$ rpki-client -vvf rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft File: zOnFYkus-dCYXj8tbjHmsthtgq4.mft (raw, json) Hash identifier: gsOtWbZEZMzMknJDL5MaT25uWTZepa9is21ceEUWaiE= Subject key identifier: 6F:E9:0D:01:90:0A:8E:8E:50:7D:13:ED:C2:B9:F6:95:DF:58:4D:DF Authority key identifier: CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE Certificate issuer: /CN=A9157B07/serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Certificate serial: 1C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft Manifest number: 1B Signing time: Mon 03 Nov 2025 07:49:11 +0000 Manifest this update: Mon 03 Nov 2025 07:49:11 +0000 Manifest next update: Mon 10 Nov 2025 07:49:11 +0000 Files and hashes: 1: zOnFYkus-dCYXj8tbjHmsthtgq4.crl (hash: TqGAJA6k5nctVYxNVwujozLHWY6Jqgn7cS2EMtx/0vw=) 2: 8CA88A568FD611F09FFCA92CC4F9AE02.roa (hash: X1O7W3t2SP7SDbQ67NRf7y+vow5VXeN/HZMH9HZxaRQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:49:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 28 (0x1c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157B07, serialNumber=CCE9C5624BACF9D0985E3F2D6E31E6B2D86D82AE Validity Not Before: Nov 3 07:49:11 2025 GMT Not After : Nov 10 07:49:11 2025 GMT Subject: CN=69085e77-8195 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:3e:fa:5f:69:ca:6b:41:72:fe:7c:a5:79:d8: 58:0f:e5:51:9d:99:62:c3:6c:7c:61:ad:e8:05:57: d6:f5:3f:de:dd:c5:3e:7e:9b:86:a0:cb:f2:34:ad: dd:35:42:9d:ef:e2:4d:31:c8:c9:1d:d6:9c:a4:9f: 3b:46:69:75:c9:95:6b:b1:87:9e:48:84:46:70:5f: b6:ba:fe:01:c4:b2:e4:20:a2:b5:c2:2e:19:5f:ab: 96:6c:60:df:c1:ea:49:c7:2c:48:17:31:3b:7b:4d: 92:99:97:8e:f1:1a:c6:61:81:5d:92:32:67:09:92: 2e:0c:79:d9:c1:b5:d7:d0:cc:d2:5f:a3:19:74:8b: fa:56:3a:ed:15:97:84:18:74:38:aa:30:d2:e6:38: 7c:e8:c4:0f:73:f5:cd:b0:e3:8e:0c:a0:f8:bd:40: dc:4a:dc:53:7f:18:7b:bd:f3:ab:f4:41:b0:7f:3f: 6c:d2:4c:b3:0b:82:9b:e1:81:dd:9d:85:6d:9d:4b: 0f:5e:e1:90:44:67:e6:77:83:87:4a:59:27:44:5e: 96:e7:07:be:1c:70:22:1e:a2:21:76:3d:ac:09:74: 6e:c2:19:40:aa:4c:ea:35:3a:7a:71:0b:b4:3f:7b: 67:37:18:cb:95:a6:d1:85:71:9c:04:41:d0:bd:2b: bd:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:E9:0D:01:90:0A:8E:8E:50:7D:13:ED:C2:B9:F6:95:DF:58:4D:DF X509v3 Authority Key Identifier: keyid:CC:E9:C5:62:4B:AC:F9:D0:98:5E:3F:2D:6E:31:E6:B2:D8:6D:82:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zOnFYkus-dCYXj8tbjHmsthtgq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157B07/D88544928FD511F0A61C9B2BC4F9AE02/zOnFYkus-dCYXj8tbjHmsthtgq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:73:ff:bb:f8:c1:2f:b8:d9:2a:e1:26:df:1b:8e:84:86:88: 