$ rpki-client -vvf rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft File: z7B65d0AqScU2zWnIQRdnS644xc.mft (raw, json) Hash identifier: TTxp1SFXPmWqy/XkM9gvQ4JIaiKxgkpjSoi/5YwWpKU= Subject key identifier: A2:05:AC:7A:D5:5E:1C:DA:0C:8A:1E:BD:65:53:16:DE:F2:BF:62:9A Authority key identifier: CF:B0:7A:E5:DD:00:A9:27:14:DB:35:A7:21:04:5D:9D:2E:B8:E3:17 Certificate issuer: /CN=A9189A9F/serialNumber=CFB07AE5DD00A92714DB35A721045D9D2EB8E317 Certificate serial: 54 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7B65d0AqScU2zWnIQRdnS644xc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft Manifest number: 046B Signing time: Wed 05 Nov 2025 00:29:12 +0000 Manifest this update: Wed 05 Nov 2025 00:29:12 +0000 Manifest next update: Wed 12 Nov 2025 00:29:12 +0000 Files and hashes: 1: z7B65d0AqScU2zWnIQRdnS644xc.crl (hash: DbxYaAAD4LsMLGW06lQdsDbz1/qomQLNOr1qXwUSCu8=) 2: 42A92B3C3BAC11F0882B5B62C4F9AE02.roa (hash: 3kUfpfWFsRQio/I2rlN7rqdOffzKtu9waWZ7PwEcB0U=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.crl rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7B65d0AqScU2zWnIQRdnS644xc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:29:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 84 (0x54) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9189A9F, serialNumber=CFB07AE5DD00A92714DB35A721045D9D2EB8E317 Validity Not Before: Nov 5 00:29:12 2025 GMT Not After : Nov 12 00:29:12 2025 GMT Subject: CN=690a9a58-9bcb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:e0:b1:bf:cd:57:b3:85:01:7b:d6:6d:1a:a2: 2e:3d:15:30:ee:84:dd:49:8a:67:79:69:4f:e5:a1: 28:1f:f2:41:bc:d5:5e:1e:05:d6:59:5a:a0:8c:5e: aa:45:1a:cf:74:d0:1e:f1:6f:85:98:29:87:90:7a: e2:80:3e:3a:63:01:7f:3a:c6:2d:78:35:68:f3:11: 7d:ad:d8:39:4e:32:be:67:c0:82:23:e7:1d:cb:75: b6:c1:bf:5b:d8:89:e8:96:ce:72:b6:7e:40:5d:30: 5c:49:94:e0:b6:fa:b4:82:a7:98:e0:94:d6:65:33: b9:fe:1e:0e:e3:ef:f0:f8:08:6e:3a:43:bf:c2:5b: 60:81:47:19:64:63:10:29:66:ce:74:d1:12:6d:c9: 12:70:21:8d:7c:f3:42:b6:fd:3b:00:de:ee:ae:e6: 79:06:6a:19:11:5e:6b:63:5a:6c:64:c1:68:92:75: 28:2a:2f:dd:0b:44:fa:5e:27:55:ad:39:c0:54:ef: 4b:ee:8e:11:8f:f1:13:35:d7:2a:40:5a:cb:ae:ca: 45:f3:13:e5:98:62:f0:ff:41:2a:17:a9:fc:98:d7: 4c:6e:96:83:ae:48:e7:ae:94:80:6a:01:e2:53:46: 2a:99:11:3f:23:cb:58:c5:6c:dc:03:81:aa:a2:30: 64:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A2:05:AC:7A:D5:5E:1C:DA:0C:8A:1E:BD:65:53:16:DE:F2:BF:62:9A X509v3 Authority Key Identifier: