$ rpki-client -vvf rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.mft File: J7kXbXUBrEb9oBkmur5-vwlfko4.mft (raw, json) Hash identifier: MbMR06q0rf8rVyaaWSuGv26JiqfESeTO0dCZuC88JSs= Subject key identifier: 51:0A:30:8C:6B:FB:3E:C1:C4:B8:CA:3D:F6:05:B7:49:07:1B:1B:EB Authority key identifier: 27:B9:17:6D:75:01:AC:46:FD:A0:19:26:BA:BE:7E:BF:09:5F:92:8E Certificate issuer: /CN=A9171D35/serialNumber=27B9176D7501AC46FDA01926BABE7EBF095F928E Certificate serial: 0F1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.mft Manifest number: 0F06 Signing time: Tue 04 Nov 2025 17:42:59 +0000 Manifest this update: Tue 04 Nov 2025 17:42:58 +0000 Manifest next update: Tue 11 Nov 2025 17:42:58 +0000 Files and hashes: 1: J7kXbXUBrEb9oBkmur5-vwlfko4.crl (hash: V+8BQppsyu+k/iDPHvSWkXZdC+QGvRsdHPiH0VKZMBA=) 2: C74924EE159F11EEBCFC135CC4F9AE02.roa (hash: A7sH5kT/nJtv/IMtWiRgvA6A10KdIHaRx/+kfjus0Io=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.crl rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:42:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3868 (0xf1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171D35, serialNumber=27B9176D7501AC46FDA01926BABE7EBF095F928E Validity Not Before: Nov 4 17:42:58 2025 GMT Not After : Nov 11 17:42:58 2025 GMT Subject: CN=690a3b23-8464 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:59:62:cc:9d:e8:35:56:84:e9:11:4d:e1:c9: b3:87:f0:9f:c6:93:50:87:c0:35:af:9a:6f:df:53: 05:b3:51:d7:ee:ce:5f:eb:df:3a:52:33:a5:1a:9b: 9a:7a:73:66:18:67:0b:b2:bc:27:f0:1b:20:21:cb: e2:a8:ba:28:2c:d2:60:2e:60:07:98:5c:53:59:e3: ff:e0:d6:18:c2:c6:44:38:d5:3e:f6:c4:bd:36:f7: 4d:4e:84:31:7b:16:13:47:0e:f0:09:01:32:3e:71: b9:09:76:b4:00:00:0c:c6:10:da:63:97:0c:0a:bd: 78:8a:2e:3d:33:cf:98:42:c6:28:03:1e:87:9e:d1: 33:ac:3a:99:f7:cf:6a:4b:c9:81:93:c4:53:82:43: fa:c4:12:66:32:32:0d:96:60:0b:51:eb:8b:d1:08: e7:4a:f8:2c:a7:19:f3:4a:27:aa:c0:77:e2:09:70: 55:01:58:4b:d5:6d:2f:b9:c8:86:30:5f:5b:48:4e: 98:e4:74:a4:bd:67:29:01:e7:b5:9e:36:ef:8e:b7: 21:4e:46:a5:49:5c:b4:23:e2:27:75:bc:59:da:2f: 12:73:b6:b9:c5:aa:f9:22:aa:b4:1c:fb:0e:26:7c: 5e:f4:67:4d:49:e7:d4:25:38:02:7f:93:00:75:12: 03:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:0A:30:8C:6B:FB:3E:C1:C4:B8:CA:3D:F6:05:B7:49:07:1B:1B:EB X509v3 Authority Key Identifier: keyid:27:B9:17:6D:75:01:AC:46:FD:A0:19:26:BA:BE:7E:BF:09:5F:92:8E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/J7kXbXUBrEb9oBkmur5-vwlfko4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171D35/EA4DCA1C8EDA11E98D206141C4F9AE02/J7kXbXUBrEb9oBkmur5-vwlfko4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:c0:1f:ae:94:8d:47:f1:c3:b4:11:dd:d1:91:44:d5:2f:c2: 