$ rpki-client -vvf rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft File: cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft (raw, json) Hash identifier: nM0ZXIJ82wR8z+5rn/uHYx49NsjHwAfXWY9shjJ8mqM= Subject key identifier: 1A:2B:4C:03:D5:BD:C7:E0:70:55:56:E0:DA:53:A5:FC:7D:CC:4B:08 Authority key identifier: 71:05:37:24:46:A2:06:45:46:D9:62:9F:42:1C:37:6F:DC:EF:21:D6 Certificate issuer: /CN=A9125C31/serialNumber=7105372446A2064546D9629F421C376FDCEF21D6 Certificate serial: 0C45 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQU3JEaiBkVG2WKfQhw3b9zvIdY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft Manifest number: 0C3E Signing time: Tue 04 Nov 2025 18:45:35 +0000 Manifest this update: Tue 04 Nov 2025 18:45:34 +0000 Manifest next update: Tue 11 Nov 2025 18:45:34 +0000 Files and hashes: 1: cQU3JEaiBkVG2WKfQhw3b9zvIdY.crl (hash: 7rOPpW207MZMIlAUsrJPlORg7lnaE049JD6UKbbf4VI=) 2: 4697751815B111EA8277BA34C4F9AE02.roa (hash: dxDp9E0tHPQ++XAIde+nxMm3Ga/WWcWY96m0Hl+beDw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.crl rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQU3JEaiBkVG2WKfQhw3b9zvIdY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:45:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3141 (0xc45) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9125C31, serialNumber=7105372446A2064546D9629F421C376FDCEF21D6 Validity Not Before: Nov 4 18:45:34 2025 GMT Not After : Nov 11 18:45:34 2025 GMT Subject: CN=690a49cf-dc3e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:a3:00:57:d8:5c:eb:73:9a:67:ed:32:8f:a2: ef:4f:f7:7c:75:d4:6b:f9:1e:9a:16:73:19:59:fe: 0a:db:bb:ca:b7:7a:c6:b7:f1:ed:8b:60:17:6f:7d: 7d:6e:9e:e5:9a:38:bc:8a:ee:45:21:1f:f4:a7:e0: cb:ce:54:52:d9:62:40:47:cd:64:96:48:c2:57:36: b9:54:1d:04:7c:e3:91:85:5c:7a:81:b6:87:be:0a: a2:3f:ad:37:b6:e6:30:5d:3e:3c:39:6d:8b:a8:e5: 01:56:35:1a:fc:79:a3:94:84:18:0d:28:08:75:de: 1a:5f:27:66:a9:47:96:bb:6c:8d:67:c3:d0:3f:52: d5:45:b7:e2:6b:99:13:d9:26:7f:d8:87:49:d7:80: da:85:6d:f6:32:30:27:69:1a:68:4d:e2:6d:ec:4d: 4c:66:04:84:31:26:b2:9a:4a:d7:26:aa:ae:f7:61: 54:e6:35:7b:19:d8:b9:8d:16:9a:69:bd:65:aa:ca: ca:26:97:67:47:a6:20:8a:aa:a1:bf:d9:c5:e3:f9: b8:b3:5c:08:e8:5c:b9:46:dc:34:44:b6:1a:8b:06: 37:70:24:24:81:ff:be:e9:f7:e7:4c:28:e3:4b:57: be:38:3b:26:c0:96:09:9e:e8:05:da:1e:74:1f:0d: e2:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:2B:4C:03:D5:BD:C7:E0:70:55:56:E0:DA:53:A5:FC:7D:CC:4B:08 X509v3 Authority Key Identifier: