$ rpki-client -vvf rpki.apnic.net/member_repository/A9172B46/088701B8ABB411F0ABF20940C4F9AE02/tU4IRltUXO7x4uEAl3XZG6QStj0.mft File: tU4IRltUXO7x4uEAl3XZG6QStj0.mft (raw, json) Hash identifier: opUclX1EIJwfXPycSgrs/L1mp81Wymy8iRxIPcioWnE= Subject key identifier: F9:B0:1D:BA:A0:AE:D9:00:30:8A:E0:50:29:5E:35:8F:41:4C:4B:54 Authority key identifier: B5:4E:08:46:5B:54:5C:EE:F1:E2:E1:00:97:75:D9:1B:A4:12:B6:3D Certificate issuer: /CN=A9172B46/serialNumber=B54E08465B545CEEF1E2E1009775D91BA412B63D Certificate serial: 14 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tU4IRltUXO7x4uEAl3XZG6QStj0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9172B46/088701B8ABB411F0ABF20940C4F9AE02/tU4IRltUXO7x4uEAl3XZG6QStj0.mft Manifest number: 10 Signing time: Wed 05 Nov 2025 08:11:44 +0000 Manifest this update: Wed 05 Nov 2025 08:11:43 +0000 Manifest next update: Wed 12 Nov 2025 08:11:43 +0000 Files and hashes: 1: tU4IRltUXO7x4uEAl3XZG6QStj0.crl (hash: m6N4V3KvyAdwX6Qf7HJnIkQSu3kqlrfNZLkGWhZ+euE=) 2: 5493E832AF1511F09DB9CB78C4F9AE02.roa (hash: TkA4esTL9Exwr+47F2RMHuvhHZl+fNcFsQRPqVn17vg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9172B46/088701B8ABB411F0ABF20940C4F9AE02/tU4IRltUXO7x4uEAl3XZG6QStj0.crl rsync://rpki.apnic.net/member_repository/A9172B46/088701B8ABB411F0ABF20940C4F9AE02/tU4IRltUXO7x4uEAl3XZG6QStj0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tU4IRltUXO7x4uEAl3XZG6QStj0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:11:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 20 (0x14) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9172B46, serialNumber=B54E08465B545CEEF1E2E1009775D91BA412B63D Validity Not Before: Nov 5 08:11:43 2025 GMT Not After : Nov 12 08:11:43 2025 GMT Subject: CN=690b06bf-f80d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:45:35:8c:f2:0f:02:22:c8:a0:8c:09:86:37: 1c:37:7b:33:8d:0e:92:36:82:c3:6c:3f:8c:3e:48: 70:95:38:17:0b:73:41:01:89:47:0f:08:b8:1d:4d: a8:6c:4d:2e:58:e9:e5:ed:e7:53:cd:35:71:85:d2: d4:21:fd:b8:8b:69:82:d7:a5:53:f4:5b:98:90:4b: fa:9b:a8:4d:9c:3b:18:af:3c:a8:ca:32:50:27:5e: b5:31:bf:1a:5f:96:fc:f3:ac:24:22:61:ca:18:01: 89:5d:30:de:3f:ea:23:0c:df:a5:1f:68:05:df:2c: cc:19:96:8e:6f:4d:50:31:5c:2b:47:8c:8e:0a:0d: c3:bb:37:99:d8:49:5b:b1:1d:f9:c7:62:ee:b9:88: 97:d5:a7:44:c7:98:a1:fd:2f:a4:55:3e:23:9c:3f: de:73:e9:29:4f:bc:bc:3e:4b:59:3e:3b:3e:15:4a: 92:e5:4a:83:02:01:76:af:65:60:fc:45:1a:4b:22: 44:cb:93:b9:ee:0f:1c:08:15:1b:76:33:6c:58:c3: e9:65:03:7a:0e:22:3a:7a:23:61:6a:81:57:56:c6: af:92:d2:38:bc:59:d3:c7:c8:5f:bf:d2:8d:97:c1: ab:88:9c:2c:aa:a8:5a:86:c2:18:70:49:fb:bc:e9: 8c:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:B0:1D:BA:A0:AE:D9:00:30:8A:E0:50:29:5E:35:8F:41:4C:4B:54 X509v3 Authority Key Identifier: keyid:B5:4E:08:46:5B:54:5C:EE:F1:E2:E1:00:97:75:D9:1B:A4:12:B6:3D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9172B46/088701B8ABB411F0ABF20940C4F9AE02/tU4IRltUXO7x4uEAl3XZG6QStj0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tU4IRltUXO7x4uEAl3XZG6QStj0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9172B46/088701B8ABB411F0ABF20940C4F9AE02/tU4IRltUXO7x4uEAl3XZG6QStj0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:85:d9:ba:28:04:f5:83:02:ed:ce:56:03:b0:26:01:7f:23: 96:c0:7e:33:bb:fa:d8:c8:c6:13:21:4a:2c:7f:42:97:bd:f3: bf:0c:a4:51:79:58:73:33:f6:ca:e9:79:e6:db:19:cf:d6:d0: 8e:27:a6:27:cc:a8:2c:c7:cd:bd:17:f5:06:32:0c:80:db:6a: 9c:59:cf:c7:f4:7c:85:8e:8f:df:1a:11:4e:8c:34:d5:df:bc: 0a:ef:d4:fd:86:67:bb:b7:65:ae:d9:4f:29:49:65:45:c7:70: 78:e3:df:18:f4:d7:ba:e2:34:cd:43:73:c8:b3:b7:5f:6a:3f: 3d:f7:98:e1:bb:28:4c:6e:d3:98:e7:f9:73:15:c7:bc:f3:74: f3:83:34:2d:34:0a:ab:16:b2:30:3a:59:62:f0:a6:c9:40:ab: 7f:9c:e7:3c:ce:2f:82:16:c8:36:f2:b2:1f:0a:62:47:4a:00: f3:2b:11:ca:dd:0c:39:a7:29:27:66:df:a1:8c:af:c9:ab:70: 87:6e:6c:6e:72:57:29:5b:03:7c:07:c0:b9:ce:90:9c:f7:ee: 90:e6:0a:c4:ee:cb:80:96:e2:2c:b2:25:e8:3b:b1:c6:ab:ab: 0c:ac:73:8e:cc:07:03:35:58:29:76:ac:87:33:ff:73:35:e9: b3:8e:d3:42 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBFDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 MkI0NjExMC8GA1UEBRMoQjU0RTA4NDY1QjU0NUNFRUYxRTJFMTAwOTc3NUQ5MUJB NDEyQjYzRDAeFw0yNTExMDUwODExNDNaFw0yNTExMTIwODExNDNaMBgxFjAUBgNV BAMTDTY5MGIwNmJmLWY4MGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDWRTWM8g8CIsigjAmGNxw3ezONDpI2gsNsP4w+SHCVOBcLc0EBiUcPCLgdTahs TS5Y6eXt51PNNXGF0tQh/biLaYLXpVP0W5iQS/qbqE2cOxivPKjKMlAnXrUxvxpf lvzzrCQiYcoYAYldMN4/6iMM36UfaAXfLMwZlo5vTVAxXCtHjI4KDcO7N5nYSVux HfnHYu65iJfVp0THmKH9L6RVPiOcP95z6SlPvLw+S1k+Oz4VSpLlSoMCAXavZWD8 RRpLIkTLk7nuDxwIFRt2M2xYw+llA3oOIjp6I2FqgVdWxq+S0ji8WdPHyF+/0o2X wauInCyqqFqGwhhwSfu86YzfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU+bAduqCu 2QAwiuBQKV41j0FMS1QwHwYDVR0jBBgwFoAUtU4IRltUXO7x4uEAl3XZG6QStj0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcyQjQ2LzA4ODcwMUI4QUJC NDExRjBBQkYyMDk0MEM0RjlBRTAyL3RVNElSbHRVWE83eDR1RUFsM1haRzZRU3Rq MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdFU0SVJsdFVYTzd4NHVFQWwzWFpHNlFTdGowLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTcy QjQ2LzA4ODcwMUI4QUJCNDExRjBBQkYyMDk0MEM0RjlBRTAyL3RVNElSbHRVWE83 eDR1RUFsM1haRzZRU3RqMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALOF2booBPWDAu3OVgOwJgF/I5bAfjO7+tjIxhMhSix/Qpe9878MpFF5 WHMz9srpeebbGc/W0I4npifMqCzHzb0X9QYyDIDbapxZz8f0fIWOj98aEU6MNNXf vArv1P2GZ7u3Za7ZTylJZUXHcHjj3xj017riNM1Dc8izt19qPz33mOG7KExu05jn +XMVx7zzdPODNC00CqsWsjA6WWLwpslAq3+c5zzOL4IWyDbysh8KYkdKAPMrEcrd DDmnKSdm36GMr8mrcIdubG5yVylbA3wHwLnOkJz37pDmCsTuy4CW4iyyJeg7scar qwysc47MBwM1WCl2rIcz/3M16bOO00I= -----END CERTIFICATE-----Generated at Wed Nov 5 09:25:35 2025 by rpki-client