keyid:CF:B0:7A:E5:DD:00:A9:27:14:DB:35:A7:21:04:5D:9D:2E:B8:E3:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z7B65d0AqScU2zWnIQRdnS644xc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9189A9F/8056BA568A9011EC8C1B0D22C4F9AE02/z7B65d0AqScU2zWnIQRdnS644xc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:c3:20:b1:1f:c2:fc:5d:87:92:1b:06:2b:48:10:5d:d8:e5: 8c:42:8f:b7:f5:e3:a6:a0:71:76:78:5d:87:48:e0:b6:26:0e: 50:b5:99:4f:fc:c4:60:90:e8:9e:65:ce:18:7f:bd:b5:86:09: 5c:19:df:83:ac:71:e4:b0:53:36:0a:44:c7:28:a4:ec:74:71: e8:a4:b6:80:ee:3c:9f:25:19:cc:df:e2:09:8e:fc:42:2e:5a: 26:b9:9c:90:37:36:f0:10:81:22:2a:6f:89:1b:9c:b4:91:a1: 37:ad:86:b0:92:16:f0:5c:4f:b1:49:ed:fe:6c:30:a9:0b:12: d4:d4:ea:03:53:65:0e:5c:f1:18:eb:04:96:a8:1c:cd:56:64: ae:b8:01:c5:67:94:8d:f8:db:7e:06:a7:7b:a9:23:40:d1:48: 3b:a2:8f:3e:38:11:37:db:2a:31:01:92:07:e7:85:c4:bd:68: 28:08:03:fc:12:6c:89:e8:ec:99:71:95:73:3a:65:05:a1:31: 44:70:b8:34:aa:59:27:8e:a1:8e:91:ca:8b:2f:66:50:33:88: fb:7f:b2:59:ae:ed:e1:7d:97:dd:34:99:f5:56:a7:23:8d:c6: 3b:68:ea:bb:85:31:c3:eb:5e:2e:ef:1f:7f:40:17:7f:15:08: aa:7c:cd:b0 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 OUE5RjExMC8GA1UEBRMoQ0ZCMDdBRTVERDAwQTkyNzE0REIzNUE3MjEwNDVEOUQy RUI4RTMxNzAeFw0yNTExMDUwMDI5MTJaFw0yNTExMTIwMDI5MTJaMBgxFjAUBgNV BAMTDTY5MGE5YTU4LTliY2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCs4LG/zVezhQF71m0aoi49FTDuhN1Jimd5aU/loSgf8kG81V4eBdZZWqCMXqpF Gs900B7xb4WYKYeQeuKAPjpjAX86xi14NWjzEX2t2DlOMr5nwIIj5x3LdbbBv1vY ieiWznK2fkBdMFxJlOC2+rSCp5jglNZlM7n+Hg7j7/D4CG46Q7/CW2CBRxlkYxAp Zs500RJtyRJwIY1880K2/TsA3u6u5nkGahkRXmtjWmxkwWiSdSgqL90LRPpeJ1Wt OcBU70vujhGP8RM11ypAWsuuykXzE+WYYvD/QSoXqfyY10xuloOuSOeulIBqAeJT RiqZET8jy1jFbNwDgaqiMGQHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUogWsetVe HNoMih69ZVMW3vK/YpowHwYDVR0jBBgwFoAUz7B65d0AqScU2zWnIQRdnS644xcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5QTlGLzgwNTZCQTU2OEE5 MDExRUM4QzFCMEQyMkM0RjlBRTAyL3o3QjY1ZDBBcVNjVTJ6V25JUVJkblM2NDR4 Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvejdCNjVkMEFxU2NVMnpXbklRUmRuUzY0NHhjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTg5 QTlGLzgwNTZCQTU2OEE5MDExRUM4QzFCMEQyMkM0RjlBRTAyL3o3QjY1ZDBBcVNj VTJ6V25JUVJkblM2NDR4Yy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAL/DILEfwvxdh5IbBitIEF3Y5YxCj7f146agcXZ4XYdI4LYmDlC1mU/8 xGCQ6J5lzhh/vbWGCVwZ34OsceSwUzYKRMcopOx0ceiktoDuPJ8lGczf4gmO/EIu Wia5nJA3NvAQgSIqb4kbnLSRoTethrCSFvBcT7FJ7f5sMKkLEtTU6gNTZQ5c8Rjr BJaoHM1WZK64AcVnlI34234Gp3upI0DRSDuijz44ETfbKjEBkgfnhcS9aCgIA/wS bIno7JlxlXM6ZQWhMURwuDSqWSeOoY6RyosvZlAziPt/slmu7eF9l900mfVWpyON xjto6ruFMcPrXi7vH39AF38VCKp8zbA= -----END CERTIFICATE-----Generated at Wed Nov 5 05:13:34 2025 by rpki-client