$ rpki-client -vvf rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft File: iuWu7yqR89-GYD7cVP6ExbtXnBU.mft (raw, json) Hash identifier: 3ykRtLCLVrRqtBF6gAiWAcxReyOWvJCmwgttET3y3Go= Subject key identifier: 59:29:62:F5:0C:02:29:30:B0:3E:B9:DA:07:21:E7:86:C9:18:21:D9 Authority key identifier: 8A:E5:AE:EF:2A:91:F3:DF:86:60:3E:DC:54:FE:84:C5:BB:57:9C:15 Certificate issuer: /CN=A9167CB5/serialNumber=8AE5AEEF2A91F3DF86603EDC54FE84C5BB579C15 Certificate serial: 0112 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iuWu7yqR89-GYD7cVP6ExbtXnBU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft Manifest number: 010E Signing time: Wed 05 Nov 2025 05:07:10 +0000 Manifest this update: Wed 05 Nov 2025 05:07:09 +0000 Manifest next update: Wed 12 Nov 2025 05:07:09 +0000 Files and hashes: 1: iuWu7yqR89-GYD7cVP6ExbtXnBU.crl (hash: z0vca/jIiZMqAgbXteoiu1F0A+AXi8O15WImv42yWaU=) 2: DC857BE8843111F09719836AC4F9AE02.roa (hash: qHV4LLtdLNsakUr43NtlwblQMKyqVyTmPBHeJjQSZeE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.crl rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iuWu7yqR89-GYD7cVP6ExbtXnBU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:07:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 274 (0x112) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9167CB5, serialNumber=8AE5AEEF2A91F3DF86603EDC54FE84C5BB579C15 Validity Not Before: Nov 5 05:07:09 2025 GMT Not After : Nov 12 05:07:09 2025 GMT Subject: CN=690adb7d-4999 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:99:a9:77:1a:d7:9b:a6:dd:11:6d:e5:78:ca:2a: 89:13:70:95:60:cc:64:4e:c8:33:9d:9b:ff:d0:5c: c7:78:03:1b:4a:5a:bf:10:76:99:79:7d:c7:48:a1: c6:19:16:f8:50:2d:7f:fe:b6:5e:08:78:29:23:31: 75:29:c6:a4:17:62:ba:be:ee:80:1c:5e:da:da:be: 67:c4:27:81:89:e5:58:78:a3:f6:ec:68:8e:6c:d0: e4:ec:71:b4:84:77:8b:24:5b:00:29:37:7b:58:70: 9e:ec:27:bd:d6:20:71:2f:0e:20:74:c4:ec:ad:1e: bd:be:87:2f:ee:5d:83:ac:a2:e3:3b:b0:a4:70:d7: a5:9f:3c:73:71:bf:26:47:12:ef:11:9d:46:64:8f: 2d:f3:e7:1f:f7:b6:a2:ee:91:31:3d:ac:8f:98:5e: 04:01:04:d0:e4:44:a7:6e:83:33:a4:4e:79:ee:c7: ef:fc:79:cc:eb:fc:4d:d4:20:c3:76:3e:9c:3c:01: 0a:48:03:f5:a0:a5:ab:4e:47:d8:46:60:29:bf:c2: 8f:77:77:f1:e2:97:7a:17:e1:8f:8b:d2:d1:73:91: 1d:57:40:38:4e:e6:ee:7c:1c:45:cb:5b:41:a5:04: 4f:2d:36:f4:b9:a8:f4:7b:98:c9:8e:2a:99:94:5a: db:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 59:29:62:F5:0C:02:29:30:B0:3E:B9:DA:07:21:E7:86:C9:18:21:D9 X509v3 Authority Key Identifier: keyid:8A:E5:AE:EF:2A:91:F3:DF:86:60:3E:DC:54:FE:84:C5:BB:57:9C:15 