$ rpki-client -vvf rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft File: D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft (raw, json) Hash identifier: ITeVn9kft+K29rt0fj+Wh3tU79Iyx6dbg18rHltHfmM= Subject key identifier: 80:95:AA:62:25:84:75:80:F7:3B:4A:E9:5B:C0:67:36:65:7B:CC:69 Authority key identifier: 0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 Certificate issuer: /CN=A9134BB0/serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Certificate serial: 01C5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft Manifest number: 01C1 Signing time: Wed 05 Nov 2025 03:07:03 +0000 Manifest this update: Wed 05 Nov 2025 03:07:02 +0000 Manifest next update: Wed 12 Nov 2025 03:07:02 +0000 Files and hashes: 1: D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl (hash: Pv8HGKq4c+XOVMIfxgPDo7MRb8PI694lgh6HfY3DXZo=) 2: 075B4CC80AC511EEB25A152AC4F9AE02.roa (hash: oHGClGt0Y+/Ca/fTjOnKQ8pJUUYEh+Yq1JxoBHlpH4s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:07:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 453 (0x1c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9134BB0, serialNumber=0F6142AE4168DF0B1805FA581D20394767AA2258 Validity Not Before: Nov 5 03:07:02 2025 GMT Not After : Nov 12 03:07:02 2025 GMT Subject: CN=690abf56-8ac5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:5c:78:76:b9:56:1a:98:36:ae:d7:52:be:eb: c0:db:cf:57:9f:40:6d:e3:54:e2:80:33:a7:a1:26: 41:82:53:c9:a7:53:02:b5:5d:ad:c5:dd:f7:3f:d9: 9f:21:43:2c:5a:fe:a9:c4:f7:1c:ed:47:48:57:9f: 8b:1a:ba:76:93:68:d2:2c:09:2f:05:9c:65:24:24: cb:e2:a0:0e:bd:33:ca:e6:76:8c:4d:70:f7:16:35: fc:82:f9:78:c1:9c:56:25:13:57:e6:3e:af:db:c5: 3c:b1:30:57:e6:79:33:28:1b:de:c2:ed:ce:99:64: 2a:3b:86:47:11:70:f4:33:ad:93:f1:63:00:34:fb: c2:8f:9c:8b:a2:e6:55:3c:d8:fd:32:07:bc:54:ca: e0:b2:cb:c6:f9:fa:83:9b:7a:c6:f0:21:6c:2b:53: 3a:76:cb:7f:37:2d:81:00:09:a3:ff:dc:ad:1c:23: a1:e1:f2:e3:05:ec:33:6f:e6:8a:b5:11:94:02:ee: 73:10:66:a9:d0:74:c7:7b:46:d7:f5:6b:65:4c:dc: c8:59:6c:c9:90:4b:b6:a8:81:e8:0b:fe:56:4e:09: 58:40:f6:97:af:cb:d4:dd:28:f1:ad:30:46:bf:9e: 91:73:15:3c:f5:cc:2b:55:95:4e:85:e5:5d:8b:c5: d0:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:95:AA:62:25:84:75:80:F7:3B:4A:E9:5B:C0:67:36:65:7B:CC:69 X509v3 Authority Key Identifier: keyid:0F:61:42:AE:41:68:DF:0B:18:05:FA:58:1D:20:39:47:67:AA:22:58 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2FCrkFo3wsYBfpYHSA5R2eqIlg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9134BB0/DD4738E00ABD11EE917DA655C4F9AE02/D2FCrkFo3wsYBfpYHSA5R2eqIlg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 