$ rpki-client -vvf rpki.apnic.net/member_repository/A9136D7D/A339630E275011ED9147B273C4F9AE02/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.mft File: UiKhYZ3_8Eywl7tRagdMzR2v_Hg.mft (raw, json) Hash identifier: lNrI71ZBDmeBroAn/LxV5LyjU9VPuH+QnjJzUswfP6Q= Subject key identifier: F3:A8:B9:3B:55:99:A0:27:27:59:DD:81:62:66:A1:38:DB:50:20:21 Authority key identifier: 52:22:A1:61:9D:FF:F0:4C:B0:97:BB:51:6A:07:4C:CD:1D:AF:FC:78 Certificate issuer: /CN=A9136D7D/serialNumber=5222A1619DFFF04CB097BB516A074CCD1DAFFC78 Certificate serial: 0296 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136D7D/A339630E275011ED9147B273C4F9AE02/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.mft Manifest number: 028C Signing time: Mon 03 Nov 2025 01:33:02 +0000 Manifest this update: Mon 03 Nov 2025 01:33:02 +0000 Manifest next update: Mon 10 Nov 2025 01:33:02 +0000 Files and hashes: 1: UiKhYZ3_8Eywl7tRagdMzR2v_Hg.crl (hash: 8bzmaVak+scMKavLaP6m1oWlFCeH9r2yDsYXid5jpqc=) 2: A9E3A5041C3411EFBF05095BC4F9AE02.roa (hash: GTqWZnZ/1TWcrA0Y2PGoMQfWIQwTnq/BPHj2RxJAW6Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136D7D/A339630E275011ED9147B273C4F9AE02/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.crl rsync://rpki.apnic.net/member_repository/A9136D7D/A339630E275011ED9147B273C4F9AE02/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:33:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 662 (0x296) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136D7D, serialNumber=5222A1619DFFF04CB097BB516A074CCD1DAFFC78 Validity Not Before: Nov 3 01:33:02 2025 GMT Not After : Nov 10 01:33:02 2025 GMT Subject: CN=6908064e-85ca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:43:5c:02:ef:64:7f:87:d8:2a:5b:8d:db:a0: d2:2b:b2:d2:3f:e4:16:28:7a:40:4f:75:45:68:f2: ff:e9:a7:45:8e:9e:33:55:fe:f0:db:8e:f6:cd:0f: 65:67:8e:3c:fa:ad:32:33:fe:dd:62:da:45:4d:14: b2:71:05:2e:1d:d4:e0:7b:00:67:b6:00:55:d7:44: d4:c6:6a:50:71:f8:30:0b:2a:5e:59:4c:7b:60:89: ad:63:bb:de:84:c5:3b:37:0a:55:ef:49:11:c9:27: 48:1a:bf:1a:c4:b9:a7:28:ce:7a:29:53:0a:ee:87: 14:d1:45:89:12:5e:3c:0a:7b:68:31:98:46:a3:9b: ae:99:d0:3f:9b:65:e5:48:8f:bc:07:17:04:26:7a: 23:a3:9f:73:66:6d:42:9c:c9:7f:3b:17:84:14:71: ca:7c:bd:c2:e1:44:79:5b:2a:6a:6f:7b:63:37:12: ce:d9:4b:81:b2:7f:ce:cf:90:be:01:92:26:bf:a9: 10:6c:a3:ac:ab:c0:70:37:59:8e:2a:c0:1d:c7:b0: dd:09:75:4a:e9:4a:80:03:23:e1:0d:5c:38:cf:70: 11:ae:1b:43:06:fa:02:3f:00:96:7c:3e:2c:e0:dc: cd:07:db:92:da:c1:c4:7b:eb:eb:7a:e9:91:09:b0: 06:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F3:A8:B9:3B:55:99:A0:27:27:59:DD:81:62:66:A1:38:DB:50:20:21 X509v3 Authority Key Identifier: keyid:52:22:A1:61:9D:FF:F0:4C:B0:97:BB:51:6A:07:4C:CD:1D:AF:FC:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136D7D/A339630E275011ED9147B273C4F9AE02/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136D7D/A339630E275011ED9147B273C4F9AE02/UiKhYZ3_8Eywl7tRagdMzR2v_Hg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cd:4f:58:e0:3d:6d:56:c7:9d:13:de:64:f1:cb:89:83:21:df: 2e:76:ea:f3:ab:77:61:0a:88:79:90:32:83:fc:2a:87:88:73: 4c:4c:ce:e7:97:27:73:dc:ef:a9:06:ab:d0:08:6e:5b:44:64: 80:58:f4:68:58:f7:72:22:f2:1e:a5:01:29:13:39:2f:65:d8: e9:d0:b6:b9:89:64:82:1e:69:30:08:ba:3c:dc:6b:c7:af:0a: 19:d8:6e:68:d8:71:ac:91:06:b0:85:05:ba:27:39:52:35:f8: 7f:fb:78:ce:ad:58:36:fc:18:38:95:21:b7:96:20:d6:ca:b0: 80:19:e1:2e:02:8a:66:3c:62:15:58:f5:10:af:ae:90:0b:b9: 69:2c:78:b2:c0:d1:56:86:2f:6c:95:57:85:9a:2f:f1:c3:39: 36:f3:24:6c:98:40:40:d3:06:80:bb:af:4b:53:a6:6a:7e:96: ec:86:68:d6:00:1b:f0:92:7c:b0:68:35:c9:85:bf:1c:02:d8: 44:7e:af:98:5b:7e:19:1f:4d:c2:d5:08:73:31:e0:5a:9f:f5: 93:f7:81:6f:a7:eb:9a:3e:0d:ab:74:c5:36:a0:0f:67:4f:fc: 91:55:a5:8b:7f:81:1d:f5:f3:01:e4:d6:b5:25:26:4e:ed:d4: 4b:36:4e:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzZEN0QxMTAvBgNVBAUTKDUyMjJBMTYxOURGRkYwNENCMDk3QkI1MTZBMDc0Q0NE MURBRkZDNzgwHhcNMjUxMTAzMDEzMzAyWhcNMjUxMTEwMDEzMzAyWjAYMRYwFAYD VQQDEw02OTA4MDY0ZS04NWNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1UNcAu9kf4fYKluN26DSK7LSP+QWKHpAT3VFaPL/6adFjp4zVf7w2472zQ9l Z448+q0yM/7dYtpFTRSycQUuHdTgewBntgBV10TUxmpQcfgwCypeWUx7YImtY7ve hMU7NwpV70kRySdIGr8axLmnKM56KVMK7ocU0UWJEl48CntoMZhGo5uumdA/m2Xl SI+8BxcEJnojo59zZm1CnMl/OxeEFHHKfL3C4UR5Wypqb3tjNxLO2UuBsn/Oz5C+ AZImv6kQbKOsq8BwN1mOKsAdx7DdCXVK6UqAAyPhDVw4z3ARrhtDBvoCPwCWfD4s 4NzNB9uS2sHEe+vreumRCbAGYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPOouTtV maAnJ1ndgWJmoTjbUCAhMB8GA1UdIwQYMBaAFFIioWGd//BMsJe7UWoHTM0dr/x4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNkQ3RC9BMzM5NjMwRTI3 NTAxMUVEOTE0N0IyNzNDNEY5QUUwMi9VaUtoWVozXzhFeXdsN3RSYWdkTXpSMnZf SGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VpS2hZWjNfOEV5d2w3dFJhZ2RNelIydl9IZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NkQ3RC9BMzM5NjMwRTI3NTAxMUVEOTE0N0IyNzNDNEY5QUUwMi9VaUtoWVozXzhF eXdsN3RSYWdkTXpSMnZfSGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDNT1jgPW1Wx50T3mTxy4mDId8udurzq3dhCoh5kDKD/CqHiHNMTM7n lydz3O+pBqvQCG5bRGSAWPRoWPdyIvIepQEpEzkvZdjp0La5iWSCHmkwCLo83GvH rwoZ2G5o2HGskQawhQW6JzlSNfh/+3jOrVg2/Bg4lSG3liDWyrCAGeEuAopmPGIV WPUQr66QC7lpLHiywNFWhi9slVeFmi/xwzk28yRsmEBA0waAu69LU6ZqfpbshmjW ABvwknywaDXJhb8cAthEfq+YW34ZH03C1QhzMeBan/WT94Fvp+uaPg2rdMU2oA9n T/yRVaWLf4Ed9fMB5Na1JSZO7dRLNk6y -----END CERTIFICATE-----Generated at Tue Nov 4 01:10:08 2025 by rpki-client