$ rpki-client -vvf rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft File: thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft (raw, json) Hash identifier: ZDUaq5bWo3bHXqoLEBAnMW4OJaOuUsuM3ouK03R6G08= Subject key identifier: 44:FD:99:2B:CB:60:74:BE:E2:B6:EB:78:84:B0:88:6B:C0:34:B8:24 Authority key identifier: B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 Certificate issuer: /CN=A9118B32/serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Certificate serial: 03EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft Manifest number: 03EA Signing time: Wed 05 Nov 2025 00:37:05 +0000 Manifest this update: Wed 05 Nov 2025 00:37:05 +0000 Manifest next update: Wed 12 Nov 2025 00:37:05 +0000 Files and hashes: 1: thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl (hash: 3BZUCZfzT/ouE16rvAFLFotkUUhZY5lT1jvknheR7Lw=) 2: 0F291AFE9D2811EC83448E6FC4F9AE02.roa (hash: p2rd5X9PRaHj3dg5SJAK0M8GBgiGK7ul3HPfe5PMkz4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:37:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1007 (0x3ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118B32, serialNumber=B61103A5C9CC60EAD188A2F9FD11E63D5233D995 Validity Not Before: Nov 5 00:37:05 2025 GMT Not After : Nov 12 00:37:05 2025 GMT Subject: CN=690a9c31-960d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:49:2d:06:39:80:58:07:ae:38:30:a7:7d:4e: bf:3c:55:86:2b:4e:b7:b6:78:1a:0a:f9:92:a6:7f: 64:b9:de:73:1b:83:e5:73:78:a4:01:02:59:b7:bd: d2:ee:bd:c3:3b:54:c9:38:f7:41:ee:e1:3d:64:e4: e3:c5:b4:40:e8:a9:7b:29:a3:75:c2:d1:a3:d9:33: f5:b2:91:e6:8e:dc:c0:3b:82:f8:64:65:ac:b2:f8: b8:7c:da:ec:b9:71:2a:77:d8:a5:49:5a:74:be:a4: de:8e:41:d7:4c:be:d0:7e:da:5d:09:4d:1c:28:41: a8:76:15:7f:de:0c:5e:5f:a6:92:aa:14:6e:16:c6: f3:3d:cc:4b:12:a6:16:d3:f3:c7:41:90:77:1b:27: bf:ec:05:2c:c6:e2:36:f3:bc:45:f7:23:c9:db:4f: 68:47:c0:23:ed:1d:47:86:93:c6:6f:d2:36:3a:da: c9:fd:5c:e5:ea:17:bb:ca:f7:ca:e8:2a:ae:b0:b6: db:0f:06:bc:a1:a6:38:3b:78:fa:92:aa:d8:e0:a2: 5d:77:08:fc:8e:12:fb:12:46:f9:a2:c1:9d:57:f6: fc:2f:4e:63:f4:2d:e6:96:61:7c:0c:98:13:79:dd: 9e:5a:94:3b:c9:eb:c7:74:00:9f:84:ee:4c:7b:cf: 00:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 44:FD:99:2B:CB:60:74:BE:E2:B6:EB:78:84:B0:88:6B:C0:34:B8:24 X509v3 Authority Key Identifier: keyid:B6:11:03:A5:C9:CC:60:EA:D1:88:A2:F9:FD:11:E6:3D:52:33:D9:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/thEDpcnMYOrRiKL5_RHmPVIz2ZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118B32/FF771BBC9D2511EC85FDF36EC4F9AE02/thEDpcnMYOrRiKL5_RHmPVIz2ZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:cc:fa:95:4b:e0:9e:a2:e3:2b:a4:cc:37:25:b6:e6:46:fa: 