keyid:71:05:37:24:46:A2:06:45:46:D9:62:9F:42:1C:37:6F:DC:EF:21:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cQU3JEaiBkVG2WKfQhw3b9zvIdY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9125C31/38BF409A159011EA9C413652C4F9AE02/cQU3JEaiBkVG2WKfQhw3b9zvIdY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9e:d6:cb:2a:ae:c7:3f:38:b4:3b:00:3d:e7:67:93:b8:81:4f: b1:db:fb:bd:1e:1a:4d:d3:26:36:24:2e:d2:5b:33:9c:b1:a0: ac:62:7d:ce:33:36:c9:ec:81:6e:3d:1d:cd:3c:06:05:a4:ea: 84:af:8e:43:f8:c5:2d:bd:3e:ef:98:c5:3a:a4:da:8a:14:e1: 47:2f:9f:5b:22:84:fb:34:85:f0:59:07:42:7f:e1:d6:f3:2a: fd:55:93:af:79:4a:37:8f:b9:02:42:d6:28:e9:41:50:1d:a2: 60:da:7e:a1:2a:21:47:96:0b:67:d9:c8:bd:e8:55:41:a3:d2: 98:89:73:20:2f:0a:a6:76:65:b5:8e:58:24:8f:d0:d5:42:bc: 37:b8:a7:46:f3:bc:65:48:10:45:fc:b0:55:65:40:84:cb:ff: 8b:92:bd:63:fc:5d:dc:57:67:01:38:4f:0a:dc:66:ec:1f:27: 46:68:81:b9:65:c6:01:f2:99:8f:22:4d:a3:2d:88:f7:f9:cb: 61:9b:75:f6:e4:db:41:81:17:53:b8:ee:57:0d:09:0d:33:9d: a4:93:2d:3c:c3:53:02:15:8c:8d:f2:7a:9b:d7:d8:1b:8c:4f: 9e:98:a2:9a:0b:13:64:21:2d:27:dd:07:aa:2e:f0:fb:bd:01: 86:8c:5a:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDEUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjVDMzExMTAvBgNVBAUTKDcxMDUzNzI0NDZBMjA2NDU0NkQ5NjI5RjQyMUMzNzZG RENFRjIxRDYwHhcNMjUxMTA0MTg0NTM0WhcNMjUxMTExMTg0NTM0WjAYMRYwFAYD VQQDEw02OTBhNDljZi1kYzNlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs6MAV9hc63OaZ+0yj6LvT/d8ddRr+R6aFnMZWf4K27vKt3rGt/Hti2AXb319 bp7lmji8iu5FIR/0p+DLzlRS2WJAR81klkjCVza5VB0EfOORhVx6gbaHvgqiP603 tuYwXT48OW2LqOUBVjUa/HmjlIQYDSgIdd4aXydmqUeWu2yNZ8PQP1LVRbfia5kT 2SZ/2IdJ14DahW32MjAnaRpoTeJt7E1MZgSEMSaymkrXJqqu92FU5jV7Gdi5jRaa ab1lqsrKJpdnR6Ygiqqhv9nF4/m4s1wI6Fy5Rtw0RLYaiwY3cCQkgf++6ffnTCjj S1e+ODsmwJYJnugF2h50Hw3i2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBorTAPV vcfgcFVW4NpTpfx9zEsIMB8GA1UdIwQYMBaAFHEFNyRGogZFRtlin0IcN2/c7yHW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNUMzMS8zOEJGNDA5QTE1 OTAxMUVBOUM0MTM2NTJDNEY5QUUwMi9jUVUzSkVhaUJrVkcyV0tmUWh3M2I5enZJ ZFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NRVTNKRWFpQmtWRzJXS2ZRaHczYjl6dklkWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NUMzMS8zOEJGNDA5QTE1OTAxMUVBOUM0MTM2NTJDNEY5QUUwMi9jUVUzSkVhaUJr VkcyV0tmUWh3M2I5enZJZFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCe1ssqrsc/OLQ7AD3nZ5O4gU+x2/u9HhpN0yY2JC7SWzOcsaCsYn3O MzbJ7IFuPR3NPAYFpOqEr45D+MUtvT7vmMU6pNqKFOFHL59bIoT7NIXwWQdCf+HW 8yr9VZOveUo3j7kCQtYo6UFQHaJg2n6hKiFHlgtn2ci96FVBo9KYiXMgLwqmdmW1 jlgkj9DVQrw3uKdG87xlSBBF/LBVZUCEy/+Lkr1j/F3cV2cBOE8K3GbsHydGaIG5 ZcYB8pmPIk2jLYj3+cthm3X25NtBgRdTuO5XDQkNM52kky08w1MCFYyN8nqb19gb jE+emKKaCxNkIS0n3QeqLvD7vQGGjFp2 -----END CERTIFICATE-----Generated at Wed Nov 5 05:25:39 2025 by rpki-client