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/iuWu7yqR89-GYD7cVP6ExbtXnBU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9167CB5/EFD47D54225611EFB7561F46C4F9AE02/iuWu7yqR89-GYD7cVP6ExbtXnBU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:28:f7:78:51:29:61:87:5b:82:9b:de:bb:f2:a9:aa:4b:af: 62:68:b7:68:c4:94:e7:52:98:c9:13:a1:58:72:37:df:4c:7e: c3:8d:a8:64:df:e3:13:2e:fc:14:86:d1:20:64:a7:33:c2:a2: 71:43:cb:39:6b:86:a7:9e:03:58:f8:a6:49:58:4d:a0:a5:30: 7c:54:ee:04:c2:43:2f:2e:54:c1:0f:a9:2d:be:6f:ee:4e:2d: 1a:72:fb:89:f1:9b:bc:6f:07:5c:b8:16:2a:fd:d3:86:4e:55: cd:a6:61:25:ab:19:1b:aa:73:b5:ff:d5:db:21:ff:a4:e7:cc: 0e:8b:c0:b4:29:83:c3:28:90:a4:2a:03:9d:17:58:31:4c:d7: c0:55:fa:40:8c:fc:aa:e2:c3:3a:bc:0c:47:f2:6b:36:c6:61: 5a:30:8e:ae:d9:e5:55:7b:f8:78:2b:fc:a2:7b:6f:b9:28:49: 85:4d:bd:64:9b:12:72:d2:ff:aa:0f:77:49:b3:45:bc:67:1d: 43:73:3a:85:29:dc:33:d0:82:c5:b2:0d:dc:cf:48:5d:9a:82: 5b:4e:87:2a:b7:c1:8e:82:4f:df:db:28:6a:a5:8f:9d:e9:55: 9d:65:cb:79:1f:63:cd:93:7f:84:80:b0:5b:2e:35:ba:e4:cb: 85:a5:82:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjdDQjUxMTAvBgNVBAUTKDhBRTVBRUVGMkE5MUYzREY4NjYwM0VEQzU0RkU4NEM1 QkI1NzlDMTUwHhcNMjUxMTA1MDUwNzA5WhcNMjUxMTEyMDUwNzA5WjAYMRYwFAYD VQQDEw02OTBhZGI3ZC00OTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmal3Gtebpt0RbeV4yiqJE3CVYMxkTsgznZv/0FzHeAMbSlq/EHaZeX3HSKHG GRb4UC1//rZeCHgpIzF1KcakF2K6vu6AHF7a2r5nxCeBieVYeKP27GiObNDk7HG0 hHeLJFsAKTd7WHCe7Ce91iBxLw4gdMTsrR69vocv7l2DrKLjO7CkcNelnzxzcb8m RxLvEZ1GZI8t8+cf97ai7pExPayPmF4EAQTQ5ESnboMzpE557sfv/HnM6/xN1CDD dj6cPAEKSAP1oKWrTkfYRmApv8KPd3fx4pd6F+GPi9LRc5EdV0A4TubufBxFy1tB pQRPLTb0uaj0e5jJjiqZlFrbkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFkpYvUM AikwsD652gch54bJGCHZMB8GA1UdIwQYMBaAFIrlru8qkfPfhmA+3FT+hMW7V5wV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2N0NCNS9FRkQ0N0Q1NDIy NTYxMUVGQjc1NjFGNDZDNEY5QUUwMi9pdVd1N3lxUjg5LUdZRDdjVlA2RXhidFhu QlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2l1V3U3eXFSODktR1lEN2NWUDZFeGJ0WG5CVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 N0NCNS9FRkQ0N0Q1NDIyNTYxMUVGQjc1NjFGNDZDNEY5QUUwMi9pdVd1N3lxUjg5 LUdZRDdjVlA2RXhidFhuQlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUKPd4USlhh1uCm9678qmqS69iaLdoxJTnUpjJE6FYcjffTH7Djahk 3+MTLvwUhtEgZKczwqJxQ8s5a4anngNY+KZJWE2gpTB8VO4EwkMvLlTBD6ktvm/u Ti0acvuJ8Zu8bwdcuBYq/dOGTlXNpmElqxkbqnO1/9XbIf+k58wOi8C0KYPDKJCk KgOdF1gxTNfAVfpAjPyq4sM6vAxH8ms2xmFaMI6u2eVVe/h4K/yie2+5KEmFTb1k mxJy0v+qD3dJs0W8Zx1DczqFKdwz0ILFsg3cz0hdmoJbTocqt8GOgk/f2yhqpY+d 6VWdZct5H2PNk3+EgLBbLjW65MuFpYJX -----END CERTIFICATE-----Generated at Wed Nov 5 16:48:56 2025 by rpki-client