$ rpki-client -vvf rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft File: iXa1-0jy5BEdeNWjzVovyhlhOXo.mft (raw, json) Hash identifier: vccvjySX3lOSD6TjtJaho0mdaxotrnfDAs+n4uvrhZc= Subject key identifier: AE:B3:48:62:D2:62:94:AE:BD:CB:65:21:24:59:72:52:76:0B:CF:6B Authority key identifier: 89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A Certificate issuer: /CN=A9128C7F/serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Certificate serial: 0261 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft Manifest number: 0254 Signing time: Wed 05 Nov 2025 01:51:38 +0000 Manifest this update: Wed 05 Nov 2025 01:51:38 +0000 Manifest next update: Wed 12 Nov 2025 01:51:38 +0000 Files and hashes: 1: iXa1-0jy5BEdeNWjzVovyhlhOXo.crl (hash: zzY9BXEBjGOGEvG7Yt7pNjHb0U0Nl2QikFRss1CZ4kg=) 2: 99D6D8089BF111ED8043AD1FC4F9AE02.roa (hash: RN89+S1mBA7UPdGt6AqckCvGseRU/f6VRbIgO417GXg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:51:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 609 (0x261) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128C7F, serialNumber=8976B5FB48F2E4111D78D5A3CD5A2FCA1961397A Validity Not Before: Nov 5 01:51:38 2025 GMT Not After : Nov 12 01:51:38 2025 GMT Subject: CN=690aadaa-34ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:38:89:e2:38:e6:f1:bf:d5:76:40:1f:32:6f: 1a:0d:97:92:2f:6a:b5:c3:46:79:cc:4b:b1:10:ad: 1c:80:bc:a7:b3:c9:8a:4e:d2:da:61:01:20:c7:37: f5:b4:c9:48:6a:a3:8f:87:84:4c:44:23:2f:db:33: da:03:29:07:8b:17:07:a7:d8:fd:48:6d:05:bb:1a: 70:cd:2d:9c:01:9c:26:74:a4:1f:3c:b6:35:5a:49: 44:38:ff:db:0d:b5:12:f2:e9:7a:05:f3:9a:19:e6: 94:fd:48:ef:c9:51:28:f8:03:2f:e6:31:15:2c:c9: e3:62:67:fe:a7:97:7f:e6:5f:96:a2:e2:95:e0:95: 4b:1a:f1:36:d5:a3:bf:eb:84:b7:4a:5e:6c:a0:14: 75:e7:7c:31:eb:95:a9:1d:be:6e:67:10:91:c2:70: b6:e9:6d:79:35:76:7d:4d:99:d1:12:fb:d1:ef:d3: 09:dd:00:d1:5f:5e:8f:58:47:a5:03:47:d8:93:f8: 91:0d:d0:3b:4d:61:26:7a:91:5d:77:c6:50:60:2c: 6c:eb:80:ce:a3:c8:5e:d4:97:eb:1e:71:4e:43:9c: 6a:47:12:7d:0e:fd:49:4d:69:95:28:c5:8e:94:80: 05:ee:59:6f:28:81:d5:bf:a4:ed:01:3f:db:8a:1b: d2:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AE:B3:48:62:D2:62:94:AE:BD:CB:65:21:24:59:72:52:76:0B:CF:6B X509v3 Authority Key Identifier: keyid:89:76:B5:FB:48:F2:E4:11:1D:78:D5:A3:CD:5A:2F:CA:19:61:39:7A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iXa1-0jy5BEdeNWjzVovyhlhOXo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128C7F/3B7BDABE3FC711EDAC9B221DC4F9AE02/iXa1-0jy5BEdeNWjzVovyhlhOXo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:cf:2d:23:59:72:d2:7f:27:9f:fe:75:34:8a:21:87:5f:a0: 