$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft File: cI8eBxM4VcgHTu1fjIO0RmpgesI.mft (raw, json) Hash identifier: 3CltnFK7tRyEyIE4FuSA0b/7tAq1WeqijGMNfYbEvhw= Subject key identifier: 04:91:41:82:0A:B2:24:2A:43:BC:74:60:AC:8E:82:FF:AC:67:11:1E Authority key identifier: 70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 Certificate issuer: /CN=A9171D16/serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Certificate serial: 015D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft Manifest number: 0159 Signing time: Mon 03 Nov 2025 04:08:17 +0000 Manifest this update: Mon 03 Nov 2025 04:08:16 +0000 Manifest next update: Mon 10 Nov 2025 04:08:16 +0000 Files and hashes: 1: cI8eBxM4VcgHTu1fjIO0RmpgesI.crl (hash: dsbQavOwnK+Zs3h8ihkuZENod39XnVMVLTKJQ+ykKJQ=) 2: BFC0298670DC11EF8B65D95AC4F9AE02.roa (hash: UgEzMnFdPuD9AyKqWzCGknoXwkBXShyWFB2xX76uKRE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:08:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 349 (0x15d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D16, serialNumber=708F1E07133855C8074EED5F8C83B4466A607AC2 Validity Not Before: Nov 3 04:08:16 2025 GMT Not After : Nov 10 04:08:16 2025 GMT Subject: CN=69082ab1-8f2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:f3:2c:82:70:cd:f0:ac:b9:49:6e:23:bf:e7: c1:e9:0b:e6:a9:26:e0:93:9f:d1:46:bf:53:ce:41: b2:ed:86:a0:54:0f:bb:3c:3b:7b:bf:6d:b0:e7:48: 65:02:ff:3c:f1:d2:17:5e:8a:90:87:80:29:96:c9: 47:0e:c9:62:40:c7:3b:9e:f5:5e:07:ea:11:5e:aa: 8b:dc:47:04:15:01:86:09:71:60:6f:09:05:fe:21: e3:bb:cb:67:46:25:46:3e:20:1d:de:a8:88:92:30: 41:74:11:13:43:72:66:cf:46:3b:9e:be:a3:f7:c7: 15:5f:1d:a8:ec:4b:46:60:ff:2a:74:69:7e:b2:1c: e2:30:0e:ce:e3:57:03:f5:bf:ab:9f:86:35:f7:3c: 61:fc:61:40:2a:9e:7e:44:96:7e:66:48:1e:be:7d: d0:bc:ae:58:5b:cf:d4:44:a1:20:8e:2f:23:ce:1b: 31:cf:ec:95:d9:4c:37:57:b2:1f:cc:db:d9:da:d7: 35:c4:b5:bb:6d:f7:dd:9c:88:5f:36:2b:dc:ec:c5: 6d:97:b8:97:5f:ce:25:d4:50:e8:06:20:06:ff:b2: 17:ed:98:26:f2:ef:df:18:a6:1c:84:78:14:fd:09: 14:13:85:54:08:42:b6:75:15:60:f9:e3:b6:aa:6d: d7:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 04:91:41:82:0A:B2:24:2A:43:BC:74:60:AC:8E:82:FF:AC:67:11:1E X509v3 Authority Key Identifier: keyid:70:8F:1E:07:13:38:55:C8:07:4E:ED:5F:8C:83:B4:46:6A:60:7A:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/cI8eBxM4VcgHTu1fjIO0RmpgesI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D16/656D17A8AE9C11EE911AFB63C4F9AE02/cI8eBxM4VcgHTu1fjIO0RmpgesI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:51:f6:99:36:b9:53:cd:c0:4a:a4:16:15:10:6d:df:58:2d: ae:d3:1d:0b:8c:5d:80:38:a2:41:f0:7a:7e:87:64:fb:4f:72: 07:90:17:ad:30:d9:c9:a1:50:a0:a1:02:88:60:3f:b3:bc:10: 45:35:d3:ca:9e:ca:5d:a0:00:c8:98:78:b5:9f:ad:d3:e8:f0: ba:4f:b8:6c:82:76:8a:48:d5:a0:4d:1e:62:2e:22:44:85:8c: d7:ea:de:52:aa:da:1b:1e:e8:5c:c7:28:d4:ba:dc:70:83:2b: 27:f4:83:24:b9:ba:99:32:46:00:e0:73:49:ee:48:2a:2e:34: c6:b0:4a:10:81:d8:a1:2b:fc:ac:85:1e:7a:00:46:85:62:56: 49:36:4c:0b:95:be:29:8d:55:30:c7:a4:02:f8:0e:93:08:e1: 5c:bc:4d:3d:33:54:d7:77:02:d5:b9:e3:a3:0a:bb:62:92:3b: 29:6c:6b:4f:38:94:57:c8:a1:7d:59:9e:c8:d0:c9:91:bb:23: 82:a8:d9:75:ca:a7:47:7a:bc:55:e7:98:81:9b:96:40:eb:b6: 08:70:57:6b:e8:7d:37:c9:4a:2e:dc:b0:25:63:7d:df:08:1c: bd:2a:38:81:55:8e:d0:b5:8a:14:47:4d:3c:b0:dd:fc:7f:d5: 52:fe:65:f7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAV0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMTYxMTAvBgNVBAUTKDcwOEYxRTA3MTMzODU1QzgwNzRFRUQ1RjhDODNCNDQ2 NkE2MDdBQzIwHhcNMjUxMTAzMDQwODE2WhcNMjUxMTEwMDQwODE2WjAYMRYwFAYD VQQDEw02OTA4MmFiMS04ZjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvfMsgnDN8Ky5SW4jv+fB6QvmqSbgk5/RRr9TzkGy7YagVA+7PDt7v22w50hl Av888dIXXoqQh4AplslHDsliQMc7nvVeB+oRXqqL3EcEFQGGCXFgbwkF/iHju8tn RiVGPiAd3qiIkjBBdBETQ3Jmz0Y7nr6j98cVXx2o7EtGYP8qdGl+shziMA7O41cD 9b+rn4Y19zxh/GFAKp5+RJZ+Zkgevn3QvK5YW8/URKEgji8jzhsxz+yV2Uw3V7If zNvZ2tc1xLW7bffdnIhfNivc7MVtl7iXX84l1FDoBiAG/7IX7Zgm8u/fGKYchHgU /QkUE4VUCEK2dRVg+eO2qm3XoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFASRQYIK siQqQ7x0YKyOgv+sZxEeMB8GA1UdIwQYMBaAFHCPHgcTOFXIB07tX4yDtEZqYHrC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQxNi82NTZEMTdBOEFF OUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZjZ0hUdTFmaklPMFJtcGdl c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2NJOGVCeE00VmNnSFR1MWZqSU8wUm1wZ2VzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQxNi82NTZEMTdBOEFFOUMxMUVFOTExQUZCNjNDNEY5QUUwMi9jSThlQnhNNFZj Z0hUdTFmaklPMFJtcGdlc0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2UfaZNrlTzcBKpBYVEG3fWC2u0x0LjF2AOKJB8Hp+h2T7T3IHkBet MNnJoVCgoQKIYD+zvBBFNdPKnspdoADImHi1n63T6PC6T7hsgnaKSNWgTR5iLiJE hYzX6t5SqtobHuhcxyjUutxwgysn9IMkubqZMkYA4HNJ7kgqLjTGsEoQgdihK/ys hR56AEaFYlZJNkwLlb4pjVUwx6QC+A6TCOFcvE09M1TXdwLVueOjCrtikjspbGtP OJRXyKF9WZ7I0MmRuyOCqNl1yqdHerxV55iBm5ZA67YIcFdr6H03yUou3LAlY33f CBy9KjiBVY7QtYoUR008sN38f9VS/mX3 -----END CERTIFICATE-----Generated at Tue Nov 4 21:33:04 2025 by rpki-client