$ rpki-client -vvf rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft File: D9Qkj9SLoa4LYNjPakPbM7b09ro.mft (raw, json) Hash identifier: mWMZdT01eFy2MQJDSumep6zBPir/wP3mIhZN81hudNw= Subject key identifier: 5B:EF:37:67:2C:D5:27:C6:1F:52:05:1B:99:32:AE:D9:C3:D3:9F:B2 Authority key identifier: 0F:D4:24:8F:D4:8B:A1:AE:0B:60:D8:CF:6A:43:DB:33:B6:F4:F6:BA Certificate issuer: /CN=A911B5AC/serialNumber=0FD4248FD48BA1AE0B60D8CF6A43DB33B6F4F6BA Certificate serial: 021F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9Qkj9SLoa4LYNjPakPbM7b09ro.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft Manifest number: 021C Signing time: Mon 03 Nov 2025 02:05:46 +0000 Manifest this update: Mon 03 Nov 2025 02:05:46 +0000 Manifest next update: Mon 10 Nov 2025 02:05:46 +0000 Files and hashes: 1: D9Qkj9SLoa4LYNjPakPbM7b09ro.crl (hash: d2SaJ/tY0q8tDLwApqU2Qa47cnfSVnbRiWV+ycEHkvY=) 2: CA181F42791211ED9D926781C4F9AE02.roa (hash: zvSljqq8u0aCswP8WadYkts+Ql8DETe3wBjOyVuGUoM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.crl rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9Qkj9SLoa4LYNjPakPbM7b09ro.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:05:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 543 (0x21f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911B5AC, serialNumber=0FD4248FD48BA1AE0B60D8CF6A43DB33B6F4F6BA Validity Not Before: Nov 3 02:05:46 2025 GMT Not After : Nov 10 02:05:46 2025 GMT Subject: CN=69080dfa-37fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:0a:89:5f:ce:eb:bc:59:96:33:c0:d2:2b:e7: 46:32:3b:27:4f:79:4c:b7:80:23:25:e0:d8:5f:8e: 13:01:4a:d3:c0:3d:7c:5c:bb:d1:66:97:ee:78:34: 43:40:c5:9f:80:70:f8:b6:49:78:3a:cb:9c:45:1b: 64:48:99:ff:6a:93:5a:ee:48:42:95:5c:fa:9d:43: 44:8c:81:c6:7c:7a:83:18:3b:8e:ca:95:bc:2a:91: 3c:9f:f6:ae:4b:14:3e:29:a5:29:95:73:c1:44:e7: 4f:e2:04:2d:eb:33:7d:35:d0:34:9a:76:b3:46:4b: ad:92:92:5e:61:7e:fb:f8:71:61:cb:ba:a5:d9:bb: 8c:c0:0a:2c:f1:a1:a2:7b:67:3a:2d:7a:72:c6:28: 0f:13:9b:ee:87:05:01:3d:bc:31:b9:f3:04:24:22: e8:fc:a3:54:f7:5d:99:4b:18:46:1a:db:41:61:5f: a6:6e:04:28:7e:41:a4:93:3c:2e:0d:9d:9d:fd:f1: 1d:4f:e9:36:34:6f:b2:24:68:75:8c:38:fd:83:67: c6:39:65:0f:f6:03:4e:88:2b:79:c0:6c:a8:2f:e1: 6c:df:f6:b8:50:9c:ae:6d:7f:fd:9a:1b:56:37:5a: 41:de:68:be:c4:e9:b7:dc:1f:84:be:82:13:22:dd: 07:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:EF:37:67:2C:D5:27:C6:1F:52:05:1B:99:32:AE:D9:C3:D3:9F:B2 X509v3 Authority Key Identifier: keyid:0F:D4:24:8F:D4:8B:A1:AE:0B:60:D8:CF:6A:43:DB:33:B6:F4:F6:BA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D9Qkj9SLoa4LYNjPakPbM7b09ro.