0b:6c:fd:f8:9f:bb:65:e0:a9:ed:e9:dc:05:00:31:d4:38:f9: 33:2b:f6:b5:24:f9:f0:d7:31:f6:cf:9b:cb:f6:4b:31:f7:53: ac:a6:31:a8:61:dd:d3:72:05:b1:68:8e:bd:01:01:aa:c2:59: ca:82:ab:b5:b5:6b:0b:d1:ef:7f:14:b7:3c:2e:0c:a3:4a:fa: 3b:41:a6:95:53:a7:31:47:3d:23:69:65:37:dd:13:c6:d3:a9: ea:4e:d2:e1:cf:18:69:f8:a7:07:6f:5e:3d:5a:b5:04:f9:56: a1:96:04:b7:8a:03:6d:56:b5:5c:2c:2c:f4:a6:c0:7f:c9:30: ab:fb:8e:76:b5:37:2c:9b:8c:75:b7:ab:da:20:ff:0c:b2:f5: 04:4a:ae:a5:98:cd:e6:95:0f:43:83:8a:fa:42:a7:28:d7:e3: f1:4f:24:43:af:c7:83:ca:d8:ce:f8:4d:44:92:9d:6b:d9:e5: 5b:13:84:68:1a:4c:9d:fc:22:14:08:53:e0:9a:72:19:d8:9e: 5d:f2:ed:44:c2:1f:62:5d:4d:ee:50:1f:27:c5:37:49:da:f1: 1d:f8:d3:71:e0:92:d2:2e:72:a2:85:46:bc:46:25:af:bb:ed: 65:bd:be:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAmEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhDN0YxMTAvBgNVBAUTKDg5NzZCNUZCNDhGMkU0MTExRDc4RDVBM0NENUEyRkNB MTk2MTM5N0EwHhcNMjUxMTA1MDE1MTM4WhcNMjUxMTEyMDE1MTM4WjAYMRYwFAYD VQQDEw02OTBhYWRhYS0zNGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwDiJ4jjm8b/VdkAfMm8aDZeSL2q1w0Z5zEuxEK0cgLyns8mKTtLaYQEgxzf1 tMlIaqOPh4RMRCMv2zPaAykHixcHp9j9SG0FuxpwzS2cAZwmdKQfPLY1WklEOP/b DbUS8ul6BfOaGeaU/UjvyVEo+AMv5jEVLMnjYmf+p5d/5l+WouKV4JVLGvE21aO/ 64S3Sl5soBR153wx65WpHb5uZxCRwnC26W15NXZ9TZnREvvR79MJ3QDRX16PWEel A0fYk/iRDdA7TWEmepFdd8ZQYCxs64DOo8he1JfrHnFOQ5xqRxJ9Dv1JTWmVKMWO lIAF7llvKIHVv6TtAT/bihvSXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK6zSGLS YpSuvctlISRZclJ2C89rMB8GA1UdIwQYMBaAFIl2tftI8uQRHXjVo81aL8oZYTl6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEM3Ri8zQjdCREFCRTNG QzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVCRWRlTldqelZvdnlobGhP WG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lYYTEtMGp5NUJFZGVOV2p6Vm92eWhsaE9Yby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEM3Ri8zQjdCREFCRTNGQzcxMUVEQUM5QjIyMURDNEY5QUUwMi9pWGExLTBqeTVC RWRlTldqelZvdnlobGhPWG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCXzy0jWXLSfyef/nU0iiGHX6ALbP34n7tl4Knt6dwFADHUOPkzK/a1 JPnw1zH2z5vL9ksx91OspjGoYd3TcgWxaI69AQGqwlnKgqu1tWsL0e9/FLc8Lgyj Svo7QaaVU6cxRz0jaWU33RPG06nqTtLhzxhp+KcHb149WrUE+VahlgS3igNtVrVc LCz0psB/yTCr+452tTcsm4x1t6vaIP8MsvUESq6lmM3mlQ9Dg4r6Qqco1+PxTyRD r8eDytjO+E1Ekp1r2eVbE4RoGkyd/CIUCFPgmnIZ2J5d8u1Ewh9iXU3uUB8nxTdJ 2vEd+NNx4JLSLnKihUa8RiWvu+1lvb53 -----END CERTIFICATE-----Generated at Wed Nov 5 13:55:37 2025 by rpki-client