$ rpki-client -vvf rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft File: o9XPQ95bPYucND7UScFpDr40Fw4.mft (raw, json) Hash identifier: NtfSix1xmdpiry0KG4i6wjve4odsTmxCdN5VvwSJ+bo= Subject key identifier: 11:25:67:88:04:B8:F1:24:9C:DA:8B:4D:90:10:62:E9:99:35:6C:CB Authority key identifier: A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E Certificate issuer: /CN=A914CCD1/serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E Certificate serial: 064A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft Manifest number: 0624 Signing time: Sun 02 Nov 2025 22:56:11 +0000 Manifest this update: Sun 02 Nov 2025 22:56:11 +0000 Manifest next update: Sun 09 Nov 2025 22:56:11 +0000 Files and hashes: 1: o9XPQ95bPYucND7UScFpDr40Fw4.crl (hash: e6+X/6tPHB6bi6OmEy4ZClILSSi8gJfZ24EjEVRvKxw=) 2: 96E3EB58B2B711EEAE882255C4F9AE02.roa (hash: HhWutos5vK2k7U1Y6D/GqMl0klIP1xZEoSAwh8yepqY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:56:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1610 (0x64a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914CCD1, serialNumber=A3D5CF43DE5B3D8B9C343ED449C1690EBE34170E Validity Not Before: Nov 2 22:56:11 2025 GMT Not After : Nov 9 22:56:11 2025 GMT Subject: CN=6907e18b-28df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:79:7f:ec:39:6d:8c:7d:ca:83:7f:2d:c2:04: d4:a6:b7:54:2c:42:11:cf:ff:96:06:26:89:cb:f3: d4:49:8b:a1:9a:b2:7b:8e:1d:30:13:b3:93:01:95: 33:22:2b:c2:8a:37:98:1a:76:54:0c:5f:36:a3:47: 7f:d4:d3:ca:e8:7a:e5:35:30:d1:7e:38:22:76:58: 9b:c3:0d:65:89:3c:aa:d8:74:94:d4:18:8d:11:4e: eb:93:62:74:d2:17:27:9c:3b:72:6d:b0:5e:ae:28: 77:20:08:19:8f:2c:a9:a4:b9:e9:ef:9e:fc:71:40: ee:2a:f1:6c:ac:3d:c7:12:ba:27:66:2c:18:8c:b9: 67:5b:99:16:4f:39:b3:f5:c3:07:f5:ff:d8:c4:59: 2a:55:2b:44:7d:be:5d:55:30:8a:30:49:52:c9:10: 24:50:d0:85:80:6f:0f:b3:be:e2:f6:0d:37:84:15: ce:18:4a:1f:b3:a4:b9:96:e1:2f:68:a5:c0:93:c6: d6:96:87:d1:29:8c:e0:19:c2:70:7f:3c:ec:6b:4e: db:d1:04:f8:4b:fe:38:cd:9a:b0:39:4f:dc:69:96: 04:73:d9:d4:ac:d5:33:86:e3:b4:e0:b1:f4:63:79: 9f:a2:5c:c3:c6:bc:59:99:d0:1c:f8:2f:4a:a7:95: e2:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 11:25:67:88:04:B8:F1:24:9C:DA:8B:4D:90:10:62:E9:99:35:6C:CB X509v3 Authority Key Identifier: keyid:A3:D5:CF:43:DE:5B:3D:8B:9C:34:3E:D4:49:C1:69:0E:BE:34:17:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o9XPQ95bPYucND7UScFpDr40Fw4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914CCD1/AD7F45A4CDC411EBB5F48355C4F9AE02/o9XPQ95bPYucND7UScFpDr40Fw4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cc:6a:32:1e:19:43:c0:29:9e:9f:f2:06:4e:09:e5:d7:07:74: 