5e:30:43:9c:22:b6:38:a9:2c:72:8b:09:d8:6e:44:eb:c8:76: 70:d6:5b:a0:21:1b:a4:79:7b:6a:db:09:58:47:1c:73:4f:f1: c8:1d:7b:a8:67:10:17:62:21:21:0c:fa:4b:3f:eb:00:17:a7: de:fb:d2:99:8a:31:93:46:31:9c:42:12:be:48:4c:3a:9d:f8: 10:85:ca:aa:f0:28:70:90:53:e0:03:39:bb:cb:2c:ac:c2:9e: de:9c:35:dc:2d:b0:78:4c:c9:16:2d:f4:43:6c:e3:39:a5:08: f2:c2:c1:e0:4f:a2:f5:a9:13:02:f5:4d:a9:24:52:49:79:6a: 86:28:5c:e2:4f:b9:dc:e6:dd:3f:10:a6:f2:34:68:a1:0e:7b: 97:29:b4:c6:ac:7d:f1:90:d0:1c:fb:01:fa:66:76:f8:6a:91: 94:df:02:e9:ee:60:a4:d7:1f:d5:ee:bf:75:2a:9c:51:65:d4: 3b:0d:b2:47:bd:4f:0e:0a:64:a1:76:88:43:8c:20:f2:9e:7f: 7d:b5:f7:3d:6f:b3:54:e8:84:65:f5:d7:53:5b:21:59:11:fe: 84:1e:69:a6:04:b7:97:dc:c9:bc:4d:47:3e:8b:b1:4c:ed:c1: b4:24:a2:54 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBHDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 N0IwNzExMC8GA1UEBRMoQ0NFOUM1NjI0QkFDRjlEMDk4NUUzRjJENkUzMUU2QjJE ODZEODJBRTAeFw0yNTExMDMwNzQ5MTFaFw0yNTExMTAwNzQ5MTFaMBgxFjAUBgNV BAMTDTY5MDg1ZTc3LTgxOTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCuPvpfacprQXL+fKV52FgP5VGdmWLDbHxhregFV9b1P97dxT5+m4agy/I0rd01 Qp3v4k0xyMkd1pyknztGaXXJlWuxh55IhEZwX7a6/gHEsuQgorXCLhlfq5ZsYN/B 6knHLEgXMTt7TZKZl47xGsZhgV2SMmcJki4MednBtdfQzNJfoxl0i/pWOu0Vl4QY dDiqMNLmOHzoxA9z9c2w444MoPi9QNxK3FN/GHu986v0QbB/P2zSTLMLgpvhgd2d hW2dSw9e4ZBEZ+Z3g4dKWSdEXpbnB74ccCIeoiF2PawJdG7CGUCqTOo1OnpxC7Q/ e2c3GMuVptGFcZwEQdC9K72zAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUb+kNAZAK jo5QfRPtwrn2ld9YTd8wHwYDVR0jBBgwFoAUzOnFYkus+dCYXj8tbjHmsthtgq4w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3QjA3L0Q4ODU0NDkyOEZE NTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRDWVhqOHRiakhtc3RodGdx NC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvek9uRllrdXMtZENZWGo4dGJqSG1zdGh0Z3E0LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 QjA3L0Q4ODU0NDkyOEZENTExRjBBNjFDOUIyQkM0RjlBRTAyL3pPbkZZa3VzLWRD WVhqOHRiakhtc3RodGdxNC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADZz/7v4wS+42SrhJt8bjoSGiF4wQ5witjipLHKLCdhuROvIdnDWW6Ah G6R5e2rbCVhHHHNP8cgde6hnEBdiISEM+ks/6wAXp9770pmKMZNGMZxCEr5ITDqd +BCFyqrwKHCQU+ADObvLLKzCnt6cNdwtsHhMyRYt9ENs4zmlCPLCweBPovWpEwL1 TakkUkl5aoYoXOJPudzm3T8QpvI0aKEOe5cptMasffGQ0Bz7AfpmdvhqkZTfAunu YKTXH9Xuv3UqnFFl1DsNske9Tw4KZKF2iEOMIPKef3219z1vs1TohGX111NbIVkR /oQeaaYEt5fcybxNRz6LsUztwbQkolQ= -----END CERTIFICATE-----Generated at Mon Nov 3 18:06:59 2025 by rpki-client