$ rpki-client -vvf rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft File: NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft (raw, json) Hash identifier: r+dIjSN9sCk4nEvoh6jtnkMRPLKk7O77XmtVORuIgEM= Subject key identifier: 34:00:D7:BB:3E:6F:AE:61:5A:D8:34:04:AC:D5:27:C1:1F:F8:C5:4F Authority key identifier: 35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 Certificate issuer: /CN=A9166AFF/serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Certificate serial: 0147 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft Manifest number: 013C Signing time: Mon 03 Nov 2025 04:32:34 +0000 Manifest this update: Mon 03 Nov 2025 04:32:34 +0000 Manifest next update: Mon 10 Nov 2025 04:32:34 +0000 Files and hashes: 1: NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl (hash: I/WgwrPHQWpI7YKc+Q19Kfgf+GZwMV0NMWZlDPMNHHU=) 2: 8109B4CA9DF211F0B1ED220FC4F9AE02.roa (hash: /KMShVz7xPQb/IFHjv8WLpc7f7w5sCo+1tbPQq7vaKs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:32:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 327 (0x147) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9166AFF, serialNumber=357A179CDD0AF9A3FB03E177D6A43FB8A57754E0 Validity Not Before: Nov 3 04:32:34 2025 GMT Not After : Nov 10 04:32:34 2025 GMT Subject: CN=69083062-b5f2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d8:e7:d0:47:ed:7a:a9:31:03:41:76:40:97: 36:ac:32:1d:ec:f7:e4:bd:3c:e8:e4:77:76:e6:b9: e5:2d:03:1e:af:e1:0e:82:ff:ad:f6:43:48:1f:ab: 03:b6:0c:25:3b:28:b3:96:00:33:b7:1b:66:5b:90: d4:cb:51:31:b7:86:02:ce:8b:0c:41:6c:c3:f4:42: c4:fd:66:3e:ae:51:00:2d:96:dc:63:02:7e:db:a3: 56:8c:30:c5:5c:3f:36:9f:bd:6b:c2:ef:94:64:dd: 38:fd:4e:b6:26:7d:4b:fc:0e:03:d6:73:e9:bf:27: 81:c5:06:82:b9:29:0e:b0:7f:d0:c4:45:af:c1:6a: e7:09:ae:e0:8d:4b:34:e1:9d:2d:2b:9e:f4:1a:35: 52:21:c8:a1:c3:68:d6:81:d3:f3:bf:86:86:f4:03: 4b:cd:d3:7f:e8:7f:f5:3e:9d:51:a6:89:6f:6a:83: 52:54:a0:bd:24:fc:1a:26:54:6c:aa:af:7c:9a:6f: f4:b9:69:8f:b7:2e:d4:90:e0:6d:bd:3e:10:26:5c: 84:c9:c0:3e:47:d6:79:4c:5f:0c:f9:22:6a:23:69: 19:cf:e4:17:d2:5b:28:cc:5c:51:1e:b2:0f:33:f9: 80:7d:90:af:10:65:c4:dc:3b:3c:03:14:2a:9c:70: 0c:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 34:00:D7:BB:3E:6F:AE:61:5A:D8:34:04:AC:D5:27:C1:1F:F8:C5:4F X509v3 Authority Key Identifier: keyid:35:7A:17:9C:DD:0A:F9:A3:FB:03:E1:77:D6:A4:3F:B8:A5:77:54:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NXoXnN0K-aP7A-F31qQ_uKV3VOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9166AFF/40CD1B54E50211EE9ABF7655C4F9AE02/NXoXnN0K-aP7A-F31qQ_uKV3VOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:d2:16:25:02:25:94:b2:e8:01:4f:24:a6:1a:50:7e:ce:5e: cf:7a:c3:ec:e5:24:77:d1:b7:c8:53:3c:40:6d:8e:1a:27:f6: e3:2d:c9:cc:ab:24:f5:f5:bf:17:52:ea:4e:4b:b8:52:6c:07: 89:b4:95:63:b6:67:ea:9b:aa:ab:8b:f4:5a:45:c2:3d:9d:c5: fe:90:6d:72:89:37:05:35:05:4d:33:44:75:ab:56:24:c5:ba: 9a:38:65:66:ec:82:47:7f:57:c2:01:52:be:a9:b8:5a:12:de: 8b:72:98:10:49:ad:47:2b:ae:71:37:fd:f0:e1:40:d0:b8:48: a8:c5:50:14:24:d2:a1:e1:6c:b9:4f:a6:21:60:f0:36:a4:14: f3:30:2c:f7:0e:21:2b:3a:19:5b:ff:b2:79:9d:b6:27:03:cc: 58:20:22:22:04:4e:11:ff:37:c5:7d:6e:f4:fc:91:d1:f6:7b: e0:e0:db:3d:dc:60:8d:43:60:1a:dc:b2:1c:98:3e:6d:f8:24: b0:d5:b6:3c:8a:92:f9:3d:4f:1a:ee:14:a2:b4:01:04:03:46: 11:01:6c:56:d2:f5:79:ab:03:e4:67:2d:24:be:aa:23:0d:58: b6:c9:64:65:62:0d:b7:ee:db:df:17:ff:77:f3:3e:e7:50:31: e8:52:a4:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjZBRkYxMTAvBgNVBAUTKDM1N0ExNzlDREQwQUY5QTNGQjAzRTE3N0Q2QTQzRkI4 QTU3NzU0RTAwHhcNMjUxMTAzMDQzMjM0WhcNMjUxMTEwMDQzMjM0WjAYMRYwFAYD VQQDEw02OTA4MzA2Mi1iNWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvNjn0EfteqkxA0F2QJc2rDId7PfkvTzo5Hd25rnlLQMer+EOgv+t9kNIH6sD tgwlOyizlgAztxtmW5DUy1Ext4YCzosMQWzD9ELE/WY+rlEALZbcYwJ+26NWjDDF XD82n71rwu+UZN04/U62Jn1L/A4D1nPpvyeBxQaCuSkOsH/QxEWvwWrnCa7gjUs0 4Z0tK570GjVSIcihw2jWgdPzv4aG9ANLzdN/6H/1Pp1RpolvaoNSVKC9JPwaJlRs qq98mm/0uWmPty7UkOBtvT4QJlyEycA+R9Z5TF8M+SJqI2kZz+QX0lsozFxRHrIP M/mAfZCvEGXE3Ds8AxQqnHAM+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDQA17s+ b65hWtg0BKzVJ8Ef+MVPMB8GA1UdIwQYMBaAFDV6F5zdCvmj+wPhd9akP7ild1Tg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NkFGRi80MENEMUI1NEU1 MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1hUDdBLUYzMXFRX3VLVjNW T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Yb1huTjBLLWFQN0EtRjMxcVFfdUtWM1ZPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NkFGRi80MENEMUI1NEU1MDIxMUVFOUFCRjc2NTVDNEY5QUUwMi9OWG9Ybk4wSy1h UDdBLUYzMXFRX3VLVjNWT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBC0hYlAiWUsugBTySmGlB+zl7PesPs5SR30bfIUzxAbY4aJ/bjLcnM qyT19b8XUupOS7hSbAeJtJVjtmfqm6qri/RaRcI9ncX+kG1yiTcFNQVNM0R1q1Yk xbqaOGVm7IJHf1fCAVK+qbhaEt6LcpgQSa1HK65xN/3w4UDQuEioxVAUJNKh4Wy5 T6YhYPA2pBTzMCz3DiErOhlb/7J5nbYnA8xYICIiBE4R/zfFfW70/JHR9nvg4Ns9 3GCNQ2Aa3LIcmD5t+CSw1bY8ipL5PU8a7hSitAEEA0YRAWxW0vV5qwPkZy0kvqoj DVi2yWRlYg237tvfF/938z7nUDHoUqR8 -----END CERTIFICATE-----Generated at Mon Nov 3 18:07:22 2025 by rpki-client