$ rpki-client -vvf rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft File: 1AsQwSJMYeDTGML8YAOTeOz3LQA.mft (raw, json) Hash identifier: ldR3Wg9hvebPLSEtZ94WS6EIame0PfgZdnig5+SP8ps= Subject key identifier: F3:D9:77:84:95:0C:BD:92:98:E7:6C:D6:B5:7F:DC:B7:96:7A:39:B2 Authority key identifier: D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 Certificate issuer: /CN=A9167C20/serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Certificate serial: 0B22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft Manifest number: 0B1A Signing time: Sun 02 Nov 2025 19:16:43 +0000 Manifest this update: Sun 02 Nov 2025 19:16:43 +0000 Manifest next update: Sun 09 Nov 2025 19:16:43 +0000 Files and hashes: 1: 1AsQwSJMYeDTGML8YAOTeOz3LQA.crl (hash: 3bvx7tza1AJhooCzq97MPjmz8yNuqUo16AStRYbTwMg=) 2: AD35C0044EA511EAAB9DBE7DC4F9AE02.roa (hash: vRrkQ11gFoedPJsbqh7nQv1lr6X8LYa0tpYVg51dxDk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:16:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2850 (0xb22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167C20, serialNumber=D40B10C1224C61E0D318C2FC60039378ECF72D00 Validity Not Before: Nov 2 19:16:43 2025 GMT Not After : Nov 9 19:16:43 2025 GMT Subject: CN=6907ae1b-14a5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:2c:63:2b:b3:6d:93:e8:37:7a:3d:7a:f2:97: f2:09:08:87:eb:9e:48:fd:8a:63:67:9f:06:eb:91: de:ef:0b:3e:25:c5:a5:30:37:11:0d:f4:21:bb:b0: ef:72:12:61:af:00:b5:56:43:51:de:05:8d:dc:78: a0:33:13:89:10:6f:57:7d:86:e4:b7:89:12:37:c7: b6:e8:47:f0:b3:5f:79:b4:8e:52:4f:50:cd:22:46: d5:22:01:26:01:b7:64:76:c4:1c:7a:c4:8f:6c:f3: 78:7c:4a:73:de:ba:ce:e2:90:d2:8b:8b:6f:6e:2f: 52:01:95:ac:e8:65:7e:de:12:6c:02:31:ab:02:4d: 90:cd:7f:fa:ba:9e:e5:ea:e2:f7:20:a2:d5:af:cf: cc:c4:0e:98:95:cb:51:e7:71:f5:9e:53:bf:dc:1b: b3:b3:4a:56:c0:5c:19:28:71:30:bd:81:ca:a7:25: b4:fd:df:bb:10:84:dc:10:e8:7d:ff:ed:a8:1b:f9: b2:55:43:5d:9d:6a:56:6d:5e:92:6d:d4:ec:4b:71: e4:6b:7f:2d:55:63:2e:2a:41:35:0a:78:04:ad:d9: 92:94:d3:c9:d1:f6:96:fc:7d:f0:24:23:8e:16:4d: 65:ab:2a:fb:c1:da:de:82:6e:a2:bb:fb:99:54:5b: 02:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:D9:77:84:95:0C:BD:92:98:E7:6C:D6:B5:7F:DC:B7:96:7A:39:B2 X509v3 Authority Key Identifier: keyid:D4:0B:10:C1:22:4C:61:E0:D3:18:C2:FC:60:03:93:78:EC:F7:2D:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1AsQwSJMYeDTGML8YAOTeOz3LQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167C20/86571C104EA211EA84C08874C4F9AE02/1AsQwSJMYeDTGML8YAOTeOz3LQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:2c:de:06:ad:5c:2e:97:ad:65:01:9e:99:ec:b8:73:40:be: 