$ rpki-client -vvf rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft File: 1OMXbLn0iT50xOgF-n-12QpKewo.mft (raw, json) Hash identifier: P/qvPs0/mrppwNcpxhEiFLxQu5qzcSNlFggnctUN0o8= Subject key identifier: 10:D1:5E:AB:A9:FC:30:89:A0:29:21:C3:2A:C6:CB:17:02:50:CC:40 Authority key identifier: D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A Certificate issuer: /CN=A9154AFB/serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A Certificate serial: 1793 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft Manifest number: 177E Signing time: Tue 04 Nov 2025 16:41:16 +0000 Manifest this update: Tue 04 Nov 2025 16:41:16 +0000 Manifest next update: Tue 11 Nov 2025 16:41:16 +0000 Files and hashes: 1: 1OMXbLn0iT50xOgF-n-12QpKewo.crl (hash: e6y7U8qRZ6wkzL0GAn4Ek73dRi9FCJ1nnDhRftMzGV4=) 2: 81368CD6594B11EE924DCC64C4F9AE02.roa (hash: XhkwHyloR+2rDxWbay2n/StJn5+0QtLglAfKwVMv/5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:41:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6035 (0x1793) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154AFB, serialNumber=D4E3176CB9F4893E74C4E805FA7FB5D90A4A7B0A Validity Not Before: Nov 4 16:41:16 2025 GMT Not After : Nov 11 16:41:16 2025 GMT Subject: CN=690a2cac-fd25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:86:fb:ab:93:b7:4e:b4:b1:ad:96:37:d5:dd: 7f:58:b4:22:19:29:ea:9b:f0:a2:9d:39:3e:25:f4: 79:62:2b:c1:5a:01:8d:f9:a0:3d:19:72:5a:35:fe: 26:ff:f7:0a:e6:3e:fd:4d:34:66:66:cd:aa:d5:07: ae:e2:59:57:6b:1e:29:97:f7:6e:37:74:db:c5:80: c4:4a:ff:6b:47:05:42:4f:d3:07:69:ec:ab:be:d9: cc:37:18:20:84:6d:87:d0:fd:d1:14:b5:60:ce:a1: ee:d6:73:9e:9b:69:7d:fb:d8:a2:de:25:73:c8:92: 7e:34:c4:8b:c8:81:2e:8f:0e:e4:18:ee:81:7b:31: d4:ec:f1:a2:99:9d:63:60:bb:e4:b0:58:4e:48:56: d5:a4:15:27:95:a2:a5:a4:ff:24:82:c6:2a:5a:6a: 8a:9f:c3:14:cf:fc:38:2f:32:25:bb:99:64:e7:33: f2:14:53:68:ae:8e:1a:14:d9:d3:cb:3b:3b:df:88: 3a:d4:cf:21:e3:d1:f0:92:e4:4f:b5:f4:94:07:4e: 8f:aa:c3:f6:e9:43:64:14:64:e8:a4:94:93:32:33: e8:1e:db:01:7a:73:52:0a:c1:fc:d7:08:da:d0:4a: d0:a2:48:62:71:bf:87:0f:b7:58:5b:39:2e:e5:37: 25:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:D1:5E:AB:A9:FC:30:89:A0:29:21:C3:2A:C6:CB:17:02:50:CC:40 X509v3 Authority Key Identifier: keyid:D4:E3:17:6C:B9:F4:89:3E:74:C4:E8:05:FA:7F:B5:D9:0A:4A:7B:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1OMXbLn0iT50xOgF-n-12QpKewo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154AFB/78A04E4CE32F11E7B6CED42FC4F9AE02/1OMXbLn0iT50xOgF-n-12QpKewo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:2c:4d:74:99:5e:ca:03:36:94:a1:fc:09:f3:56:ed:cd:97: 