$ rpki-client -vvf rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft File: _YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft (raw, json) Hash identifier: BkAaObunGAOhYxvULmpXfWIAxEbheqG7TqvGG9vd+Gw= Subject key identifier: 9C:1D:65:23:BB:FB:D8:80:09:CB:8A:3D:34:66:24:21:2A:5A:4E:05 Authority key identifier: FD:82:7C:02:6B:39:67:E2:A1:40:D4:D2:31:4E:2B:0E:9C:04:74:30 Certificate issuer: /CN=A9171064/serialNumber=FD827C026B3967E2A140D4D2314E2B0E9C047430 Certificate serial: 0C9A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft Manifest number: 0C93 Signing time: Tue 04 Nov 2025 18:25:26 +0000 Manifest this update: Tue 04 Nov 2025 18:25:26 +0000 Manifest next update: Tue 11 Nov 2025 18:25:26 +0000 Files and hashes: 1: _YJ8Ams5Z-KhQNTSMU4rDpwEdDA.crl (hash: hI4yRRmnLz5xxfSx+mdN9gKV02l0+4dNSqdtXGbPaSI=) 2: A2A3D38A05CE11EA80526530C4F9AE02.roa (hash: f31uXjqb4DNcM+Zpb2Aaj4CME0IwegAYYNe/FOHZjWc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.crl rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:25:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3226 (0xc9a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171064, serialNumber=FD827C026B3967E2A140D4D2314E2B0E9C047430 Validity Not Before: Nov 4 18:25:26 2025 GMT Not After : Nov 11 18:25:26 2025 GMT Subject: CN=690a4516-dfe1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:d3:ac:c3:14:ff:b6:7d:e7:06:4e:f6:14:d8: 6b:42:d1:38:4d:76:16:44:4c:7a:56:58:8f:ef:8c: 81:ef:b4:15:ef:15:f4:9f:d2:34:e3:aa:b8:bc:0f: d9:1d:51:df:07:3b:36:3d:c5:02:e9:4b:6f:74:4c: ff:ae:7a:9d:e5:1e:c5:fe:e9:b7:db:b8:20:ed:ee: 12:1f:63:b4:d4:ac:51:76:4b:ab:2b:67:62:1d:cf: e5:e0:3c:30:61:64:1a:b8:f9:3c:5c:ef:2f:7c:af: c0:08:6d:7f:5d:0e:46:d7:c8:32:a0:f4:68:1f:53: a4:41:2c:46:61:16:1b:31:dd:97:a9:0d:c9:4b:54: ba:46:6a:e6:fa:fd:17:38:eb:47:47:c5:6b:ff:a0: 80:d9:f4:39:e5:a2:34:f9:6e:00:bc:15:64:3a:40: 18:11:33:34:0c:cc:e7:e5:fe:37:3e:f0:b5:1e:ff: b7:6e:e2:83:f7:09:c5:6c:ed:2f:8e:3e:6d:e5:b7: 93:d9:6b:2c:bc:22:8a:f9:94:6f:3b:c0:85:92:54: da:78:be:7a:2d:62:b0:24:62:f5:52:85:10:a1:a1: 6f:18:3b:7a:1b:34:93:2f:ca:cb:76:3f:a6:79:3d: 82:bd:19:f9:07:fd:d1:a2:84:24:5a:98:c2:2a:0a: 7b:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:1D:65:23:BB:FB:D8:80:09:CB:8A:3D:34:66:24:21:2A:5A:4E:05 X509v3 Authority Key Identifier: keyid:FD:82:7C:02:6B:39:67:E2:A1:40:D4:D2:31:4E:2B:0E:9C:04:74:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171064/07639620052F11EA8A9E3947C4F9AE02/_YJ8Ams5Z-KhQNTSMU4rDpwEdDA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:f3:62:af:6a:72:e8:2d:4b:d6:17:3f:15:70:da:91:4c:18: 