$ rpki-client -vvf rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft File: imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft (raw, json) Hash identifier: Sq52LxNdKXoBMOkOCTnlgG0tWGZWrBXyA8qYU4RYwaI= Subject key identifier: 3B:E4:66:A6:28:83:F0:E0:82:F0:B1:CB:49:29:71:C2:50:F7:0B:12 Authority key identifier: 8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 Certificate issuer: /CN=A9127523/serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Certificate serial: 2DE7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft Manifest number: 2D79 Signing time: Tue 04 Nov 2025 15:33:27 +0000 Manifest this update: Tue 04 Nov 2025 15:33:27 +0000 Manifest next update: Tue 11 Nov 2025 15:33:27 +0000 Files and hashes: 1: imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl (hash: 5tCQcLB1rklpG71pF8CI2zP1nHbI0I4Tj37f/HNsVVE=) 2: 3E0A6ED49E7B11EFBD44280AC4F9AE02.roa (hash: /S75Y8k69kY9b8PDmn95n9pd61Cq/ljCcnbjIoICG0k=) 3: 4221CE240EC211EB9F6B1914C4F9AE02.roa (hash: 8CIfN72IDb9QxqbZGw5mhDPDgEolkLewfEE5DniHC6c=) 4: EAB11C569E7A11EF9C2A9E09C4F9AE02.roa (hash: vGH9FoQK798TOx1m3nPPegc/vxwpIz43n4HqwUNJNHw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:33:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11751 (0x2de7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9127523, serialNumber=8A681DD0C43731D0F4763A4DBDD5D4CC01FD64C2 Validity Not Before: Nov 4 15:33:27 2025 GMT Not After : Nov 11 15:33:27 2025 GMT Subject: CN=690a1cc7-9d6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:55:ce:ba:31:15:f7:84:48:7a:cd:f1:24:54: b9:fb:17:eb:47:e0:13:1f:3a:66:e4:4a:bb:38:f0: 76:df:5c:3f:86:92:8f:b8:af:97:23:47:cf:17:1e: 1f:0f:86:f1:94:0c:01:49:ec:49:f7:0d:9e:99:43: 75:5a:7a:71:6d:36:3b:fc:20:45:34:53:a6:34:58: 43:12:da:52:2e:d6:63:ac:85:98:af:96:a1:56:da: 7a:f2:e9:1e:31:0b:f5:f5:60:ba:19:b2:db:26:bf: 76:24:a4:9c:dd:70:72:3b:a3:5f:d5:7a:d2:93:22: 16:cc:2b:89:f5:fa:64:f1:c6:4f:88:5f:9f:31:5c: a4:d5:68:2e:94:49:d2:8a:c8:65:48:84:2d:14:2b: 13:20:2c:e3:e7:5b:cd:0a:3f:5b:e8:59:7c:5d:74: 74:42:e7:e1:e8:a2:81:d5:0f:7f:92:ce:09:32:50: 2c:0f:77:4d:86:f3:56:54:20:66:fa:ad:5e:f5:37: 5c:b7:a1:28:53:93:ea:6c:58:96:f3:89:58:74:06: d9:b3:ef:0c:26:fb:9b:13:94:84:84:a8:68:54:c5: cb:13:7f:01:12:a8:48:73:27:5d:a9:48:c4:dd:00: 35:1b:dc:3c:fa:6a:c5:1a:8c:61:09:06:85:87:05: 48:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:E4:66:A6:28:83:F0:E0:82:F0:B1:CB:49:29:71:C2:50:F7:0B:12 X509v3 Authority Key Identifier: keyid:8A:68:1D:D0:C4:37:31:D0:F4:76:3A:4D:BD:D5:D4:CC:01:FD:64:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/imgd0MQ3MdD0djpNvdXUzAH9ZMI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9127523/12B997E89AE311E3A5A257A75911EA32/imgd0MQ3MdD0djpNvdXUzAH9ZMI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:d9:21:63:ae:31:6c:e5:5d:68:73:1c:e9:9c:e8:2a:2f:73: 20:3b:d0:c1:c7:c0:45:c2:66:45:d9:43:5d:1e:1c:7e:b1:0e: 89:c7:e7:4e:02:58:2e:80:eb:1b:1f:d8:b2:76:f9:fe:a8:c1: fa:f8:f7:d6:88:50:44:5b:db:d4:9c:e1:f3:94:05:a7:47:f7: 05:f0:c8:ae:45:b5:e3:c9:0c:d2:2b:7a:48:72:a3:5f:fc:b8: 42:07:bf:fe:46:6a:c7:7d:48:52:c1:c5:77:5d:11:9a:fc:f1: 72:bc:07:8a:79:cf:85:f7:08:a9:71:50:55:a7:94:72:77:d4: d7:ca:9f:e3:3a:cd:05:c0:73:5b:44:f3:f8:b6:ed:68:1d:07: 96:82:8c:af:07:e6:07:1b:45:d3:bb:c1:22:e6:dd:e0:4d:6b: 83:ff:65:cd:66:58:3d:0a:d0:9b:4a:02:08:4c:e1:26:57:40: d0:e2:44:c9:48:67:ea:83:c9:b1:17:6e:de:2a:15:60:cc:1a: be:1c:73:73:bd:fa:1d:de:f0:d3:d5:16:8d:58:17:6f:14:50: c5:c3:7f:f3:4e:f4:5a:b4:f1:dc:62:ad:d2:22:d2:f0:fb:95: 39:64:12:7b:34:fe:d1:51:d9:27:e3:49:41:08:0f:da:05:7a: 07:7d:5e:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICLecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjc1MjMxMTAvBgNVBAUTKDhBNjgxREQwQzQzNzMxRDBGNDc2M0E0REJERDVENEND MDFGRDY0QzIwHhcNMjUxMTA0MTUzMzI3WhcNMjUxMTExMTUzMzI3WjAYMRYwFAYD VQQDEw02OTBhMWNjNy05ZDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA51XOujEV94RIes3xJFS5+xfrR+ATHzpm5Eq7OPB231w/hpKPuK+XI0fPFx4f D4bxlAwBSexJ9w2emUN1WnpxbTY7/CBFNFOmNFhDEtpSLtZjrIWYr5ahVtp68uke MQv19WC6GbLbJr92JKSc3XByO6Nf1XrSkyIWzCuJ9fpk8cZPiF+fMVyk1WgulEnS ishlSIQtFCsTICzj51vNCj9b6Fl8XXR0Qufh6KKB1Q9/ks4JMlAsD3dNhvNWVCBm +q1e9Tdct6EoU5PqbFiW84lYdAbZs+8MJvubE5SEhKhoVMXLE38BEqhIcyddqUjE 3QA1G9w8+mrFGoxhCQaFhwVIpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDvkZqYo g/DggvCxy0kpccJQ9wsSMB8GA1UdIwQYMBaAFIpoHdDENzHQ9HY6Tb3V1MwB/WTC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNzUyMy8xMkI5OTdFODlB RTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01kRDBkanBOdmRYVXpBSDla TUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ltZ2QwTVEzTWREMGRqcE52ZFhVekFIOVpNSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NzUyMy8xMkI5OTdFODlBRTMxMUUzQTVBMjU3QTc1OTExRUEzMi9pbWdkME1RM01k RDBkanBOdmRYVXpBSDlaTUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAf2SFjrjFs5V1ocxzpnOgqL3MgO9DBx8BFwmZF2UNdHhx+sQ6Jx+dO AlgugOsbH9iydvn+qMH6+PfWiFBEW9vUnOHzlAWnR/cF8MiuRbXjyQzSK3pIcqNf /LhCB7/+RmrHfUhSwcV3XRGa/PFyvAeKec+F9wipcVBVp5Ryd9TXyp/jOs0FwHNb RPP4tu1oHQeWgoyvB+YHG0XTu8Ei5t3gTWuD/2XNZlg9CtCbSgIITOEmV0DQ4kTJ SGfqg8mxF27eKhVgzBq+HHNzvfod3vDT1RaNWBdvFFDFw3/zTvRatPHcYq3SItLw +5U5ZBJ7NP7RUdkn40lBCA/aBXoHfV6a -----END CERTIFICATE-----Generated at Wed Nov 5 05:25:43 2025 by rpki-client