$ rpki-client -vvf rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft File: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft (raw, json) Hash identifier: hcljQS1Ce4a3CqYQAZx1mdx8+YSoMi69khTiCTNSssw= Subject key identifier: BF:4F:72:A1:30:B7:16:22:51:89:A7:D4:D0:C5:90:ED:53:70:22:27 Authority key identifier: 63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D Certificate issuer: /CN=A9147B58/serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Certificate serial: 0601 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft Manifest number: 05FB Signing time: Sun 02 Nov 2025 22:55:14 +0000 Manifest this update: Sun 02 Nov 2025 22:55:14 +0000 Manifest next update: Sun 09 Nov 2025 22:55:14 +0000 Files and hashes: 1: Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl (hash: s/w8kGW5O05XE7lOnSj0gzepWRkXW/lo+GhRd/qTqXY=) 2: 657BCA62CABC11EB8D6D063BC4F9AE02.roa (hash: tl2kppVQ05tVhEGA0iZghAdvk5il8hkt04HkORheCWE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:55:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1537 (0x601) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9147B58, serialNumber=63E48762A89308096773D9E1C9D1A9998035670D Validity Not Before: Nov 2 22:55:14 2025 GMT Not After : Nov 9 22:55:14 2025 GMT Subject: CN=6907e152-e42d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:8a:2a:68:cb:c9:9a:ab:a3:5b:3f:2a:60:3f: f3:4d:4a:78:18:4c:0f:92:f0:76:07:bd:76:f4:c3: 8d:ae:fe:87:69:4d:65:7b:30:d7:3b:82:1e:82:3d: 0a:8b:3b:d1:a9:71:f6:be:a6:1a:3e:1d:d0:ef:32: 45:62:cf:ab:90:0a:13:bf:f4:19:f4:12:ec:6b:59: b5:7f:1e:6a:c6:a6:67:c1:f4:f8:c0:dc:21:c0:4a: 89:39:d5:5b:97:91:b8:93:20:c4:9c:8d:be:46:8a: 1e:e2:15:c2:11:43:6f:5a:08:02:e6:47:81:fc:b9: a0:cf:72:35:f2:ae:75:8d:f3:4e:50:92:ae:0c:98: 25:9f:98:43:ae:35:bc:cd:b2:e3:d5:44:08:d8:da: a6:05:40:26:dd:24:71:e8:d3:cc:29:7f:0b:05:e6: b2:63:cd:3a:00:41:c1:de:66:b1:e4:2e:69:54:be: 3a:f4:e8:25:3c:33:77:b4:c4:ba:09:91:90:b3:cd: 96:bb:e2:5a:73:b9:47:d1:0f:4f:3f:6e:77:fd:93: 01:62:e6:86:60:7e:1b:d4:62:36:b6:1c:cd:78:04: d1:48:12:a6:40:84:14:c2:0d:1a:43:72:e0:fd:b5: 6a:da:84:63:76:c6:8c:20:21:0a:2e:b3:99:6d:4c: 9e:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:4F:72:A1:30:B7:16:22:51:89:A7:D4:D0:C5:90:ED:53:70:22:27 X509v3 Authority Key Identifier: keyid:63:E4:87:62:A8:93:08:09:67:73:D9:E1:C9:D1:A9:99:80:35:67:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9147B58/AAC21C7ECAB811EB84155336C4F9AE02/Y-SHYqiTCAlnc9nhydGpmYA1Zw0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:04:ae:58:57:70:7a:46:dd:e4:d4:2b:92:24:25:b4:2a:ad: 