$ rpki-client -vvf rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft File: D9l6GEHJl08fSQQu2j5yhCGq5f4.mft (raw, json) Hash identifier: MGXgQdYBpBlck4wdtn44oeSXNVQrL41NvbkwpbOIL6o= Subject key identifier: 48:8F:55:8B:BC:A3:2B:79:5F:68:6C:A2:B6:4B:ED:21:65:D5:A9:AD Authority key identifier: 0F:D9:7A:18:41:C9:97:4F:1F:49:04:2E:DA:3E:72:84:21:AA:E5:FE Certificate issuer: /CN=A914ED2B/serialNumber=0FD97A1841C9974F1F49042EDA3E728421AAE5FE Certificate serial: 0831 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft Manifest number: 0820 Signing time: Tue 04 Nov 2025 20:57:31 +0000 Manifest this update: Tue 04 Nov 2025 20:57:31 +0000 Manifest next update: Tue 11 Nov 2025 20:57:31 +0000 Files and hashes: 1: D9l6GEHJl08fSQQu2j5yhCGq5f4.crl (hash: t0nEQJbHI5+cqKhz8i7SDxyG/mV7ZVqADhro+EEljkY=) 2: D31B3092F40911EA8A5C9E70C4F9AE02.roa (hash: ypu19bei6HfdziAUkQKrmGrUpzhyQcDpqvAElnhFxJ8=) 3: D25A6970F40911EA8A5C9E70C4F9AE02.roa (hash: IN3RfDkD8NjweSOu/JOBHYJplR97v1OTcMrbU5p1LVw=) 4: CD0710DA3F3511ED84AFEA5BC4F9AE02.roa (hash: 2VJGwp3cB6SQYB5sCKPYP1OXIy417U6bgx3FYDkVNxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.crl rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:57:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2097 (0x831) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914ED2B, serialNumber=0FD97A1841C9974F1F49042EDA3E728421AAE5FE Validity Not Before: Nov 4 20:57:31 2025 GMT Not After : Nov 11 20:57:31 2025 GMT Subject: CN=690a68bb-7794 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f0:87:05:fd:cb:d1:28:e3:d4:e6:cd:3b:18: 5f:0a:bc:ec:7b:fa:b9:cd:e1:d3:06:20:8a:20:63: c8:b5:a0:24:68:86:f5:88:a0:68:74:5c:81:47:32: 8d:82:53:1d:e4:1e:9f:53:20:e1:f7:5c:52:5c:e6: 48:bf:c3:1f:6f:8d:24:bd:7d:d6:1d:c6:95:53:54: 1b:87:ba:48:c6:3c:8a:39:cd:a7:90:cc:ee:7c:05: c2:74:f8:2d:c8:4b:43:76:1f:02:06:dd:eb:46:b4: c1:fd:43:5a:f4:fd:f5:e2:37:9f:7b:42:49:a2:a8: 31:d4:56:8e:1b:8b:56:d5:99:55:57:9d:ae:42:f2: 3a:5d:dc:96:55:22:81:b2:33:ba:82:58:30:45:04: fa:41:8a:8a:5b:68:f9:9f:b8:cc:1c:f2:b8:f3:e6: 5d:3e:92:f2:33:bc:04:bd:72:d3:49:31:63:df:3f: 4d:f4:cc:e5:b6:23:ad:46:82:90:ba:6a:13:33:96: 06:6c:98:23:39:a6:eb:ab:53:4f:d8:25:a3:20:e5: a1:99:42:4a:36:98:3f:a9:54:9a:15:12:d1:27:e9: 4b:70:4b:0e:c1:aa:26:fe:30:77:c6:84:6a:ad:9e: 00:39:6f:21:92:ec:61:48:62:00:58:96:c0:23:8c: e1:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:8F:55:8B:BC:A3:2B:79:5F:68:6C:A2:B6:4B:ED:21:65:D5:A9:AD X509v3 Authority Key Identifier: