$ rpki-client -vvf rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft File: DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft (raw, json) Hash identifier: w/m1QWAR5MLs+DeQTJDuc3x7E24Sg0s86W2wm3eFJcs= Subject key identifier: 2E:53:2B:CE:E0:41:80:6A:A6:C1:B3:3A:D4:95:AA:C0:F0:CC:F4:AE Authority key identifier: 0C:4C:17:22:9C:6A:B6:7F:54:3F:EC:9C:4D:03:E5:FE:E4:ED:2F:F6 Certificate issuer: /CN=A9157ADC/serialNumber=0C4C17229C6AB67F543FEC9C4D03E5FEE4ED2FF6 Certificate serial: 027F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft Manifest number: 027B Signing time: Wed 05 Nov 2025 01:44:43 +0000 Manifest this update: Wed 05 Nov 2025 01:44:42 +0000 Manifest next update: Wed 12 Nov 2025 01:44:42 +0000 Files and hashes: 1: DEwXIpxqtn9UP-ycTQPl_uTtL_Y.crl (hash: VQAfvhuS+u74zFM1xH2i7L9EJuPVJAWpILFHk5Czhk4=) 2: 88FCD2C62DBA11ED94AFED62C4F9AE02.roa (hash: 0JYQSMYaFvaLhjpHDbKJtAOfDwR2Txci9jlqVoFvh1Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.crl rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:44:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 639 (0x27f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157ADC, serialNumber=0C4C17229C6AB67F543FEC9C4D03E5FEE4ED2FF6 Validity Not Before: Nov 5 01:44:42 2025 GMT Not After : Nov 12 01:44:42 2025 GMT Subject: CN=690aac0a-f69b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:dd:3e:ed:09:02:17:35:45:f3:42:f8:8f:5b: 65:8e:59:8e:cf:a2:0e:f6:1a:4d:ea:e4:ad:03:b1: 90:9c:85:f4:14:be:6f:87:2d:b5:ba:7a:58:b7:24: 64:18:47:2c:88:fa:f9:56:21:f1:43:2e:a6:99:74: 91:ff:68:75:b0:6e:28:fc:fc:c4:06:40:23:61:16: 47:39:d7:12:f6:16:ca:84:c6:d2:20:23:79:43:0f: fa:67:7d:18:1b:91:bd:48:7e:09:19:fa:71:c7:a7: b1:25:a6:dd:60:20:21:80:3f:90:35:83:7f:b7:82: 77:cd:25:74:7a:a2:42:46:3d:e0:52:74:64:48:e1: e8:48:f2:a7:53:82:4d:17:50:fa:d6:cd:a7:9b:8f: d1:13:77:e0:67:f3:e7:6c:de:3b:8c:22:b7:c3:f7: 90:71:ef:9d:f5:9b:20:b3:5a:d5:85:34:7a:56:2d: c3:00:63:56:28:88:68:5d:80:4a:66:d2:7b:48:8d: 1f:97:62:b2:82:49:30:a1:f2:99:13:a8:f3:86:9d: da:50:8c:6c:b1:b0:4e:90:eb:a1:2f:fc:05:f0:9c: 63:8b:d7:a9:76:48:7e:99:57:bd:f7:aa:35:4b:d6: c8:21:f9:6d:fe:d5:d5:54:dc:e1:52:70:f9:11:7b: be:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2E:53:2B:CE:E0:41:80:6A:A6:C1:B3:3A:D4:95:AA:C0:F0:CC:F4:AE X509v3 Authority Key Identifier: keyid:0C:4C:17:22:9C:6A:B6:7F:54:3F:EC:9C:4D:03:E5:FE:E4:ED:2F:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157ADC/F57589E22DB611ED82159B5EC4F9AE02/DEwXIpxqtn9UP-ycTQPl_uTtL_Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:72:bd:ef:35:ac:bc:78:4e:c8:c8:30:01:2d:17:a9:db:d4: f6:92:f9:f4:f3:99:cf:1b:1b:ee:3e:fe:06:1b:f3:9d:b8:f1: 6b:9f:ad:59:65:c6:75:c6:bd:65:ab:c1:15:6b:71:c1:96:19: e5:68:06:c6:d6:86:2f:6b:be:3a:1f:11:a0:bc:73:e7:23:f6: f7:92:5d:34:0a:c9:66:5f:68:62:c2:da:3f:0f:0b:cb:6e:b1: 95:ba:0d:b7:e4:3a:33:30:4d:2a:c8:b9:36:1b:4a:4d:22:a5: 9d:f1:d1:f8:da:1e:73:57:53:ad:cb:85:e3:ab:dc:4b:df:60: 5e:2b:ab:00:a1:e6:b8:0b:74:3e:32:ef:02:b4:d5:60:76:38: bd:05:54:07:c0:55:df:44:4f:eb:df:98:fc:cd:66:45:4a:b2: b2:79:7a:a1:58:fe:be:a7:6a:ec:82:3b:c0:a8:7c:13:5e:b1: 22:5e:69:58:09:84:5a:fb:ed:a5:d7:52:59:cd:71:43:47:2e: de:c1:79:46:df:72:6e:c8:7a:9f:53:b6:e7:2e:10:75:76:70: 1f:54:ce:60:29:26:05:cc:de:53:16:73:9d:cb:8e:6f:c7:a1: c3:e5:dc:d1:fd:76:90:8f:6d:bf:65:f4:cf:41:a9:ce:72:86: d1:a5:32:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAn8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdBREMxMTAvBgNVBAUTKDBDNEMxNzIyOUM2QUI2N0Y1NDNGRUM5QzREMDNFNUZF RTRFRDJGRjYwHhcNMjUxMTA1MDE0NDQyWhcNMjUxMTEyMDE0NDQyWjAYMRYwFAYD VQQDEw02OTBhYWMwYS1mNjliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApt0+7QkCFzVF80L4j1tljlmOz6IO9hpN6uStA7GQnIX0FL5vhy21unpYtyRk GEcsiPr5ViHxQy6mmXSR/2h1sG4o/PzEBkAjYRZHOdcS9hbKhMbSICN5Qw/6Z30Y G5G9SH4JGfpxx6exJabdYCAhgD+QNYN/t4J3zSV0eqJCRj3gUnRkSOHoSPKnU4JN F1D61s2nm4/RE3fgZ/PnbN47jCK3w/eQce+d9Zsgs1rVhTR6Vi3DAGNWKIhoXYBK ZtJ7SI0fl2KygkkwofKZE6jzhp3aUIxssbBOkOuhL/wF8Jxji9epdkh+mVe996o1 S9bIIflt/tXVVNzhUnD5EXu+owIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC5TK87g QYBqpsGzOtSVqsDwzPSuMB8GA1UdIwQYMBaAFAxMFyKcarZ/VD/snE0D5f7k7S/2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0FEQy9GNTc1ODlFMjJE QjYxMUVEODIxNTlCNUVDNEY5QUUwMi9ERXdYSXB4cXRuOVVQLXljVFFQbF91VHRM X1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RFd1hJcHhxdG45VVAteWNUUVBsX3VUdExfWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0FEQy9GNTc1ODlFMjJEQjYxMUVEODIxNTlCNUVDNEY5QUUwMi9ERXdYSXB4cXRu OVVQLXljVFFQbF91VHRMX1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBycr3vNay8eE7IyDABLRep29T2kvn085nPGxvuPv4GG/OduPFrn61Z ZcZ1xr1lq8EVa3HBlhnlaAbG1oYva746HxGgvHPnI/b3kl00CslmX2hiwto/DwvL brGVug235DozME0qyLk2G0pNIqWd8dH42h5zV1Oty4Xjq9xL32BeK6sAoea4C3Q+ Mu8CtNVgdji9BVQHwFXfRE/r35j8zWZFSrKyeXqhWP6+p2rsgjvAqHwTXrEiXmlY CYRa++2l11JZzXFDRy7ewXlG33JuyHqfU7bnLhB1dnAfVM5gKSYFzN5TFnOdy45v x6HD5dzR/XaQj22/ZfTPQanOcobRpTLy -----END CERTIFICATE-----Generated at Wed Nov 5 16:40:37 2025 by rpki-client