97:fa:b2:4d:1e:53:32:92:f6:10:56:db:65:ab:72:36:5a:b2: 4a:58:c4:e5:60:49:41:3a:c6:26:18:3b:cc:59:a5:c2:49:d6: c2:c3:05:fb:a5:2b:cb:14:38:a5:7f:5f:ba:49:a9:14:f2:ba: 10:dd:db:58:13:ef:ae:83:6d:17:57:3f:bf:89:92:bf:89:27: 85:8d:86:b3:da:71:6e:3f:3a:20:25:ba:9c:ab:2f:d3:b3:6f: f1:1f:51:07:29:f0:aa:56:cc:21:eb:66:04:63:f8:68:d0:ac: 2c:ea:26:90:6d:37:92:0c:d7:e5:85:50:44:d5:cc:6b:3d:04: f2:ef:1e:72:e5:be:97:a7:99:f4:30:d0:54:2c:07:b3:a7:d7: e7:9d:43:22:02:68:7a:8a:5b:03:17:41:6e:7d:ba:34:59:e7: e5:d4:c8:71:ea:59:e7:39:4d:e8:df:cf:48:d7:29:e3:31:13: 65:4a:5d:8d:6f:a5:65:18:29:bb:6a:d7:45:02:f9:89:3b:83: 49:e4:50:df:95:3c:76:c1:9f:a7:b9:6b:37:07:a8:ab:1c:ee: bc:c3:6a:ef:3c:2a:f2:7d:4d:86:f9:c9:22:16:06:fd:20:2f: 3a:4c:eb:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCyIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDMjAxMTAvBgNVBAUTKEQ0MEIxMEMxMjI0QzYxRTBEMzE4QzJGQzYwMDM5Mzc4 RUNGNzJEMDAwHhcNMjUxMTAyMTkxNjQzWhcNMjUxMTA5MTkxNjQzWjAYMRYwFAYD VQQDEw02OTA3YWUxYi0xNGE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsixjK7Ntk+g3ej168pfyCQiH655I/YpjZ58G65He7ws+JcWlMDcRDfQhu7Dv chJhrwC1VkNR3gWN3HigMxOJEG9XfYbkt4kSN8e26Efws195tI5ST1DNIkbVIgEm AbdkdsQcesSPbPN4fEpz3rrO4pDSi4tvbi9SAZWs6GV+3hJsAjGrAk2QzX/6up7l 6uL3IKLVr8/MxA6YlctR53H1nlO/3Buzs0pWwFwZKHEwvYHKpyW0/d+7EITcEOh9 /+2oG/myVUNdnWpWbV6SbdTsS3Hka38tVWMuKkE1CngErdmSlNPJ0faW/H3wJCOO Fk1lqyr7wdregm6iu/uZVFsCEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPPZd4SV DL2SmOds1rV/3LeWejmyMB8GA1UdIwQYMBaAFNQLEMEiTGHg0xjC/GADk3js9y0A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0MyMC84NjU3MUMxMDRF QTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVllRFRHTUw4WUFPVGVPejNM UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFBc1F3U0pNWWVEVEdNTDhZQU9UZU96M0xRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0MyMC84NjU3MUMxMDRFQTIxMUVBODRDMDg4NzRDNEY5QUUwMi8xQXNRd1NKTVll RFRHTUw4WUFPVGVPejNMUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKLN4GrVwul61lAZ6Z7LhzQL6X+rJNHlMykvYQVttlq3I2WrJKWMTl YElBOsYmGDvMWaXCSdbCwwX7pSvLFDilf1+6SakU8roQ3dtYE++ug20XVz+/iZK/ iSeFjYaz2nFuPzogJbqcqy/Ts2/xH1EHKfCqVswh62YEY/ho0Kws6iaQbTeSDNfl hVBE1cxrPQTy7x5y5b6Xp5n0MNBULAezp9fnnUMiAmh6ilsDF0Fufbo0Wefl1Mhx 6lnnOU3o389I1ynjMRNlSl2Nb6VlGCm7atdFAvmJO4NJ5FDflTx2wZ+nuWs3B6ir HO68w2rvPCryfU2G+ckiFgb9IC86TOv1 -----END CERTIFICATE-----Generated at Tue Nov 4 12:40:21 2025 by rpki-client