$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft File: 1CVu3CvBHIRdtQe3wKiTVEYutj0.mft (raw, json) Hash identifier: UslGIE3TVGj7avpJJR6PVzgV9ahFpG1pDrOPzGOtLqM= Subject key identifier: 2C:5A:D5:50:FE:48:51:E0:C5:7D:0D:B7:97:7A:A6:8F:44:49:41:09 Authority key identifier: D4:25:6E:DC:2B:C1:1C:84:5D:B5:07:B7:C0:A8:93:54:46:2E:B6:3D Certificate issuer: /CN=A9170DA5/serialNumber=D4256EDC2BC11C845DB507B7C0A89354462EB63D Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft Manifest number: 42 Signing time: Mon 03 Nov 2025 07:25:07 +0000 Manifest this update: Mon 03 Nov 2025 07:25:06 +0000 Manifest next update: Mon 10 Nov 2025 07:25:06 +0000 Files and hashes: 1: 1CVu3CvBHIRdtQe3wKiTVEYutj0.crl (hash: +68x5GRffdRUJ6a1F3kLLk0MYBgV0+p4Nl8CnX9f140=) 2: F91ECAD6571B11F093AD0C10C4F9AE02.roa (hash: YCsx3bwrgpHgvu8ysYuX5SuZfquoTIQRzefkEGq5/wA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.crl rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:25:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=D4256EDC2BC11C845DB507B7C0A89354462EB63D Validity Not Before: Nov 3 07:25:06 2025 GMT Not After : Nov 10 07:25:06 2025 GMT Subject: CN=690858d2-9d8d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:77:08:48:73:59:da:bc:0e:40:db:11:40:04: de:aa:e4:9b:76:d4:47:a1:ff:a1:7b:0d:75:11:18: 05:ba:65:79:03:b8:3a:11:c0:4c:25:99:82:6c:9c: 73:0c:17:d3:a8:12:17:45:fc:1b:c6:5d:b3:47:64: 62:d8:d9:46:de:df:0e:32:e0:b5:3c:8a:31:c0:bd: 58:e8:35:d5:9d:35:ca:56:ba:44:3a:d1:a7:3b:84: 13:6c:a3:39:88:8f:05:29:31:2f:b9:04:72:a8:b5: 32:9e:f8:d4:d3:4f:b9:c5:08:f1:37:f0:2d:77:a4: 50:49:72:cd:25:56:2e:c9:ec:22:81:c2:3a:46:67: 58:dc:69:ba:6c:f8:cd:2a:57:c9:52:5e:18:25:2a: ab:49:9f:96:43:5f:37:af:bf:bf:aa:6b:51:45:ee: 92:9a:65:a7:80:76:58:7f:c5:e3:46:38:fb:68:aa: ab:c6:82:31:0d:47:d2:75:8c:bf:34:6c:ae:f0:db: ea:e5:6c:b0:90:84:c7:cb:71:88:37:5b:da:15:71: a0:81:c5:8b:50:f1:63:3a:15:8f:42:03:db:a1:7f: dd:c8:d3:bc:1a:76:83:97:43:06:f2:cd:c3:db:c5: c1:86:e9:81:59:a5:57:44:a0:4f:00:f8:73:d3:5e: 1f:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2C:5A:D5:50:FE:48:51:E0:C5:7D:0D:B7:97:7A:A6:8F:44:49:41:09 X509v3 Authority Key Identifier: keyid:D4:25:6E:DC:2B:C1:1C:84:5D:B5:07:B7:C0:A8:93:54:46:2E:B6:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/1CVu3CvBHIRdtQe3wKiTVEYutj0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/C559424A571A11F0B8507341C4F9AE02/1CVu3CvBHIRdtQe3wKiTVEYutj0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 