$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: M9EOePnBCOK2/jCxuJ3YX+McfIC7vFDbZsRnWNVhYgY= Subject key identifier: 61:AC:F1:0C:59:8B:35:08:54:D8:3E:02:93:77:AF:C9:9E:AB:93:DC Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D6B Signing time: Sun 02 Nov 2025 17:58:35 +0000 Manifest this update: Sun 02 Nov 2025 17:58:34 +0000 Manifest next update: Sun 09 Nov 2025 17:58:34 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: 0y7edAHsxcDs2UeuMN8fEyeTqdi0qhBLn3YeKsG+lS8=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:58:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3444 (0xd74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: Nov 2 17:58:34 2025 GMT Not After : Nov 9 17:58:34 2025 GMT Subject: CN=69079bca-ca00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:f6:be:e6:99:9f:75:a3:64:ac:34:2f:44:5c: 19:66:f3:b8:a7:4a:ab:da:4f:49:56:53:90:9b:a5: 96:84:41:24:c6:e2:e8:02:9e:15:06:93:b1:8c:4c: 8d:d3:87:af:00:36:34:eb:3b:17:49:64:6f:8b:3e: 9e:a7:7f:df:77:d5:f7:56:2f:0c:55:c3:0d:48:66: 8f:f6:10:e1:73:4a:98:0a:d8:c2:3b:b5:62:20:e8: 5e:d6:ce:74:73:90:4c:ee:08:00:98:26:2a:52:b9: d5:a2:0d:c5:9d:d7:2a:62:fc:fc:0f:ec:25:86:56: 7f:6b:3d:91:3e:9d:84:75:4b:51:16:7b:04:8c:bc: 6b:f0:da:0c:8b:02:e3:db:3e:53:af:26:d2:23:e5: 05:bf:cc:6a:f4:1e:a1:b6:0c:2d:41:8f:c9:19:01: ab:1d:3c:33:dc:de:b8:d4:16:f1:18:d8:f9:96:07: be:08:cd:67:16:c5:98:cb:8c:6a:22:b0:2f:af:84: 21:42:49:a0:02:09:b3:ea:a9:0d:71:a9:c3:d0:0b: 59:d2:9e:10:fc:3c:fd:ef:73:23:4e:19:08:06:3e: fb:e2:b5:34:1e:d1:e3:86:8c:91:75:5b:9a:81:a2: 33:13:29:33:35:8a:66:7d:de:3c:67:b7:2f:db:a3: d3:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:AC:F1:0C:59:8B:35:08:54:D8:3E:02:93:77:AF:C9:9E:AB:93:DC X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:c0:24:c4:19:c5:a0:e6:7c:1e:76:30:cf:fd:f2:f6:59:41: 93:0f:21:ee:c3:41:1b:e5:0a:75:de:40:f2:0f:1a:f4:c8:ab: de:8a:77:db:4f:f7:f0:e9:42:36:d2:40:27:fe:db:52:57:47: fc:8b:ae:8e:5e:17:67:66:19:7b:a5:a0:92:16:65:cf:1e:5c: 8b:ba:a5:4c:20:6f:c3:64:72:e7:bc:60:f7:34:d1:41:fb:ce: 80:b8:8f:2c:2e:90:00:a7:dd:30:d6:21:9a:41:7f:03:6f:82: ab:b0:f1:ab:52:0f:35:d9:8f:0b:c2:5a:0a:5a:fa:83:24:6d: ca:88:75:6a:21:eb:70:fd:0d:69:ed:e9:68:42:f2:2f:d7:92: e9:32:94:54:73:49:f6:86:07:07:36:66:c4:6b:ea:d2:7c:67: 27:40:7d:4a:3e:6e:21:36:37:84:48:ae:6b:1f:f1:fe:ee:8e: 2f:27:29:24:e2:10:93:6d:a9:82:96:5b:57:fc:05:54:f6:fd: e4:1d:05:64:19:f9:f9:28:48:3c:a0:f5:ad:60:2c:10:b1:37: a9:d2:2f:1f:77:6f:bc:4f:cc:cf:82:b0:db:8b:67:62:80:ed: 11:4c:e2:f0:0b:1f:11:54:8e:89:ff:1d:91:b5:0a:93:e6:19: 1b:09:5e:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDXQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUxMTAyMTc1ODM0WhcNMjUxMTA5MTc1ODM0WjAYMRYwFAYD VQQDEw02OTA3OWJjYS1jYTAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqfa+5pmfdaNkrDQvRFwZZvO4p0qr2k9JVlOQm6WWhEEkxuLoAp4VBpOxjEyN 04evADY06zsXSWRviz6ep3/fd9X3Vi8MVcMNSGaP9hDhc0qYCtjCO7ViIOhe1s50 c5BM7ggAmCYqUrnVog3FndcqYvz8D+wlhlZ/az2RPp2EdUtRFnsEjLxr8NoMiwLj 2z5TrybSI+UFv8xq9B6htgwtQY/JGQGrHTwz3N641BbxGNj5lge+CM1nFsWYy4xq IrAvr4QhQkmgAgmz6qkNcanD0AtZ0p4Q/Dz973MjThkIBj774rU0HtHjhoyRdVua gaIzEykzNYpmfd48Z7cv26PTTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGGs8QxZ izUIVNg+ApN3r8meq5PcMB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8wCTEGcWg5nwedjDP/fL2WUGTDyHuw0Eb5Qp13kDyDxr0yKveinfb T/fw6UI20kAn/ttSV0f8i66OXhdnZhl7paCSFmXPHlyLuqVMIG/DZHLnvGD3NNFB +86AuI8sLpAAp90w1iGaQX8Db4KrsPGrUg812Y8LwloKWvqDJG3KiHVqIetw/Q1p 7eloQvIv15LpMpRUc0n2hgcHNmbEa+rSfGcnQH1KPm4hNjeESK5rH/H+7o4vJykk 4hCTbamClltX/AVU9v3kHQVkGfn5KEg8oPWtYCwQsTep0i8fd2+8T8zPgrDbi2di gO0RTOLwCx8RVI6J/x2RtQqT5hkbCV6X -----END CERTIFICATE-----Generated at Tue Nov 4 16:04:02 2025 by rpki-client