$ rpki-client -vvf rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft File: UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft (raw, json) Hash identifier: OtKJiE55y1HjjxxOJdTuqmLPgYQp1+kdew37GF1PUiw= Subject key identifier: 85:D1:E0:21:F7:E0:2E:5E:09:53:38:22:A5:36:8B:05:EA:12:71:1B Authority key identifier: 50:E5:0E:DA:F6:4A:2C:25:B7:31:23:96:73:D9:07:0F:61:83:02:79 Certificate issuer: /CN=A9157031/serialNumber=50E50EDAF64A2C25B731239673D9070F61830279 Certificate serial: 043C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UOUO2vZKLCW3MSOWc9kHD2GDAnk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft Manifest number: 0437 Signing time: Wed 05 Nov 2025 00:22:20 +0000 Manifest this update: Wed 05 Nov 2025 00:22:19 +0000 Manifest next update: Wed 12 Nov 2025 00:22:19 +0000 Files and hashes: 1: UOUO2vZKLCW3MSOWc9kHD2GDAnk.crl (hash: Sr1nNFARCFV1wJnL5tpb886KgTHT+lLXzXK/iWOZFqI=) 2: 32D8FF34C99E11ED98E9BE5BC4F9AE02.roa (hash: 75eZM/Pn5fV11WrvJUnUrFhvKQhEtrEs1POmskjBp6U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.crl rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UOUO2vZKLCW3MSOWc9kHD2GDAnk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:22:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1084 (0x43c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157031, serialNumber=50E50EDAF64A2C25B731239673D9070F61830279 Validity Not Before: Nov 5 00:22:19 2025 GMT Not After : Nov 12 00:22:19 2025 GMT Subject: CN=690a98bb-20fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:81:03:f9:66:c6:86:a5:bc:a1:98:d6:97:f2: 7e:a9:e5:4e:87:4c:36:90:57:94:3c:c7:41:60:0e: 8c:88:b0:ec:f2:fe:01:72:98:a3:2d:18:02:dd:62: 9a:42:69:05:b4:21:98:fb:3a:c0:1a:f5:8f:02:55: d0:e1:bf:3f:42:bf:ee:26:16:02:d7:01:99:db:b7: e2:c3:18:ab:85:21:61:21:d4:ff:53:8d:4e:e0:c0: c5:db:13:99:b6:eb:f0:a8:ff:61:d9:86:b0:2e:ca: 82:0b:fe:7b:5a:68:74:5e:18:5c:59:6c:c5:bd:a0: f4:21:49:0c:01:d7:26:3f:e2:b8:46:7d:f1:63:3d: 8b:7d:5e:97:62:af:5b:6e:48:8c:bc:9c:80:9d:a9: 5a:59:ba:b5:69:78:85:83:ab:fc:db:53:6e:51:4a: 78:6c:72:b9:54:0b:40:7b:36:60:57:ec:8a:bd:27: b7:94:87:4a:b1:c2:48:62:62:b4:c5:82:22:b8:6f: a6:f6:f6:12:69:a6:d9:07:e3:e2:ef:6d:cc:d9:cc: 39:02:ea:99:95:60:d2:9b:91:32:66:52:79:d8:81: 44:ed:10:51:66:89:32:c3:85:df:54:97:9e:b2:89: 1a:4a:56:50:be:5b:41:9c:38:d3:44:dc:34:60:e5: 51:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:D1:E0:21:F7:E0:2E:5E:09:53:38:22:A5:36:8B:05:EA:12:71:1B X509v3 Authority Key Identifier: keyid:50:E5:0E:DA:F6:4A:2C:25:B7:31:23:96:73:D9:07:0F:61:83:02:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UOUO2vZKLCW3MSOWc9kHD2GDAnk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157031/7A004F787EC911EC84EC4418C4F9AE02/UOUO2vZKLCW3MSOWc9kHD2GDAnk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:4d:cc:94:72:ab:18:1b:4c:f9:08:4e:a6:05:6a:ce:19:f4: 0a:18:cc:e2:70:d8:84:3c:03:53:a7:ee:b5:00:05:fd:a0:f8: b2:78:6f:67:84:01:50:01:9e:b0:0c:40:d1:0c:7c:ed:e6:75: 13:0f:5a:3f:64:ed:18:6b:f0:30:22:7e:22:e7:96:cf:11:e7: cd:fe:c3:1a:90:9e:c8:29:f4:b7:29:7e:6f:f4:af:02:d9:d4: 97:d1:c3:d5:28:68:4a:1c:79:07:45:f6:43:0f:35:a9:f0:ee: e4:de:9d:05:d6:ec:e7:a6:04:b2:0d:86:f5:e1:a1:27:7f:83: 97:89:e6:bd:21:3b:38:f9:f9:12:5b:8c:9c:23:ec:65:bd:42: 1c:98:5b:7d:fc:9c:3e:ca:86:6a:7b:de:31:cd:98:e3:54:d2: 22:67:b9:00:ad:c2:8d:80:13:76:84:28:23:b0:6b:8f:3c:a5: 68:04:ec:6e:16:41:e2:cf:f8:75:5c:84:2c:b6:8e:da:09:73: c7:0b:df:1b:b8:51:da:2a:b3:3a:65:5c:a5:e9:06:a8:82:e0: 85:ad:c5:32:a1:44:ff:c6:5b:3f:66:51:90:be:4f:b0:0a:ba: 72:84:60:25:b5:b0:32:4a:bc:95:18:bb:3b:44:e0:7f:3f:b4: 7d:51:32:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTcwMzExMTAvBgNVBAUTKDUwRTUwRURBRjY0QTJDMjVCNzMxMjM5NjczRDkwNzBG NjE4MzAyNzkwHhcNMjUxMTA1MDAyMjE5WhcNMjUxMTEyMDAyMjE5WjAYMRYwFAYD VQQDEw02OTBhOThiYi0yMGZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4ED+WbGhqW8oZjWl/J+qeVOh0w2kFeUPMdBYA6MiLDs8v4BcpijLRgC3WKa QmkFtCGY+zrAGvWPAlXQ4b8/Qr/uJhYC1wGZ27fiwxirhSFhIdT/U41O4MDF2xOZ tuvwqP9h2YawLsqCC/57Wmh0XhhcWWzFvaD0IUkMAdcmP+K4Rn3xYz2LfV6XYq9b bkiMvJyAnalaWbq1aXiFg6v821NuUUp4bHK5VAtAezZgV+yKvSe3lIdKscJIYmK0 xYIiuG+m9vYSaabZB+Pi723M2cw5AuqZlWDSm5EyZlJ52IFE7RBRZokyw4XfVJee sokaSlZQvltBnDjTRNw0YOVRuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIXR4CH3 4C5eCVM4IqU2iwXqEnEbMB8GA1UdIwQYMBaAFFDlDtr2SiwltzEjlnPZBw9hgwJ5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NzAzMS83QTAwNEY3ODdF QzkxMUVDODRFQzQ0MThDNEY5QUUwMi9VT1VPMnZaS0xDVzNNU09XYzlrSEQyR0RB bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VPVU8ydlpLTENXM01TT1djOWtIRDJHREFuay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NzAzMS83QTAwNEY3ODdFQzkxMUVDODRFQzQ0MThDNEY5QUUwMi9VT1VPMnZaS0xD VzNNU09XYzlrSEQyR0RBbmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOTcyUcqsYG0z5CE6mBWrOGfQKGMzicNiEPANTp+61AAX9oPiyeG9n hAFQAZ6wDEDRDHzt5nUTD1o/ZO0Ya/AwIn4i55bPEefN/sMakJ7IKfS3KX5v9K8C 2dSX0cPVKGhKHHkHRfZDDzWp8O7k3p0F1uznpgSyDYb14aEnf4OXiea9ITs4+fkS W4ycI+xlvUIcmFt9/Jw+yoZqe94xzZjjVNIiZ7kArcKNgBN2hCgjsGuPPKVoBOxu FkHiz/h1XIQsto7aCXPHC98buFHaKrM6ZVyl6QaoguCFrcUyoUT/xls/ZlGQvk+w CrpyhGAltbAySryVGLs7ROB/P7R9UTI8 -----END CERTIFICATE-----Generated at Wed Nov 5 05:41:05 2025 by rpki-client