$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: b1rTINBUJisxoHVLlZQ+K+PcMAt2q2HC+UkND2/NnUI= Subject key identifier: 43:E8:80:5B:D9:7E:D7:7F:4F:75:E6:D6:15:C1:6C:DE:78:7B:55:73 Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 09E1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 09D7 Signing time: Tue 04 Nov 2025 20:02:14 +0000 Manifest this update: Tue 04 Nov 2025 20:02:13 +0000 Manifest next update: Tue 11 Nov 2025 20:02:13 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: de10NY/ABfjKOxe6EI6vvtr9mXqzsg31OapiGHKNs8w=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:02:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2529 (0x9e1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Nov 4 20:02:13 2025 GMT Not After : Nov 11 20:02:13 2025 GMT Subject: CN=690a5bc6-7729 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:5e:2e:e6:0b:07:08:cf:ec:a0:88:b0:48:d8: 99:d7:de:1a:34:d7:7e:be:24:ba:3c:0e:d0:ec:01: 1e:2e:ed:3f:79:28:53:76:9c:c6:1c:f4:bf:37:11: 29:bd:26:ea:16:27:7e:af:cb:a1:e5:eb:58:97:0d: 35:e7:76:98:eb:c5:1a:0b:43:6a:96:e8:27:b3:60: 88:dc:e6:e9:76:96:b9:10:5b:c4:37:76:ee:11:69: 4a:05:eb:28:a1:bc:cb:83:b2:54:07:76:fd:2e:bf: 81:cc:4d:76:20:ee:e4:aa:0e:89:d5:3b:77:39:95: 6e:96:6e:a0:c3:c4:d4:37:00:20:c9:b5:74:1e:1a: 81:8c:80:e3:21:2e:89:92:7d:9b:5c:a7:ea:c1:aa: c7:34:f1:9f:c5:85:fe:42:64:36:12:d4:23:04:33: f5:ee:60:c0:0e:85:15:a2:8a:92:a5:fa:75:97:3f: 0b:38:1f:7a:c5:f2:a6:9b:78:00:e9:30:80:ad:ca: 23:c7:93:7c:08:4f:7a:a1:a1:ed:b5:6f:9b:61:eb: e7:81:38:23:7c:12:5e:22:7c:af:39:75:57:8b:76: 56:b9:67:ec:7c:93:6b:8b:4f:b7:90:58:64:73:99: ef:ef:a1:9e:6f:c8:ba:04:20:c8:23:dd:da:aa:68: df:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:E8:80:5B:D9:7E:D7:7F:4F:75:E6:D6:15:C1:6C:DE:78:7B:55:73 X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 67:74:96:1f:90:00:bb:1c:ba:59:11:45:f0:fe:da:d8:f1:29: a2:78:ac:7f:1b:2a:52:0e:e1:3d:1e:3c:45:5d:48:37:13:47: a8:c9:22:11:4f:01:ef:b7:10:ad:f7:75:af:46:ae:60:45:34: e4:6e:ca:13:47:0e:f0:e3:dc:9a:e7:25:47:fe:63:07:20:d4: 25:70:8b:73:0b:49:c1:c0:00:9a:0b:70:f5:2b:16:1e:f7:76: 65:97:0d:0e:74:2b:10:c8:57:d4:fe:4a:9c:3e:ec:c7:94:48: 89:1d:99:b5:49:6d:7e:8a:2c:d4:30:a6:3a:88:42:dc:26:5f: 1d:5e:81:a3:56:90:20:10:be:62:57:c5:0b:53:e2:68:09:04: 96:90:63:da:e6:57:24:b7:db:a7:2c:d4:0e:61:ec:fc:9b:c1: 04:b8:02:fe:44:a3:76:3d:2c:fa:ac:5c:45:b0:fc:b6:cf:68: af:05:a6:43:ae:88:6b:6f:ca:cd:34:16:e1:58:4d:cd:b5:c5: 7d:99:25:7d:c1:2f:97:75:24:bb:aa:15:ae:15:fb:6d:f2:a9: 9e:12:50:a2:5c:70:7a:40:74:71:a3:03:6f:e0:b4:0a:2c:f9: 38:a4:c1:d0:7b:83:67:1a:9c:7c:96:47:2f:1c:5f:82:5d:ac: 99:21:16:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCeEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUxMTA0MjAwMjEzWhcNMjUxMTExMjAwMjEzWjAYMRYwFAYD VQQDEw02OTBhNWJjNi03NzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvl4u5gsHCM/soIiwSNiZ194aNNd+viS6PA7Q7AEeLu0/eShTdpzGHPS/NxEp vSbqFid+r8uh5etYlw0153aY68UaC0Nqlugns2CI3Obpdpa5EFvEN3buEWlKBeso obzLg7JUB3b9Lr+BzE12IO7kqg6J1Tt3OZVulm6gw8TUNwAgybV0HhqBjIDjIS6J kn2bXKfqwarHNPGfxYX+QmQ2EtQjBDP17mDADoUVooqSpfp1lz8LOB96xfKmm3gA 6TCArcojx5N8CE96oaHttW+bYevngTgjfBJeInyvOXVXi3ZWuWfsfJNri0+3kFhk c5nv76Geb8i6BCDII93aqmjfOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEPogFvZ ftd/T3Xm1hXBbN54e1VzMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBndJYfkAC7HLpZEUXw/trY8SmieKx/GypSDuE9HjxFXUg3E0eoySIR TwHvtxCt93WvRq5gRTTkbsoTRw7w49ya5yVH/mMHINQlcItzC0nBwACaC3D1KxYe 93Zllw0OdCsQyFfU/kqcPuzHlEiJHZm1SW1+iizUMKY6iELcJl8dXoGjVpAgEL5i V8ULU+JoCQSWkGPa5lckt9unLNQOYez8m8EEuAL+RKN2PSz6rFxFsPy2z2ivBaZD rohrb8rNNBbhWE3NtcV9mSV9wS+XdSS7qhWuFftt8qmeElCiXHB6QHRxowNv4LQK LPk4pMHQe4NnGpx8lkcvHF+CXayZIRYU -----END CERTIFICATE-----Generated at Wed Nov 5 19:25:32 2025 by rpki-client