2b:ce:da:36:1f:5d:cc:1c:14:fd:05:10:fd:42:c1:4e:24:46: 3a:ed:f0:a1:cf:2c:76:b2:c3:fa:4f:9f:cd:6a:29:69:70:3e: 40:ec:06:60:9f:f2:b1:f4:55:8d:2c:3f:5c:a2:ec:d0:de:9a: ea:08:59:f2:9b:a7:64:bb:12:fa:2a:86:1b:bb:13:c1:e5:a5: 15:88:dd:7d:a8:c6:2a:05:76:0d:f0:57:10:cd:5a:25:54:64: 51:e5:74:c6:ba:71:a0:72:5d:a4:05:a3:36:e9:6f:99:0e:ad: b1:72:60:ea:ea:b5:44:cf:a1:fb:18:d6:7f:7b:b1:f6:06:d5: 13:7e:a4:ab:8a:33:0c:8e:c1:d7:10:39:4a:f4:14:d3:81:d0: 10:e9:d2:43:85:f7:5a:20:03:08:c7:e7:2c:ec:81:31:3c:b8: d5:f4:03:e9:2a:20:2f:53:62:6f:c9:0a:cf:f6:a6:4c:e5:e2: 4b:87:b1:94:4c:df:49:f2:08:34:cd:e0:0b:3b:a2:2b:c4:4b: ad:54:cf:14:1c:69:94:1f:9b:57:4e:25:8b:10:50:8e:dc:e3: e8:f9:a9:ca:fa:c1:cd:6a:2a:5c:7c:83:17:e3:e6:be:d8:a5: 6d:8c:2d:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBgEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDdCNTgxMTAvBgNVBAUTKDYzRTQ4NzYyQTg5MzA4MDk2NzczRDlFMUM5RDFBOTk5 ODAzNTY3MEQwHhcNMjUxMTAyMjI1NTE0WhcNMjUxMTA5MjI1NTE0WjAYMRYwFAYD VQQDEw02OTA3ZTE1Mi1lNDJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2IoqaMvJmqujWz8qYD/zTUp4GEwPkvB2B7129MONrv6HaU1lezDXO4Iegj0K izvRqXH2vqYaPh3Q7zJFYs+rkAoTv/QZ9BLsa1m1fx5qxqZnwfT4wNwhwEqJOdVb l5G4kyDEnI2+Rooe4hXCEUNvWggC5keB/Lmgz3I18q51jfNOUJKuDJgln5hDrjW8 zbLj1UQI2NqmBUAm3SRx6NPMKX8LBeayY806AEHB3max5C5pVL469OglPDN3tMS6 CZGQs82Wu+Jac7lH0Q9PP253/ZMBYuaGYH4b1GI2thzNeATRSBKmQIQUwg0aQ3Lg /bVq2oRjdsaMICEKLrOZbUyeXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL9PcqEw txYiUYmn1NDFkO1TcCInMB8GA1UdIwQYMBaAFGPkh2KokwgJZ3PZ4cnRqZmANWcN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0N0I1OC9BQUMyMUM3RUNB QjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENBbG5jOW5oeWRHcG1ZQTFa dzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1ktU0hZcWlUQ0FsbmM5bmh5ZEdwbVlBMVp3MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 N0I1OC9BQUMyMUM3RUNBQjgxMUVCODQxNTUzMzZDNEY5QUUwMi9ZLVNIWXFpVENB bG5jOW5oeWRHcG1ZQTFadzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBBK5YV3B6Rt3k1CuSJCW0Kq0rzto2H13MHBT9BRD9QsFOJEY67fCh zyx2ssP6T5/NailpcD5A7AZgn/Kx9FWNLD9couzQ3prqCFnym6dkuxL6KoYbuxPB 5aUViN19qMYqBXYN8FcQzVolVGRR5XTGunGgcl2kBaM26W+ZDq2xcmDq6rVEz6H7 GNZ/e7H2BtUTfqSrijMMjsHXEDlK9BTTgdAQ6dJDhfdaIAMIx+cs7IExPLjV9APp KiAvU2JvyQrP9qZM5eJLh7GUTN9J8gg0zeALO6IrxEutVM8UHGmUH5tXTiWLEFCO 3OPo+anK+sHNaipcfIMX4+a+2KVtjC3x -----END CERTIFICATE-----Generated at Tue Nov 4 08:19:24 2025 by rpki-client