67:e7:1b:92:41:73:a2:27:c9:46:6a:37:5a:1c:47:42:70:60: 22:1d:bf:5c:31:7c:0f:6a:2a:7f:dc:1f:43:4d:e2:d7:48:3a: 10:2a:d0:9f:62:7a:15:7f:91:d5:09:58:79:1e:8e:4b:e0:e1: 32:ed:94:41:27:6a:af:e5:df:76:18:a7:87:b9:a5:89:2e:1a: 4e:d1:25:e0:0d:0b:0f:e5:a0:73:b3:30:0d:6a:7a:aa:06:e3: 06:46:83:3f:0b:dd:7a:a6:1a:ea:36:31:70:94:02:ad:68:e6: 41:b6:31:76:5e:eb:da:93:6a:a6:bf:8d:14:cf:87:c7:f0:ca: c3:cc:65:9d:a1:09:c0:b2:31:87:73:8d:10:da:c3:d7:55:2c: d2:68:9f:90:80:56:42:c3:5a:b5:2d:a4:a5:b9:83:47:f1:98: 13:5b:b2:f2:44:cb:ef:1d:dc:46:12:16:65:e9:13:90:2e:7b: 3b:80:e9:d3:07:48:aa:6d:8f:8e:61:f4:43:32:92:a4:76:14: c8:c3:2a:5e:3a:a2:b1:33:62:9d:e0:8b:f7:ea:55:1c:9b:e4: 3c:73:9c:7a:23:b9:67:e7:ec:51:57:bd:cd:35:cd:af:62:98: fb:66:64:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICF5MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTRBRkIxMTAvBgNVBAUTKEQ0RTMxNzZDQjlGNDg5M0U3NEM0RTgwNUZBN0ZCNUQ5 MEE0QTdCMEEwHhcNMjUxMTA0MTY0MTE2WhcNMjUxMTExMTY0MTE2WjAYMRYwFAYD VQQDEw02OTBhMmNhYy1mZDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4Yb7q5O3TrSxrZY31d1/WLQiGSnqm/CinTk+JfR5YivBWgGN+aA9GXJaNf4m //cK5j79TTRmZs2q1Qeu4llXax4pl/duN3TbxYDESv9rRwVCT9MHaeyrvtnMNxgg hG2H0P3RFLVgzqHu1nOem2l9+9ii3iVzyJJ+NMSLyIEujw7kGO6BezHU7PGimZ1j YLvksFhOSFbVpBUnlaKlpP8kgsYqWmqKn8MUz/w4LzIlu5lk5zPyFFNoro4aFNnT yzs734g61M8h49HwkuRPtfSUB06PqsP26UNkFGTopJSTMjPoHtsBenNSCsH81wja 0ErQokhicb+HD7dYWzku5TclpQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBDRXqup /DCJoCkhwyrGyxcCUMxAMB8GA1UdIwQYMBaAFNTjF2y59Ik+dMToBfp/tdkKSnsK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEFGQi83OEEwNEU0Q0Uz MkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlUNTB4T2dGLW4tMTJRcEtl d28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFPTVhiTG4waVQ1MHhPZ0Ytbi0xMlFwS2V3by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NEFGQi83OEEwNEU0Q0UzMkYxMUU3QjZDRUQ0MkZDNEY5QUUwMi8xT01YYkxuMGlU NTB4T2dGLW4tMTJRcEtld28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBuLE10mV7KAzaUofwJ81btzZdn5xuSQXOiJ8lGajdaHEdCcGAiHb9c MXwPaip/3B9DTeLXSDoQKtCfYnoVf5HVCVh5Ho5L4OEy7ZRBJ2qv5d92GKeHuaWJ LhpO0SXgDQsP5aBzszANanqqBuMGRoM/C916phrqNjFwlAKtaOZBtjF2Xuvak2qm v40Uz4fH8MrDzGWdoQnAsjGHc40Q2sPXVSzSaJ+QgFZCw1q1LaSluYNH8ZgTW7Ly RMvvHdxGEhZl6ROQLns7gOnTB0iqbY+OYfRDMpKkdhTIwypeOqKxM2Kd4Iv36lUc m+Q8c5x6I7ln5+xRV73NNc2vYpj7ZmTE -----END CERTIFICATE-----Generated at Wed Nov 5 11:59:10 2025 by rpki-client