$ rpki-client -vvf rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft File: aIdCVFR7NLOvid21tI0CAj9Xrhc.mft (raw, json) Hash identifier: u+vBwOwiCrPpCg8CXCpzPF3y4teajWgfJ3JxxWf+DZw= Subject key identifier: 93:7B:38:9D:94:5D:4F:2B:DE:D7:2C:13:24:76:40:1C:09:C5:94:3E Authority key identifier: 68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 Certificate issuer: /CN=A9148D52/serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Certificate serial: 0D75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft Manifest number: 0D6C Signing time: Tue 04 Nov 2025 18:03:01 +0000 Manifest this update: Tue 04 Nov 2025 18:03:00 +0000 Manifest next update: Tue 11 Nov 2025 18:03:00 +0000 Files and hashes: 1: aIdCVFR7NLOvid21tI0CAj9Xrhc.crl (hash: 9qulY7f2tNdMf5vRXSovdTF+32RbqWpztjofKsAMlkI=) 2: 0198539E94F311EA9429BF86C4F9AE02.roa (hash: 5GX92aioe88puPmyzGflssCck3bnuW06XT8lCNmGXB4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:03:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3445 (0xd75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9148D52, serialNumber=68874254547B34B3AF89DDB5B48D02023F57AE17 Validity Not Before: Nov 4 18:03:00 2025 GMT Not After : Nov 11 18:03:00 2025 GMT Subject: CN=690a3fd5-7b2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:3a:f6:f1:51:39:bb:34:95:a9:ee:15:fe:d1: 95:f8:b4:3c:4d:be:cf:f7:f1:c9:f9:c3:33:6d:1e: af:1e:1e:6a:15:a8:f3:7c:33:20:87:8b:6b:34:9c: c0:f2:70:a0:3d:b0:3b:85:52:be:21:61:a7:8e:97: 52:7b:cb:ca:3d:82:ca:a1:6c:2c:52:10:e8:5c:30: 84:19:fb:41:98:c1:18:9e:54:ca:55:95:53:85:3b: 6a:8c:c0:d4:b8:97:0c:40:4b:72:38:55:29:47:db: 08:da:5c:79:e2:fd:65:00:40:53:34:1e:40:28:a6: 06:5f:49:db:d1:b6:06:78:0e:7c:c1:d4:09:a4:fa: 09:6c:13:6d:6f:6a:41:14:c7:8f:3f:4b:da:64:64: 25:0c:a6:8a:55:34:ab:e2:f8:98:e9:61:8c:7e:e8: de:44:05:60:c8:b5:bd:78:46:77:0d:72:14:13:31: 75:ca:15:81:33:48:2f:f0:f3:c4:9d:c1:c2:ae:46: b9:be:9d:f1:06:4e:a2:6b:ca:77:b3:11:b6:5a:d6: bc:a8:09:b0:ac:1c:b4:1f:67:09:56:3c:3c:88:28: 56:ac:76:ed:08:9c:7f:d1:a7:04:f6:1d:32:60:16: 98:14:9a:a8:76:c1:ab:f4:3d:af:8a:87:94:69:79: 21:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:7B:38:9D:94:5D:4F:2B:DE:D7:2C:13:24:76:40:1C:09:C5:94:3E X509v3 Authority Key Identifier: keyid:68:87:42:54:54:7B:34:B3:AF:89:DD:B5:B4:8D:02:02:3F:57:AE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aIdCVFR7NLOvid21tI0CAj9Xrhc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9148D52/1D4B44EEDB6B11E992987F41C4F9AE02/aIdCVFR7NLOvid21tI0CAj9Xrhc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:61:56:d2:42:ce:5f:2e:cc:c0:3b:0c:c1:ad:04:97:36:ca: 