7e:ee:ad:3a:09:15:e4:ef:96:74:c6:6c:ed:47:78:3e:6a:0b: 39:8f:4d:d5:12:d9:d4:5f:e0:07:6b:58:ff:ab:31:ae:9a:7a: bd:11:21:9f:10:19:41:c1:97:bf:91:f4:4f:67:c4:dd:75:b4: 44:09:d2:98:cc:4e:85:3a:93:fa:51:aa:a0:69:f6:38:27:37: 23:df:86:a2:ae:c4:09:3b:1b:57:03:96:1e:6f:7f:3b:5b:bb: 3b:88:e4:f9:8d:14:99:c8:08:bc:17:1c:18:d3:9c:70:06:de: 70:7b:93:4e:c7:64:5a:2f:eb:63:9e:0e:41:d5:62:f0:f1:70: 8f:30:37:07:0a:3f:e0:f6:ac:e2:bf:53:96:d6:2c:94:fa:4e: 90:cf:56:87:cd:c8:6f:0b:c2:f9:41:29:0e:25:4c:d2:5d:27: 07:26:52:36:be:48:9e:06:cb:86:bf:1f:74:f9:2f:a8:8e:44: eb:b5:07:71:ca:e6:4d:1a:74:9b:aa:89:37:74:75:da:f3:17: b8:1f:83:b4:d8:97:d6:6c:c5:7b:29:b1:cb:9d:26:e4:73:d2: 4e:40:9b:ca:08:08:9e:09:d2:02:19:c2:ac:ae:f4:4f:22:c7: a0:b1:0e:4b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NENDRDExMTAvBgNVBAUTKEEzRDVDRjQzREU1QjNEOEI5QzM0M0VENDQ5QzE2OTBF QkUzNDE3MEUwHhcNMjUxMTAyMjI1NjExWhcNMjUxMTA5MjI1NjExWjAYMRYwFAYD VQQDEw02OTA3ZTE4Yi0yOGRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAynl/7DltjH3Kg38twgTUprdULEIRz/+WBiaJy/PUSYuhmrJ7jh0wE7OTAZUz IivCijeYGnZUDF82o0d/1NPK6HrlNTDRfjgidlibww1liTyq2HSU1BiNEU7rk2J0 0hcnnDtybbBerih3IAgZjyyppLnp7578cUDuKvFsrD3HEronZiwYjLlnW5kWTzmz 9cMH9f/YxFkqVStEfb5dVTCKMElSyRAkUNCFgG8Ps77i9g03hBXOGEofs6S5luEv aKXAk8bWlofRKYzgGcJwfzzsa07b0QT4S/44zZqwOU/caZYEc9nUrNUzhuO04LH0 Y3mfolzDxrxZmdAc+C9Kp5XiDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBElZ4gE uPEknNqLTZAQYumZNWzLMB8GA1UdIwQYMBaAFKPVz0PeWz2LnDQ+1EnBaQ6+NBcO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0Q0NEMS9BRDdGNDVBNENE QzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZdWNORDdVU2NGcERyNDBG dzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL285WFBROTViUFl1Y05EN1VTY0ZwRHI0MEZ3NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 Q0NEMS9BRDdGNDVBNENEQzQxMUVCQjVGNDgzNTVDNEY5QUUwMi9vOVhQUTk1YlBZ dWNORDdVU2NGcERyNDBGdzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDMajIeGUPAKZ6f8gZOCeXXB3R+7q06CRXk75Z0xmztR3g+ags5j03V EtnUX+AHa1j/qzGumnq9ESGfEBlBwZe/kfRPZ8TddbRECdKYzE6FOpP6UaqgafY4 Jzcj34airsQJOxtXA5Yeb387W7s7iOT5jRSZyAi8FxwY05xwBt5we5NOx2RaL+tj ng5B1WLw8XCPMDcHCj/g9qziv1OW1iyU+k6Qz1aHzchvC8L5QSkOJUzSXScHJlI2 vkieBsuGvx90+S+ojkTrtQdxyuZNGnSbqok3dHXa8xe4H4O02JfWbMV7KbHLnSbk c9JOQJvKCAieCdICGcKsrvRPIsegsQ5L -----END CERTIFICATE-----Generated at Tue Nov 4 19:05:11 2025 by rpki-client