$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft File: CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft (raw, json) Hash identifier: k9EQN0aFkZOTM2GwwwXqls4nDZeVy9UkEkR3LD/J7dw= Subject key identifier: 7D:F8:B9:07:6A:94:DF:4E:76:08:96:4D:AE:FB:69:3F:35:91:52:68 Authority key identifier: 09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E Certificate issuer: /CN=A91E9D1A/serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Certificate serial: 3519 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft Manifest number: 34F9 Signing time: Tue 04 Nov 2025 14:19:33 +0000 Manifest this update: Tue 04 Nov 2025 14:19:33 +0000 Manifest next update: Tue 11 Nov 2025 14:19:33 +0000 Files and hashes: 1: CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl (hash: IAJSKnxdhsiumSs4qYqGOsr+pcPvcE0YcF7QHrgQNVY=) 2: 81C9B5A4BBFA11ED99272016C4F9AE02.roa (hash: 5TYvs++Mvewysf2Y0/6vpFA2+467A8J4q0CP6JqLCQs=) 3: E404430CB0F811E595E0F761C4F9AE02.roa (hash: aPLpTjVx3H8dG+sQrN1VcBaFu+dKTfAESi5mspAt7yo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:19:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13593 (0x3519) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9D1A, serialNumber=0976FC3D23186D48C671773740891CF54E31B80E Validity Not Before: Nov 4 14:19:33 2025 GMT Not After : Nov 11 14:19:33 2025 GMT Subject: CN=690a0b75-7d58 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f0:69:b3:0e:14:d5:f8:1c:20:11:0e:89:dd: 93:2b:a5:e8:2a:4d:4b:e2:cf:53:81:61:3f:e5:53: 0f:c7:9b:98:ee:2a:24:67:b1:0f:0d:c6:47:9b:bc: 4e:49:2d:eb:9f:a9:b2:a5:36:ff:f0:d1:47:b5:1d: ae:b2:dc:de:34:9b:69:92:04:12:6f:bb:6b:d3:60: 25:66:94:56:ea:56:fc:3a:aa:10:e9:57:2c:2d:f1: e3:20:1d:1f:b4:c0:c4:0b:c5:6d:98:9a:24:37:d0: b5:c1:e6:f0:48:39:57:91:bb:bb:72:09:91:a0:d5: 20:fa:1d:60:fb:69:90:7b:d6:47:a8:5d:d4:fa:34: dd:f1:34:2b:56:34:be:cb:9c:a8:66:a6:98:e5:95: 77:3c:3d:0c:23:97:09:ee:65:64:69:1a:c5:23:0d: b6:ca:32:35:41:7c:3e:62:9b:3f:b1:ac:12:42:ad: 16:0f:60:21:0a:d9:8a:56:83:0c:81:9e:ab:b1:d7: a3:23:31:12:f2:ae:05:8e:42:c3:fd:4c:3d:90:c8: 7b:87:45:c7:68:af:84:33:80:f9:7b:a0:a9:ca:83: 69:1e:4c:66:bd:01:40:9b:6b:70:5c:95:1b:9f:24: 7a:0d:30:0a:78:3b:7b:7f:fa:ec:9b:df:c7:94:b1: 55:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:F8:B9:07:6A:94:DF:4E:76:08:96:4D:AE:FB:69:3F:35:91:52:68 X509v3 Authority Key Identifier: keyid:09:76:FC:3D:23:18:6D:48:C6:71:77:37:40:89:1C:F5:4E:31:B8:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9D1A/C59B02DA1D7011E286F147B508B02CD2/CXb8PSMYbUjGcXc3QIkc9U4xuA4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:10:62:4b:93:f8:f4:8b:50:c7:01:8c:20:58:3d:f6:87:af: f7:45:4c:b9:b2:d8:75:03:c4:f5:da:a8:63:12:0d:07:9a:54: db:3b:2c:c6:e5:25:ca:99:0e:e4:81:54:13:f7:a9:df:15:5c: 1d:55:5a:54:f0:7a:71:57:b4:67:c6:43:fd:1b:c9:02:26:4c: 5d:5d:7b:d6:eb:39:02:fa:58:0b:ae:cd:95:f6:1b:53:9e:51: f0:d9:1a:be:12:c1:38:01:40:c6:e9:af:81:c1:a7:af:7a:3f: 6a:59:ec:ac:69:ee:a4:30:0d:8e:65:89:01:72:0d:73:f9:ac: af:3e:14:c2:42:c0:1a:65:bc:61:77:8d:c7:47:3d:b6:c4:31: 03:22:33:d3:e8:3f:37:bf:52:74:4a:70:de:13:91:bb:e0:83: 75:2f:9b:0c:e9:28:30:1d:85:2a:03:6d:fa:d3:e8:b7:1c:fe: f9:c5:8e:f8:34:a6:ea:75:97:85:f5:a5:37:bd:5e:67:bd:63: 9f:4d:23:bd:6f:bf:06:90:12:2c:52:df:d4:22:ee:da:72:e7: 6b:39:87:0c:3d:55:40:6d:81:9b:30:bd:32:d5:0b:16:c7:48: a5:15:7d:c6:92:d3:92:78:a0:3a:e1:fd:d6:d6:33:96:08:dd: 42:54:fb:51 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNRkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlEMUExMTAvBgNVBAUTKDA5NzZGQzNEMjMxODZENDhDNjcxNzczNzQwODkxQ0Y1 NEUzMUI4MEUwHhcNMjUxMTA0MTQxOTMzWhcNMjUxMTExMTQxOTMzWjAYMRYwFAYD VQQDEw02OTBhMGI3NS03ZDU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxvBpsw4U1fgcIBEOid2TK6XoKk1L4s9TgWE/5VMPx5uY7iokZ7EPDcZHm7xO SS3rn6mypTb/8NFHtR2ustzeNJtpkgQSb7tr02AlZpRW6lb8OqoQ6VcsLfHjIB0f tMDEC8VtmJokN9C1webwSDlXkbu7cgmRoNUg+h1g+2mQe9ZHqF3U+jTd8TQrVjS+ y5yoZqaY5ZV3PD0MI5cJ7mVkaRrFIw22yjI1QXw+Yps/sawSQq0WD2AhCtmKVoMM gZ6rsdejIzES8q4FjkLD/Uw9kMh7h0XHaK+EM4D5e6CpyoNpHkxmvQFAm2twXJUb nyR6DTAKeDt7f/rsm9/HlLFV9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH34uQdq lN9OdgiWTa77aT81kVJoMB8GA1UdIwQYMBaAFAl2/D0jGG1IxnF3N0CJHPVOMbgO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUQxQS9DNTlCMDJEQTFE NzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJVakdjWGMzUUlrYzlVNHh1 QTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NYYjhQU01ZYlVqR2NYYzNRSWtjOVU0eHVBNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUQxQS9DNTlCMDJEQTFENzAxMUUyODZGMTQ3QjUwOEIwMkNEMi9DWGI4UFNNWWJV akdjWGMzUUlrYzlVNHh1QTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPEGJLk/j0i1DHAYwgWD32h6/3RUy5sth1A8T12qhjEg0HmlTbOyzG 5SXKmQ7kgVQT96nfFVwdVVpU8HpxV7RnxkP9G8kCJkxdXXvW6zkC+lgLrs2V9htT nlHw2Rq+EsE4AUDG6a+Bwaevej9qWeysae6kMA2OZYkBcg1z+ayvPhTCQsAaZbxh d43HRz22xDEDIjPT6D83v1J0SnDeE5G74IN1L5sM6SgwHYUqA2360+i3HP75xY74 NKbqdZeF9aU3vV5nvWOfTSO9b78GkBIsUt/UIu7acudrOYcMPVVAbYGbML0y1QsW x0ilFX3GktOSeKA64f3W1jOWCN1CVPtR -----END CERTIFICATE-----Generated at Wed Nov 5 08:56:30 2025 by rpki-client