$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft File: xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft (raw, json) Hash identifier: xrr6GmeWrpa9Qv243gEtRJyTN96qIr0JiPt8AfbNAwk= Subject key identifier: B6:04:64:24:67:5A:5E:B2:C0:B5:FD:6A:D1:7F:26:16:38:A9:5C:C6 Authority key identifier: C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E Certificate issuer: /CN=A9125C22/serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Certificate serial: 06BE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft Manifest number: 06B9 Signing time: Sun 02 Nov 2025 22:09:08 +0000 Manifest this update: Sun 02 Nov 2025 22:09:08 +0000 Manifest next update: Sun 09 Nov 2025 22:09:08 +0000 Files and hashes: 1: xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl (hash: RVve8Lr2yqkE/TcRoEe9pN/f1Yspnuo4yx5lgFRIE2Y=) 2: 485D694A454911EEB8718378C4F9AE02.roa (hash: 8goNJpX3SWLmR+a+Wvt1jnrzs1RIuPAmcWPIzJu1GEE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:09:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1726 (0x6be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C22, serialNumber=C70B4E047CAA737724B89D584DB5C0C1A858D28E Validity Not Before: Nov 2 22:09:08 2025 GMT Not After : Nov 9 22:09:08 2025 GMT Subject: CN=6907d684-8979 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:d5:40:f8:9e:de:44:aa:7f:8f:21:81:a8:48: fd:43:99:57:00:fe:49:1d:30:b9:6f:e1:a8:10:be: 53:13:44:08:13:57:92:c3:47:50:6a:ac:61:7a:6d: 74:fd:27:09:a5:b8:06:0d:4e:bb:eb:13:21:87:3f: 2f:de:73:d5:f4:d3:3c:39:91:be:57:93:67:19:f1: 80:7d:f6:60:74:8b:cb:e4:53:c5:b5:30:88:f5:e0: f2:38:ae:a0:4d:d8:0f:ea:0c:79:5a:65:35:df:cd: 69:a0:36:44:dd:02:1f:53:0b:c0:be:aa:a7:a9:18: 31:65:a1:26:29:4f:0c:86:0f:c5:ab:81:bb:61:0e: 25:05:75:9d:0b:48:83:a4:db:ef:78:fd:d6:69:6c: 55:58:ab:79:d6:19:e5:0e:f5:13:8e:e0:ee:82:69: 18:4e:6d:bf:7b:cb:74:d4:7b:37:3d:6f:0b:6c:e2: a0:cb:47:dd:99:b9:f6:3d:52:b4:31:72:fc:34:d2: 09:5a:03:a5:70:a9:9d:06:3c:6c:35:59:62:b3:db: d8:ad:5b:d5:0d:5f:fb:69:5f:c0:55:c6:3a:47:c1: 9b:c7:61:81:b9:35:f4:ca:c8:4d:09:e7:9f:06:61: 6f:09:25:ac:79:a1:79:48:d1:94:47:44:bb:8f:11: 28:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B6:04:64:24:67:5A:5E:B2:C0:B5:FD:6A:D1:7F:26:16:38:A9:5C:C6 X509v3 Authority Key Identifier: keyid:C7:0B:4E:04:7C:AA:73:77:24:B8:9D:58:4D:B5:C0:C1:A8:58:D2:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/xwtOBHyqc3ckuJ1YTbXAwahY0o4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C22/FACCBC5C7FAD11EB977B5335C4F9AE02/xwtOBHyqc3ckuJ1YTbXAwahY0o4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:3a:d9:df:67:0f:fd:90:7c:9b:87:04:dc:42:ea:de:89:9c: 