$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft File: gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft (raw, json) Hash identifier: FdsxjdBV8zZypEe2C8i24liQXWwVRiyNpK5KcxhJnqE= Subject key identifier: 9C:54:0A:F5:70:40:03:37:E3:E0:3C:C2:7F:FC:D8:9C:9F:C4:E6:E0 Authority key identifier: 82:1F:4D:B2:2E:E5:9A:FD:59:3A:7E:68:9E:DA:9F:C9:4B:E5:85:DD Certificate issuer: /CN=A91C1C49/serialNumber=821F4DB22EE59AFD593A7E689EDA9FC94BE585DD Certificate serial: 34DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft Manifest number: 413C Signing time: Tue 04 Nov 2025 15:06:03 +0000 Manifest this update: Tue 04 Nov 2025 15:06:02 +0000 Manifest next update: Tue 11 Nov 2025 15:06:02 +0000 Files and hashes: 1: gh9Nsi7lmv1ZOn5ontqfyUvlhd0.crl (hash: 4QSmlmIEFBSgWEQ7vM0dxxhxxagvIheMhXpuO/bL2yA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.crl rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:06:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13532 (0x34dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1C49, serialNumber=821F4DB22EE59AFD593A7E689EDA9FC94BE585DD Validity Not Before: Nov 4 15:06:02 2025 GMT Not After : Nov 11 15:06:02 2025 GMT Subject: CN=690a165b-e03e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:9d:d8:74:77:38:d2:3f:3f:75:5b:42:3c:a2: 0b:68:9a:80:b3:1d:f8:12:49:95:f5:a1:2c:ac:b5: 9c:0d:12:2d:d1:23:b5:e2:5b:c9:fb:e4:fa:3a:09: e9:4a:a4:20:a3:fb:2b:0b:14:eb:ee:7f:54:1a:a1: 79:5f:22:0a:e7:38:8f:2a:25:0d:3e:5e:ee:17:81: f4:25:b3:49:fe:8b:cc:98:8f:a6:14:7e:33:8e:41: 0a:1e:ee:4d:1b:8b:c2:3a:c1:e5:99:dd:a6:5b:01: 92:e1:da:33:6e:c1:fb:d4:42:3e:18:d6:9a:37:3e: cc:42:c7:ae:e1:7b:18:db:df:e2:e4:4f:d9:8d:38: 1e:bd:7a:d3:6f:56:62:e9:d7:bb:fe:f5:59:1f:20: 7b:ff:30:28:19:5c:16:46:f0:20:53:f6:94:93:49: f9:bc:e3:04:9a:39:ad:16:d2:1f:d7:99:a6:f2:fe: 3d:89:2a:5f:db:f4:68:fa:c2:83:6c:47:96:eb:fd: 71:f3:a5:4a:ce:28:43:66:3d:27:e5:80:4b:49:cd: a5:0b:4d:46:f6:41:ed:43:79:f7:c9:99:6e:b2:8d: 58:a4:51:99:a0:4d:bb:a1:dc:f7:1c:da:07:8b:5b: e4:02:a1:20:06:af:77:63:ea:d5:d4:40:ba:0a:78: 31:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:54:0A:F5:70:40:03:37:E3:E0:3C:C2:7F:FC:D8:9C:9F:C4:E6:E0 X509v3 Authority Key Identifier: keyid:82:1F:4D:B2:2E:E5:9A:FD:59:3A:7E:68:9E:DA:9F:C9:4B:E5:85:DD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1C49/C49F75F81D9F11E29EFBA29008B02CD2/gh9Nsi7lmv1ZOn5ontqfyUvlhd0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:70:ff:23:5d:dd:74:b0:46:88:02:4b:ac:36:c1:94:df:19: 