37:3c:db:4f:e6:6e:f2:46:6d:00:ab:84:10:38:51:c0:ab:d4: 37:e6:8a:a5:14:1d:d3:5f:bb:18:10:8e:3a:a6:a2:ea:b5:c2: cd:0b:30:67:17:4c:4c:2d:8d:1c:b5:04:80:a9:e5:19:fa:b5: 28:a2:41:1a:d6:1f:25:28:da:bf:bd:b0:1e:5d:b8:c4:bc:9d: d5:51:bd:83:02:fc:25:c9:31:03:c8:14:ed:bb:b1:35:aa:c4: 5e:2d:f7:07:f6:ee:28:c5:3b:f0:eb:07:4e:80:f1:5c:28:86: 1b:68:c9:9c:40:40:20:ea:f5:97:47:1f:3f:b6:c7:d1:6d:33: 4b:52:ae:13:d6:d3:66:f2:3f:25:37:f6:6d:72:21:b0:38:9b: 9d:f8:d3:3b:9a:ec:56:1a:db:3c:65:46:10:08:03:28:87:1a: f2:01:b1:98:4d:bb:76:db:cb:d2:a3:83:f4:56:ee:f2:e9:f5: eb:93:5e:24:7e:68:4e:69:69:32:22:a5:4a:14:15:af:91:61: b7:32:14:b6:e0:4b:ca:c6:ea:20:3d:fb:50:e6:15:7d:e7:a6: 90:b6:76:ac:d0:c4:73:a3:e9:0f:2f:6e:f1:ab:b4:bc:f2:04: e1:e0:05:50 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDhENTIxMTAvBgNVBAUTKDY4ODc0MjU0NTQ3QjM0QjNBRjg5RERCNUI0OEQwMjAy M0Y1N0FFMTcwHhcNMjUxMTA0MTgwMzAwWhcNMjUxMTExMTgwMzAwWjAYMRYwFAYD VQQDEw02OTBhM2ZkNS03YjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxzr28VE5uzSVqe4V/tGV+LQ8Tb7P9/HJ+cMzbR6vHh5qFajzfDMgh4trNJzA 8nCgPbA7hVK+IWGnjpdSe8vKPYLKoWwsUhDoXDCEGftBmMEYnlTKVZVThTtqjMDU uJcMQEtyOFUpR9sI2lx54v1lAEBTNB5AKKYGX0nb0bYGeA58wdQJpPoJbBNtb2pB FMePP0vaZGQlDKaKVTSr4viY6WGMfujeRAVgyLW9eEZ3DXIUEzF1yhWBM0gv8PPE ncHCrka5vp3xBk6ia8p3sxG2Wta8qAmwrBy0H2cJVjw8iChWrHbtCJx/0acE9h0y YBaYFJqodsGr9D2vioeUaXkhMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJN7OJ2U XU8r3tcsEyR2QBwJxZQ+MB8GA1UdIwQYMBaAFGiHQlRUezSzr4ndtbSNAgI/V64X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0OEQ1Mi8xRDRCNDRFRURC NkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05MT3ZpZDIxdEkwQ0FqOVhy aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FJZENWRlI3TkxPdmlkMjF0STBDQWo5WHJoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 OEQ1Mi8xRDRCNDRFRURCNkIxMUU5OTI5ODdGNDFDNEY5QUUwMi9hSWRDVkZSN05M T3ZpZDIxdEkwQ0FqOVhyaGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3YVbSQs5fLszAOwzBrQSXNso3PNtP5m7yRm0Aq4QQOFHAq9Q35oql FB3TX7sYEI46pqLqtcLNCzBnF0xMLY0ctQSAqeUZ+rUookEa1h8lKNq/vbAeXbjE vJ3VUb2DAvwlyTEDyBTtu7E1qsReLfcH9u4oxTvw6wdOgPFcKIYbaMmcQEAg6vWX Rx8/tsfRbTNLUq4T1tNm8j8lN/ZtciGwOJud+NM7muxWGts8ZUYQCAMohxryAbGY Tbt228vSo4P0Vu7y6fXrk14kfmhOaWkyIqVKFBWvkWG3MhS24EvKxuogPftQ5hV9 56aQtnas0MRzo+kPL27xq7S88gTh4AVQ -----END CERTIFICATE-----Generated at Wed Nov 5 16:40:32 2025 by rpki-client