keyid:0F:D9:7A:18:41:C9:97:4F:1F:49:04:2E:DA:3E:72:84:21:AA:E5:FE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9l6GEHJl08fSQQu2j5yhCGq5f4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914ED2B/8B6700A6F40811EA90AC566FC4F9AE02/D9l6GEHJl08fSQQu2j5yhCGq5f4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:31:69:3d:4f:1b:f1:0f:26:db:eb:51:a9:8a:18:e3:d3:a1: bd:12:fe:9c:9b:cd:be:67:35:2e:96:f6:bf:b0:78:86:89:23: 03:c8:d9:a1:95:8d:1b:4f:63:ed:9b:e4:90:a4:6a:41:59:bd: ef:69:d1:31:89:e9:98:1e:72:be:8c:5a:25:33:fe:67:a9:da: 02:48:c5:c9:db:85:08:81:17:d5:92:ee:d7:21:30:0a:4d:02: c2:15:db:de:fb:f1:2b:e7:c9:c4:d6:cd:84:02:98:20:81:fa: 78:75:83:90:da:a2:cd:03:24:43:24:a9:44:49:77:55:35:86: 4a:32:87:e7:2f:68:77:c4:54:2a:f1:46:db:37:52:69:7d:a1: 5e:1a:c9:9a:34:46:6a:12:31:9b:37:bf:8a:0f:ba:d8:64:e9: 05:42:3a:5d:56:58:7b:96:18:4a:2d:ec:42:0d:67:c7:0b:96: 68:d3:53:2d:03:18:aa:ca:86:dc:2b:e6:e7:3a:6f:98:38:49: 11:0a:ef:44:13:7d:6f:19:61:6e:33:f7:6d:6a:3d:eb:fb:32: 3b:8b:94:d8:ff:3f:08:26:4c:62:98:8a:16:5e:56:a5:e2:04: cf:95:44:7e:c0:ca:4f:0a:82:dd:7e:5d:4c:21:9e:3e:94:69: 0f:76:49:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEVEMkIxMTAvBgNVBAUTKDBGRDk3QTE4NDFDOTk3NEYxRjQ5MDQyRURBM0U3Mjg0 MjFBQUU1RkUwHhcNMjUxMTA0MjA1NzMxWhcNMjUxMTExMjA1NzMxWjAYMRYwFAYD VQQDEw02OTBhNjhiYi03Nzk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs/CHBf3L0Sjj1ObNOxhfCrzse/q5zeHTBiCKIGPItaAkaIb1iKBodFyBRzKN glMd5B6fUyDh91xSXOZIv8Mfb40kvX3WHcaVU1Qbh7pIxjyKOc2nkMzufAXCdPgt yEtDdh8CBt3rRrTB/UNa9P314jefe0JJoqgx1FaOG4tW1ZlVV52uQvI6XdyWVSKB sjO6glgwRQT6QYqKW2j5n7jMHPK48+ZdPpLyM7wEvXLTSTFj3z9N9MzltiOtRoKQ umoTM5YGbJgjOabrq1NP2CWjIOWhmUJKNpg/qVSaFRLRJ+lLcEsOwaom/jB3xoRq rZ4AOW8hkuxhSGIAWJbAI4zhRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEiPVYu8 oyt5X2hsorZL7SFl1amtMB8GA1UdIwQYMBaAFA/ZehhByZdPH0kELto+coQhquX+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RUQyQi84QjY3MDBBNkY0 MDgxMUVBOTBBQzU2NkZDNEY5QUUwMi9EOWw2R0VISmwwOGZTUVF1Mmo1eWhDR3E1 ZjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Q5bDZHRUhKbDA4ZlNRUXUyajV5aENHcTVmNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RUQyQi84QjY3MDBBNkY0MDgxMUVBOTBBQzU2NkZDNEY5QUUwMi9EOWw2R0VISmww OGZTUVF1Mmo1eWhDR3E1ZjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCeMWk9TxvxDybb61Gpihjj06G9Ev6cm82+ZzUulva/sHiGiSMDyNmh lY0bT2Ptm+SQpGpBWb3vadExiemYHnK+jFolM/5nqdoCSMXJ24UIgRfVku7XITAK TQLCFdve+/Er58nE1s2EApgggfp4dYOQ2qLNAyRDJKlESXdVNYZKMofnL2h3xFQq 8UbbN1JpfaFeGsmaNEZqEjGbN7+KD7rYZOkFQjpdVlh7lhhKLexCDWfHC5Zo01Mt AxiqyobcK+bnOm+YOEkRCu9EE31vGWFuM/dtaj3r+zI7i5TY/z8IJkximIoWXlal 4gTPlUR+wMpPCoLdfl1MIZ4+lGkPdklH -----END CERTIFICATE-----Generated at Wed Nov 5 04:07:56 2025 by rpki-client