$ rpki-client -vvf rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft File: qafXPj7Y1cRm3LxsIJzUNTzemM8.mft (raw, json) Hash identifier: KzaIIK6IFmgOcsVnrhAbEk+roSEhwSHnlJn5DZ7OPPE= Subject key identifier: 19:CC:B9:D5:5C:02:94:B1:21:3B:6A:F9:7D:AE:89:E5:7D:8A:8E:82 Authority key identifier: A9:A7:D7:3E:3E:D8:D5:C4:66:DC:BC:6C:20:9C:D4:35:3C:DE:98:CF Certificate issuer: /CN=A9143FC4/serialNumber=A9A7D73E3ED8D5C466DCBC6C209CD4353CDE98CF Certificate serial: 349A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft Manifest number: 3498 Signing time: Sun 02 Nov 2025 15:20:58 +0000 Manifest this update: Sun 02 Nov 2025 15:20:58 +0000 Manifest next update: Sun 09 Nov 2025 15:20:58 +0000 Files and hashes: 1: qafXPj7Y1cRm3LxsIJzUNTzemM8.crl (hash: YhnZXZcV74TtgZAU06HIetnSvv268ZGONuGIcwI9QME=) 2: FE96F04256EE11F09D243832C4F9AE02.roa (hash: i7V57Dro1PeoCEaseJh0ivldyfQ81BauNS5GWJcFu1M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.crl rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:20:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13466 (0x349a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143FC4, serialNumber=A9A7D73E3ED8D5C466DCBC6C209CD4353CDE98CF Validity Not Before: Nov 2 15:20:58 2025 GMT Not After : Nov 9 15:20:58 2025 GMT Subject: CN=690776da-602f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:66:79:b0:42:d8:99:c3:d0:fe:87:0e:21:af: bd:3a:00:b1:44:72:0c:01:45:0e:f2:4d:36:5c:b7: 85:ac:6d:f3:00:e8:69:fa:cf:8b:39:31:a7:61:d9: d4:79:75:10:f2:0d:b1:5b:68:76:c0:6a:66:6f:7b: 26:2a:d2:5c:27:4c:92:ed:17:e3:0b:8d:a9:20:3a: 12:b7:7c:19:02:49:0d:50:9f:64:a7:d2:c8:28:13: 32:d6:61:ed:c6:1d:c5:d8:f9:3b:72:cb:d7:7f:8b: 1f:5f:85:3b:36:af:a1:fa:e7:16:21:4f:7d:45:a4: 1e:ba:a8:d3:99:4e:82:91:9b:5f:4d:cc:a5:d7:08: dc:0b:02:4f:5c:e2:08:e6:b9:12:1d:f7:fe:ce:b5: 81:0a:f1:33:f0:30:1d:ce:92:11:ef:1d:36:77:cb: c6:72:c7:32:14:04:a1:a9:43:37:77:bf:af:c6:85: fb:31:80:4f:b2:95:8c:f5:d4:d4:06:ab:e4:49:c7: a2:2e:e8:59:d9:95:6a:e4:16:5f:ce:33:15:42:69: 73:b2:3f:6a:df:a3:b4:f8:3d:b0:e4:66:0b:07:48: e1:25:b0:91:57:0a:cd:31:8a:58:86:19:0a:3f:45: 70:c5:90:1d:38:75:79:39:8d:09:de:41:e8:35:3a: 15:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:CC:B9:D5:5C:02:94:B1:21:3B:6A:F9:7D:AE:89:E5:7D:8A:8E:82 X509v3 Authority Key Identifier: keyid:A9:A7:D7:3E:3E:D8:D5:C4:66:DC:BC:6C:20:9C:D4:35:3C:DE:98:CF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/qafXPj7Y1cRm3LxsIJzUNTzemM8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143FC4/B165A3A8295811E2B38D58FB08B02CD2/qafXPj7Y1cRm3LxsIJzUNTzemM8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:39:e6:ca:32:a6:22:a5:a8:c1:d1:1c:c9:ad:50:c3:54:53: 