$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft File: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft (raw, json) Hash identifier: tIrNpLfOk7mZJJ4a83wi7f6piG9YE3empAFGIUCOoMg= Subject key identifier: 83:7A:79:29:00:99:CC:A2:18:CF:9D:BA:E6:EA:75:0C:E9:15:68:D1 Authority key identifier: 76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D Certificate issuer: /CN=A9157DAE/serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Certificate serial: 04B4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft Manifest number: 04A0 Signing time: Tue 04 Nov 2025 17:10:04 +0000 Manifest this update: Tue 04 Nov 2025 17:10:03 +0000 Manifest next update: Tue 11 Nov 2025 17:10:03 +0000 Files and hashes: 1: dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl (hash: QXde/QjloS+xgsjU/zZOu+XmIM3g1NrTZ2Qez1KuhGY=) 2: 13EE3260596A11ECB1394271C4F9AE02.roa (hash: BSTa7sI/Wxp7paF8iFEhYcOXczYzjvqpGs3tFatgPsE=) 3: F91F0C028A2E11EC98A2702CC4F9AE02.roa (hash: EM7EONiwHXhiPFzyfONkaOBX/AROwU9rjV4ETvuVQDQ=) 4: 1479C514596A11ECB1394271C4F9AE02.roa (hash: TLiIvWlCkSUznKaCtTmASc45uAF4Q8KIvn7LhcKxI18=) 5: F5A921B85BE911EF8624AA20C4F9AE02.roa (hash: HMDK7qPjAO3ncQEJzX6SKnODDt4e7glxidti8sfhV1k=) 6: D36F0B6ECF4411ECB6B61825C4F9AE02.roa (hash: Z/SQA8GAHBj69mDXnfsLMK8qu+tlZ5LxlzdXDGduFGo=) 7: 9CD16392309711F09EFD0C4CC4F9AE02.roa (hash: AfGxVPGE0X5aiSEnPrV13VcxuUAvslUoJjsgWW+PD9o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:10:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1204 (0x4b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DAE, serialNumber=760E6A7F08B72FF80EB56F6750323B164A70DA1D Validity Not Before: Nov 4 17:10:03 2025 GMT Not After : Nov 11 17:10:03 2025 GMT Subject: CN=690a336b-cb3f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:0b:21:94:a8:fc:6f:b5:70:a4:ae:1d:4d:dd: 2c:1a:b4:d6:2e:82:42:0e:ac:73:4a:a1:3b:ed:13: de:f8:a8:04:77:59:40:d9:f0:7e:f4:31:35:19:47: 35:cb:c9:85:e7:4f:a7:d6:4b:53:16:c8:ce:6b:07: 6f:0b:63:7f:e3:74:0f:3b:8f:cc:5c:6e:b0:ee:d3: d9:ff:fd:09:47:79:b6:fe:bb:3b:04:e8:f3:11:b6: ab:f9:86:be:bd:59:9b:e5:07:f8:dc:ee:bf:32:96: 66:55:47:fa:12:cf:bd:30:3f:10:3a:92:23:57:66: 47:92:dc:8b:30:19:5a:97:1d:ec:7a:4e:55:29:9d: c5:ff:3f:be:bd:25:3b:72:9c:b7:44:74:bd:1a:b2: a0:70:28:c8:77:64:aa:f6:ba:ae:a4:0c:28:e0:9c: b0:b1:21:03:9b:c5:71:1f:e0:85:f4:38:7d:80:b9: 04:7a:ce:ca:fc:af:30:aa:77:66:6a:7a:f8:80:94: 66:b5:69:88:fa:65:10:f7:7d:95:ee:cd:67:25:e7: 6e:15:70:ff:62:5d:20:cb:a3:e8:9c:47:b4:8b:cc: ef:54:0a:d7:fa:d9:5f:a8:c4:2b:fd:0b:d0:e8:d6: 91:7d:27:ac:c0:19:c4:3e:22:ce:ed:2b:3b:22:cd: da:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:7A:79:29:00:99:CC:A2:18:CF:9D:BA:E6:EA:75:0C:E9:15:68:D1 