$ rpki-client -vvf rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft File: -bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft (raw, json) Hash identifier: MwVXWvPcPT8YJw/yrNzw8j5ZJwsDvFGxRrW+tb5qX1k= Subject key identifier: AA:DF:3F:14:EB:3A:FB:5B:6B:8B:5A:C1:F0:28:C7:D9:54:E6:B1:07 Authority key identifier: F9:B9:75:16:1F:E2:EA:37:E0:E4:62:AD:5F:5B:8A:74:28:01:34:E6 Certificate issuer: /CN=A9121D73/serialNumber=F9B975161FE2EA37E0E462AD5F5B8A74280134E6 Certificate serial: 0BFA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft Manifest number: 0BF0 Signing time: Tue 04 Nov 2025 18:57:58 +0000 Manifest this update: Tue 04 Nov 2025 18:57:58 +0000 Manifest next update: Tue 11 Nov 2025 18:57:58 +0000 Files and hashes: 1: -bl1Fh_i6jfg5GKtX1uKdCgBNOY.crl (hash: iM7WCpfApJCbSiu0rgTDASvdUYPmZQVF4v6PaCGpw3o=) 2: 01A8B084262811EA8269E33EC4F9AE02.roa (hash: 3edR8k68PlyDLwSNioDrZi097Di1Z0qsLBIpivE7sS8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.crl rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:57:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3066 (0xbfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9121D73, serialNumber=F9B975161FE2EA37E0E462AD5F5B8A74280134E6 Validity Not Before: Nov 4 18:57:58 2025 GMT Not After : Nov 11 18:57:58 2025 GMT Subject: CN=690a4cb6-127f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:2b:68:ad:dd:a6:05:91:78:06:de:da:13:11: ba:fa:9b:a5:19:4d:1b:2f:2d:c6:6b:de:58:ea:e1: 30:fe:56:7c:cc:1b:3e:fc:d7:ea:b0:3f:48:53:e7: 04:e7:98:53:85:60:02:74:a2:02:a9:37:49:25:48: 23:28:01:c2:2a:8f:98:42:29:1e:e1:42:d3:30:21: 18:44:4b:26:5f:b7:e8:07:ae:8d:36:6b:9f:d8:40: e2:43:91:05:f0:2d:79:d7:26:f9:31:65:ce:8c:44: 82:60:7a:f5:1f:52:74:5b:3b:93:94:77:f2:e8:bb: 8b:e7:8e:67:e6:db:12:03:41:4c:11:1d:a3:6f:d8: 4f:7b:dd:ed:b8:b8:c6:8e:79:eb:c1:1b:50:f6:b1: 15:70:5d:a9:9c:72:27:3d:84:45:51:f8:2b:39:81: 65:8a:45:68:b5:aa:fe:1b:65:d5:86:88:a7:83:8d: a3:be:8e:2f:d4:ce:3c:4b:21:f1:74:50:14:19:41: 4e:f4:30:a9:ec:71:95:09:cc:57:a9:78:da:87:d2: 44:36:4d:93:a0:48:22:34:57:a3:a9:52:f1:eb:da: fa:78:45:7c:c1:23:d1:b2:52:d3:f5:92:b4:cd:7c: 8a:3e:88:67:bd:e2:a6:2e:ad:15:f9:c5:c4:cb:71: d4:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:DF:3F:14:EB:3A:FB:5B:6B:8B:5A:C1:F0:28:C7:D9:54:E6:B1:07 X509v3 Authority Key Identifier: keyid:F9:B9:75:16:1F:E2:EA:37:E0:E4:62:AD:5F:5B:8A:74:28:01:34:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9121D73/5CC66BD4262611EA8524E83BC4F9AE02/-bl1Fh_i6jfg5GKtX1uKdCgBNOY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:d0:3a:50:05:ff:a9:35:40:71:ed:45:8a:86:b9:06:25:cf: 75:d4:77:ef:01:27:97:4f:5c:c9:d0:4b:e2:0e:c8:71:03:dd: ea:df:23:1a:0e:92:49:0f:ac:45:29:b2:c8:66:2f:3c:e7:f1: 69:50:7c:4d:cb:5a:63:8d:80:95:01:6d:7a:11:f3:c4:92:87: e5:c1:2e:53:26:91:a5:b2:b3:55:64:94:82:d8:07:74:c8:3b: 52:68:61:c2:33:25:d0:ba:8d:97:94:76:85:2a:2d:bd:a5:e7: 09:46:15:6c:3d:cb:1b:41:1f:52:84:29:2d:b4:fa:c8:79:bd: 53:5f:7a:3d:b1:74:5e:7d:fb:41:b0:98:13:d7:15:83:03:fa: a4:c8:e5:c1:b4:7b:ec:2a:f5:c9:db:cb:54:5a:b1:7a:07:26: 43:51:a0:c9:23:60:cd:11:af:ef:47:3b:e8:d7:95:4c:fb:bb: dd:b9:2d:50:24:c5:5e:b9:8b:f7:e8:29:0a:63:06:9d:a4:b2: 23:8c:f1:65:14:f8:38:92:ef:50:7b:a0:35:8a:05:2e:d0:35: 26:08:b4:33:ab:79:8d:aa:62:ea:6c:b4:d8:e5:73:d1:92:03: 02:a1:f1:f6:6a:6a:56:4e:54:f9:c8:f4:82:fa:03:cc:49:af: de:a0:e9:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjFENzMxMTAvBgNVBAUTKEY5Qjk3NTE2MUZFMkVBMzdFMEU0NjJBRDVGNUI4QTc0 MjgwMTM0RTYwHhcNMjUxMTA0MTg1NzU4WhcNMjUxMTExMTg1NzU4WjAYMRYwFAYD VQQDEw02OTBhNGNiNi0xMjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtStord2mBZF4Bt7aExG6+pulGU0bLy3Ga95Y6uEw/lZ8zBs+/NfqsD9IU+cE 55hThWACdKICqTdJJUgjKAHCKo+YQike4ULTMCEYREsmX7foB66NNmuf2EDiQ5EF 8C151yb5MWXOjESCYHr1H1J0WzuTlHfy6LuL545n5tsSA0FMER2jb9hPe93tuLjG jnnrwRtQ9rEVcF2pnHInPYRFUfgrOYFlikVotar+G2XVhoing42jvo4v1M48SyHx dFAUGUFO9DCp7HGVCcxXqXjah9JENk2ToEgiNFejqVLx69r6eEV8wSPRslLT9ZK0 zXyKPohnveKmLq0V+cXEy3HUHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKrfPxTr Ovtba4tawfAox9lU5rEHMB8GA1UdIwQYMBaAFPm5dRYf4uo34ORirV9binQoATTm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMUQ3My81Q0M2NkJENDI2 MjYxMUVBODUyNEU4M0JDNEY5QUUwMi8tYmwxRmhfaTZqZmc1R0t0WDF1S2RDZ0JO T1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1ibDFGaF9pNmpmZzVHS3RYMXVLZENnQk5PWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MUQ3My81Q0M2NkJENDI2MjYxMUVBODUyNEU4M0JDNEY5QUUwMi8tYmwxRmhfaTZq Zmc1R0t0WDF1S2RDZ0JOT1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBG0DpQBf+pNUBx7UWKhrkGJc911HfvASeXT1zJ0EviDshxA93q3yMa DpJJD6xFKbLIZi885/FpUHxNy1pjjYCVAW16EfPEkoflwS5TJpGlsrNVZJSC2Ad0 yDtSaGHCMyXQuo2XlHaFKi29pecJRhVsPcsbQR9ShCkttPrIeb1TX3o9sXRefftB sJgT1xWDA/qkyOXBtHvsKvXJ28tUWrF6ByZDUaDJI2DNEa/vRzvo15VM+7vduS1Q JMVeuYv36CkKYwadpLIjjPFlFPg4ku9Qe6A1igUu0DUmCLQzq3mNqmLqbLTY5XPR kgMCofH2ampWTlT5yPSC+gPMSa/eoOlF -----END CERTIFICATE-----Generated at Wed Nov 5 13:55:21 2025 by rpki-client