$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft File: U2uRsXtuG7FjjINYoPpepdDr77c.mft (raw, json) Hash identifier: I/jvvaJ1qp0yXd3YGtYjPHpLeMDE+83EuG3vbfOQHeg= Subject key identifier: 48:B8:3E:35:42:C7:38:40:34:96:11:18:BD:61:CE:B8:59:A4:6B:DE Authority key identifier: 53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7 Certificate issuer: /CN=A9125C3D/serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7 Certificate serial: 01D2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft Manifest number: 01CE Signing time: Wed 05 Nov 2025 00:43:09 +0000 Manifest this update: Wed 05 Nov 2025 00:43:08 +0000 Manifest next update: Wed 12 Nov 2025 00:43:08 +0000 Files and hashes: 1: U2uRsXtuG7FjjINYoPpepdDr77c.crl (hash: 2GhEfs+arutN7wfKD6HU6mrJTryt5+F+EWCfxSDdAtE=) 2: 234074FA00DD11EE95AF6F7CC4F9AE02.roa (hash: QkSv3Gc4gFnkTdv0FIFvYm4Nr0fb1nmO7PWxNtFWscE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.crl rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:43:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 466 (0x1d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C3D, serialNumber=536B91B17B6E1BB1638C8358A0FA5EA5D0EBEFB7 Validity Not Before: Nov 5 00:43:08 2025 GMT Not After : Nov 12 00:43:08 2025 GMT Subject: CN=690a9d9d-27af Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:91:1f:e4:c5:38:d9:36:e1:93:a2:57:13:c6: 92:39:c0:ef:3a:38:aa:f2:7d:45:47:1f:98:31:9b: ae:39:fb:af:44:5b:21:d2:17:f7:3a:d7:1b:cf:ea: 81:4b:fd:7f:64:da:5b:31:46:5b:31:0b:69:d7:88: 0d:89:67:09:c2:3a:f4:96:76:bc:3e:07:7a:9a:d7: 8b:df:4b:37:b5:7c:95:84:99:ab:05:ec:0a:d0:df: ee:9e:cb:36:27:17:e7:17:fd:06:22:d4:cb:25:11: 33:a4:48:71:ed:92:53:1f:fa:c7:61:18:ab:ef:fd: 77:b1:f5:d8:cc:ce:31:d1:07:58:e2:2c:4c:cd:1d: 5f:6b:b7:22:29:84:82:27:bd:dd:93:58:16:36:76: 2d:de:5e:2a:e5:84:7a:ac:10:af:01:e0:bf:2d:d3: 9f:5a:71:7f:ae:1d:63:df:b0:b5:3b:5d:a9:7e:b9: 5b:85:98:66:fc:d5:cc:9a:93:ae:cf:f3:e4:00:ea: c8:f9:21:4b:a6:c0:16:bd:c5:99:da:06:a0:e7:97: 5e:71:78:dd:6b:4f:50:69:b7:b6:11:a4:c8:ed:52: fb:84:18:b9:6d:13:25:5f:8a:6a:d0:bb:0d:83:eb: 40:9a:78:0a:38:5b:09:20:11:f2:a9:d2:51:73:77: 10:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:B8:3E:35:42:C7:38:40:34:96:11:18:BD:61:CE:B8:59:A4:6B:DE X509v3 Authority Key Identifier: keyid:53:6B:91:B1:7B:6E:1B:B1:63:8C:83:58:A0:FA:5E:A5:D0:EB:EF:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U2uRsXtuG7FjjINYoPpepdDr77c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C3D/2323FD8000D711EE93CB0F7EC4F9AE02/U2uRsXtuG7FjjINYoPpepdDr77c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:46:5f:b5:f4:2a:96:ed:94:71:bd:4c:a9:80:6b:c3:da:c1: 