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911B5AC/5FAF5642790E11ED8E7C1B79C4F9AE02/D9Qkj9SLoa4LYNjPakPbM7b09ro.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:5f:b8:cc:67:5d:af:79:e7:20:7e:12:bc:ad:7d:72:b5:da: 35:ee:ee:de:48:1e:9a:b4:1a:31:a6:92:bb:b2:a7:a7:ad:3e: 30:29:08:e5:45:c2:23:89:d4:0c:97:70:7a:1c:0e:86:7d:97: 84:7f:b4:ac:9a:42:85:d7:7c:11:63:49:92:27:ae:43:a7:26: 06:6e:cb:88:04:f2:b7:bc:05:71:61:86:5a:a1:65:f8:92:de: 90:31:5f:5b:aa:08:02:ac:9f:52:09:a4:68:d8:0a:42:92:b7: 3a:7b:98:eb:41:27:1e:5d:13:6f:d6:8b:70:1d:3f:74:45:4a: 28:12:e6:cc:f5:68:77:03:80:3d:eb:f1:99:23:4c:1f:e2:70: 63:fd:1d:b2:66:7c:e8:5c:31:a4:de:d8:b5:10:34:ad:d8:ee: 6d:63:0d:c3:b6:29:af:ac:6a:98:80:36:10:c0:cb:68:cd:58: 8c:97:14:b8:cf:7d:5b:82:26:e9:e0:74:ec:0c:a2:e3:f6:84: e6:a1:36:5f:6c:0a:69:65:9d:cf:99:76:58:69:a6:0c:28:c4: c6:0b:17:5f:67:f2:d1:89:f5:14:cc:c3:67:f2:cd:79:b9:26: a4:e3:bb:d8:84:1b:31:b7:11:0d:f7:c5:2a:cf:a9:64:6e:0a: 94:4b:2b:26 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAh8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUI1QUMxMTAvBgNVBAUTKDBGRDQyNDhGRDQ4QkExQUUwQjYwRDhDRjZBNDNEQjMz QjZGNEY2QkEwHhcNMjUxMTAzMDIwNTQ2WhcNMjUxMTEwMDIwNTQ2WjAYMRYwFAYD VQQDEw02OTA4MGRmYS0zN2ZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqgqJX87rvFmWM8DSK+dGMjsnT3lMt4AjJeDYX44TAUrTwD18XLvRZpfueDRD QMWfgHD4tkl4OsucRRtkSJn/apNa7khClVz6nUNEjIHGfHqDGDuOypW8KpE8n/au SxQ+KaUplXPBROdP4gQt6zN9NdA0mnazRkutkpJeYX77+HFhy7ql2buMwAos8aGi e2c6LXpyxigPE5vuhwUBPbwxufMEJCLo/KNU912ZSxhGGttBYV+mbgQofkGkkzwu DZ2d/fEdT+k2NG+yJGh1jDj9g2fGOWUP9gNOiCt5wGyoL+Fs3/a4UJyubX/9mhtW N1pB3mi+xOm33B+EvoITIt0HiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFvvN2cs 1SfGH1IFG5kyrtnD05+yMB8GA1UdIwQYMBaAFA/UJI/Ui6GuC2DYz2pD2zO29Pa6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQjVBQy81RkFGNTY0Mjc5 MEUxMUVEOEU3QzFCNzlDNEY5QUUwMi9EOVFrajlTTG9hNExZTmpQYWtQYk03YjA5 cm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Q5UWtqOVNMb2E0TFlOalBha1BiTTdiMDlyby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx QjVBQy81RkFGNTY0Mjc5MEUxMUVEOEU3QzFCNzlDNEY5QUUwMi9EOVFrajlTTG9h NExZTmpQYWtQYk03YjA5cm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUX7jMZ12veecgfhK8rX1ytdo17u7eSB6atBoxppK7sqenrT4wKQjl RcIjidQMl3B6HA6GfZeEf7SsmkKF13wRY0mSJ65DpyYGbsuIBPK3vAVxYYZaoWX4 kt6QMV9bqggCrJ9SCaRo2ApCkrc6e5jrQSceXRNv1otwHT90RUooEubM9Wh3A4A9 6/GZI0wf4nBj/R2yZnzoXDGk3ti1EDSt2O5tYw3DtimvrGqYgDYQwMtozViMlxS4 z31bgibp4HTsDKLj9oTmoTZfbAppZZ3PmXZYaaYMKMTGCxdfZ/LRifUUzMNn8s15 uSak47vYhBsxtxEN98Uqz6lkbgqUSysm -----END CERTIFICATE-----Generated at Mon Nov 3 18:08:16 2025 by rpki-client