86:fe:8c:8a:f8:cb:43:11:c1:ba:88:f4:50:42:7a:06:31:8f: f1:64:7a:8f:12:3a:64:fe:b9:c0:2d:e9:eb:83:9c:4f:d1:d6: 0d:a4:f2:d2:c5:d9:99:a4:75:30:c7:b7:5c:9b:88:eb:df:18: b8:df:1e:6e:06:15:33:bc:8a:bf:8e:41:d8:40:01:79:bd:25: 3d:85:7c:80:8c:26:64:92:70:29:01:a6:6c:30:20:27:ef:2f: d9:13:fe:87:35:d4:fe:c1:e1:84:f9:2d:cd:76:54:ca:41:8b: 6d:82:d9:13:de:cc:c5:2a:5b:81:6b:ea:c4:ba:56:aa:b3:54: 28:2d:d2:c9:2c:d7:39:ed:d3:85:4b:4f:f8:38:23:16:c8:a6: 82:c8:92:13:b8:f3:a5:19:86:9a:55:d5:a2:0f:0e:34:ce:05: ab:30:ef:ee:68:6e:b9:37:03:47:00:95:1b:27:ce:2d:3f:fc: ec:cf:53:93:02:b9:43:81:fa:b6:b3:d4:46:42:3e:c2:f7:65: 02:72:64:9d:a1:23:26:ff:d6:a2:c8:0d:44:eb:73:e0:24:aa: d5:ef:8b:59:17:30:54:bc:c6:7d:68:ff:d5:3c:fe:d1:3d:be: 52:22:59:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNGQzQxMTAvBgNVBAUTKEE5QTdENzNFM0VEOEQ1QzQ2NkRDQkM2QzIwOUNENDM1 M0NERTk4Q0YwHhcNMjUxMTAyMTUyMDU4WhcNMjUxMTA5MTUyMDU4WjAYMRYwFAYD VQQDEw02OTA3NzZkYS02MDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3GZ5sELYmcPQ/ocOIa+9OgCxRHIMAUUO8k02XLeFrG3zAOhp+s+LOTGnYdnU eXUQ8g2xW2h2wGpmb3smKtJcJ0yS7RfjC42pIDoSt3wZAkkNUJ9kp9LIKBMy1mHt xh3F2Pk7csvXf4sfX4U7Nq+h+ucWIU99RaQeuqjTmU6CkZtfTcyl1wjcCwJPXOII 5rkSHff+zrWBCvEz8DAdzpIR7x02d8vGcscyFAShqUM3d7+vxoX7MYBPspWM9dTU BqvkSceiLuhZ2ZVq5BZfzjMVQmlzsj9q36O0+D2w5GYLB0jhJbCRVwrNMYpYhhkK P0VwxZAdOHV5OY0J3kHoNToV6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBnMudVc ApSxITtq+X2uieV9io6CMB8GA1UdIwQYMBaAFKmn1z4+2NXEZty8bCCc1DU83pjP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0ZDNC9CMTY1QTNBODI5 NTgxMUUyQjM4RDU4RkIwOEIwMkNEMi9xYWZYUGo3WTFjUm0zTHhzSUp6VU5UemVt TTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3FhZlhQajdZMWNSbTNMeHNJSnpVTlR6ZW1NOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0ZDNC9CMTY1QTNBODI5NTgxMUUyQjM4RDU4RkIwOEIwMkNEMi9xYWZYUGo3WTFj Um0zTHhzSUp6VU5UemVtTTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCOebKMqYipajB0RzJrVDDVFOG/oyK+MtDEcG6iPRQQnoGMY/xZHqP Ejpk/rnALenrg5xP0dYNpPLSxdmZpHUwx7dcm4jr3xi43x5uBhUzvIq/jkHYQAF5 vSU9hXyAjCZkknApAaZsMCAn7y/ZE/6HNdT+weGE+S3NdlTKQYttgtkT3szFKluB a+rEulaqs1QoLdLJLNc57dOFS0/4OCMWyKaCyJITuPOlGYaaVdWiDw40zgWrMO/u aG65NwNHAJUbJ84tP/zsz1OTArlDgfq2s9RGQj7C92UCcmSdoSMm/9aiyA1E63Pg JKrV74tZFzBUvMZ9aP/VPP7RPb5SIlkB -----END CERTIFICATE-----Generated at Tue Nov 4 02:17:08 2025 by rpki-client