$ rpki-client -vvf rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft File: 9ES43awaKuycmNiYFhxzSCwu1Ig.mft (raw, json) Hash identifier: 6Vh1Dl3/WWCADAgBPjJOCViK7m/jsCCsZ3RuOi76PRI= Subject key identifier: E2:40:B2:8F:32:1F:23:70:C8:F0:2B:E2:D7:9F:B3:FE:DE:B1:07:B3 Authority key identifier: F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 Certificate issuer: /CN=A91427E2/serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Certificate serial: C5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft Manifest number: C3 Signing time: Wed 05 Nov 2025 06:05:35 +0000 Manifest this update: Wed 05 Nov 2025 06:05:35 +0000 Manifest next update: Wed 12 Nov 2025 06:05:35 +0000 Files and hashes: 1: 9ES43awaKuycmNiYFhxzSCwu1Ig.crl (hash: UcPhjz0nF1uA/CyhV7n/l7dJ/9DqaLAIM7eg3X4eid0=) 2: 52EADE54935111EF98AA8C86C4F9AE02.roa (hash: EP8IMn/Dpz37JzTGpl131u/EdByNY9mypWBz1crTuiM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:05:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 197 (0xc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91427E2, serialNumber=F444B8DDAC1A2AEC9C98D898161C73482C2ED488 Validity Not Before: Nov 5 06:05:35 2025 GMT Not After : Nov 12 06:05:35 2025 GMT Subject: CN=690ae92f-4220 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:5d:36:eb:f6:0a:75:9f:0f:e7:6b:20:e5:bf: d8:e1:c2:82:49:bc:20:ec:1a:ad:5f:40:3e:77:4d: 82:34:62:c1:76:4a:e0:6b:68:07:1e:6d:33:0b:00: af:a2:7d:85:83:7c:8d:90:9b:e6:c6:d1:2f:07:57: aa:68:30:bc:07:3d:1f:42:69:46:80:ec:7f:7d:cd: 41:21:e7:08:aa:bc:c4:8b:92:75:67:7e:88:7e:29: 93:e4:c2:52:66:87:69:cf:68:c0:f9:48:88:45:07: 47:da:1e:3c:c3:ad:b0:51:37:e0:4a:9a:e1:98:10: 5b:93:43:5e:17:22:d2:38:da:33:48:57:ef:3e:f9: 94:21:89:3f:d6:40:26:36:21:8c:2e:72:d8:14:ab: 86:9c:5c:1f:ed:3c:1d:8a:4e:9a:1a:ad:0f:0a:63: 8e:ec:fb:68:92:05:13:be:09:06:22:27:5e:4e:3f: bf:35:0b:ec:b0:3b:12:13:41:36:1b:a8:a7:b2:61: 28:aa:85:70:1c:79:52:80:b5:87:f9:ae:09:e9:8e: a9:c7:71:b2:18:01:0e:44:ed:96:65:e1:39:d3:37: db:19:db:89:2d:84:e0:c1:db:dd:c3:02:2d:24:24: eb:56:de:0f:69:be:30:2d:08:d8:51:0a:bf:c1:bd: 22:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:40:B2:8F:32:1F:23:70:C8:F0:2B:E2:D7:9F:B3:FE:DE:B1:07:B3 X509v3 Authority Key Identifier: keyid:F4:44:B8:DD:AC:1A:2A:EC:9C:98:D8:98:16:1C:73:48:2C:2E:D4:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/9ES43awaKuycmNiYFhxzSCwu1Ig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91427E2/7031A1EC935011EFBACE004CC4F9AE02/9ES43awaKuycmNiYFhxzSCwu1Ig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:13:9a:45:78:dc:2e:b1:f7:dd:40:ba:9b:35:28:c2:03:6c: 