: 25:3f:fc:50:c3:48:7f:77:c7:2e:99:2b:d3:bd:6a: c0:dc:d1:98:eb:96:17:62:ef:3d:29:ca:e2:fc:aa: a8:10:fd:f9:32:73:ed:1f:f6:1a:4c:44:3e:20:37: d4:a8:71:6e:24:57:eb:1f:13:ba:b4:d5:ec:f9:86: 1e:0d:ea:7d:86:b2:bb:f8:ec:84:30:a9:fa:04:2a: 16:5c:e8:df:ae:94:fb:70:f0:aa:3d:c8:20:35:6f: 21:e5:83:d7:8e:3e:66:89:04:80:71:8d:90:5f:75: 26:f3:72:bc:45:e0:86:21:72:70:0e:87:b8:ab:de: 3b:d4:7a:88:2a:99:5e:a2:a8:e3:f1:11:de:7c:d4: a3:57:80:0f:f1:a4:f3:43:59:01:f7:06:f5:45:b1: 44:b4:3d:59:2c:88:19:cf:9f:12:95:a0:30:ad:c8: c8:87:3e:65:3c:68:29:93:cc:47:1f:b6:08:3b:45: 43:9c:21:6e:32:76:24:b8:49:c2:8c:3c:83:7b:02: ba:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:9B:B1:9E:BD:E6:59:31:E7:F5:78:A5:4F:7E:60:5F:2A:D4:0B:30 X509v3 Authority Key Identifier: keyid:74:D4:4D:96:8A:F4:63:EF:B1:7C:08:0D:5F:AD:01:0C:4A:C0:97:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dNRNlor0Y--xfAgNX60BDErAl6o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E0A8/6EFC0BEE984C11EB8A41FA20C4F9AE02/dNRNlor0Y--xfAgNX60BDErAl6o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:76:00:9d:04:f9:b7:5b:ca:89:d0:18:6f:73:b4:de:eb:93: b3:6e:4c:b2:2c:77:e2:33:e9:60:87:f5:af:3a:e9:54:56:b2: e3:3e:33:54:b1:19:84:2c:5a:96:21:39:d4:1c:47:58:d7:2c: 94:98:5a:73:96:98:44:b9:ca:9d:f9:f7:d1:e2:05:09:01:20: 9b:62:46:ba:35:20:05:27:5d:bc:90:bf:72:0f:68:2a:85:e3: 2a:ee:2a:a5:0f:3a:10:2d:ae:57:39:8a:3e:eb:b2:19:7b:b6: 53:ef:28:19:02:f8:64:63:ea:f1:eb:55:e2:55:24:15:70:60: f0:a6:ba:74:d4:43:07:ce:1a:20:92:09:d8:80:4c:db:de:b4: c8:53:80:35:79:c5:94:98:65:27:3e:51:9b:80:00:07:55:01: 72:bd:64:d8:61:fe:14:30:fa:0c:22:07:e0:08:a2:5b:e6:2f: 7b:da:7a:50:39:b6:2c:a0:01:0c:5f:1c:3e:42:b1:37:9c:ab: fe:cf:3d:3b:48:30:72:49:8b:8e:af:f7:62:33:c9:71:c1:b3: fe:1d:ce:88:d7:60:c3:29:15:89:7c:ef:1d:9b:ae:e5:e3:6f: 34:94:4a:9f:0c:59:53:e2:a4:78:ba:d8:b4:1a:4e:0a:7d:7d: ef:9c:8c:1f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwQTgxMTAvBgNVBAUTKDc0RDQ0RDk2OEFGNDYzRUZCMTdDMDgwRDVGQUQwMTBD NEFDMDk3QUEwHhcNMjUxMDIwMjAxNjE3WhcNMjUxMDI3MjAxNjE3WjAYMRYwFAYD VQQDEw02OGY2OTg5Mi05MWExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwWx0136p1osS+LvV2ZYLx4zo0lsBJMUvhXL/RUjYtUsxsayAjd2FwzoMBT5w W6tl3TWaXop8xr1N9+klP/xQw0h/d8cumSvTvWrA3NGY65YXYu89Kcri/KqoEP35 MnPtH/YaTEQ+IDfUqHFuJFfrHxO6tNXs+YYeDep9hrK7+OyEMKn6BCoWXOjfrpT7 cPCqPcggNW8h5YPXjj5miQSAcY2QX3Um83K8ReCGIXJwDoe4q9471HqIKpleoqjj 8RHefNSjV4AP8aTzQ1kB9wb1RbFEtD1ZLIgZz58SlaAwrcjIhz5lPGgpk8xHH7YI O0VDnCFuMnYkuEnCjDyDewK66QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN2bsZ69 5lkx5/V4pU9+YF8q1AswMB8GA1UdIwQYMBaAFHTUTZaK9GPvsXwIDV+tAQxKwJeq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTBBOC82RUZDMEJFRTk4 NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFktLXhmQWdOWDYwQkRFckFs Nm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ROUk5sb3IwWS0teGZBZ05YNjBCREVyQWw2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTBBOC82RUZDMEJFRTk4NEMxMUVCOEE0MUZBMjBDNEY5QUUwMi9kTlJObG9yMFkt LXhmQWdOWDYwQkRFckFsNm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCddgCdBPm3W8qJ0Bhvc7Te65OzbkyyLHfiM+lgh/WvOulUVrLjPjNU sRmELFqWITnUHEdY1yyUmFpzlphEucqd+ffR4gUJASCbYka6NSAFJ128kL9yD2gq heMq7iqlDzoQLa5XOYo+67IZe7ZT7ygZAvhkY+rx61XiVSQVcGDwprp01EMHzhog kgnYgEzb3rTIU4A1ecWUmGUnPlGbgAAHVQFyvWTYYf4UMPoMIgfgCKJb5i972npQ ObYsoAEMXxw+QrE3nKv+zz07SDBySYuOr/diM8lxwbP+Hc6I12DDKRWJfO8dm67l 4280lEqfDFlT4qR4uti0Gk4KfX3vnIwf -----END CERTIFICATE-----Generated at Wed Oct 22 07:55:41 2025 by rpki-client