$ rpki-client -vvf rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft File: YfjH66e1XnGy5rF3QJFCUdiM8KY.mft (raw, json) Hash identifier: DdpEaoDFozTlEnbrHDF7MKI+FMaIdv83s9CxJ1zaNok= Subject key identifier: 07:CF:B4:2B:A7:2B:B3:F1:9D:27:B7:78:3F:38:FE:C6:F3:01:5D:18 Authority key identifier: 61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6 Certificate issuer: /CN=A9158491/serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6 Certificate serial: A5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft Manifest number: 9C Signing time: Mon 03 Nov 2025 06:32:04 +0000 Manifest this update: Mon 03 Nov 2025 06:32:03 +0000 Manifest next update: Mon 10 Nov 2025 06:32:03 +0000 Files and hashes: 1: YfjH66e1XnGy5rF3QJFCUdiM8KY.crl (hash: XSgzjnpR+rZDJm4xkPw9c4mk0sHApx/YJgJIVVdcCZY=) 2: 5FDDEE1CE34211EF8EA0CA77C4F9AE02.roa (hash: mzE4Rj9TzgxYoPFC7hLQmMNdU4o1ATX8k/0uu+bhb9g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 06:32:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 165 (0xa5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158491, serialNumber=61F8C7EBA7B55E71B2E6B17740914251D88CF0A6 Validity Not Before: Nov 3 06:32:03 2025 GMT Not After : Nov 10 06:32:03 2025 GMT Subject: CN=69084c64-7f68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:7f:f0:c9:27:ce:7e:0f:53:e3:c9:72:43:1f: 26:36:43:68:b8:51:ba:a1:7c:80:7b:19:11:92:63: 09:1a:1e:4e:2a:d2:4f:9f:c5:ab:d2:56:e2:e4:3f: 67:ea:b0:c9:c6:67:5c:13:0e:fe:74:b1:e8:51:ab: d2:e2:8b:df:fe:7a:17:56:e4:29:e4:ac:73:ca:9e: b4:a2:ad:11:46:97:58:8e:b5:3b:a5:4a:e7:ff:e3: b7:b9:c0:bd:75:f0:ac:ef:6e:b9:7b:6f:99:c0:5b: d9:39:16:fe:96:c2:b0:7c:39:e4:50:c7:a3:14:ec: 5c:20:a6:13:53:ae:9e:c9:2a:4b:de:08:68:d7:14: 19:da:e8:a7:3c:ac:92:f0:98:13:03:0c:ec:2f:61: 28:d5:e5:40:ae:91:1a:00:92:36:d3:4f:c8:15:b3: 7a:67:2a:32:31:d2:3f:44:7f:cd:52:61:91:34:49: eb:e8:c4:ff:64:ff:2b:8f:df:60:be:49:59:ff:8d: c1:c7:90:9c:d4:05:b8:c5:65:6c:38:63:48:f3:ab: 45:69:13:e9:65:a2:db:fe:39:58:3c:02:ae:3a:5d: 2d:2a:0f:bd:b9:33:06:77:e0:8e:74:33:0b:0a:d9: a7:9c:dd:8e:84:7a:c0:89:ab:7c:32:14:93:30:f0: 3f:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 07:CF:B4:2B:A7:2B:B3:F1:9D:27:B7:78:3F:38:FE:C6:F3:01:5D:18 X509v3 Authority Key Identifier: keyid:61:F8:C7:EB:A7:B5:5E:71:B2:E6:B1:77:40:91:42:51:D8:8C:F0:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YfjH66e1XnGy5rF3QJFCUdiM8KY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158491/60DA53FADFA511EF8BD49F87C4F9AE02/YfjH66e1XnGy5rF3QJFCUdiM8KY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ac:42:d3:d1:31:cb:f6:83:41:6c:cb:27:99:67:09:c4:da:d9: 