89:3c:e5:29:50:91:41:9e:75:f5:4e:db:fa:cf:91:e1:f7:f7: d2:31:2e:e3:7e:32:bf:d8:0a:c6:c9:cd:04:24:91:3a:49:ba: b9:a8:36:36:98:a9:a5:14:fa:60:62:2c:ef:80:44:2c:8e:f4: 68:5f:5a:e0:39:d0:e0:e5:2c:fd:39:8f:7f:ab:2a:55:e8:c4: fe:56:2b:f6:8c:76:68:c5:6d:e5:80:8a:7e:28:71:4b:c5:0f: bb:73:1f:34:71:1c:4e:99:50:f5:93:c3:88:73:5b:64:cd:b4: 5d:b3:41:fa:8f:dd:65:29:cf:2d:f4:92:12:5e:db:16:c6:06: e0:28:6a:df:ab:4e:af:31:e3:36:3c:b6:af:60:7f:2f:ef:66: 83:7f:dd:cb:64:e6:0e:3f:fe:d5:c0:35:39:22:e8:70:65:e8: c0:85:d2:a9:12:88:eb:bc:b4:55:4c:43:8c:f0:91:9d:fa:34: 25:20:d7:c7:97:b7:c7:dc:44:0f:b4:d0:61:30:42:80:58:d6: 96:09:f0:2e:be:ae:c6:fb:58:82:54:a5:d8:c5:8d:68:36:3b: ac:fc:c9:0b:1a:bd:e6:79:d1:8b:13:5c:8c:98:ac:65:76:7c: 4c:d1:cb:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDJowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzEwNjQxMTAvBgNVBAUTKEZEODI3QzAyNkIzOTY3RTJBMTQwRDREMjMxNEUyQjBF OUMwNDc0MzAwHhcNMjUxMTA0MTgyNTI2WhcNMjUxMTExMTgyNTI2WjAYMRYwFAYD VQQDEw02OTBhNDUxNi1kZmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqNOswxT/tn3nBk72FNhrQtE4TXYWREx6VliP74yB77QV7xX0n9I046q4vA/Z HVHfBzs2PcUC6UtvdEz/rnqd5R7F/um327gg7e4SH2O01KxRdkurK2diHc/l4Dww YWQauPk8XO8vfK/ACG1/XQ5G18gyoPRoH1OkQSxGYRYbMd2XqQ3JS1S6Rmrm+v0X OOtHR8Vr/6CA2fQ55aI0+W4AvBVkOkAYETM0DMzn5f43PvC1Hv+3buKD9wnFbO0v jj5t5beT2WssvCKK+ZRvO8CFklTaeL56LWKwJGL1UoUQoaFvGDt6GzSTL8rLdj+m eT2CvRn5B/3RooQkWpjCKgp7jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJwdZSO7 +9iACcuKPTRmJCEqWk4FMB8GA1UdIwQYMBaAFP2CfAJrOWfioUDU0jFOKw6cBHQw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTA2NC8wNzYzOTYyMDA1 MkYxMUVBOEE5RTM5NDdDNEY5QUUwMi9fWUo4QW1zNVotS2hRTlRTTVU0ckRwd0Vk REEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19ZSjhBbXM1Wi1LaFFOVFNNVTRyRHB3RWREQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTA2NC8wNzYzOTYyMDA1MkYxMUVBOEE5RTM5NDdDNEY5QUUwMi9fWUo4QW1zNVot S2hRTlRTTVU0ckRwd0VkREEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCI82KvanLoLUvWFz8VcNqRTBiJPOUpUJFBnnX1Ttv6z5Hh9/fSMS7j fjK/2ArGyc0EJJE6Sbq5qDY2mKmlFPpgYizvgEQsjvRoX1rgOdDg5Sz9OY9/qypV 6MT+Viv2jHZoxW3lgIp+KHFLxQ+7cx80cRxOmVD1k8OIc1tkzbRds0H6j91lKc8t 9JISXtsWxgbgKGrfq06vMeM2PLavYH8v72aDf93LZOYOP/7VwDU5IuhwZejAhdKp EojrvLRVTEOM8JGd+jQlINfHl7fH3EQPtNBhMEKAWNaWCfAuvq7G+1iCVKXYxY1o Njus/MkLGr3medGLE1yMmKxldnxM0ctX -----END CERTIFICATE-----Generated at Wed Nov 5 16:45:53 2025 by rpki-client