$ rpki-client -vvf rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft File: AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft (raw, json) Hash identifier: pCxzw/5sPnMyD7CAZjUdrl97xirxfo+7Iz2Gc5sgYDE= Subject key identifier: D7:2A:9C:3F:E0:55:5F:F5:70:9E:2A:A9:7A:82:87:08:28:AB:50:6C Authority key identifier: 00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 Certificate issuer: /CN=A9170DF0/serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Certificate serial: 01A6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft Manifest number: 01A3 Signing time: Mon 03 Nov 2025 03:16:22 +0000 Manifest this update: Mon 03 Nov 2025 03:16:22 +0000 Manifest next update: Mon 10 Nov 2025 03:16:22 +0000 Files and hashes: 1: AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl (hash: 0nYZrdls0TNu8hSNWCbg4ItqdVKQUeU0HuiDKWv5IFs=) 2: B022AC18368811EEB1BFE56AC4F9AE02.roa (hash: Zg2pOaZOOb5sHUdXJNoHkdhEmOD4YyAjMP6N4/VUVYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:16:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 422 (0x1a6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170DF0, serialNumber=0008E2EEBE6C55F2594949A477F8677BFF4A7FE4 Validity Not Before: Nov 3 03:16:22 2025 GMT Not After : Nov 10 03:16:22 2025 GMT Subject: CN=69081e86-37e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:47:af:fe:1f:a9:99:04:38:7d:fc:6f:15:fd: 6b:dd:5b:ba:be:41:4d:67:42:99:db:8d:b6:9b:79: 76:12:20:af:9c:15:37:bf:0d:ed:df:86:4e:ab:15: 20:d9:ce:f8:bd:bc:03:fa:d7:32:95:80:f5:cf:ce: 3f:97:87:01:10:eb:3e:ef:41:55:c7:88:7a:e2:06: 57:d2:80:25:a1:7b:05:62:22:e3:71:0f:0d:93:5c: ce:19:8e:63:bb:e8:a1:4b:96:0e:a3:41:85:30:19: 53:ad:da:29:6c:80:a4:c6:35:c3:93:2f:82:fd:1d: d7:c7:11:c8:a3:74:75:f9:0c:60:05:d9:b5:f5:03: b2:ea:ed:c0:07:ca:44:ed:4e:d7:0f:ef:e5:b6:8a: 7b:a1:9c:90:9f:f9:87:ad:c4:32:61:86:e9:7c:eb: be:2f:89:86:c4:07:f1:1e:92:79:03:95:e1:75:5b: 59:91:2b:a7:78:0f:26:e4:49:d0:1e:80:a8:71:c3: 3c:06:17:2d:7f:e2:31:46:3e:55:0d:08:70:49:04: 65:9a:49:a1:34:40:d5:47:ce:49:5b:4f:3f:9b:db: 4a:4e:30:99:6f:58:69:ab:d4:35:f9:2c:3b:1c:8d: 6a:48:54:f9:35:18:8b:71:55:ae:a6:8e:16:1f:11: 1a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D7:2A:9C:3F:E0:55:5F:F5:70:9E:2A:A9:7A:82:87:08:28:AB:50:6C X509v3 Authority Key Identifier: keyid:00:08:E2:EE:BE:6C:55:F2:59:49:49:A4:77:F8:67:7B:FF:4A:7F:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/AAji7r5sVfJZSUmkd_hne_9Kf-Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170DF0/5DEFACF0364411EEACE5C72EC4F9AE02/AAji7r5sVfJZSUmkd_hne_9Kf-Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:33:b9:a7:e6:40:b2:ee:88:28:00:2f:ee:f7:bf:6b:16:0a: 