43:d1:6e:54:fc:b3:48:43:dc:aa:bf:ad:31:47:d4:f5:be:07: e6:97:e4:31:52:fa:fb:86:6b:54:8b:1b:dc:ef:21:13:3d:35: 72:2f:cc:d8:18:91:90:88:f9:52:a0:f8:05:38:55:57:15:c6: 20:ca:65:e5:23:59:33:cf:a3:4d:07:1a:c9:2b:e9:0a:3d:f7: 38:d7:3f:bb:8c:25:f6:a1:5f:8b:72:67:62:b4:c0:0b:c5:da: 69:1f:50:63:34:40:c7:8e:77:08:45:7d:9d:81:3a:48:4a:3c: fd:92:1e:5a:41:ac:bf:ac:58:98:ae:69:8f:29:48:83:c5:76: df:5c:cf:0e:a9:57:1f:eb:f8:f6:81:86:83:0f:33:8c:92:13: 75:2f:ed:0e:20:28:df:a0:32:c9:5a:68:87:6d:3f:2e:8f:97: a4:31:b7:0d:ed:01:d6:fb:22:7d:d4:fe:a7:53:4f:fe:e9:4e: 38:89:09:28:9d:ae:39:95:e0:dd:40:a9:46:10:8c:f6:59:f7: 7e:e0:c4:2f:02:79:99:12:cf:cd:1e:12:23:9d:7b:e2:99:46: 26:b9:00:67:89:b7:e7:df:98:ff:f1:fa:65:5f:78:07:f4:5f: c9:e2:2f:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA+8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MThCMzIxMTAvBgNVBAUTKEI2MTEwM0E1QzlDQzYwRUFEMTg4QTJGOUZEMTFFNjNE NTIzM0Q5OTUwHhcNMjUxMTA1MDAzNzA1WhcNMjUxMTEyMDAzNzA1WjAYMRYwFAYD VQQDEw02OTBhOWMzMS05NjBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArkktBjmAWAeuODCnfU6/PFWGK063tngaCvmSpn9kud5zG4Plc3ikAQJZt73S 7r3DO1TJOPdB7uE9ZOTjxbRA6Kl7KaN1wtGj2TP1spHmjtzAO4L4ZGWssvi4fNrs uXEqd9ilSVp0vqTejkHXTL7QftpdCU0cKEGodhV/3gxeX6aSqhRuFsbzPcxLEqYW 0/PHQZB3Gye/7AUsxuI287xF9yPJ209oR8Aj7R1HhpPGb9I2OtrJ/Vzl6he7yvfK 6CqusLbbDwa8oaY4O3j6kqrY4KJddwj8jhL7Ekb5osGdV/b8L05j9C3mlmF8DJgT ed2eWpQ7yevHdACfhO5Me88ApQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFET9mSvL YHS+4rbreISwiGvANLgkMB8GA1UdIwQYMBaAFLYRA6XJzGDq0Yii+f0R5j1SM9mV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOEIzMi9GRjc3MUJCQzlE MjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlPclJpS0w1X1JIbVBWSXoy WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RoRURwY25NWU9yUmlLTDVfUkhtUFZJejJaVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OEIzMi9GRjc3MUJCQzlEMjUxMUVDODVGREYzNkVDNEY5QUUwMi90aEVEcGNuTVlP clJpS0w1X1JIbVBWSXoyWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBuzPqVS+CeouMrpMw3JbbmRvpD0W5U/LNIQ9yqv60xR9T1vgfml+Qx Uvr7hmtUixvc7yETPTVyL8zYGJGQiPlSoPgFOFVXFcYgymXlI1kzz6NNBxrJK+kK Pfc41z+7jCX2oV+LcmditMALxdppH1BjNEDHjncIRX2dgTpISjz9kh5aQay/rFiY rmmPKUiDxXbfXM8OqVcf6/j2gYaDDzOMkhN1L+0OICjfoDLJWmiHbT8uj5ekMbcN 7QHW+yJ91P6nU0/+6U44iQkona45leDdQKlGEIz2Wfd+4MQvAnmZEs/NHhIjnXvi mUYmuQBnibfn35j/8fplX3gH9F/J4i+z -----END CERTIFICATE-----Generated at Wed Nov 5 08:00:09 2025 by rpki-client