$ rpki-client -vvf rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft File: 71OR8qIt1l9IQxoyJt3MZbdllqk.mft (raw, json) Hash identifier: gxrONVb8+/oFCSAbdhsFPb8HJqz5LYW/yRgSBZKZCOk= Subject key identifier: 7E:EB:2D:5B:7A:9D:7A:89:6D:CA:B4:6D:D1:09:03:38:70:41:FA:7D Authority key identifier: EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 Certificate issuer: /CN=A9157DA9/serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Certificate serial: EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft Manifest number: E8 Signing time: Wed 05 Nov 2025 05:32:02 +0000 Manifest this update: Wed 05 Nov 2025 05:32:00 +0000 Manifest next update: Wed 12 Nov 2025 05:32:00 +0000 Files and hashes: 1: 71OR8qIt1l9IQxoyJt3MZbdllqk.crl (hash: NEcDYRIRpHEhiUhQciqdJEC1m1vnfyqooBQ8SryHdIo=) 2: 897F96FC5A1811EFAF24E138C4F9AE02.roa (hash: V/66FKVQueBWCxe2q60voG68SskFvIkojTU44XWkp4w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:32:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 234 (0xea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157DA9, serialNumber=EF5391F2A22DD65F48431A3226DDCC65B76596A9 Validity Not Before: Nov 5 05:32:00 2025 GMT Not After : Nov 12 05:32:00 2025 GMT Subject: CN=690ae151-6d71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:b5:74:70:6b:e6:f6:89:ce:2d:d2:a3:1c:ad: db:ac:e0:bb:eb:24:63:b5:93:84:96:d4:7b:c0:c8: 2e:6c:e1:cf:d3:64:c6:c8:04:68:91:68:a3:49:76: 14:38:96:e2:49:8c:5c:20:29:99:c4:d5:fb:ba:9e: 18:f0:24:51:1e:b4:23:72:6d:a5:01:bc:d9:8f:a5: b2:44:af:d9:9e:fe:50:89:fa:dd:03:7c:41:51:be: 26:dd:19:2e:51:57:c4:98:e8:ac:59:30:ab:93:db: e6:33:81:c1:5f:58:33:6c:ee:1f:0d:6f:1d:64:23: d5:b3:41:81:1b:96:af:c9:04:60:0d:61:35:cd:b7: d7:ac:db:74:ca:a5:1c:80:b9:8f:26:49:38:51:14: bf:a3:35:9a:c5:f7:c7:19:65:cd:ce:29:72:61:30: de:fc:c7:4a:6b:83:28:c8:98:d4:15:c2:1e:8a:d7: 1c:ac:d5:f9:d9:b6:10:91:83:7b:eb:7b:c6:70:00: 37:1a:19:14:9d:74:d0:bf:28:9a:ee:bf:51:81:53: 24:bb:89:66:47:ba:17:5d:1f:63:ea:01:f2:e2:c9: e3:20:3b:27:d0:79:01:7e:97:8e:bf:c7:85:c5:3f: 5f:72:5f:d6:a6:c1:e6:24:cc:88:f1:a9:cc:8a:32: 90:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:EB:2D:5B:7A:9D:7A:89:6D:CA:B4:6D:D1:09:03:38:70:41:FA:7D X509v3 Authority Key Identifier: keyid:EF:53:91:F2:A2:2D:D6:5F:48:43:1A:32:26:DD:CC:65:B7:65:96:A9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/71OR8qIt1l9IQxoyJt3MZbdllqk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157DA9/423E1AD45A1811EFBD477338C4F9AE02/71OR8qIt1l9IQxoyJt3MZbdllqk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:ea:32:06:7b:ed:13:2b:60:65:0f:12:c1:88:f4:2b:91:0b: a2:98:0e:68:b8:2e:08:08:08:eb:2c:07:f7:28:5d:68:5a:f3: 6d:cd:33:17:ac:4a:ab:1c:49:1f:0a:47:d8:72:47:c7:bf:aa: 88:53:1f:23:f3:12:85:17:18:4d:f8:07:87:d5:a5:ae:06:7a: 76:8f:d5:f9:5c:dd:09:62:2f:76:2c:5f:c6:4d:69:06:23:21: d5:e0:1e:de:6f:07:fc:ad:cc:8f:63:c8:3a:6a:8d:cf:c3:90: 0b:4d:9d:bd:4c:4a:35:85:70:6c:96:7e:29:f7:3d:0c:3f:a3: c5:a8:76:3c:bf:c5:4c:41:53:86:05:da:00:79:9a:79:5d:0c: c7:be:3a:53:e0:18:fd:60:53:f9:e4:4d:ac:06:50:6f:b8:e9: dd:79:b3:10:98:2c:ec:54:25:33:a4:fb:a3:21:72:5c:18:d4: 8c:fb:ce:eb:cd:1e:13:5d:76:d4:0e:c8:62:99:fd:34:37:21: d6:c7:92:09:a7:2f:30:8c:1c:1a:d9:6f:59:3d:b8:32:c2:81: ae:3f:c9:8e:4a:55:20:b1:e3:b1:ca:74:ab:a7:a5:8b:8a:8a: 67:1d:1e:6e:29:bb:3b:20:61:ac:19:13:4e:30:37:aa:2b:a4: 7c:a1:2c:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdEQTkxMTAvBgNVBAUTKEVGNTM5MUYyQTIyREQ2NUY0ODQzMUEzMjI2RERDQzY1 Qjc2NTk2QTkwHhcNMjUxMTA1MDUzMjAwWhcNMjUxMTEyMDUzMjAwWjAYMRYwFAYD VQQDEw02OTBhZTE1MS02ZDcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3LV0cGvm9onOLdKjHK3brOC76yRjtZOEltR7wMgubOHP02TGyARokWijSXYU OJbiSYxcICmZxNX7up4Y8CRRHrQjcm2lAbzZj6WyRK/Znv5QifrdA3xBUb4m3Rku UVfEmOisWTCrk9vmM4HBX1gzbO4fDW8dZCPVs0GBG5avyQRgDWE1zbfXrNt0yqUc gLmPJkk4URS/ozWaxffHGWXNzilyYTDe/MdKa4MoyJjUFcIeitccrNX52bYQkYN7 63vGcAA3GhkUnXTQvyia7r9RgVMku4lmR7oXXR9j6gHy4snjIDsn0HkBfpeOv8eF xT9fcl/WpsHmJMyI8anMijKQ7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH7rLVt6 nXqJbcq0bdEJAzhwQfp9MB8GA1UdIwQYMBaAFO9TkfKiLdZfSEMaMibdzGW3ZZap MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0RBOS80MjNFMUFENDVB MTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFsOUlReG95SnQzTVpiZGxs cWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzcxT1I4cUl0MWw5SVF4b3lKdDNNWmJkbGxxay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0RBOS80MjNFMUFENDVBMTgxMUVGQkQ0NzczMzhDNEY5QUUwMi83MU9SOHFJdDFs OUlReG95SnQzTVpiZGxscWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAq6jIGe+0TK2BlDxLBiPQrkQuimA5ouC4ICAjrLAf3KF1oWvNtzTMX rEqrHEkfCkfYckfHv6qIUx8j8xKFFxhN+AeH1aWuBnp2j9X5XN0JYi92LF/GTWkG IyHV4B7ebwf8rcyPY8g6ao3Pw5ALTZ29TEo1hXBsln4p9z0MP6PFqHY8v8VMQVOG BdoAeZp5XQzHvjpT4Bj9YFP55E2sBlBvuOndebMQmCzsVCUzpPujIXJcGNSM+87r zR4TXXbUDshimf00NyHWx5IJpy8wjBwa2W9ZPbgywoGuP8mOSlUgseOxynSrp6WL iopnHR5uKbs7IGGsGRNOMDeqK6R8oSxg -----END CERTIFICATE-----Generated at Wed Nov 5 21:53:30 2025 by rpki-client