89:4a:94:e9:34:6e:18:fb:a7:87:19:d0:07:32:7a:99:8d:a2: af:b1:26:ec:0d:83:50:e2:93:88:0f:c5:9c:09:e7:e4:ef:74: cf:68:e2:bc:fc:85:a3:d2:e0:6d:4e:ca:1c:03:e6:04:fe:f1: 53:b8:26:19:5a:76:bc:90:21:c3:ae:0c:6e:8a:64:9f:2e:0e: b9:55:ec:f3:b7:8f:e6:d3:58:f6:14:63:bb:5a:09:2c:68:ae: 07:20:fd:dc:7d:07:d9:da:34:3d:67:a7:90:d6:23:61:fe:f4: dc:81:f1:46:b8:b0:48:b5:87:d8:d1:85:40:a3:88:83:1b:b2: 77:af:93:74:e4:68:35:bc:46:2e:e2:0e:a5:6a:1d:ca:bf:57: 90:dc:62:77:78:08:ab:64:2e:b2:96:92:aa:d0:f4:79:19:a8: 19:a1:09:ab:50:b2:1d:6e:7b:f9:af:ac:3d:95:87:f6:21:14: c7:18:14:13:14:33:cf:a7:09:f7:0f:17:a9:e6:d1:8a:d0:d1: c1:a8:80:cd:cc:46:ea:28:eb:cf:55:88:17:22:a2:2f:df:ca: 2a:d1:a6:78:e2:26:8a:fd:d7:ec:91:d5:98:f5:ea:2d:90:0d: 6c:dc:6e:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFDNDkxMTAvBgNVBAUTKDgyMUY0REIyMkVFNTlBRkQ1OTNBN0U2ODlFREE5RkM5 NEJFNTg1REQwHhcNMjUxMTA0MTUwNjAyWhcNMjUxMTExMTUwNjAyWjAYMRYwFAYD VQQDEw02OTBhMTY1Yi1lMDNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApZ3YdHc40j8/dVtCPKILaJqAsx34EkmV9aEsrLWcDRIt0SO14lvJ++T6Ognp SqQgo/srCxTr7n9UGqF5XyIK5ziPKiUNPl7uF4H0JbNJ/ovMmI+mFH4zjkEKHu5N G4vCOsHlmd2mWwGS4dozbsH71EI+GNaaNz7MQseu4XsY29/i5E/ZjTgevXrTb1Zi 6de7/vVZHyB7/zAoGVwWRvAgU/aUk0n5vOMEmjmtFtIf15mm8v49iSpf2/Ro+sKD bEeW6/1x86VKzihDZj0n5YBLSc2lC01G9kHtQ3n3yZluso1YpFGZoE27odz3HNoH i1vkAqEgBq93Y+rV1EC6CngxZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJxUCvVw QAM34+A8wn/82JyfxObgMB8GA1UdIwQYMBaAFIIfTbIu5Zr9WTp+aJ7an8lL5YXd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUM0OS9DNDlGNzVGODFE OUYxMUUyOUVGQkEyOTAwOEIwMkNEMi9naDlOc2k3bG12MVpPbjVvbnRxZnlVdmxo ZDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2doOU5zaTdsbXYxWk9uNW9udHFmeVV2bGhkMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUM0OS9DNDlGNzVGODFEOUYxMUUyOUVGQkEyOTAwOEIwMkNEMi9naDlOc2k3bG12 MVpPbjVvbnRxZnlVdmxoZDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXcP8jXd10sEaIAkusNsGU3xmJSpTpNG4Y+6eHGdAHMnqZjaKvsSbs DYNQ4pOID8WcCefk73TPaOK8/IWj0uBtTsocA+YE/vFTuCYZWna8kCHDrgxuimSf Lg65Vezzt4/m01j2FGO7WgksaK4HIP3cfQfZ2jQ9Z6eQ1iNh/vTcgfFGuLBItYfY 0YVAo4iDG7J3r5N05Gg1vEYu4g6lah3Kv1eQ3GJ3eAirZC6ylpKq0PR5GagZoQmr ULIdbnv5r6w9lYf2IRTHGBQTFDPPpwn3Dxep5tGK0NHBqIDNzEbqKOvPVYgXIqIv 38oq0aZ44iaK/dfskdWY9eotkA1s3G6w -----END CERTIFICATE-----Generated at Wed Nov 5 13:22:42 2025 by rpki-client