$ rpki-client -vvf rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft File: YG6ylYJUrJi2M26qQayAstyxnG4.mft (raw, json) Hash identifier: N9v7trXy2UsSUjf0k7iKTrVRGyvChJS0rOdTKeD7yXE= Subject key identifier: 9E:01:D9:E3:DE:11:FF:6E:6D:8A:B9:9B:25:54:24:33:30:D4:99:34 Authority key identifier: 60:6E:B2:95:82:54:AC:98:B6:33:6E:AA:41:AC:80:B2:DC:B1:9C:6E Certificate issuer: /CN=A9170D3E/serialNumber=606EB2958254AC98B6336EAA41AC80B2DCB19C6E Certificate serial: B8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YG6ylYJUrJi2M26qQayAstyxnG4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft Manifest number: B7 Signing time: Wed 05 Nov 2025 06:12:06 +0000 Manifest this update: Wed 05 Nov 2025 06:12:05 +0000 Manifest next update: Wed 12 Nov 2025 06:12:05 +0000 Files and hashes: 1: YG6ylYJUrJi2M26qQayAstyxnG4.crl (hash: QG/WiY6tcls0a277DDPEo9TR8OpRBI58Rsl+rK22mQI=) 2: 181772049FD811EF8680B438C4F9AE02.roa (hash: kL8m2A2/eVPCA0J/9/iLQOKzk2RiAB33QgbmFjlKwTo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.crl rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YG6ylYJUrJi2M26qQayAstyxnG4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:12:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 184 (0xb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170D3E, serialNumber=606EB2958254AC98B6336EAA41AC80B2DCB19C6E Validity Not Before: Nov 5 06:12:05 2025 GMT Not After : Nov 12 06:12:05 2025 GMT Subject: CN=690aeab5-1040 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:ce:55:a2:ff:c2:d1:60:6a:b7:6a:d4:60:a9: 7c:25:43:68:23:67:75:0c:5c:fe:85:ff:91:6f:10: 7c:0f:d6:89:21:09:b9:35:26:fb:f0:37:36:37:1c: 60:df:94:9c:bb:d4:39:c7:a0:d3:e5:8a:8f:59:c4: 63:45:f3:2c:67:6f:38:da:58:45:af:91:e9:d1:fc: 12:80:21:10:fb:d4:60:6d:7c:9a:fa:09:d8:76:4d: bc:4d:3c:f0:c2:20:ba:b5:f0:10:59:d4:01:0f:a5: c8:f0:29:09:4f:27:ed:71:23:41:e7:36:1d:80:35: 27:3b:29:75:dd:1d:56:5d:c1:bf:a5:85:d0:ff:90: b3:a1:77:6a:9c:f8:c0:42:ed:18:dd:8b:66:32:af: 8d:65:66:56:63:9b:4b:b8:72:1d:c7:c3:e1:6f:ac: 11:28:f1:2e:76:71:51:45:8d:16:bf:1f:f6:16:39: cf:a1:71:e9:74:6a:8d:64:59:f8:6c:9a:b1:09:86: 7a:e3:1e:8c:1a:09:0e:1a:7e:64:d0:92:bd:44:27: 91:3d:e5:49:ed:f8:db:02:b7:66:41:35:36:b4:2d: 4c:0e:26:05:f1:c7:dc:97:fa:87:d3:51:9a:ec:83: 56:8f:22:39:a6:62:f0:23:5f:f7:8f:52:e1:ec:24: 56:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9E:01:D9:E3:DE:11:FF:6E:6D:8A:B9:9B:25:54:24:33:30:D4:99:34 X509v3 Authority Key Identifier: keyid:60:6E:B2:95:82:54:AC:98:B6:33:6E:AA:41:AC:80:B2:DC:B1:9C:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/YG6ylYJUrJi2M26qQayAstyxnG4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170D3E/B5DFC8C09FD711EF9E38A837C4F9AE02/YG6ylYJUrJi2M26qQayAstyxnG4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:71:63:e5:fb:c8:1f:8a:a2:39:8a:03:fc:f3:9a:56:19:9e: f4:a1:cf:d3:9d:b4:98:e6:96:32:17:de:82:46:c7:25:25:59: ac:ae:70:50:f6:55:b9:31:24:cc:00:e0:2e:3b:0e:ab:7b:80: a8:8b:b6:64:e0:c8:eb:cf:6d:8c:2b:a8:46:3d:89:40:0a:f3: bb:c3:77:a5:77:ab:84:5c:e9:40:77:39:0d:72:8c:35:e3:74: 2b:61:4d:c1:89:10:24:88:4b:39:c1:ef:d4:9b:d6:be:a8:c3: 5b:5e:5f:ed:57:b6:bc:95:7d:70:8b:5c:b5:9f:d3:c4:70:fb: eb:42:0a:0e:5b:3b:a7:0a:06:89:16:60:ba:21:ee:c9:c7:e9: 01:93:0f:31:2b:f9:8e:6c:eb:2f:5d:54:67:40:e1:40:da:c9: 77:b4:19:9c:b7:ee:72:06:6c:e4:ce:a6:4e:9e:dd:a4:6c:f7: 52:16:30:f4:b2:b1:3f:0c:c8:b0:57:63:35:73:d0:8e:f8:e0: bb:4d:71:b5:6e:b1:a5:f1:1c:79:88:cb:a7:64:cd:ef:f1:5c: 3c:fa:58:1c:15:4f:28:4e:3a:c8:a7:b8:26:9d:04:47:84:cf: 55:86:bc:6b:b4:b2:35:27:bd:d7:57:5f:f1:b8:9a:44:18:a0: aa:73:bf:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBEM0UxMTAvBgNVBAUTKDYwNkVCMjk1ODI1NEFDOThCNjMzNkVBQTQxQUM4MEIy RENCMTlDNkUwHhcNMjUxMTA1MDYxMjA1WhcNMjUxMTEyMDYxMjA1WjAYMRYwFAYD VQQDEw02OTBhZWFiNS0xMDQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA585Vov/C0WBqt2rUYKl8JUNoI2d1DFz+hf+RbxB8D9aJIQm5NSb78Dc2Nxxg 35Scu9Q5x6DT5YqPWcRjRfMsZ2842lhFr5Hp0fwSgCEQ+9RgbXya+gnYdk28TTzw wiC6tfAQWdQBD6XI8CkJTyftcSNB5zYdgDUnOyl13R1WXcG/pYXQ/5CzoXdqnPjA Qu0Y3YtmMq+NZWZWY5tLuHIdx8Phb6wRKPEudnFRRY0Wvx/2FjnPoXHpdGqNZFn4 bJqxCYZ64x6MGgkOGn5k0JK9RCeRPeVJ7fjbArdmQTU2tC1MDiYF8cfcl/qH01Ga 7INWjyI5pmLwI1/3j1Lh7CRWBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ4B2ePe Ef9ubYq5myVUJDMw1Jk0MB8GA1UdIwQYMBaAFGBuspWCVKyYtjNuqkGsgLLcsZxu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEQzRS9CNURGQzhDMDlG RDcxMUVGOUUzOEE4MzdDNEY5QUUwMi9ZRzZ5bFlKVXJKaTJNMjZxUWF5QXN0eXhu RzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1lHNnlsWUpVckppMk0yNnFRYXlBc3R5eG5HNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEQzRS9CNURGQzhDMDlGRDcxMUVGOUUzOEE4MzdDNEY5QUUwMi9ZRzZ5bFlKVXJK aTJNMjZxUWF5QXN0eXhuRzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDcWPl+8gfiqI5igP885pWGZ70oc/TnbSY5pYyF96CRsclJVmsrnBQ 9lW5MSTMAOAuOw6re4Coi7Zk4Mjrz22MK6hGPYlACvO7w3eld6uEXOlAdzkNcow1 43QrYU3BiRAkiEs5we/Um9a+qMNbXl/tV7a8lX1wi1y1n9PEcPvrQgoOWzunCgaJ FmC6Ie7Jx+kBkw8xK/mObOsvXVRnQOFA2sl3tBmct+5yBmzkzqZOnt2kbPdSFjD0 srE/DMiwV2M1c9CO+OC7TXG1brGl8Rx5iMunZM3v8Vw8+lgcFU8oTjrIp7gmnQRH hM9VhrxrtLI1J73XV1/xuJpEGKCqc78D -----END CERTIFICATE-----Generated at Wed Nov 5 16:51:54 2025 by rpki-client