$ rpki-client -vvf rpki.apnic.net/member_repository/A911F5CA/9E7C2CEE024F11EFAC65F577C4F9AE02/s9da4ezu9vkr0X0MSzZRjVvndvE.mft File: s9da4ezu9vkr0X0MSzZRjVvndvE.mft (raw, json) Hash identifier: 5WuPVbm/3oQu3c3crM7pm1lJjKhd2PRDsRXUfJ+gUYw= Subject key identifier: 9A:D9:D3:A2:E3:C5:9D:4F:5E:15:E7:AC:71:93:BB:61:C5:B4:45:C6 Authority key identifier: B3:D7:5A:E1:EC:EE:F6:F9:2B:D1:7D:0C:4B:36:51:8D:5B:E7:76:F1 Certificate issuer: /CN=A911F5CA/serialNumber=B3D75AE1ECEEF6F92BD17D0C4B36518D5BE776F1 Certificate serial: 0128 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/s9da4ezu9vkr0X0MSzZRjVvndvE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F5CA/9E7C2CEE024F11EFAC65F577C4F9AE02/s9da4ezu9vkr0X0MSzZRjVvndvE.mft Manifest number: 0123 Signing time: Wed 05 Nov 2025 04:54:29 +0000 Manifest this update: Wed 05 Nov 2025 04:54:28 +0000 Manifest next update: Wed 12 Nov 2025 04:54:28 +0000 Files and hashes: 1: s9da4ezu9vkr0X0MSzZRjVvndvE.crl (hash: Qhfg/v3vLxizbqyn31/lifLWfuOOxaRF4lUW3qS5gfs=) 2: 9D44176C781211F09ADE4979C4F9AE02.roa (hash: jXqxc10SyUCzWVj9PPPMNw2b7v248uGR+j4feRoYBdI=) 3: C591C650781311F080669C0EC4F9AE02.roa (hash: WdqV1sxOirOUn9ZhlZhPe2M8qixZkx77pHk6AUB3MBw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F5CA/9E7C2CEE024F11EFAC65F577C4F9AE02/s9da4ezu9vkr0X0MSzZRjVvndvE.crl rsync://rpki.apnic.net/member_repository/A911F5CA/9E7C2CEE024F11EFAC65F577C4F9AE02/s9da4ezu9vkr0X0MSzZRjVvndvE.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/s9da4ezu9vkr0X0MSzZRjVvndvE.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:54:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F5CA, serialNumber=B3D75AE1ECEEF6F92BD17D0C4B36518D5BE776F1 Validity Not Before: Nov 5 04:54:28 2025 GMT Not After : Nov 12 04:54:28 2025 GMT Subject: CN=690ad884-9ecc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:c0:b3:36:a6:75:48:5c:e6:b8:fb:7e:f1:06: 66:05:ef:9e:19:60:9a:ab:95:0d:78:89:4e:e6:46: c0:64:22:9e:4f:07:25:fa:e9:21:df:4c:76:33:4b: 42:4e:9b:22:8b:5f:54:1b:f8:01:91:0e:56:1b:61: d6:d4:6c:31:d5:cf:77:92:d3:af:f6:f5:d6:4d:ac: d3:75:c7:c9:da:a9:d1:61:00:a6:4d:37:05:7d:5c: d0:a5:2a:91:ec:7f:8d:0c:43:36:c0:c4:20:b0:9c: de:44:94:83:80:80:e0:60:fc:4b:b9:81:ef:a4:86: 49:94:4d:17:ff:a0:06:39:64:76:d3:2d:f4:e9:91: 23:ff:e7:65:6f:2f:e1:04:43:90:73:be:cc:3b:64: 6e:90:cb:d2:f3:b4:5f:36:49:d5:26:20:f3:af:80: 17:1c:e3:0b:56:2c:6a:ba:6d:54:d0:3d:59:94:ee: 3e:0b:2e:39:3b:1d:26:0b:f3:e5:85:86:72:55:62: d1:78:43:30:11:2c:97:7a:37:37:1c:c6:d9:5f:e3: f6:be:2f:32:33:49:dc:bc:90:02:0f:02:62:3b:65: ae:20:5a:56:ce:f9:68:4a:54:c0:8d:ff:05:ec:0b: fe:eb:fc:60:45:e0:e0:89:95:2f:97:66:25:cf:21: a5:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:D9:D3:A2:E3:C5:9D:4F:5E:15:E7:AC:71:93:BB:61:C5:B4:45:C6 X509v3 Authority Key Identifier: keyid:B3:D7:5A:E1:EC:EE:F6:F9:2B:D1:7D:0C:4B:36:51:8D:5B:E7:76:F1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F5CA/9E7C2CEE024F11EFAC65F577C4F9AE02/s9da4ezu9vkr0X0MSzZRjVvndvE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/s9da4ezu9vkr0X0MSzZRjVvndvE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F5CA/9E7C2CEE024F11EFAC65F577C4F9AE02/s9da4ezu9vkr0X0MSzZRjVvndvE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:8e:08:cf:37:31:1f:73:ef:d9:80:f9:5c:b3:ca:f9:2d:c7: 69:72:8b:b6:9d:c1:dd:fa:b6:9e:f8:59:14:36:6c:dd:b4:c1: 04:63:96:3c:dc:97:8e:12:6b:65:9f:70:d3:46:d7:97:b5:af: a2:54:38:4d:ef:47:49:3d:cc:ec:97:40:01:19:7f:86:d9:73: 0b:0d:95:3c:84:92:e9:91:cf:d0:8c:14:82:b0:89:27:be:73: de:85:13:38:e3:80:ec:87:cd:5b:e2:99:62:1e:91:c3:a5:62: d9:6f:75:2f:89:52:c4:60:d2:d4:b1:9d:9e:2a:f9:d6:19:4d: bc:d8:58:63:33:76:61:68:2b:2b:34:32:8f:9c:ce:cd:99:11: 7d:d4:23:8d:a5:70:75:a0:22:b6:b8:d6:76:39:53:37:a6:c1: 05:17:cd:aa:9a:c2:2f:22:b5:95:a0:ec:53:fa:a6:89:a4:79: ae:f6:9c:0c:0e:dd:7a:04:a1:2e:1f:93:3e:76:27:3f:32:cf: 1c:88:dd:55:1e:85:12:6e:55:08:fb:ac:df:11:5e:b9:cc:4f: 29:4f:93:d0:96:51:1f:b3:83:1a:56:e2:6a:43:d5:61:bf:79: 0d:94:56:c3:cc:12:9f:6e:a6:00:88:99:e4:9a:b4:d5:eb:f7: b1:aa:0b:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUY1Q0ExMTAvBgNVBAUTKEIzRDc1QUUxRUNFRUY2RjkyQkQxN0QwQzRCMzY1MThE NUJFNzc2RjEwHhcNMjUxMTA1MDQ1NDI4WhcNMjUxMTEyMDQ1NDI4WjAYMRYwFAYD VQQDEw02OTBhZDg4NC05ZWNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoMCzNqZ1SFzmuPt+8QZmBe+eGWCaq5UNeIlO5kbAZCKeTwcl+ukh30x2M0tC Tpsii19UG/gBkQ5WG2HW1Gwx1c93ktOv9vXWTazTdcfJ2qnRYQCmTTcFfVzQpSqR 7H+NDEM2wMQgsJzeRJSDgIDgYPxLuYHvpIZJlE0X/6AGOWR20y306ZEj/+dlby/h BEOQc77MO2RukMvS87RfNknVJiDzr4AXHOMLVixqum1U0D1ZlO4+Cy45Ox0mC/Pl hYZyVWLReEMwESyXejc3HMbZX+P2vi8yM0ncvJACDwJiO2WuIFpWzvloSlTAjf8F 7Av+6/xgReDgiZUvl2YlzyGldQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJrZ06Lj xZ1PXhXnrHGTu2HFtEXGMB8GA1UdIwQYMBaAFLPXWuHs7vb5K9F9DEs2UY1b53bx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjVDQS85RTdDMkNFRTAy NEYxMUVGQUM2NUY1NzdDNEY5QUUwMi9zOWRhNGV6dTl2a3IwWDBNU3paUmpWdm5k dkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3M5ZGE0ZXp1OXZrcjBYME1TelpSalZ2bmR2RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RjVDQS85RTdDMkNFRTAyNEYxMUVGQUM2NUY1NzdDNEY5QUUwMi9zOWRhNGV6dTl2 a3IwWDBNU3paUmpWdm5kdkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFjgjPNzEfc+/ZgPlcs8r5Lcdpcou2ncHd+rae+FkUNmzdtMEEY5Y8 3JeOEmtln3DTRteXta+iVDhN70dJPczsl0ABGX+G2XMLDZU8hJLpkc/QjBSCsIkn vnPehRM444Dsh81b4pliHpHDpWLZb3UviVLEYNLUsZ2eKvnWGU282FhjM3ZhaCsr NDKPnM7NmRF91CONpXB1oCK2uNZ2OVM3psEFF82qmsIvIrWVoOxT+qaJpHmu9pwM Dt16BKEuH5M+dic/Ms8ciN1VHoUSblUI+6zfEV65zE8pT5PQllEfs4MaVuJqQ9Vh v3kNlFbDzBKfbqYAiJnkmrTV6/exqguF -----END CERTIFICATE-----Generated at Wed Nov 5 23:50:38 2025 by rpki-client