19:77:7a:cc:ef:1d:87:bb:f7:14:f2:b2:2a:63:fd:06:b0:5a: 65:e6:f4:d0:ec:ce:0e:f8:32:5a:61:a4:4d:dd:21:48:94:31: c8:b1:22:16:cc:85:40:4f:5e:c8:e9:eb:34:2b:13:6a:71:34: 44:27:84:29:bd:d3:d5:33:71:21:24:0e:f8:a4:54:de:43:ee: 9f:54:41:ad:59:28:1d:6a:52:62:ea:c9:4b:67:23:22:44:ce: f1:28:03:a3:97:07:53:7c:41:08:c6:e9:6c:9f:6d:d7:5f:90: 5a:95:9f:8d:b9:cc:04:fb:8e:1c:4f:7e:70:2e:05:a7:3d:d3: 6c:06:5e:f3:f0:6a:1a:1e:67:e4:af:81:ba:49:5c:bd:d2:d1: 83:28:e6:a5:23:53:8f:c3:77:c5:a6:e9:46:c9:48:f6:d7:93: 31:10:7d:cd:08:0c:dd:d5:3d:da:0b:f6:15:4a:b8:16:d5:e0: 73:79:e4:77:d8:e8:65:66:96:3d:75:29:40:0c:02:75:c5:db: 72:c4:88:bf:f5:be:4e:07:9c:88:02:f1:fb:0e:75:25:a2:c6: af:3e:5f:a4:61:f1:ef:89:3e:46:38:6c:dd:c8:35:68:d0:49: e4:7d:e1:ea:33:fb:7c:b9:f2:97:68:34:1b:e1:e7:cc:0c:40: a8:1d:44:90 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoRDQyNTZFREMyQkMxMUM4NDVEQjUwN0I3QzBBODkzNTQ0 NjJFQjYzRDAeFw0yNTExMDMwNzI1MDZaFw0yNTExMTAwNzI1MDZaMBgxFjAUBgNV BAMTDTY5MDg1OGQyLTlkOGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQD1dwhIc1navA5A2xFABN6q5Jt21Eeh/6F7DXURGAW6ZXkDuDoRwEwlmYJsnHMM F9OoEhdF/BvGXbNHZGLY2Ube3w4y4LU8ijHAvVjoNdWdNcpWukQ60ac7hBNsozmI jwUpMS+5BHKotTKe+NTTT7nFCPE38C13pFBJcs0lVi7J7CKBwjpGZ1jcabps+M0q V8lSXhglKqtJn5ZDXzevv7+qa1FF7pKaZaeAdlh/xeNGOPtoqqvGgjENR9J1jL80 bK7w2+rlbLCQhMfLcYg3W9oVcaCBxYtQ8WM6FY9CA9uhf93I07wadoOXQwbyzcPb xcGG6YFZpVdEoE8A+HPTXh/3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQULFrVUP5I UeDFfQ23l3qmj0RJQQkwHwYDVR0jBBgwFoAU1CVu3CvBHIRdtQe3wKiTVEYutj0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0M1NTk0MjRBNTcx QTExRjBCODUwNzM0MUM0RjlBRTAyLzFDVnUzQ3ZCSElSZHRRZTN3S2lUVkVZdXRq MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMUNWdTNDdkJISVJkdFFlM3dLaVRWRVl1dGowLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0M1NTk0MjRBNTcxQTExRjBCODUwNzM0MUM0RjlBRTAyLzFDVnUzQ3ZCSElS ZHRRZTN3S2lUVkVZdXRqMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABl3eszvHYe79xTysipj/QawWmXm9NDszg74MlphpE3dIUiUMcixIhbM hUBPXsjp6zQrE2pxNEQnhCm909UzcSEkDvikVN5D7p9UQa1ZKB1qUmLqyUtnIyJE zvEoA6OXB1N8QQjG6WyfbddfkFqVn425zAT7jhxPfnAuBac902wGXvPwahoeZ+Sv gbpJXL3S0YMo5qUjU4/Dd8Wm6UbJSPbXkzEQfc0IDN3VPdoL9hVKuBbV4HN55HfY 6GVmlj11KUAMAnXF23LEiL/1vk4HnIgC8fsOdSWixq8+X6Rh8e+JPkY4bN3INWjQ SeR94eoz+3y58pdoNBvh58wMQKgdRJA= -----END CERTIFICATE-----Generated at Wed Nov 5 00:22:45 2025 by rpki-client