$ rpki-client -vvf rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft File: 0aHv0iQTWusJg56ovbjNxZnOZX8.mft (raw, json) Hash identifier: bBz2VvMXaSuOOMebMGgRKFRxKYvBZJXHY5DhfG3Rw5o= Subject key identifier: FA:B4:D6:ED:9F:6F:31:EA:09:AB:F5:52:D7:8A:7B:8E:37:13:94:71 Authority key identifier: D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F Certificate issuer: /CN=A917D9FC/serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Certificate serial: 04E0 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft Manifest number: 04DB Signing time: Tue 04 Nov 2025 16:36:32 +0000 Manifest this update: Tue 04 Nov 2025 16:36:31 +0000 Manifest next update: Tue 11 Nov 2025 16:36:31 +0000 Files and hashes: 1: 0aHv0iQTWusJg56ovbjNxZnOZX8.crl (hash: rh7l2xaKgolG6Fg9g1ZImhxFotLVxrVG2L3GubIjBHg=) 2: AD94C92242BA11ECB1E8FF11C4F9AE02.roa (hash: v+UfHJBNUMJhgU+Hq/Ni7UlIWeTPSw4kY7gKtnOeoHo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:36:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1248 (0x4e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D9FC, serialNumber=D1A1EFD224135AEB09839EA8BDB8CDC599CE657F Validity Not Before: Nov 4 16:36:31 2025 GMT Not After : Nov 11 16:36:31 2025 GMT Subject: CN=690a2b8f-45c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:1d:68:74:13:40:ca:da:af:af:12:2c:72:c8: 1f:3a:fd:fc:9f:ad:b9:64:fa:22:f2:5e:aa:55:91: 57:3d:8d:86:91:85:8b:4c:4a:19:d0:3b:91:ff:b8: ec:26:3c:5d:b4:d3:a9:48:da:7e:84:6c:cf:14:a1: 5f:8f:2b:47:3b:d7:06:7a:07:3a:c8:b3:5c:4f:b7: b9:49:ec:24:40:6e:e1:bb:96:16:52:20:ab:21:07: f0:b3:08:17:bb:1e:78:c0:36:16:1d:eb:76:cd:2b: 18:4b:ce:f2:5f:12:13:af:6d:41:af:f5:17:f3:99: 3f:0d:6a:af:ca:8b:06:9b:77:34:cf:3e:99:00:cc: 12:f2:6c:8f:e6:28:a6:c9:45:5f:62:bb:9e:b2:ab: c1:75:3f:a0:d5:f2:3f:1a:28:e8:06:78:1d:5f:7b: 4b:3a:d5:e0:81:77:2f:74:85:f6:c9:ad:fe:11:f2: d9:a2:b3:ba:9c:d5:ef:f3:3b:90:2b:0c:10:5b:5f: 6e:7f:20:62:1c:08:ca:3a:2d:ec:18:43:af:1f:5c: ab:ae:56:6a:3f:10:13:6b:11:b7:a8:83:35:91:d2: 22:8e:d7:2c:35:a5:c6:6e:8e:88:e8:9e:54:6b:de: 9f:d6:e3:2f:4b:ab:4f:24:d6:c6:15:fe:bc:20:96: f2:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:B4:D6:ED:9F:6F:31:EA:09:AB:F5:52:D7:8A:7B:8E:37:13:94:71 X509v3 Authority Key Identifier: keyid:D1:A1:EF:D2:24:13:5A:EB:09:83:9E:A8:BD:B8:CD:C5:99:CE:65:7F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/0aHv0iQTWusJg56ovbjNxZnOZX8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D9FC/7A302D0042B111EC9F24A06EC4F9AE02/0aHv0iQTWusJg56ovbjNxZnOZX8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:b2:4c:8d:56:02:a8:62:83:09:f9:da:a8:6e:2e:a1:2e:96: 