$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft File: Ikchh2oR4tOkuYshvIT3jmT-yEY.mft (raw, json) Hash identifier: EZTPohS+6XimcaSyKV6tzcZawFf+i9sPH6Q4OQHkTmc= Subject key identifier: 13:7B:C1:7D:28:3B:79:A3:00:44:32:AD:E7:7B:D4:60:45:89:F9:C7 Authority key identifier: 22:47:21:87:6A:11:E2:D3:A4:B9:8B:21:BC:84:F7:8E:64:FE:C8:46 Certificate issuer: /CN=A91CEE6D/serialNumber=224721876A11E2D3A4B98B21BC84F78E64FEC846 Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft Manifest number: 18 Signing time: Wed 05 Nov 2025 08:02:56 +0000 Manifest this update: Wed 05 Nov 2025 08:02:55 +0000 Manifest next update: Wed 12 Nov 2025 08:02:55 +0000 Files and hashes: 1: Ikchh2oR4tOkuYshvIT3jmT-yEY.crl (hash: bhUvsLf59PYueAq7xb9UaKP5QuBUelEFSlsHQKlSvi8=) 2: 09F2A296A02E11F08BC71221C4F9AE02.roa (hash: 6x2cZtG1O8RYzD8OGoXsH+NShNfzIbk96k46lysq5xU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.crl rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:02:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEE6D, serialNumber=224721876A11E2D3A4B98B21BC84F78E64FEC846 Validity Not Before: Nov 5 08:02:55 2025 GMT Not After : Nov 12 08:02:55 2025 GMT Subject: CN=690b04af-c7f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:96:2a:01:21:30:8f:5f:ed:3f:4d:d8:36:e5: 96:cd:37:07:19:3b:d2:5e:55:f5:c8:03:d5:88:18: 13:01:b8:6b:ef:bd:dc:e2:3c:16:59:30:2d:bf:9a: b4:93:4a:69:63:08:96:5b:de:1f:e8:37:df:8d:76: 10:c9:a3:84:9d:52:aa:fe:e6:b8:0b:03:3c:6e:58: ff:13:79:a4:6d:3f:d4:4f:00:6a:62:00:e2:09:67: 81:3a:07:81:5f:f7:0a:1f:a9:7a:27:5b:db:27:35: da:40:5e:4b:39:b1:92:0b:c1:7c:73:1d:0d:7d:5c: ef:18:7c:80:24:e7:ee:ce:b7:54:16:d3:67:de:69: b7:c0:5b:71:8e:39:83:1b:d5:5d:21:4e:fb:36:ec: 6e:c1:c0:58:71:7b:bb:d1:3e:0b:15:19:e4:23:3e: 94:cb:dd:17:3e:37:6e:fe:74:1b:90:6d:fe:5c:f6: 0f:5e:b6:81:a6:95:4d:5e:fc:2f:51:4b:d7:85:ef: 4d:31:58:56:4b:f6:07:d4:6e:2b:04:5d:a7:67:0a: 5b:3e:4e:1f:95:19:5d:a7:b1:23:99:84:38:a0:17: 7f:cd:2a:4c:00:12:2a:be:77:e0:98:2f:21:b0:b8: 2a:bd:e5:58:7d:7f:9e:3b:cd:3e:84:8d:be:2c:ba: ee:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:7B:C1:7D:28:3B:79:A3:00:44:32:AD:E7:7B:D4:60:45:89:F9:C7 X509v3 Authority Key Identifier: keyid:22:47:21:87:6A:11:E2:D3:A4:B9:8B:21:BC:84:F7:8E:64:FE:C8:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Ikchh2oR4tOkuYshvIT3jmT-yEY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEE6D/51110AFE976511F0923A670CC4F9AE02/Ikchh2oR4tOkuYshvIT3jmT-yEY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:91:f8:3a:6f:a0:c8:35:d3:cd:0e:d5:9e:b5:cc:5f:10:e8: 