26:54:e2:a1:29:74:8b:e6:44:42:c9:51:2b:77:00:8f:83:d3: 39:81:a7:1b:fa:a0:9f:7f:c3:71:d2:b5:2c:5f:e3:02:aa:19: d7:53:31:73:5a:af:1a:0f:88:49:1e:bb:bd:c4:d1:bf:d4:31: e1:67:c6:89:cb:83:4a:3e:44:d0:a6:d4:e7:33:e4:e6:e9:37: 08:6e:26:fc:b0:64:85:9f:09:b7:9f:d3:50:c7:e8:cb:ff:bb: 8b:9e:d3:46:64:0b:d6:11:9b:61:8f:ab:66:e8:55:63:0c:9d: 05:20:76:ad:9c:f9:be:5b:62:4a:5e:04:c4:8d:8c:5b:cf:bb: 04:fc:6f:38:08:3a:d2:1f:3a:a7:53:91:2c:58:b6:22:45:5f: a8:fb:92:f3:37:5a:af:9b:68:f7:45:34:a2:1f:70:c2:a1:bf: 0c:a8:cc:5a:4a:11:8f:7e:e4:58:4f:f2:bd:84:d8:3d:cd:63: 0f:58:f8:a0:6e:7e:0f:bf:8f:f1:70:43:38:92:d7:a9:79:36: 0a:24:0b:8e:cb:f9:59:de:b7:15:ce:fa:bf:20:da:d5:ce:d1: 23:73:98:1e:2a:9d:c5:5c:1a:8f:a3:5d:e6:2a:07:a4:3c:3e: 53:30:cc:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDI3RTIxMTAvBgNVBAUTKEY0NDRCOEREQUMxQTJBRUM5Qzk4RDg5ODE2MUM3MzQ4 MkMyRUQ0ODgwHhcNMjUxMTA1MDYwNTM1WhcNMjUxMTEyMDYwNTM1WjAYMRYwFAYD VQQDEw02OTBhZTkyZi00MjIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5V026/YKdZ8P52sg5b/Y4cKCSbwg7BqtX0A+d02CNGLBdkrga2gHHm0zCwCv on2Fg3yNkJvmxtEvB1eqaDC8Bz0fQmlGgOx/fc1BIecIqrzEi5J1Z36IfimT5MJS Zodpz2jA+UiIRQdH2h48w62wUTfgSprhmBBbk0NeFyLSONozSFfvPvmUIYk/1kAm NiGMLnLYFKuGnFwf7Twdik6aGq0PCmOO7PtokgUTvgkGIideTj+/NQvssDsSE0E2 G6insmEoqoVwHHlSgLWH+a4J6Y6px3GyGAEORO2WZeE50zfbGduJLYTgwdvdwwIt JCTrVt4Pab4wLQjYUQq/wb0i5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOJAso8y HyNwyPAr4tefs/7esQezMB8GA1UdIwQYMBaAFPREuN2sGirsnJjYmBYcc0gsLtSI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjdFMi83MDMxQTFFQzkz NTAxMUVGQkFDRTAwNENDNEY5QUUwMi85RVM0M2F3YUt1eWNtTmlZRmh4elNDd3Ux SWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzlFUzQzYXdhS3V5Y21OaVlGaHh6U0N3dTFJZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjdFMi83MDMxQTFFQzkzNTAxMUVGQkFDRTAwNENDNEY5QUUwMi85RVM0M2F3YUt1 eWNtTmlZRmh4elNDd3UxSWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpE5pFeNwusffdQLqbNSjCA2wmVOKhKXSL5kRCyVErdwCPg9M5gacb +qCff8Nx0rUsX+MCqhnXUzFzWq8aD4hJHru9xNG/1DHhZ8aJy4NKPkTQptTnM+Tm 6TcIbib8sGSFnwm3n9NQx+jL/7uLntNGZAvWEZthj6tm6FVjDJ0FIHatnPm+W2JK XgTEjYxbz7sE/G84CDrSHzqnU5EsWLYiRV+o+5LzN1qvm2j3RTSiH3DCob8MqMxa ShGPfuRYT/K9hNg9zWMPWPigbn4Pv4/xcEM4ktepeTYKJAuOy/lZ3rcVzvq/INrV ztEjc5geKp3FXBqPo13mKgekPD5TMMyU -----END CERTIFICATE-----Generated at Wed Nov 5 23:47:26 2025 by rpki-client