$ rpki-client -vvf rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft File: ny5XiO95WFurdhmHfTlierLl1Rk.mft (raw, json) Hash identifier: 8u4azHNggL5Lu8Nnghy06VPAHAatJtjcLa6i5YITWdg= Subject key identifier: 01:8F:81:B6:A8:FD:47:45:F6:FA:D0:41:4D:4E:5E:8E:AD:A9:A2:52 Authority key identifier: 9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19 Certificate issuer: /CN=A913A7A6/serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519 Certificate serial: 0A68 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft Manifest number: 0A60 Signing time: Tue 04 Nov 2025 19:44:17 +0000 Manifest this update: Tue 04 Nov 2025 19:44:16 +0000 Manifest next update: Tue 11 Nov 2025 19:44:16 +0000 Files and hashes: 1: ny5XiO95WFurdhmHfTlierLl1Rk.crl (hash: tlfw+sicrHV5//GdbAAWjuxV16QdI9BrbFXmAqcq5HU=) 2: 4DAFC184ADC011ED897A4050C4F9AE02.roa (hash: Za3bISDsY9jXSiAUyE8K8a9BeVgovmO/YNcIsWrBq60=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:44:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2664 (0xa68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913A7A6, serialNumber=9F2E5788EF79585BAB7619877D39627AB2E5D519 Validity Not Before: Nov 4 19:44:16 2025 GMT Not After : Nov 11 19:44:16 2025 GMT Subject: CN=690a5791-45fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:1b:39:12:2e:97:9a:c5:3a:1f:4b:c9:ae:b9: d0:fb:63:77:b8:3d:83:f5:a0:e6:47:a2:ca:cd:91: b3:47:a4:47:0e:49:c4:71:bf:13:ff:90:fa:cc:60: 99:b8:04:a5:97:51:84:5e:22:fb:1b:f3:d5:0c:2d: c7:dc:e5:aa:9d:4f:6f:be:4e:52:cd:7d:ef:4f:e3: 29:ea:f9:a0:f8:f4:12:a2:2d:8b:22:8c:ef:8c:f6: af:44:a0:83:fb:b1:8a:44:62:31:d0:16:38:10:62: 7b:21:47:0c:fe:42:08:d3:67:98:c9:73:3e:1e:75: 46:49:48:60:4a:d1:7f:8c:a1:5c:6b:e2:06:0a:04: 95:9f:2b:95:79:41:f2:a9:22:6e:83:43:99:23:fd: 9f:30:4c:86:ae:d2:ac:d7:ac:a6:80:dd:f8:66:3d: 79:f3:34:ca:3d:fa:bb:97:bf:4b:a7:7b:32:42:a0: cc:44:d5:35:40:83:9a:bd:5e:a2:8a:b7:40:d5:1d: 9e:54:6b:04:9c:e1:a9:f1:d8:ba:be:d4:61:66:ef: 1e:a0:1b:96:e3:43:06:6a:b5:e9:ae:0b:ee:8e:d0: 24:b3:4c:b9:7f:2a:a6:6e:34:f9:63:fa:ce:08:13: 46:15:2a:00:fd:15:af:05:fb:98:f1:8d:32:27:67: 0f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:8F:81:B6:A8:FD:47:45:F6:FA:D0:41:4D:4E:5E:8E:AD:A9:A2:52 X509v3 Authority Key Identifier: keyid:9F:2E:57:88:EF:79:58:5B:AB:76:19:87:7D:39:62:7A:B2:E5:D5:19 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ny5XiO95WFurdhmHfTlierLl1Rk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913A7A6/457A8E8273B611EA9B8C1F5CC4F9AE02/ny5XiO95WFurdhmHfTlierLl1Rk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:f7:68:f4:df:0a:22:db:8c:d8:54:a8:dd:38:cc:05:2f:4a: 