X509v3 Authority Key Identifier: keyid:76:0E:6A:7F:08:B7:2F:F8:0E:B5:6F:67:50:32:3B:16:4A:70:DA:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DAE/5B4C4E36596911EC94A3E770C4F9AE02/dg5qfwi3L_gOtW9nUDI7Fkpw2h0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:c6:22:bf:67:e0:20:9c:a3:4e:c5:e5:cc:b4:55:9d:78:74: 89:e4:86:12:ce:9e:e0:bc:8f:0e:d3:c9:f0:37:dc:ba:8e:7e: 5c:83:22:23:c3:26:e2:40:33:95:02:9a:46:01:19:71:55:d1: 73:93:d6:98:b5:81:f9:11:dc:3c:a0:99:2b:7e:0b:d5:e5:cf: 99:92:d7:0a:30:91:ea:84:9d:a7:a8:72:ac:06:c1:80:ff:8b: 5e:1f:20:21:90:6b:43:22:91:5a:ab:27:61:4c:fe:a6:1e:a5: aa:13:fc:95:bf:69:a7:92:68:10:f5:ba:d2:86:0f:01:b2:f7: 18:74:cd:6d:e9:76:b6:a2:8e:52:cd:26:fd:1d:57:07:a4:1d: 0f:8a:9c:0c:e0:92:6f:6b:f3:07:a7:39:18:79:f4:e9:12:33: 51:b0:31:f0:f1:75:dd:eb:19:c4:c2:d3:3a:6c:9b:04:f4:69: 13:fb:bc:98:89:59:3b:ef:36:a2:95:ed:74:56:8c:ee:92:5c: 22:29:17:d9:df:ee:68:a0:5e:bb:f8:8e:9a:78:36:69:5a:98: e6:a1:57:ed:84:90:78:18:7d:3b:a9:5a:c0:ad:82:3c:ca:1a: 35:27:f8:11:b5:ee:e6:5c:01:7b:91:2b:9c:56:dd:67:71:2a: ec:f0:23:e6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQUUxMTAvBgNVBAUTKDc2MEU2QTdGMDhCNzJGRjgwRUI1NkY2NzUwMzIzQjE2 NEE3MERBMUQwHhcNMjUxMTA0MTcxMDAzWhcNMjUxMTExMTcxMDAzWjAYMRYwFAYD VQQDEw02OTBhMzM2Yi1jYjNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuwshlKj8b7VwpK4dTd0sGrTWLoJCDqxzSqE77RPe+KgEd1lA2fB+9DE1GUc1 y8mF50+n1ktTFsjOawdvC2N/43QPO4/MXG6w7tPZ//0JR3m2/rs7BOjzEbar+Ya+ vVmb5Qf43O6/MpZmVUf6Es+9MD8QOpIjV2ZHktyLMBlalx3sek5VKZ3F/z++vSU7 cpy3RHS9GrKgcCjId2Sq9rqupAwo4JywsSEDm8VxH+CF9Dh9gLkEes7K/K8wqndm anr4gJRmtWmI+mUQ932V7s1nJeduFXD/Yl0gy6PonEe0i8zvVArX+tlfqMQr/QvQ 6NaRfSeswBnEPiLO7Ss7Is3aZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIN6eSkA mcyiGM+duubqdQzpFWjRMB8GA1UdIwQYMBaAFHYOan8Ity/4DrVvZ1AyOxZKcNod MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBRS81QjRDNEUzNjU5 NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xfZ090VzluVURJN0ZrcHcy aDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2RnNXFmd2kzTF9nT3RXOW5VREk3RmtwdzJoMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBRS81QjRDNEUzNjU5NjkxMUVDOTRBM0U3NzBDNEY5QUUwMi9kZzVxZndpM0xf Z090VzluVURJN0ZrcHcyaDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhxiK/Z+AgnKNOxeXMtFWdeHSJ5IYSzp7gvI8O08nwN9y6jn5cgyIj wybiQDOVAppGARlxVdFzk9aYtYH5Edw8oJkrfgvV5c+ZktcKMJHqhJ2nqHKsBsGA /4teHyAhkGtDIpFaqydhTP6mHqWqE/yVv2mnkmgQ9brShg8BsvcYdM1t6Xa2oo5S zSb9HVcHpB0PipwM4JJva/MHpzkYefTpEjNRsDHw8XXd6xnEwtM6bJsE9GkT+7yY iVk77zaile10VozuklwiKRfZ3+5ooF67+I6aeDZpWpjmoVfthJB4GH07qVrArYI8 yho1J/gRte7mXAF7kSucVt1ncSrs8CPm -----END CERTIFICATE-----Generated at Wed Nov 5 02:18:37 2025 by rpki-client