9e:da:db:97:ed:77:2d:41:77:5d:33:98:55:4a:ce:34:4a:bc: 1a:c1:c4:90:06:b2:a9:1f:7e:72:7c:47:d2:fd:55:29:dc:9d: 1c:02:e5:ed:1f:da:64:cc:c4:db:79:31:1f:0f:d5:69:94:3b: 75:7c:ec:e2:49:b4:68:d8:03:8a:8b:ad:62:7b:c5:ad:85:4a: 4e:32:38:72:e9:30:9b:78:42:c7:46:85:3c:4b:93:86:a5:dc: 66:e1:cd:bc:26:5d:90:45:c0:90:7a:20:ad:45:69:9a:b2:c1: 16:c7:f9:3c:b9:74:01:a9:f3:c0:d4:3e:87:98:07:0f:01:53: cb:64:55:86:0a:ec:5a:9e:bf:99:77:35:c4:4c:86:3d:3b:63: bd:24:6c:16:2c:99:5d:0c:c4:37:f4:db:c1:49:e9:ff:02:30: 4c:77:91:e6:a1:2d:ec:02:92:41:f2:77:a2:58:da:dd:ce:d6: 10:fd:41:53:54:c1:f0:c9:62:81:44:8b:53:56:cd:05:36:ed: 18:88:95:ad:74:5c:89:54:15:28:bd:db:79:8c:9b:65:e9:da: 66:fc:9d:d9:11:74:be:e0:32:c4:3e:8a:68:fc:00:34:55:d4: 78:3f:e6:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDxwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzFEMzUxMTAvBgNVBAUTKDI3QjkxNzZENzUwMUFDNDZGREEwMTkyNkJBQkU3RUJG MDk1RjkyOEUwHhcNMjUxMTA0MTc0MjU4WhcNMjUxMTExMTc0MjU4WjAYMRYwFAYD VQQDEw02OTBhM2IyMy04NDY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsFlizJ3oNVaE6RFN4cmzh/CfxpNQh8A1r5pv31MFs1HX7s5f6986UjOlGpua enNmGGcLsrwn8BsgIcviqLooLNJgLmAHmFxTWeP/4NYYwsZEONU+9sS9NvdNToQx exYTRw7wCQEyPnG5CXa0AAAMxhDaY5cMCr14ii49M8+YQsYoAx6HntEzrDqZ989q S8mBk8RTgkP6xBJmMjINlmALUeuL0QjnSvgspxnzSieqwHfiCXBVAVhL1W0vuciG MF9bSE6Y5HSkvWcpAee1njbvjrchTkalSVy0I+IndbxZ2i8Sc7a5xar5Iqq0HPsO Jnxe9GdNSefUJTgCf5MAdRIDfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFEKMIxr +z7BxLjKPfYFt0kHGxvrMB8GA1UdIwQYMBaAFCe5F211AaxG/aAZJrq+fr8JX5KO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MUQzNS9FQTREQ0ExQzhF REExMUU5OEQyMDYxNDFDNEY5QUUwMi9KN2tYYlhVQnJFYjlvQmttdXI1LXZ3bGZr bzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0o3a1hiWFVCckViOW9Ca211cjUtdndsZmtvNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MUQzNS9FQTREQ0ExQzhFREExMUU5OEQyMDYxNDFDNEY5QUUwMi9KN2tYYlhVQnJF YjlvQmttdXI1LXZ3bGZrbzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqwB+ulI1H8cO0Ed3RkUTVL8Ke2tuX7XctQXddM5hVSs40SrwawcSQ BrKpH35yfEfS/VUp3J0cAuXtH9pkzMTbeTEfD9VplDt1fOziSbRo2AOKi61ie8Wt hUpOMjhy6TCbeELHRoU8S5OGpdxm4c28Jl2QRcCQeiCtRWmassEWx/k8uXQBqfPA 1D6HmAcPAVPLZFWGCuxanr+ZdzXETIY9O2O9JGwWLJldDMQ39NvBSen/AjBMd5Hm oS3sApJB8neiWNrdztYQ/UFTVMHwyWKBRItTVs0FNu0YiJWtdFyJVBUovdt5jJtl 6dpm/J3ZEXS+4DLEPopo/AA0VdR4P+Yh -----END CERTIFICATE-----Generated at Wed Nov 5 15:17:58 2025 by rpki-client