$ rpki-client -vvf rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft File: 4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft (raw, json) Hash identifier: QjTSbLNxv+/QlyfGGAEsQprqh138UnrO1rj2pVVT04U= Subject key identifier: E6:EB:1E:66:10:D9:C6:EA:B6:5C:37:7F:85:FE:92:88:AB:F4:F8:FD Authority key identifier: E0:CA:AD:17:C0:68:D8:60:2B:CC:EB:46:7B:45:55:10:BC:52:39:0E Certificate issuer: /CN=A9118799/serialNumber=E0CAAD17C068D8602BCCEB467B455510BC52390E Certificate serial: 1988 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft Manifest number: 1978 Signing time: Tue 04 Nov 2025 16:29:53 +0000 Manifest this update: Tue 04 Nov 2025 16:29:53 +0000 Manifest next update: Tue 11 Nov 2025 16:29:53 +0000 Files and hashes: 1: 4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl (hash: RrWm65Ke/FLZ5dqoIK9RBBiUpRfhkqhGMv9QZaWP+4A=) 2: 99AB821E859C11E7A1FEC80AC4F9AE02.roa (hash: BZMo2s4ILhSYw+N337H+VSwNBVHfcjC9wdr+2hur79I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:29:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6536 (0x1988) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118799, serialNumber=E0CAAD17C068D8602BCCEB467B455510BC52390E Validity Not Before: Nov 4 16:29:53 2025 GMT Not After : Nov 11 16:29:53 2025 GMT Subject: CN=690a2a01-1054 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:6f:4c:e0:f7:48:8d:b8:6f:4d:e6:0b:53:bc: da:e9:d7:f7:0d:89:46:3a:96:b4:e3:5c:77:0d:f2: e5:c1:b4:99:b5:f7:b3:62:f1:5d:4f:f6:33:8e:4b: 8c:01:90:4b:2e:9d:70:17:87:71:73:53:a0:17:43: 27:d7:3e:4b:95:35:57:a1:a2:34:d1:c9:3c:a2:3c: 56:0b:5a:6b:6e:b2:d4:b6:ba:71:1c:83:f5:d6:6e: 85:50:0b:2f:40:0b:31:16:fa:16:bb:d5:f7:0f:e7: 28:5c:ed:c1:7b:e0:a6:db:d0:ca:4f:e3:03:2b:49: fa:53:26:88:ab:ac:56:20:3d:aa:ae:a4:51:f9:43: ce:b6:57:87:75:d3:6a:e3:50:6a:1f:f1:c1:01:e4: 0c:9d:28:83:5b:d3:27:46:08:57:a8:81:ff:b0:8d: bf:5d:8c:76:b0:70:a9:ff:50:54:c2:b5:9a:dd:62: 44:cf:bc:fa:51:2f:10:a7:6a:c9:74:76:24:38:e1: 2a:dc:80:17:a0:bb:0b:49:35:e4:79:e2:2f:3c:ac: 04:f2:03:52:eb:2b:8a:1b:0c:71:37:00:26:78:fd: 1b:3d:44:70:9a:16:d3:30:f1:6a:cd:a3:7b:ac:cd: d3:0c:96:8e:2d:5f:e8:e2:5a:65:11:ff:26:0f:a3: 24:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:EB:1E:66:10:D9:C6:EA:B6:5C:37:7F:85:FE:92:88:AB:F4:F8:FD X509v3 Authority Key Identifier: keyid:E0:CA:AD:17:C0:68:D8:60:2B:CC:EB:46:7B:45:55:10:BC:52:39:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4MqtF8Bo2GArzOtGe0VVELxSOQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118799/3287BFA27EC711E7883E2E58C4F9AE02/4MqtF8Bo2GArzOtGe0VVELxSOQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:44:77:38:05:d9:ae:8c:c0:6b:4b:f8:c9:3a:65:4f:8c:e3: ca:9f:f9:68:fe:cd:88:b7:57:39:3b:40:d1:a0:ee:27:b0:30: 13:ea:38:10:22:62:4b:b3:48:cd:b2:27:31:0f:63:63:4b:fc: 44:a1:25:fa:0e:9d:16:ca:19:ca:49:0d:fe:d0:14:5e:a2:47: c3:31:b9:b8:a8:67:fb:a8:98:25:6f:5e:3e:dc:0f:9b:78:73: a7:9f:83:e7:6e:2d:e7:95:f1:b6:42:7c:28:2c:72:0b:1e:9d: 93:07:63:08:cb:8f:e0:17:61:f1:1b:74:6a:84:0d:61:cf:f8: 86:82:12:8c:a6:93:e5:da:9e:e3:31:d2:b8:cd:f6:e9:2c:a0: 65:2f:f4:1b:a3:4e:6f:59:1a:bb:8c:bc:c2:a7:be:62:36:be: aa:89:88:4c:6d:80:08:fb:ff:08:b7:55:92:f6:06:82:67:bf: ce:16:fb:05:01:b8:71:59:76:ef:d8:10:91:15:bb:b6:9a:62: 1e:50:61:4b:2b:d1:5b:a3:6a:63:5f:37:c7:66:28:57:69:97: 14:0c:99:23:aa:fd:4b:6a:73:3c:8d:1c:ce:7a:4e:27:17:68: 35:01:7f:6e:c1:46:1c:6f:58:aa:da:6e:61:9a:d6:a6:0d:dd: b9:31:3e:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTg3OTkxMTAvBgNVBAUTKEUwQ0FBRDE3QzA2OEQ4NjAyQkNDRUI0NjdCNDU1NTEw QkM1MjM5MEUwHhcNMjUxMTA0MTYyOTUzWhcNMjUxMTExMTYyOTUzWjAYMRYwFAYD VQQDEw02OTBhMmEwMS0xMDU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqW9M4PdIjbhvTeYLU7za6df3DYlGOpa041x3DfLlwbSZtfezYvFdT/YzjkuM AZBLLp1wF4dxc1OgF0Mn1z5LlTVXoaI00ck8ojxWC1prbrLUtrpxHIP11m6FUAsv QAsxFvoWu9X3D+coXO3Be+Cm29DKT+MDK0n6UyaIq6xWID2qrqRR+UPOtleHddNq 41BqH/HBAeQMnSiDW9MnRghXqIH/sI2/XYx2sHCp/1BUwrWa3WJEz7z6US8Qp2rJ dHYkOOEq3IAXoLsLSTXkeeIvPKwE8gNS6yuKGwxxNwAmeP0bPURwmhbTMPFqzaN7 rM3TDJaOLV/o4lplEf8mD6MkuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFObrHmYQ 2cbqtlw3f4X+koir9Pj9MB8GA1UdIwQYMBaAFODKrRfAaNhgK8zrRntFVRC8UjkO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODc5OS8zMjg3QkZBMjdF QzcxMUU3ODgzRTJFNThDNEY5QUUwMi80TXF0RjhCbzJHQXJ6T3RHZTBWVkVMeFNP UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRNcXRGOEJvMkdBcnpPdEdlMFZWRUx4U09RNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODc5OS8zMjg3QkZBMjdFQzcxMUU3ODgzRTJFNThDNEY5QUUwMi80TXF0RjhCbzJH QXJ6T3RHZTBWVkVMeFNPUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC4RHc4BdmujMBrS/jJOmVPjOPKn/lo/s2It1c5O0DRoO4nsDAT6jgQ ImJLs0jNsicxD2NjS/xEoSX6Dp0WyhnKSQ3+0BReokfDMbm4qGf7qJglb14+3A+b eHOnn4Pnbi3nlfG2QnwoLHILHp2TB2MIy4/gF2HxG3RqhA1hz/iGghKMppPl2p7j MdK4zfbpLKBlL/Qbo05vWRq7jLzCp75iNr6qiYhMbYAI+/8It1WS9gaCZ7/OFvsF AbhxWXbv2BCRFbu2mmIeUGFLK9Fbo2pjXzfHZihXaZcUDJkjqv1LanM8jRzOek4n F2g1AX9uwUYcb1iq2m5hmtamDd25MT50 -----END CERTIFICATE-----Generated at Tue Nov 4 19:05:15 2025 by rpki-client