45:3b:51:35:31:9b:70:2c:62:40:db:5d:ec:00:76:87:39:b7: e2:d4:58:c5:94:02:90:bf:98:f7:b7:9e:c8:ab:5b:80:c7:c6: 2e:13:fa:3e:54:1e:a2:3a:e3:63:4a:b2:17:e2:1a:05:95:16: 93:f8:0b:a9:84:36:74:46:0c:e5:c3:5f:ea:b5:7a:83:a3:9c: ce:d0:b8:3c:d8:9a:85:ac:9e:01:90:22:cc:4b:1a:a0:ab:c9: 1b:45:32:78:f5:d2:f7:0a:77:b0:9e:ac:f1:e3:49:e8:5a:ee: 74:27:8b:e8:49:61:42:3d:27:f4:02:94:78:02:7a:6e:8f:62: ce:b6:9e:9d:a0:7e:0b:dd:b4:ce:49:9b:1a:cc:2f:cf:75:52: a7:a9:86:f5:39:27:d8:da:78:52:09:a9:a7:ff:ed:b9:f8:cc: 5b:25:d2:2c:41:9f:ba:fb:d1:28:b2:09:ea:ef:67:38:c5:4a: d4:b2:e7:a5:00:f8:97:58:7b:f5:12:1a:76:b8:8b:88:ae:af: 69:c6:09:de:82:a2:fb:cf:b5:5e:2e:90:56:a0:fb:c3:c7:98: 8c:ff:c2:4c:09:cd:59:74:d6:ab:91:95:25:e2:86:c4:f2:14: 27:13:ec:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAaYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBERjAxMTAvBgNVBAUTKDAwMDhFMkVFQkU2QzU1RjI1OTQ5NDlBNDc3Rjg2NzdC RkY0QTdGRTQwHhcNMjUxMTAzMDMxNjIyWhcNMjUxMTEwMDMxNjIyWjAYMRYwFAYD VQQDEw02OTA4MWU4Ni0zN2U3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx0ev/h+pmQQ4ffxvFf1r3Vu6vkFNZ0KZ2422m3l2EiCvnBU3vw3t34ZOqxUg 2c74vbwD+tcylYD1z84/l4cBEOs+70FVx4h64gZX0oAloXsFYiLjcQ8Nk1zOGY5j u+ihS5YOo0GFMBlTrdopbICkxjXDky+C/R3XxxHIo3R1+QxgBdm19QOy6u3AB8pE 7U7XD+/ltop7oZyQn/mHrcQyYYbpfOu+L4mGxAfxHpJ5A5XhdVtZkSuneA8m5EnQ HoCoccM8Bhctf+IxRj5VDQhwSQRlmkmhNEDVR85JW08/m9tKTjCZb1hpq9Q1+Sw7 HI1qSFT5NRiLcVWupo4WHxEahwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNcqnD/g VV/1cJ4qqXqChwgoq1BsMB8GA1UdIwQYMBaAFAAI4u6+bFXyWUlJpHf4Z3v/Sn/k MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MERGMC81REVGQUNGMDM2 NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1ZmSlpTVW1rZF9obmVfOUtm LVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0FBamk3cjVzVmZKWlNVbWtkX2huZV85S2YtUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MERGMC81REVGQUNGMDM2NDQxMUVFQUNFNUM3MkVDNEY5QUUwMi9BQWppN3I1c1Zm SlpTVW1rZF9obmVfOUtmLVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWM7mn5kCy7ogoAC/u979rFgpFO1E1MZtwLGJA213sAHaHObfi1FjF lAKQv5j3t57Iq1uAx8YuE/o+VB6iOuNjSrIX4hoFlRaT+AuphDZ0Rgzlw1/qtXqD o5zO0Lg82JqFrJ4BkCLMSxqgq8kbRTJ49dL3Cnewnqzx40noWu50J4voSWFCPSf0 ApR4Anpuj2LOtp6doH4L3bTOSZsazC/PdVKnqYb1OSfY2nhSCamn/+25+MxbJdIs QZ+6+9Eosgnq72c4xUrUsuelAPiXWHv1Ehp2uIuIrq9pxgnegqL7z7VeLpBWoPvD x5iM/8JMCc1ZdNarkZUl4obE8hQnE+xt -----END CERTIFICATE-----Generated at Wed Nov 5 05:12:13 2025 by rpki-client