$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft File: Psexptohoad1gV0cv-cjFLipXdk.mft (raw, json) Hash identifier: V7o+b6CATVFH/6zUifz9J56kyCG9qRNqIThYVYkBO9I= Subject key identifier: 60:70:BD:0E:51:24:32:0A:4F:39:FE:9D:AD:86:74:96:68:1C:45:CD Authority key identifier: 3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 Certificate issuer: /CN=A9170DA5/serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft Manifest number: 42 Signing time: Mon 03 Nov 2025 07:25:09 +0000 Manifest this update: Mon 03 Nov 2025 07:25:08 +0000 Manifest next update: Mon 10 Nov 2025 07:25:08 +0000 Files and hashes: 1: Psexptohoad1gV0cv-cjFLipXdk.crl (hash: WYV0ALm57TBM0P1VejqMdPHjKm6s9l/g1Saj+c2l4qQ=) 2: F99E9E78571B11F093AD0C10C4F9AE02.roa (hash: Ntdzzur1e7UcFcIFXVyf4NefmktAA4cSP3KFPUhWals=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:25:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DA5, serialNumber=3EC7B1A6DA21A1A775815D1CBFE72314B8A95DD9 Validity Not Before: Nov 3 07:25:08 2025 GMT Not After : Nov 10 07:25:08 2025 GMT Subject: CN=690858d5-4960 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:a8:04:6e:a8:88:36:6d:58:df:ee:4f:69:75: 71:07:5e:3d:34:f2:8d:6f:51:03:dd:7c:53:75:21: e8:70:84:fd:df:9d:33:c4:30:25:37:d3:45:8d:85: 89:31:10:39:98:c2:21:ff:b0:08:76:51:e7:c7:73: e9:c8:b4:d6:ca:3e:90:ae:e9:2f:37:25:52:b0:dd: a9:ae:a1:8d:31:5b:94:b7:ab:f7:5b:c7:78:c0:83: 01:c1:0f:a2:57:1a:58:65:93:4b:12:3f:24:01:90: 62:3b:d4:6d:5a:0e:b4:bd:78:e0:f2:74:da:77:13: 28:bb:47:2a:73:b0:91:45:af:33:63:78:87:e1:32: 85:d3:5d:22:45:b4:f1:91:58:d2:46:fa:f5:03:9b: 6b:9e:22:64:80:33:c4:12:f1:82:f0:5d:73:83:6f: a3:89:c2:ce:01:58:2f:c1:df:67:2b:68:21:ab:f2: 49:2e:13:eb:68:71:9e:86:b2:72:44:2f:b2:7f:30: d5:a2:72:cf:bc:63:87:de:61:49:42:fe:37:b8:ae: f4:2d:d8:5a:d3:23:f0:7f:e1:e2:23:01:05:1d:fc: a5:2e:91:ad:ff:a5:df:36:91:16:97:04:0a:2a:82: f5:d3:b6:6f:df:ba:29:62:cd:06:52:8c:1e:04:44: 51:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:70:BD:0E:51:24:32:0A:4F:39:FE:9D:AD:86:74:96:68:1C:45:CD X509v3 Authority Key Identifier: keyid:3E:C7:B1:A6:DA:21:A1:A7:75:81:5D:1C:BF:E7:23:14:B8:A9:5D:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Psexptohoad1gV0cv-cjFLipXdk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DA5/CE0EDA26571A11F0B8507341C4F9AE02/Psexptohoad1gV0cv-cjFLipXdk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:40:73:8c:37:e4:53:40:6b:88:32:48:e5:ba:9e:8f:97:c0: bf:20:81:c9:de:10:0f:ef:b2:d1:ce:70:88:cc:63:9f:8f:b1: 72:24:ce:4f:d5:5e:31:31:f3:b2:90:93:44:3e:f1:7d:ed:ac: 4b:59:b9:a4:48:9f:1e:b7:db:9f:a6:78:c2:7b:f9:ba:dc:fd: 20:8f:67:75:c6:c8:a2:0a:03:3b:9a:c8:ad:03:81:35:b2:1a: 11:80:0d:5f:36:f2:73:f3:39:4d:68:cf:ee:c4:a1:48:0d:39: f0:0a:e9:cf:80:21:4f:dc:8c:f6:2c:42:2e:80:ca:a3:6d:ae: c0:29:46:a3:59:87:98:c8:9d:a3:d5:af:c0:9a:20:84:0d:51: 24:2f:53:31:55:c6:4b:a1:05:da:c8:fe:c1:16:df:34:76:31: f9:12:25:ba:14:2d:6b:73:43:6c:09:db:d7:4b:01:c3:fa:fc: 82:cf:e6:78:22:07:86:d8:35:5d:09:da:27:12:06:95:8e:1e: 2c:dd:3c:05:4f:2d:8e:b6:09:e6:36:53:86:09:3b:fa:db:85: aa:dd:82:a2:f5:67:b7:55:c6:ef:0f:db:50:79:52:c6:b6:b1: 49:49:b8:b0:42:0f:90:69:d8:69:e8:b5:e9:1b:b7:5e:4e:0e: 2f:41:f3:e1 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MERBNTExMC8GA1UEBRMoM0VDN0IxQTZEQTIxQTFBNzc1ODE1RDFDQkZFNzIzMTRC OEE5NUREOTAeFw0yNTExMDMwNzI1MDhaFw0yNTExMTAwNzI1MDhaMBgxFjAUBgNV BAMTDTY5MDg1OGQ1LTQ5NjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDWqARuqIg2bVjf7k9pdXEHXj008o1vUQPdfFN1IehwhP3fnTPEMCU300WNhYkx EDmYwiH/sAh2UefHc+nItNbKPpCu6S83JVKw3amuoY0xW5S3q/dbx3jAgwHBD6JX Glhlk0sSPyQBkGI71G1aDrS9eODydNp3Eyi7RypzsJFFrzNjeIfhMoXTXSJFtPGR WNJG+vUDm2ueImSAM8QS8YLwXXODb6OJws4BWC/B32craCGr8kkuE+tocZ6GsnJE L7J/MNWics+8Y4feYUlC/je4rvQt2FrTI/B/4eIjAQUd/KUuka3/pd82kRaXBAoq gvXTtm/fuilizQZSjB4ERFFNAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUYHC9DlEk MgpPOf6drYZ0lmgcRc0wHwYDVR0jBBgwFoAUPsexptohoad1gV0cv+cjFLipXdkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcwREE1L0NFMEVEQTI2NTcx QTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2FkMWdWMGN2LWNqRkxpcFhk ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvUHNleHB0b2hvYWQxZ1YwY3YtY2pGTGlwWGRrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcw REE1L0NFMEVEQTI2NTcxQTExRjBCODUwNzM0MUM0RjlBRTAyL1BzZXhwdG9ob2Fk MWdWMGN2LWNqRkxpcFhkay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAK1Ac4w35FNAa4gySOW6no+XwL8ggcneEA/vstHOcIjMY5+PsXIkzk/V XjEx87KQk0Q+8X3trEtZuaRInx6325+meMJ7+brc/SCPZ3XGyKIKAzuayK0DgTWy GhGADV828nPzOU1oz+7EoUgNOfAK6c+AIU/cjPYsQi6AyqNtrsApRqNZh5jInaPV r8CaIIQNUSQvUzFVxkuhBdrI/sEW3zR2MfkSJboULWtzQ2wJ29dLAcP6/ILP5ngi B4bYNV0J2icSBpWOHizdPAVPLY62CeY2U4YJO/rbhardgqL1Z7dVxu8P21B5Usa2 sUlJuLBCD5Bp2Gnotekbt15ODi9B8+E= -----END CERTIFICATE-----Generated at Tue Nov 4 19:13:06 2025 by rpki-client