$ rpki-client -vvf rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft File: D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft (raw, json) Hash identifier: IQzvT7z6G/0lKpx302VNc8w+LLBcnab9eliN4DsGRWg= Subject key identifier: 4F:28:7E:06:33:4C:3A:33:5A:90:D1:2F:E3:C8:BC:BB:DB:2F:C7:F2 Authority key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 Certificate issuer: /CN=A911E0B4/serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Certificate serial: B0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft Manifest number: AD Signing time: Sat 01 Nov 2025 06:33:46 +0000 Manifest this update: Sat 01 Nov 2025 06:33:45 +0000 Manifest next update: Sat 08 Nov 2025 06:33:45 +0000 Files and hashes: 1: D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl (hash: r3eOtb5KQJNk/Binv37r44EGpFMzGI45VOfRT8Kalhk=) 2: 5AF3ECBEAFBA11EF91955453C4F9AE02.roa (hash: x22vmPwJWZ5KhIsY5PtxJtvF9T7oNt50WfxUCDRwJlo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 08 Nov 2025 06:33:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 176 (0xb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E0B4, serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Validity Not Before: Nov 1 06:33:45 2025 GMT Not After : Nov 8 06:33:45 2025 GMT Subject: CN=6905a9c9-9226 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:d6:ef:02:65:b2:aa:cb:8a:bc:0d:2a:43:21: e5:82:99:31:04:a5:38:db:45:8b:b6:11:d0:f6:18: b4:3e:9e:53:32:44:63:ab:23:ff:9f:85:0d:5a:47: 90:da:b8:7e:00:77:d3:9d:3e:32:59:35:56:0a:e8: 27:23:53:da:92:aa:ee:23:d0:1a:4a:e8:30:a9:68: 2c:18:ab:e6:24:ac:5e:b9:bf:14:b5:62:e3:cd:bc: fc:65:54:c1:12:22:1b:cf:45:54:59:d6:44:0d:67: f3:fa:be:ff:69:18:71:51:42:a2:3f:32:d7:d5:f4: bf:da:a6:a8:f4:2d:d8:6a:89:7b:a6:6b:33:df:0e: e8:04:6b:6f:57:de:92:29:fa:5f:0d:ca:82:49:f6: a2:65:e1:dc:b4:2c:44:80:76:67:a3:a4:9a:56:5f: 00:ab:29:26:e2:df:67:1b:de:92:dd:47:25:85:3a: e0:10:2f:31:f1:13:c5:bf:61:77:54:52:dc:07:88: 23:b4:b6:3f:87:42:a0:a9:42:70:9b:53:34:d4:24: a7:ff:e2:46:08:40:c6:79:e4:d7:4b:6e:30:dc:32: ab:f5:1c:e7:8c:12:57:56:14:32:ef:da:5d:2d:be: e9:c8:eb:ce:3e:1d:4e:aa:ee:ab:7d:0e:d4:2d:36: 35:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:28:7E:06:33:4C:3A:33:5A:90:D1:2F:E3:C8:BC:BB:DB:2F:C7:F2 X509v3 Authority Key Identifier: keyid:0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:9a:46:21:74:e2:d8:64:4c:01:a1:22:0e:7a:57:f6:08:ef: 3c:e5:d1:30:d1:de:d3:4e:37:91:e4:bb:dd:b0:f7:04:fd:c2: 1e:3e:83:48:c7:db:a6:27:9c:57:bd:bb:0f:50:43:9c:0b:fa: 41:8f:b9:d4:41:ab:ed:99:67:36:12:06:04:92:81:cc:21:89: 07:50:e1:03:bd:a5:29:c4:4c:70:ab:ec:09:22:78:90:09:6c: 0b:24:a2:92:2c:ce:b0:8d:78:d5:94:a4:22:5b:ff:d6:36:c5: 77:73:d0:98:fb:e3:47:91:9a:c4:36:ed:7c:d4:57:17:5a:03: d4:5e:04:dc:b6:be:6d:a3:39:20:bf:cd:3f:bd:ee:dc:d2:a3: 68:1f:3b:fa:7f:12:3c:45:31:7d:f5:6b:a3:96:9d:f8:cd:f4: 9c:e6:a9:00:23:2c:76:f8:a6:d4:d3:1c:99:cc:36:ef:f9:f2: 17:e1:54:ba:4e:8c:33:13:a1:79:fc:aa:67:3a:4e:b3:6c:f6: c1:ec:22:61:1c:61:ca:17:87:ad:68:2c:40:92:e4:38:8f:d0: 85:7b:fb:44:f9:61:16:7a:ce:76:c7:ad:4c:9e:ab:e1:19:cc: 4b:44:5e:74:7f:91:2b:d6:05:6f:9e:f1:d8:ba:54:de:ec:a3: 63:5f:94:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUUwQjQxMTAvBgNVBAUTKDBGRDQ0Mzc1MjFEQjVDMEJDOTlFNDVCNTk3NTRGRjdC NjcxRjg2RjMwHhcNMjUxMTAxMDYzMzQ1WhcNMjUxMTA4MDYzMzQ1WjAYMRYwFAYD VQQDEw02OTA1YTljOS05MjI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxNbvAmWyqsuKvA0qQyHlgpkxBKU420WLthHQ9hi0Pp5TMkRjqyP/n4UNWkeQ 2rh+AHfTnT4yWTVWCugnI1PakqruI9AaSugwqWgsGKvmJKxeub8UtWLjzbz8ZVTB EiIbz0VUWdZEDWfz+r7/aRhxUUKiPzLX1fS/2qao9C3Yaol7pmsz3w7oBGtvV96S KfpfDcqCSfaiZeHctCxEgHZno6SaVl8Aqykm4t9nG96S3UclhTrgEC8x8RPFv2F3 VFLcB4gjtLY/h0KgqUJwm1M01CSn/+JGCEDGeeTXS24w3DKr9RznjBJXVhQy79pd Lb7pyOvOPh1Oqu6rfQ7ULTY1UQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE8ofgYz TDozWpDRL+PIvLvbL8fyMB8GA1UdIwQYMBaAFA/UQ3Uh21wLyZ5FtZdU/3tnH4bz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTBCNC9FOTY0ODlBRUFG MzgxMUVGQTIwREQwMTNDNEY5QUUwMi9EOVJEZFNIYlhBdkpua1cxbDFUX2UyY2Zo dk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Q5UkRkU0hiWEF2Sm5rVzFsMVRfZTJjZmh2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RTBCNC9FOTY0ODlBRUFGMzgxMUVGQTIwREQwMTNDNEY5QUUwMi9EOVJEZFNIYlhB dkpua1cxbDFUX2UyY2Zodk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGmkYhdOLYZEwBoSIOelf2CO885dEw0d7TTjeR5LvdsPcE/cIePoNI x9umJ5xXvbsPUEOcC/pBj7nUQavtmWc2EgYEkoHMIYkHUOEDvaUpxExwq+wJIniQ CWwLJKKSLM6wjXjVlKQiW//WNsV3c9CY++NHkZrENu181FcXWgPUXgTctr5tozkg v80/ve7c0qNoHzv6fxI8RTF99Wujlp34zfSc5qkAIyx2+KbU0xyZzDbv+fIX4VS6 TowzE6F5/KpnOk6zbPbB7CJhHGHKF4etaCxAkuQ4j9CFe/tE+WEWes52x61Mnqvh GcxLRF50f5Er1gVvnvHYulTe7KNjX5TE -----END CERTIFICATE-----Generated at Sun Nov 2 23:56:52 2025 by rpki-client