$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft File: CIaR8feL2c7-2A021lDWd2emvbA.mft (raw, json) Hash identifier: ToElK57LWDtBJhvO+NrJuoNzMoyhgyr+kh6d/GYWeLE= Subject key identifier: 66:64:C9:FD:F3:BF:5E:83:3D:39:9F:91:CC:26:C4:6D:F3:C9:DD:24 Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Certificate serial: 07E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft Manifest number: 07DA Signing time: Tue 04 Nov 2025 21:15:32 +0000 Manifest this update: Tue 04 Nov 2025 21:15:32 +0000 Manifest next update: Tue 11 Nov 2025 21:15:32 +0000 Files and hashes: 1: CIaR8feL2c7-2A021lDWd2emvbA.crl (hash: 52cICcpUgf8tlxGzxWmQ3GxLxoER3HtuWfQhaJl/Npk=) 2: F126F04A11A911EBB5A4DD83C4F9AE02.roa (hash: 7u9lFldLGtHyxwH20hTfSxqKwvd+3v0Fn/UDNDaczHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:15:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2016 (0x7e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DA4A, serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Validity Not Before: Nov 4 21:15:32 2025 GMT Not After : Nov 11 21:15:32 2025 GMT Subject: CN=690a6cf4-4af0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:43:d8:f9:17:57:4a:53:e0:6c:fe:c2:a8:f5: 45:4f:b5:62:6a:75:d0:56:c8:71:76:a1:4d:f4:33: 39:34:37:81:4a:29:2d:93:b4:9b:1c:3e:c4:84:fd: 62:3e:32:ae:03:29:91:42:c6:1c:b8:0b:d5:eb:29: 79:c1:33:39:fd:65:d2:bc:e0:d2:5e:16:ea:a1:37: 84:c7:ed:6f:be:fc:46:fe:60:fb:bd:bd:e0:59:c6: 9e:25:86:92:c7:29:9a:fd:7f:96:c6:a6:70:0a:c7: a0:3f:5d:85:0d:5b:14:53:e1:7c:6b:9f:64:52:a2: 7b:f1:e2:e5:35:31:66:6b:5a:ef:a3:0e:53:dc:8a: 9f:6f:07:24:6e:33:35:5e:91:d5:4f:66:d5:d8:bd: 02:5f:c2:16:df:b0:30:ca:bc:98:63:9a:54:10:1c: dc:e0:39:52:b3:82:73:30:e2:30:97:62:76:0d:ee: ef:ef:62:e0:0c:96:98:7b:76:c3:53:6e:21:2f:59: 7f:f2:b9:d4:86:08:89:df:99:00:23:b0:92:fc:e9: ee:15:50:d0:67:22:1c:3b:95:80:8d:33:61:a5:79: 2c:18:3f:56:91:3e:59:32:31:9e:78:5c:10:9a:ce: 05:1d:a1:29:08:50:62:36:1b:07:7f:0d:d0:09:7f: 2b:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:64:C9:FD:F3:BF:5E:83:3D:39:9F:91:CC:26:C4:6D:F3:C9:DD:24 X509v3 Authority Key Identifier: keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9c:aa:5c:e0:80:e2:0f:d2:31:4b:93:6d:29:ac:f9:42:2b:68: a6:45:d3:11:59:22:e9:a7:f0:d7:53:2e:33:eb:47:9c:0f:d4: 2a:71:f7:a5:1d:cf:56:6c:5c:c5:89:c1:f7:1d:47:7c:43:e5: 71:b6:e3:d8:4c:7c:8a:c1:9b:46:41:df:c8:2f:3b:98:0d:33: de:ff:6e:e5:0c:b9:61:cb:58:61:6e:37:55:16:40:f7:ef:8e: 01:91:6f:16:e6:69:8d:1a:e5:e1:b4:2e:91:92:3d:f1:2e:61: 5f:6a:79:47:36:8b:66:84:ff:4e:c7:35:8d:87:d3:c5:62:03: 63:31:89:9e:9d:68:59:4b:73:bf:bf:93:a8:b8:c0:5b:1c:31: ce:95:62:17:8c:69:0d:6c:54:02:89:93:13:9c:49:13:fa:70: 34:bb:55:ed:fb:d1:90:97:60:4f:2c:47:4c:7d:72:60:e9:31: 0d:59:b3:30:ca:db:f0:67:9d:b2:a3:98:c2:c9:d4:9c:3c:1c: 1e:b7:31:75:f3:4f:b8:db:f5:18:56:3c:0b:37:2b:55:b4:ca: 48:70:03:f1:5b:49:c9:61:54:d8:98:65:37:e6:b1:f8:78:ab: 8f:71:f2:ae:f8:a5:f9:18:ca:5d:a5:92:b8:aa:48:4d:46:91: f8:85:ce:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3 NjdBNkJEQjAwHhcNMjUxMTA0MjExNTMyWhcNMjUxMTExMjExNTMyWjAYMRYwFAYD VQQDEw02OTBhNmNmNC00YWYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy0PY+RdXSlPgbP7CqPVFT7VianXQVshxdqFN9DM5NDeBSiktk7SbHD7EhP1i PjKuAymRQsYcuAvV6yl5wTM5/WXSvODSXhbqoTeEx+1vvvxG/mD7vb3gWcaeJYaS xyma/X+WxqZwCsegP12FDVsUU+F8a59kUqJ78eLlNTFma1rvow5T3IqfbwckbjM1 XpHVT2bV2L0CX8IW37AwyryYY5pUEBzc4DlSs4JzMOIwl2J2De7v72LgDJaYe3bD U24hL1l/8rnUhgiJ35kAI7CS/OnuFVDQZyIcO5WAjTNhpXksGD9WkT5ZMjGeeFwQ ms4FHaEpCFBiNhsHfw3QCX8rZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGZkyf3z v16DPTmfkcwmxG3zyd0kMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12 YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REE0QS8wNTFEQUY1QTBEQzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJj Ny0yQTAyMWxEV2QyZW12YkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCcqlzggOIP0jFLk20prPlCK2imRdMRWSLpp/DXUy4z60ecD9Qqcfel Hc9WbFzFicH3HUd8Q+VxtuPYTHyKwZtGQd/ILzuYDTPe/27lDLlhy1hhbjdVFkD3 744BkW8W5mmNGuXhtC6Rkj3xLmFfanlHNotmhP9OxzWNh9PFYgNjMYmenWhZS3O/ v5OouMBbHDHOlWIXjGkNbFQCiZMTnEkT+nA0u1Xt+9GQl2BPLEdMfXJg6TENWbMw ytvwZ52yo5jCydScPBwetzF180+42/UYVjwLNytVtMpIcAPxW0nJYVTYmGU35rH4 eKuPcfKu+KX5GMpdpZK4qkhNRpH4hc5F -----END CERTIFICATE-----Generated at Wed Nov 5 02:35:59 2025 by rpki-client