5e:5d:17:80:b6:61:67:8e:29:20:9c:48:c3:11:2d:9f:c4:6c: ce:5c:b2:dd:df:0e:ed:9f:e3:bc:1e:9d:73:e9:06:40:46:8e: 7e:84:0a:0b:54:fc:43:d7:0a:5b:e4:97:0e:b8:cb:47:49:b5: 19:cd:a0:0a:cc:35:37:10:64:80:e7:db:b7:67:4f:fb:b6:06: 8f:bb:37:c2:1c:76:20:0a:2f:66:f0:0e:a7:6f:fc:4e:e2:7c: 9d:05:2e:50:36:b5:ac:ea:8b:04:17:a2:fd:e5:34:00:fc:e4: 47:b0:7f:c9:3b:6b:e1:14:76:d3:36:c0:29:72:37:4d:13:f2: 3e:79:b7:5b:ac:5b:43:38:91:3f:11:43:19:30:e6:43:32:40: d5:96:81:9b:05:35:3e:19:08:b9:eb:30:47:8a:fb:30:36:98: b5:66:e0:2c:68:99:64:f1:8f:ad:69:94:65:b9:7d:8f:cb:84: 97:5f:0b:be:32:ad:f7:6c:41:40:08:4d:e5:d0:f3:68:22:f7: ca:5a:e3:34:3a:78:b6:fc:25:3e:04:d0:bc:e7:45:10:e5:5d: 61:75:ea:c9:af:f5:34:2f:a9:ab:98:60:11:dd:ef:32:fd:ae: b3:bc:01:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDM0QxMTAvBgNVBAUTKDUzNkI5MUIxN0I2RTFCQjE2MzhDODM1OEEwRkE1RUE1 RDBFQkVGQjcwHhcNMjUxMTA1MDA0MzA4WhcNMjUxMTEyMDA0MzA4WjAYMRYwFAYD VQQDEw02OTBhOWQ5ZC0yN2FmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3pEf5MU42Tbhk6JXE8aSOcDvOjiq8n1FRx+YMZuuOfuvRFsh0hf3Otcbz+qB S/1/ZNpbMUZbMQtp14gNiWcJwjr0lna8Pgd6mteL30s3tXyVhJmrBewK0N/unss2 JxfnF/0GItTLJREzpEhx7ZJTH/rHYRir7/13sfXYzM4x0QdY4ixMzR1fa7ciKYSC J73dk1gWNnYt3l4q5YR6rBCvAeC/LdOfWnF/rh1j37C1O12pfrlbhZhm/NXMmpOu z/PkAOrI+SFLpsAWvcWZ2gag55decXjda09Qabe2EaTI7VL7hBi5bRMlX4pq0LsN g+tAmngKOFsJIBHyqdJRc3cQ5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEi4PjVC xzhANJYRGL1hzrhZpGveMB8GA1UdIwQYMBaAFFNrkbF7bhuxY4yDWKD6XqXQ6++3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMzRC8yMzIzRkQ4MDAw RDcxMUVFOTNDQjBGN0VDNEY5QUUwMi9VMnVSc1h0dUc3RmpqSU5Zb1BwZXBkRHI3 N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1UydVJzWHR1RzdGampJTllvUHBlcGREcjc3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMzRC8yMzIzRkQ4MDAwRDcxMUVFOTNDQjBGN0VDNEY5QUUwMi9VMnVSc1h0dUc3 RmpqSU5Zb1BwZXBkRHI3N2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqRl+19CqW7ZRxvUypgGvD2sFeXReAtmFnjikgnEjDES2fxGzOXLLd 3w7tn+O8Hp1z6QZARo5+hAoLVPxD1wpb5JcOuMtHSbUZzaAKzDU3EGSA59u3Z0/7 tgaPuzfCHHYgCi9m8A6nb/xO4nydBS5QNrWs6osEF6L95TQA/ORHsH/JO2vhFHbT NsApcjdNE/I+ebdbrFtDOJE/EUMZMOZDMkDVloGbBTU+GQi56zBHivswNpi1ZuAs aJlk8Y+taZRluX2Py4SXXwu+Mq33bEFACE3l0PNoIvfKWuM0Oni2/CU+BNC850UQ 5V1hderJr/U0L6mrmGAR3e8y/a6zvAF1 -----END CERTIFICATE-----Generated at Wed Nov 5 19:46:44 2025 by rpki-client