$ rpki-client -vvf rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft File: D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft (raw, json) Hash identifier: 9YSFXkAQWCjDzW0FD2kALhJL2tton+oRbQP32T3YpT8= Subject key identifier: BD:95:D1:83:1E:D7:CA:EE:C2:C2:89:78:F5:E7:0B:45:DD:92:A9:2D Authority key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 Certificate issuer: /CN=A911E0B4/serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Certificate serial: B2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft Manifest number: AF Signing time: Wed 05 Nov 2025 06:20:55 +0000 Manifest this update: Wed 05 Nov 2025 06:20:55 +0000 Manifest next update: Wed 12 Nov 2025 06:20:55 +0000 Files and hashes: 1: D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl (hash: 1A223LrAaAahrsTMTyOBLgNamvhzC3I2NlREmDEX76g=) 2: 5AF3ECBEAFBA11EF91955453C4F9AE02.roa (hash: x22vmPwJWZ5KhIsY5PtxJtvF9T7oNt50WfxUCDRwJlo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:20:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 178 (0xb2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E0B4, serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Validity Not Before: Nov 5 06:20:55 2025 GMT Not After : Nov 12 06:20:55 2025 GMT Subject: CN=690aecc7-522e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:b8:75:4b:1f:f1:08:e7:e0:da:09:ed:25:a8: c4:a6:0c:95:ee:71:3c:ec:74:3c:3e:42:19:de:56: 72:af:e1:f7:08:00:6b:c7:e3:11:17:7e:ce:0b:c1: 82:25:10:df:ee:fb:02:2f:09:58:f6:26:c3:3c:85: 1e:54:4c:42:58:01:0c:19:66:9d:8e:8e:07:8d:64: 53:8f:37:82:05:1b:a8:fa:df:15:4e:56:2e:81:c1: ff:47:b0:02:18:e1:2b:ce:93:52:ed:f6:85:18:97: 0a:0e:5a:f3:79:fe:69:46:cb:e3:6f:df:2d:aa:90: d3:e5:3a:1a:c5:ec:79:19:2f:18:2e:ce:85:be:dc: b0:67:7d:4b:50:eb:37:a2:6c:88:5f:1b:2a:74:67: 6a:c8:b6:01:a3:e8:6d:e1:f5:06:2d:30:83:f0:d6: 46:c0:db:76:05:36:c3:96:58:c9:e5:1c:8d:70:7d: 92:3b:2b:f8:19:4d:1b:be:c0:d9:66:f3:3c:d7:0c: 7e:24:b0:d0:97:f9:ed:c0:d2:e5:bb:7b:57:32:c4: 5a:f8:d5:8d:97:69:6a:e3:45:89:c4:63:5f:ff:a7: 11:b8:39:c9:f9:09:32:88:49:4a:57:fc:54:6c:aa: c2:7b:18:2b:0e:15:b7:95:fd:1a:03:24:c4:2a:00: 11:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:95:D1:83:1E:D7:CA:EE:C2:C2:89:78:F5:E7:0B:45:DD:92:A9:2D X509v3 Authority Key Identifier: keyid:0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 01:4e:94:f0:06:16:fb:34:5c:06:28:10:c4:cb:a0:9d:6d:a4: bb:8c:5e:e7:a4:56:52:64:b2:8a:3b:2e:11:d5:2d:96:e4:4a: 8a:19:a2:cd:64:f2:5b:92:89:39:2f:11:bb:91:8d:d3:34:ea: b6:ab:60:89:4c:00:47:7b:70:df:bb:6d:ad:75:d2:1f:6a:3a: 52:a8:05:5b:44:08:f6:b0:cf:db:8a:09:4c:d1:5e:ca:6d:ac: 86:5e:d3:75:28:09:86:76:68:ad:f3:e7:af:3a:d0:38:4a:68: 72:57:3f:73:e8:fc:8c:12:4c:fe:4a:1d:8e:e2:21:af:a8:50: 9a:b0:d5:db:78:8b:9b:40:bb:33:25:c0:9e:47:cf:2e:f2:02: 1f:89:01:58:10:15:97:f0:ed:8a:f6:b5:c9:b0:11:2c:26:36: c6:4a:27:79:da:25:ce:d1:30:b0:48:53:60:44:91:60:9c:1d: 3b:0b:5c:1a:2a:95:5a:14:f1:24:37:ce:c6:fe:ee:27:3c:14: 18:5f:e4:e6:fa:0d:1a:a0:70:8e:8a:89:78:48:6e:fd:04:9b: c0:6e:09:d2:48:b0:c4:1b:91:df:42:59:e4:d4:96:dc:65:e8: 14:44:03:fc:23:40:75:99:07:8e:f0:11:91:02:75:f7:5c:cb: 0d:a0:12:ef -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUUwQjQxMTAvBgNVBAUTKDBGRDQ0Mzc1MjFEQjVDMEJDOTlFNDVCNTk3NTRGRjdC NjcxRjg2RjMwHhcNMjUxMTA1MDYyMDU1WhcNMjUxMTEyMDYyMDU1WjAYMRYwFAYD VQQDEw02OTBhZWNjNy01MjJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAybh1Sx/xCOfg2gntJajEpgyV7nE87HQ8PkIZ3lZyr+H3CABrx+MRF37OC8GC JRDf7vsCLwlY9ibDPIUeVExCWAEMGWadjo4HjWRTjzeCBRuo+t8VTlYugcH/R7AC GOErzpNS7faFGJcKDlrzef5pRsvjb98tqpDT5Toaxex5GS8YLs6FvtywZ31LUOs3 omyIXxsqdGdqyLYBo+ht4fUGLTCD8NZGwNt2BTbDlljJ5RyNcH2SOyv4GU0bvsDZ ZvM81wx+JLDQl/ntwNLlu3tXMsRa+NWNl2lq40WJxGNf/6cRuDnJ+QkyiElKV/xU bKrCexgrDhW3lf0aAyTEKgAR1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2V0YMe 18ruwsKJePXnC0XdkqktMB8GA1UdIwQYMBaAFA/UQ3Uh21wLyZ5FtZdU/3tnH4bz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTBCNC9FOTY0ODlBRUFG MzgxMUVGQTIwREQwMTNDNEY5QUUwMi9EOVJEZFNIYlhBdkpua1cxbDFUX2UyY2Zo dk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Q5UkRkU0hiWEF2Sm5rVzFsMVRfZTJjZmh2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RTBCNC9FOTY0ODlBRUFGMzgxMUVGQTIwREQwMTNDNEY5QUUwMi9EOVJEZFNIYlhB dkpua1cxbDFUX2UyY2Zodk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQABTpTwBhb7NFwGKBDEy6CdbaS7jF7npFZSZLKKOy4R1S2W5EqKGaLN ZPJbkok5LxG7kY3TNOq2q2CJTABHe3Dfu22tddIfajpSqAVbRAj2sM/biglM0V7K bayGXtN1KAmGdmit8+evOtA4SmhyVz9z6PyMEkz+Sh2O4iGvqFCasNXbeIubQLsz JcCeR88u8gIfiQFYEBWX8O2K9rXJsBEsJjbGSid52iXO0TCwSFNgRJFgnB07C1wa KpVaFPEkN87G/u4nPBQYX+Tm+g0aoHCOiol4SG79BJvAbgnSSLDEG5HfQlnk1Jbc ZegURAP8I0B1mQeO8BGRAnX3XMsNoBLv -----END CERTIFICATE-----Generated at Wed Nov 5 13:55:28 2025 by rpki-client