$ rpki-client -vvf rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft File: CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft (raw, json) Hash identifier: wIpxmfbTZ/dAvq13ktNVS8MU2EmoPP13etCh0b7PMxY= Subject key identifier: B9:FC:92:21:F6:26:63:52:1A:CF:1A:43:B3:B1:4B:14:5C:75:6A:8D Authority key identifier: 0A:61:52:83:4E:12:99:C1:1C:F6:E0:78:65:F7:65:B2:38:65:63:89 Certificate issuer: /CN=A9168C73/serialNumber=0A6152834E1299C11CF6E07865F765B238656389 Certificate serial: 01F3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmFSg04SmcEc9uB4ZfdlsjhlY4k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft Manifest number: 01F0 Signing time: Mon 03 Nov 2025 02:31:38 +0000 Manifest this update: Mon 03 Nov 2025 02:31:38 +0000 Manifest next update: Mon 10 Nov 2025 02:31:38 +0000 Files and hashes: 1: CmFSg04SmcEc9uB4ZfdlsjhlY4k.crl (hash: GsytRNtCbA5AhHiQLCV6kO52VKwbf4pOkBLh5Og2g8w=) 2: D8EC2D84C6FF11EDA93A1D43C4F9AE02.roa (hash: 1DI+mqIXwfIJnsuS//oB0VNc4iGbxjDEhe/n7gNnlpo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.crl rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmFSg04SmcEc9uB4ZfdlsjhlY4k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:31:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 499 (0x1f3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168C73, serialNumber=0A6152834E1299C11CF6E07865F765B238656389 Validity Not Before: Nov 3 02:31:38 2025 GMT Not After : Nov 10 02:31:38 2025 GMT Subject: CN=6908140a-e5b5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:6d:47:48:a7:1d:69:95:d4:ab:52:2b:7a:47: 90:f3:e0:12:e9:63:45:e5:01:26:bc:81:99:fb:24: 7b:86:d1:62:16:89:8f:db:1a:75:ba:0e:6b:4f:16: 25:9a:4a:42:85:40:5f:40:bc:ab:db:fc:b9:f8:54: 3f:85:57:43:9d:1f:f7:d9:e0:19:24:ef:b7:e0:e0: 03:96:c1:8e:fa:61:10:40:34:c4:77:29:4a:1c:1b: aa:13:65:ae:7d:bb:fa:c3:0a:c4:a3:18:b7:6d:c7: 0e:6f:c7:06:41:65:a1:7f:5c:49:a0:86:08:53:3e: 11:b1:a0:8f:06:8f:2a:2d:78:0b:c2:da:3f:58:e7: 2f:fe:de:9a:43:3b:55:97:53:ab:8e:30:0f:2d:e5: 3a:1a:a2:ae:c0:1f:78:fe:62:e8:4d:1b:d1:6a:c7: 62:50:67:ca:ba:dc:52:5b:18:4b:d9:95:19:80:26: f7:6e:5b:c2:60:64:6f:03:64:8f:91:b9:d7:8f:f6: b3:6a:5f:f0:ea:e7:0e:48:ee:95:fc:3f:4f:3e:be: 4b:6e:20:1a:2d:f4:fd:23:de:26:63:47:d9:a1:26: 10:88:f8:7c:ab:d4:38:85:40:48:72:ab:42:28:7d: 8e:86:7f:51:b4:33:e2:7c:05:8f:90:86:4b:cf:a9: 66:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:FC:92:21:F6:26:63:52:1A:CF:1A:43:B3:B1:4B:14:5C:75:6A:8D X509v3 Authority Key Identifier: keyid:0A:61:52:83:4E:12:99:C1:1C:F6:E0:78:65:F7:65:B2:38:65:63:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CmFSg04SmcEc9uB4ZfdlsjhlY4k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168C73/8E5C9CC0C31411ED97A0A37FC4F9AE02/CmFSg04SmcEc9uB4ZfdlsjhlY4k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:af:3b:9b:35:cc:f1:48:c9:e4:f7:80:24:11:1c:d5:07:17: e7:2f:9c:7a:c4:ef:fd:b1:45:bf:41:bf:dc:34:87:00:e4:8b: 7e:97:35:06:9a:c3:cb:55:01:0e:09:ff:32:e5:5d:da:4a:36: ae:f4:c0:d6:e2:23:17:6a:0f:83:ba:46:18:17:1a:94:f8:53: 09:59:b2:60:ff:20:fb:10:29:c9:e9:d0:7c:1a:94:44:2f:ef: c6:55:4a:5a:2b:59:dc:fa:2b:c6:19:b1:04:a5:5e:aa:c1:4d: 98:ac:ce:5c:91:9a:2a:0a:66:ba:9b:dc:89:0c:b4:60:66:51: 08:aa:85:8e:11:7e:52:8e:4b:4c:aa:a6:c7:96:dc:35:9e:ef: 93:48:08:7a:70:98:c3:cb:3d:bf:ab:20:b9:1e:c8:be:5c:c3: 0a:d1:28:a5:09:15:24:55:68:75:b8:69:4a:38:43:e6:53:00: a6:6f:9b:c2:58:d4:0f:29:60:6e:2e:94:2f:f1:a8:e1:d2:4f: 31:02:7a:1b:cf:96:59:ae:41:68:8e:b8:e0:21:c7:0d:4c:74: 9f:ff:68:d5:e8:b2:1c:73:04:b9:e6:d8:76:38:f9:b8:8a:c5: cd:d0:17:97:5a:39:92:1a:f7:7c:4c:c4:36:92:c1:0c:86:97: 74:51:55:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjhDNzMxMTAvBgNVBAUTKDBBNjE1MjgzNEUxMjk5QzExQ0Y2RTA3ODY1Rjc2NUIy Mzg2NTYzODkwHhcNMjUxMTAzMDIzMTM4WhcNMjUxMTEwMDIzMTM4WjAYMRYwFAYD VQQDEw02OTA4MTQwYS1lNWI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2G1HSKcdaZXUq1IrekeQ8+AS6WNF5QEmvIGZ+yR7htFiFomP2xp1ug5rTxYl mkpChUBfQLyr2/y5+FQ/hVdDnR/32eAZJO+34OADlsGO+mEQQDTEdylKHBuqE2Wu fbv6wwrEoxi3bccOb8cGQWWhf1xJoIYIUz4RsaCPBo8qLXgLwto/WOcv/t6aQztV l1OrjjAPLeU6GqKuwB94/mLoTRvRasdiUGfKutxSWxhL2ZUZgCb3blvCYGRvA2SP kbnXj/azal/w6ucOSO6V/D9PPr5LbiAaLfT9I94mY0fZoSYQiPh8q9Q4hUBIcqtC KH2Ohn9RtDPifAWPkIZLz6lmcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLn8kiH2 JmNSGs8aQ7OxSxRcdWqNMB8GA1UdIwQYMBaAFAphUoNOEpnBHPbgeGX3ZbI4ZWOJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEM3My84RTVDOUNDMEMz MTQxMUVEOTdBMEEzN0ZDNEY5QUUwMi9DbUZTZzA0U21jRWM5dUI0WmZkbHNqaGxZ NGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NtRlNnMDRTbWNFYzl1QjRaZmRsc2pobFk0ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OEM3My84RTVDOUNDMEMzMTQxMUVEOTdBMEEzN0ZDNEY5QUUwMi9DbUZTZzA0U21j RWM5dUI0WmZkbHNqaGxZNGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARrzubNczxSMnk94AkERzVBxfnL5x6xO/9sUW/Qb/cNIcA5It+lzUG msPLVQEOCf8y5V3aSjau9MDW4iMXag+DukYYFxqU+FMJWbJg/yD7ECnJ6dB8GpRE L+/GVUpaK1nc+ivGGbEEpV6qwU2YrM5ckZoqCma6m9yJDLRgZlEIqoWOEX5SjktM qqbHltw1nu+TSAh6cJjDyz2/qyC5Hsi+XMMK0SilCRUkVWh1uGlKOEPmUwCmb5vC WNQPKWBuLpQv8ajh0k8xAnobz5ZZrkFojrjgIccNTHSf/2jV6LIccwS55th2OPm4 isXN0BeXWjmSGvd8TMQ2ksEMhpd0UVUx -----END CERTIFICATE-----Generated at Tue Nov 4 22:20:53 2025 by rpki-client