$ rpki-client -vvf rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft File: 320AK7yrolDSrmtEVOPL_WfSx-o.mft (raw, json) Hash identifier: U/8b/Rup4dGrKnCFdrkqAKbggH96Ac+NbYDMeTwwid4= Subject key identifier: B5:06:1E:4E:9C:50:BD:44:53:2B:AF:10:30:6E:04:92:E4:98:AE:99 Authority key identifier: DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA Certificate issuer: /CN=A9143DE2/serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Certificate serial: 09E0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft Manifest number: 09D6 Signing time: Sun 02 Nov 2025 19:54:23 +0000 Manifest this update: Sun 02 Nov 2025 19:54:22 +0000 Manifest next update: Sun 09 Nov 2025 19:54:22 +0000 Files and hashes: 1: 320AK7yrolDSrmtEVOPL_WfSx-o.crl (hash: DPwacKNRCGVm4QawrkRIlqI4m6wAlAfaWLw3tosQ0Yg=) 2: C07738FE9F4511EB88EBCA76C4F9AE02.roa (hash: EW5gw++/Nv/7XkyhmrGAdJFCyCQBgQSX+Pdw0qIT5p4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:54:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2528 (0x9e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9143DE2, serialNumber=DF6D002BBCABA250D2AE6B4454E3CBFD67D2C7EA Validity Not Before: Nov 2 19:54:22 2025 GMT Not After : Nov 9 19:54:22 2025 GMT Subject: CN=6907b6ef-56bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:aa:9a:fd:6a:b1:9b:89:17:a8:67:80:00:80: 72:db:ac:12:e2:1b:6c:db:58:0e:ac:b6:4a:e9:3b: 15:0d:d0:de:60:13:be:e0:75:09:62:b6:b3:7a:90: 69:08:c8:a3:37:f9:78:a3:4a:1b:03:2a:3c:65:ed: f2:6b:cf:13:16:e6:d0:99:ec:c1:28:7c:c0:3f:4f: 90:05:17:a1:f7:37:d3:89:49:93:11:8c:2d:9b:38: 97:39:00:6f:3a:ff:a3:93:32:cd:dd:69:f7:55:57: c2:70:64:37:9b:23:d2:db:d4:ff:33:99:2a:94:9a: 6f:ca:f0:88:76:0b:b1:ce:9e:e8:4f:f4:ee:9a:1d: 0a:6f:18:d1:38:b5:18:93:fa:1f:bf:1d:57:9d:3d: d3:e3:26:d6:57:e3:2f:71:36:7a:17:6c:bc:b7:1f: 00:a8:7a:d5:20:d7:1a:b9:0d:03:15:38:c1:4f:a4: 68:c9:8c:e6:a8:27:47:ee:85:fb:b6:bd:2c:6e:92: d7:8e:1e:b7:4e:ca:71:ca:28:0e:3a:9b:0d:32:65: 12:0a:77:b2:c4:4b:72:a9:8e:e3:9b:91:d0:0c:66: a9:56:94:95:a8:3f:e0:dd:67:86:86:5b:24:80:14: e5:f4:16:17:03:07:c9:09:26:cd:e7:e6:34:50:d2: 08:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:06:1E:4E:9C:50:BD:44:53:2B:AF:10:30:6E:04:92:E4:98:AE:99 X509v3 Authority Key Identifier: keyid:DF:6D:00:2B:BC:AB:A2:50:D2:AE:6B:44:54:E3:CB:FD:67:D2:C7:EA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/320AK7yrolDSrmtEVOPL_WfSx-o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9143DE2/D218DD528E9711EA8C2DE537C4F9AE02/320AK7yrolDSrmtEVOPL_WfSx-o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:24:78:d8:72:0b:f9:66:34:eb:01:0a:c5:d0:ab:05:0c:07: dd:a4:cf:93:b1:d4:66:45:17:96:0a:82:9a:a3:5e:ae:68:76: e0:59:42:97:e8:56:b9:5a:45:f5:87:2b:f1:95:46:c3:97:4f: 7f:37:0f:a8:92:42:c4:c0:4b:2c:a1:ec:ad:57:54:2c:70:85: 5f:6d:e9:6f:44:59:f3:17:0a:df:06:5a:00:d6:24:da:89:de: 0d:3b:15:48:3d:c4:8b:3d:21:01:fd:8a:54:ff:3e:93:0f:89: ef:5e:36:64:6c:a7:58:19:68:85:d9:55:a1:03:98:15:7b:10: 5a:7e:10:45:6b:d7:bb:f2:ec:27:57:ce:b7:2c:26:27:df:c8: bc:0e:88:b2:a6:8d:bd:b5:54:21:5a:d4:83:f3:9d:8c:5f:8c: 67:ee:db:de:35:70:95:f3:40:64:79:ce:0a:94:f0:a7:72:a3: ae:48:84:dd:40:1a:90:93:71:ca:9b:29:83:0f:33:ee:35:02: 5a:c7:64:c6:8d:04:7a:3c:00:7e:db:fc:98:d1:57:2b:05:e8: 9e:0b:1c:d2:72:30:87:70:7f:7f:4f:87:4e:a9:47:f0:44:53: 3a:2a:54:c0:d0:17:2d:03:22:69:76:2f:6b:60:df:bf:a2:9d: c3:a8:36:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCeAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDNERTIxMTAvBgNVBAUTKERGNkQwMDJCQkNBQkEyNTBEMkFFNkI0NDU0RTNDQkZE NjdEMkM3RUEwHhcNMjUxMTAyMTk1NDIyWhcNMjUxMTA5MTk1NDIyWjAYMRYwFAYD VQQDEw02OTA3YjZlZi01NmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1Kqa/Wqxm4kXqGeAAIBy26wS4hts21gOrLZK6TsVDdDeYBO+4HUJYrazepBp CMijN/l4o0obAyo8Ze3ya88TFubQmezBKHzAP0+QBReh9zfTiUmTEYwtmziXOQBv Ov+jkzLN3Wn3VVfCcGQ3myPS29T/M5kqlJpvyvCIdguxzp7oT/Tumh0KbxjROLUY k/ofvx1XnT3T4ybWV+MvcTZ6F2y8tx8AqHrVINcauQ0DFTjBT6RoyYzmqCdH7oX7 tr0sbpLXjh63TspxyigOOpsNMmUSCneyxEtyqY7jm5HQDGapVpSVqD/g3WeGhlsk gBTl9BYXAwfJCSbN5+Y0UNIISwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLUGHk6c UL1EUyuvEDBuBJLkmK6ZMB8GA1UdIwQYMBaAFN9tACu8q6JQ0q5rRFTjy/1n0sfq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0M0RFMi9EMjE4REQ1MjhF OTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9sRFNybXRFVk9QTF9XZlN4 LW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMyMEFLN3lyb2xEU3JtdEVWT1BMX1dmU3gtby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 M0RFMi9EMjE4REQ1MjhFOTcxMUVBOEMyREU1MzdDNEY5QUUwMi8zMjBBSzd5cm9s RFNybXRFVk9QTF9XZlN4LW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXJHjYcgv5ZjTrAQrF0KsFDAfdpM+TsdRmRReWCoKao16uaHbgWUKX 6Fa5WkX1hyvxlUbDl09/Nw+okkLEwEssoeytV1QscIVfbelvRFnzFwrfBloA1iTa id4NOxVIPcSLPSEB/YpU/z6TD4nvXjZkbKdYGWiF2VWhA5gVexBafhBFa9e78uwn V863LCYn38i8Doiypo29tVQhWtSD852MX4xn7tveNXCV80Bkec4KlPCncqOuSITd QBqQk3HKmymDDzPuNQJax2TGjQR6PAB+2/yY0VcrBeieCxzScjCHcH9/T4dOqUfw RFM6KlTA0BctAyJpdi9rYN+/op3DqDYW -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:40 2025 by rpki-client