7c:3b:8d:80:01:ec:fe:df:f8:17:63:94:db:e9:22:24:3b:83: 93:72:28:6f:04:c3:1d:26:55:c9:db:72:80:7c:2a:7c:da:7a: ad:9c:7e:7c:b8:51:57:1e:60:6e:6f:40:34:7b:10:39:50:cc: 6b:87:17:85:d0:f7:54:a8:87:0a:60:b7:ad:cd:60:8f:f8:82: 39:f2:37:d4:69:3e:10:14:b8:45:0f:cb:1e:a2:a4:14:a8:37: 05:80:b7:fc:bc:4d:e0:5e:f1:d4:08:91:f6:83:57:7a:21:47: d0:40:18:36:2d:02:93:98:20:38:b5:61:f2:d7:5e:6d:89:86: 66:db:6b:74:c9:a7:1b:17:00:26:30:cc:d5:11:06:5d:39:76: 32:65:48:e9:83:c6:b1:85:90:60:8a:4a:43:a4:ee:69:3c:16: 1c:1b:56:28:08:36:b4:5d:4d:04:ac:f7:d0:21:53:dc:9d:46: b8:4c:c7:b2:06:7d:95:30:5b:e5:a6:23:2e:5a:66:bb:00:8d: f3:36:dc:f3:41:20:a9:bc:cf:14:e9:3e:d9:c2:dc:c5:7c:12: 0c:82:b9:63:63:dc:b3:e1:92:03:22:2f:6b:96:80:c7:8c:95: 8c:37:c0:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCmgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0E3QTYxMTAvBgNVBAUTKDlGMkU1Nzg4RUY3OTU4NUJBQjc2MTk4NzdEMzk2MjdB QjJFNUQ1MTkwHhcNMjUxMTA0MTk0NDE2WhcNMjUxMTExMTk0NDE2WjAYMRYwFAYD VQQDEw02OTBhNTc5MS00NWZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3hs5Ei6XmsU6H0vJrrnQ+2N3uD2D9aDmR6LKzZGzR6RHDknEcb8T/5D6zGCZ uASll1GEXiL7G/PVDC3H3OWqnU9vvk5SzX3vT+Mp6vmg+PQSoi2LIozvjPavRKCD +7GKRGIx0BY4EGJ7IUcM/kII02eYyXM+HnVGSUhgStF/jKFca+IGCgSVnyuVeUHy qSJug0OZI/2fMEyGrtKs16ymgN34Zj158zTKPfq7l79Lp3syQqDMRNU1QIOavV6i irdA1R2eVGsEnOGp8di6vtRhZu8eoBuW40MGarXprgvujtAks0y5fyqmbjT5Y/rO CBNGFSoA/RWvBfuY8Y0yJ2cPTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAGPgbao /UdF9vrQQU1OXo6tqaJSMB8GA1UdIwQYMBaAFJ8uV4jveVhbq3YZh305Ynqy5dUZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzQTdBNi80NTdBOEU4Mjcz QjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdGdXJkaG1IZlRsaWVyTGwx UmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL255NVhpTzk1V0Z1cmRobUhmVGxpZXJMbDFSay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz QTdBNi80NTdBOEU4MjczQjYxMUVBOUI4QzFGNUNDNEY5QUUwMi9ueTVYaU85NVdG dXJkaG1IZlRsaWVyTGwxUmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCk92j03woi24zYVKjdOMwFL0p8O42AAez+3/gXY5Tb6SIkO4OTcihv BMMdJlXJ23KAfCp82nqtnH58uFFXHmBub0A0exA5UMxrhxeF0PdUqIcKYLetzWCP +II58jfUaT4QFLhFD8seoqQUqDcFgLf8vE3gXvHUCJH2g1d6IUfQQBg2LQKTmCA4 tWHy115tiYZm22t0yacbFwAmMMzVEQZdOXYyZUjpg8axhZBgikpDpO5pPBYcG1Yo CDa0XU0ErPfQIVPcnUa4TMeyBn2VMFvlpiMuWma7AI3zNtzzQSCpvM8U6T7ZwtzF fBIMgrljY9yz4ZIDIi9rloDHjJWMN8DE -----END CERTIFICATE-----Generated at Wed Nov 5 11:37:47 2025 by rpki-client