58:96:ce:e7:7b:6d:77:07:0c:2d:59:9c:ac:5b:fa:f5:41:f2: 1c:2b:0f:d3:02:2e:79:89:df:92:19:e2:c2:b2:95:c9:b7:9f: 73:4b:92:af:7c:c8:5a:3d:0d:b8:a7:37:f5:06:ec:5b:b3:50: 8d:bf:6c:db:5c:3b:81:b9:08:b5:38:8d:7b:0a:77:8a:a7:b9: 0a:ae:59:a0:fc:94:a9:0e:18:af:92:87:f2:18:87:9f:94:2f: da:0a:b6:68:48:b1:41:53:12:1b:60:4e:15:51:9f:cc:91:4e: 8a:25:2d:cd:cb:52:63:1d:a9:c3:da:90:c8:17:d6:b0:ac:f3: d8:f5:bf:05:c2:81:88:d5:ec:71:0d:7a:07:eb:f8:0d:c3:5d: ac:2f:ba:9e:5f:0b:0a:32:00:10:60:29:04:5b:54:1a:8d:34: 64:2f:f9:31:82:31:b9:50:df:09:c9:ce:10:79:4b:9e:4f:5e: 3c:a3:59:85:fb:49:5a:06:46:9e:f2:b0:90:d9:2f:65:4e:5e: 7c:e5:32:ca:4a:1a:a6:fd:33:5b:04:41:c5:0e:e6:2c:c5:c6: 0c:5e:85:f8:3e:56:9e:c1:b7:19:ef:99:e0:09:4b:47:ee:d8: 6f:84:b0:ad:e4:04:ea:ef:41:d8:dd:1a:e8:d4:c8:2e:39:ce: 32:fb:ee:a9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzRCQjAxMTAvBgNVBAUTKDBGNjE0MkFFNDE2OERGMEIxODA1RkE1ODFEMjAzOTQ3 NjdBQTIyNTgwHhcNMjUxMTA1MDMwNzAyWhcNMjUxMTEyMDMwNzAyWjAYMRYwFAYD VQQDEw02OTBhYmY1Ni04YWM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAslx4drlWGpg2rtdSvuvA289Xn0Bt41TigDOnoSZBglPJp1MCtV2txd33P9mf IUMsWv6pxPcc7UdIV5+LGrp2k2jSLAkvBZxlJCTL4qAOvTPK5naMTXD3FjX8gvl4 wZxWJRNX5j6v28U8sTBX5nkzKBvewu3OmWQqO4ZHEXD0M62T8WMANPvCj5yLouZV PNj9Mge8VMrgssvG+fqDm3rG8CFsK1M6dst/Ny2BAAmj/9ytHCOh4fLjBewzb+aK tRGUAu5zEGap0HTHe0bX9WtlTNzIWWzJkEu2qIHoC/5WTglYQPaXr8vU3SjxrTBG v56RcxU89cwrVZVOheVdi8XQDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFICVqmIl hHWA9ztK6VvAZzZle8xpMB8GA1UdIwQYMBaAFA9hQq5BaN8LGAX6WB0gOUdnqiJY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNEJCMC9ERDQ3MzhFMDBB QkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3c1lCZnBZSFNBNVIyZXFJ bGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QyRkNya0ZvM3dzWUJmcFlIU0E1UjJlcUlsZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NEJCMC9ERDQ3MzhFMDBBQkQxMUVFOTE3REE2NTVDNEY5QUUwMi9EMkZDcmtGbzN3 c1lCZnBZSFNBNVIyZXFJbGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBYls7ne213BwwtWZysW/r1QfIcKw/TAi55id+SGeLCspXJt59zS5Kv fMhaPQ24pzf1Buxbs1CNv2zbXDuBuQi1OI17CneKp7kKrlmg/JSpDhivkofyGIef lC/aCrZoSLFBUxIbYE4VUZ/MkU6KJS3Ny1JjHanD2pDIF9awrPPY9b8FwoGI1exx DXoH6/gNw12sL7qeXwsKMgAQYCkEW1QajTRkL/kxgjG5UN8Jyc4QeUueT148o1mF +0laBkae8rCQ2S9lTl585TLKShqm/TNbBEHFDuYsxcYMXoX4PlaewbcZ75ngCUtH 7thvhLCt5ATq70HY3Rro1MguOc4y++6p -----END CERTIFICATE-----Generated at Wed Nov 5 10:26:08 2025 by rpki-client