67:c7:7a:da:e6:f9:81:9b:d4:50:19:e4:97:3e:ab:88:00:55: e8:5c:db:42:11:e3:a7:f4:00:ba:76:87:3c:f3:c7:37:15:fb: ef:41:5c:24:0a:f3:94:f4:e6:d4:60:24:b2:99:71:cb:27:26: f2:bb:42:ce:28:0d:63:40:ef:fa:cc:8e:c5:d0:aa:bf:90:1e: db:f1:bd:16:6b:f6:9d:73:9a:66:bd:ae:93:2b:27:6f:cf:97: 29:0e:e2:28:ef:b9:42:11:ed:4d:68:ac:d9:06:ed:7d:48:37: ca:70:20:13:d5:95:d3:18:c2:33:24:0d:5b:10:4e:7f:48:e9: a0:85:f4:fa:03:49:9e:95:a1:f7:f4:ea:22:59:18:de:a3:ff: 21:38:6a:52:36:91:53:91:77:3a:93:fa:b1:43:a5:4c:bb:31: b4:c1:d7:ee:98:5e:56:e5:f6:72:fd:97:63:48:6c:ab:6b:d6: d8:87:d2:1e:e5:8a:ba:0b:e7:07:2b:4e:ff:58:46:fc:88:68: b2:c0:6c:ea:ae:d7:73:b0:97:33:78:9d:8a:ca:9b:54:5c:b7: cb:ee:35:68:b1:5a:bb:04:9b:23:f1:53:53:f2:3a:96:db:c2: b6:8a:cf:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBOAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Q5RkMxMTAvBgNVBAUTKEQxQTFFRkQyMjQxMzVBRUIwOTgzOUVBOEJEQjhDREM1 OTlDRTY1N0YwHhcNMjUxMTA0MTYzNjMxWhcNMjUxMTExMTYzNjMxWjAYMRYwFAYD VQQDEw02OTBhMmI4Zi00NWMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2R1odBNAytqvrxIscsgfOv38n625ZPoi8l6qVZFXPY2GkYWLTEoZ0DuR/7js JjxdtNOpSNp+hGzPFKFfjytHO9cGegc6yLNcT7e5SewkQG7hu5YWUiCrIQfwswgX ux54wDYWHet2zSsYS87yXxITr21Br/UX85k/DWqvyosGm3c0zz6ZAMwS8myP5iim yUVfYruesqvBdT+g1fI/GijoBngdX3tLOtXggXcvdIX2ya3+EfLZorO6nNXv8zuQ KwwQW19ufyBiHAjKOi3sGEOvH1yrrlZqPxATaxG3qIM1kdIijtcsNaXGbo6I6J5U a96f1uMvS6tPJNbGFf68IJbyCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPq01u2f bzHqCav1UteKe443E5RxMB8GA1UdIwQYMBaAFNGh79IkE1rrCYOeqL24zcWZzmV/ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDlGQy83QTMwMkQwMDQy QjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1c0pnNTZvdmJqTnhabk9a WDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyLzBhSHYwaVFUV3VzSmc1Nm92YmpOeFpuT1pYOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDlGQy83QTMwMkQwMDQyQjExMUVDOUYyNEEwNkVDNEY5QUUwMi8wYUh2MGlRVFd1 c0pnNTZvdmJqTnhabk9aWDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEskyNVgKoYoMJ+dqobi6hLpZnx3ra5vmBm9RQGeSXPquIAFXoXNtC EeOn9AC6doc888c3FfvvQVwkCvOU9ObUYCSymXHLJybyu0LOKA1jQO/6zI7F0Kq/ kB7b8b0Wa/adc5pmva6TKydvz5cpDuIo77lCEe1NaKzZBu19SDfKcCAT1ZXTGMIz JA1bEE5/SOmghfT6A0melaH39OoiWRjeo/8hOGpSNpFTkXc6k/qxQ6VMuzG0wdfu mF5W5fZy/ZdjSGyra9bYh9Ie5Yq6C+cHK07/WEb8iGiywGzqrtdzsJczeJ2KyptU XLfL7jVosVq7BJsj8VNT8jqW28K2is/o -----END CERTIFICATE-----Generated at Wed Nov 5 16:23:09 2025 by rpki-client