07:9f:0f:ab:a5:52:7b:fa:5e:0f:e3:51:da:8a:cc:c2:8a:59: ec:bc:47:47:9a:7d:6e:fa:14:72:95:ac:cf:bb:b2:1f:35:9b: 9e:8d:13:de:d8:73:f2:ad:e2:ff:19:6f:c9:fd:26:ab:bd:91: 7e:b4:ef:c5:85:ed:56:34:8c:2b:07:c5:41:bb:fc:c3:2b:21: 54:47:63:3b:6c:f1:e7:0f:e4:b2:39:c5:d7:ff:c4:cb:ab:41: 66:9c:e3:7b:5d:17:01:d1:3d:da:f8:30:29:bd:6f:73:16:a9: 62:40:ae:3b:f9:39:13:f2:b7:f6:ed:68:3e:bd:75:79:ad:12: d9:0d:e4:a8:ab:82:79:88:17:87:5e:a5:c7:c4:f4:67:c5:b0: 59:cc:2a:91:47:87:05:05:af:c2:bc:4b:f5:e7:d2:7e:2d:a1: c9:0a:f0:64:c8:d5:ca:88:a4:77:7b:25:80:50:54:59:f1:e4: 13:b4:27:ae:b4:df:f6:54:29:47:71:8b:89:c2:a8:fc:76:8e: 51:87:d8:3f:7f:b1:b4:8e:21:73:07:20:d6:ba:8d:d3:84:72: b7:d6:0c:25:a9:ea:4e:d8:23:88:c6:b9:bf:ac:b1:22:6e:07: ec:90:53:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBr4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMjIxMTAvBgNVBAUTKEM3MEI0RTA0N0NBQTczNzcyNEI4OUQ1ODREQjVDMEMx QTg1OEQyOEUwHhcNMjUxMTAyMjIwOTA4WhcNMjUxMTA5MjIwOTA4WjAYMRYwFAYD VQQDEw02OTA3ZDY4NC04OTc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv9VA+J7eRKp/jyGBqEj9Q5lXAP5JHTC5b+GoEL5TE0QIE1eSw0dQaqxhem10 /ScJpbgGDU676xMhhz8v3nPV9NM8OZG+V5NnGfGAffZgdIvL5FPFtTCI9eDyOK6g TdgP6gx5WmU1381poDZE3QIfUwvAvqqnqRgxZaEmKU8Mhg/Fq4G7YQ4lBXWdC0iD pNvveP3WaWxVWKt51hnlDvUTjuDugmkYTm2/e8t01Hs3PW8LbOKgy0fdmbn2PVK0 MXL8NNIJWgOlcKmdBjxsNVlis9vYrVvVDV/7aV/AVcY6R8Gbx2GBuTX0yshNCeef BmFvCSWseaF5SNGUR0S7jxEoowIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLYEZCRn Wl6ywLX9atF/JhY4qVzGMB8GA1UdIwQYMBaAFMcLTgR8qnN3JLidWE21wMGoWNKO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMyMi9GQUNDQkM1QzdG QUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMzY2t1SjFZVGJYQXdhaFkw bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3h3dE9CSHlxYzNja3VKMVlUYlhBd2FoWTBvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMyMi9GQUNDQkM1QzdGQUQxMUVCOTc3QjUzMzVDNEY5QUUwMi94d3RPQkh5cWMz Y2t1SjFZVGJYQXdhaFkwbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/OtnfZw/9kHybhwTcQureiZwHnw+rpVJ7+l4P41HaiszCilnsvEdH mn1u+hRylazPu7IfNZuejRPe2HPyreL/GW/J/SarvZF+tO/Fhe1WNIwrB8VBu/zD KyFUR2M7bPHnD+SyOcXX/8TLq0FmnON7XRcB0T3a+DApvW9zFqliQK47+TkT8rf2 7Wg+vXV5rRLZDeSoq4J5iBeHXqXHxPRnxbBZzCqRR4cFBa/CvEv159J+LaHJCvBk yNXKiKR3eyWAUFRZ8eQTtCeutN/2VClHcYuJwqj8do5Rh9g/f7G0jiFzByDWuo3T hHK31gwlqepO2COIxrm/rLEibgfskFPj -----END CERTIFICATE-----Generated at Tue Nov 4 19:11:08 2025 by rpki-client