85:dc:33:36:84:95:a3:29:b9:27:21:dd:59:a6:81:4b:f6:bf: 91:a7:b4:aa:14:79:00:da:be:94:6c:27:8e:d8:c0:0e:39:e0: dd:86:26:ff:e9:95:6d:79:4b:02:2d:b1:77:29:25:9c:82:58: 4a:e1:e1:45:3e:ce:01:7e:ac:4d:eb:59:15:9e:61:51:83:4b: ff:c6:48:24:3d:e8:d6:50:22:79:60:f0:c9:eb:fa:14:c7:f1: de:8a:3b:6d:80:d0:19:ec:d8:2a:59:4a:60:61:e7:43:38:6b: c6:73:c0:26:78:02:30:85:d6:4f:57:ef:2f:29:3d:d7:a6:ab: 16:b0:a7:65:30:9e:56:08:c8:b8:3a:0a:4b:2f:ab:65:a8:df: 5d:b2:e0:94:0f:91:aa:2e:e8:f0:f3:e3:7e:d4:53:1c:70:08: e9:c0:a1:9a:dd:ff:f4:71:60:98:53:f1:1b:84:7a:ae:a4:f6: 29:d6:7d:82:e5:a1:1e:10:6e:8c:29:6d:77:03:ad:9c:d5:ed: 83:15:a5:6d:6d:b1:05:60:24:97:aa:5a:b6:44:29:1b:8a:5f: d4:a4:da:0e:18:11:68:82:3e:7b:52:6f:b6:d7:be:63:25:72: c3:4a:cb:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg0OTExMTAvBgNVBAUTKDYxRjhDN0VCQTdCNTVFNzFCMkU2QjE3NzQwOTE0MjUx RDg4Q0YwQTYwHhcNMjUxMTAzMDYzMjAzWhcNMjUxMTEwMDYzMjAzWjAYMRYwFAYD VQQDEw02OTA4NGM2NC03ZjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz3/wySfOfg9T48lyQx8mNkNouFG6oXyAexkRkmMJGh5OKtJPn8Wr0lbi5D9n 6rDJxmdcEw7+dLHoUavS4ovf/noXVuQp5Kxzyp60oq0RRpdYjrU7pUrn/+O3ucC9 dfCs7265e2+ZwFvZORb+lsKwfDnkUMejFOxcIKYTU66eySpL3gho1xQZ2uinPKyS 8JgTAwzsL2Eo1eVArpEaAJI200/IFbN6ZyoyMdI/RH/NUmGRNEnr6MT/ZP8rj99g vklZ/43Bx5Cc1AW4xWVsOGNI86tFaRPpZaLb/jlYPAKuOl0tKg+9uTMGd+COdDML CtmnnN2OhHrAiat8MhSTMPA/EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAfPtCun K7PxnSe3eD84/sbzAV0YMB8GA1UdIwQYMBaAFGH4x+untV5xsuaxd0CRQlHYjPCm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODQ5MS82MERBNTNGQURG QTUxMUVGOEJENDlGODdDNEY5QUUwMi9ZZmpINjZlMVhuR3k1ckYzUUpGQ1VkaU04 S1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lmakg2NmUxWG5HeTVyRjNRSkZDVWRpTThLWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODQ5MS82MERBNTNGQURGQTUxMUVGOEJENDlGODdDNEY5QUUwMi9ZZmpINjZlMVhu R3k1ckYzUUpGQ1VkaU04S1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCsQtPRMcv2g0FsyyeZZwnE2tmF3DM2hJWjKbknId1ZpoFL9r+Rp7Sq FHkA2r6UbCeO2MAOOeDdhib/6ZVteUsCLbF3KSWcglhK4eFFPs4BfqxN61kVnmFR g0v/xkgkPejWUCJ5YPDJ6/oUx/HeijttgNAZ7NgqWUpgYedDOGvGc8AmeAIwhdZP V+8vKT3XpqsWsKdlMJ5WCMi4OgpLL6tlqN9dsuCUD5GqLujw8+N+1FMccAjpwKGa 3f/0cWCYU/EbhHqupPYp1n2C5aEeEG6MKW13A62c1e2DFaVtbbEFYCSXqlq2RCkb il/UpNoOGBFogj57Um+2175jJXLDSsuB -----END CERTIFICATE-----Generated at Wed Nov 5 05:18:16 2025 by rpki-client