88:4e:0b:31:f3:4e:5f:ec:52:a0:2f:45:e8:d7:0d:2f:f7:be: a9:5a:55:61:f8:b5:1f:1b:e4:7d:ee:71:ce:64:43:78:ae:3e: 07:b5:6f:ac:8c:4f:1c:d9:f1:84:3a:77:2e:1e:a0:82:29:e2: d4:ae:48:9d:ff:a6:13:2e:df:86:53:f1:9c:57:45:30:bf:1e: e4:8a:3c:87:07:8d:85:1d:25:0c:06:ac:80:55:97:f2:a4:92: a6:17:9b:9d:79:4b:61:cb:6a:88:a2:6e:b8:7f:87:34:6d:62: 93:de:8a:2f:87:f8:e7:3e:b1:e2:9b:62:ed:4b:ea:a8:ad:2b: 60:3b:f6:53:47:9c:c0:13:98:94:a8:ad:68:0b:ea:d1:9f:c9: 65:08:a4:36:1f:cd:fd:1f:34:57:c6:c5:26:ec:4a:2e:8b:86: 37:ff:a2:47:83:66:ce:1d:b4:60:14:b4:20:02:88:f3:ac:87: 38:23:0b:b6:30:7c:ec:bd:2f:23:bc:59:a8:a2:3e:13:1b:5b: 4d:52:ce:50:81:8d:f5:08:d1:d6:fd:41:fc:ad:f2:ff:c3:f2: 4b:a6:61:3b:ef:4d:80:bf:58:97:22:cf:65:2d:ae:73:55:6b: d0:c2:99:a7 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RUU2RDExMC8GA1UEBRMoMjI0NzIxODc2QTExRTJEM0E0Qjk4QjIxQkM4NEY3OEU2 NEZFQzg0NjAeFw0yNTExMDUwODAyNTVaFw0yNTExMTIwODAyNTVaMBgxFjAUBgNV BAMTDTY5MGIwNGFmLWM3ZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDYlioBITCPX+0/Tdg25ZbNNwcZO9JeVfXIA9WIGBMBuGvvvdziPBZZMC2/mrST SmljCJZb3h/oN9+NdhDJo4SdUqr+5rgLAzxuWP8TeaRtP9RPAGpiAOIJZ4E6B4Ff 9wofqXonW9snNdpAXks5sZILwXxzHQ19XO8YfIAk5+7Ot1QW02feabfAW3GOOYMb 1V0hTvs27G7BwFhxe7vRPgsVGeQjPpTL3Rc+N27+dBuQbf5c9g9etoGmlU1e/C9R S9eF700xWFZL9gfUbisEXadnCls+Th+VGV2nsSOZhDigF3/NKkwAEiq+d+CYLyGw uCq95Vh9f547zT6Ejb4suu6RAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUE3vBfSg7 eaMARDKt53vUYEWJ+ccwHwYDVR0jBBgwFoAUIkchh2oR4tOkuYshvIT3jmT+yEYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNFRTZELzUxMTEwQUZFOTc2 NTExRjA5MjNBNjcwQ0M0RjlBRTAyL0lrY2hoMm9SNHRPa3VZc2h2SVQzam1ULXlF WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWtjaGgyb1I0dE9rdVlzaHZJVDNqbVQteUVZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNF RTZELzUxMTEwQUZFOTc2NTExRjA5MjNBNjcwQ0M0RjlBRTAyL0lrY2hoMm9SNHRP a3VZc2h2SVQzam1ULXlFWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADeR+DpvoMg1080O1Z61zF8Q6IhOCzHzTl/sUqAvRejXDS/3vqlaVWH4 tR8b5H3ucc5kQ3iuPge1b6yMTxzZ8YQ6dy4eoIIp4tSuSJ3/phMu34ZT8ZxXRTC/ HuSKPIcHjYUdJQwGrIBVl/KkkqYXm515S2HLaoiibrh/hzRtYpPeii+H+Oc+seKb Yu1L6qitK2A79lNHnMATmJSorWgL6tGfyWUIpDYfzf0fNFfGxSbsSi6Lhjf/okeD Zs4dtGAUtCACiPOshzgjC7YwfOy9LyO8WaiiPhMbW01SzlCBjfUI0db9Qfyt8v/D 8kumYTvvTYC/WJciz2UtrnNVa9DCmac= -----END CERTIFICATE-----Generated at Wed Nov 5 18:14:07 2025 by rpki-client