$ rpki-client -vvf rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.mft File: cXp42D7DjxcRAnMoE5hEns3RBQA.mft (raw, json) Hash identifier: KQOrJevWPKJ/Zecxap7zjwVEGypNXJo47PsY9+PevVE= Subject key identifier: 5B:DB:51:3D:FB:7D:EA:C1:69:2C:16:25:22:C8:79:E7:B1:14:5C:42 Authority key identifier: 71:7A:78:D8:3E:C3:8F:17:11:02:73:28:13:98:44:9E:CD:D1:05:00 Certificate issuer: /CN=A9168D20/serialNumber=717A78D83EC38F17110273281398449ECDD10500 Certificate serial: 0695 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXp42D7DjxcRAnMoE5hEns3RBQA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.mft Manifest number: 068C Signing time: Sun 02 Nov 2025 22:25:42 +0000 Manifest this update: Sun 02 Nov 2025 22:25:41 +0000 Manifest next update: Sun 09 Nov 2025 22:25:41 +0000 Files and hashes: 1: cXp42D7DjxcRAnMoE5hEns3RBQA.crl (hash: 9Z1ep0XpchyWt1bpzLVCLuG3qzRbmK3X0CQhuyt0hkI=) 2: B9D0CC00D67311EEAD5F8B0FC4F9AE02.roa (hash: xnj1+DqNRGp1sU91Z+zGlbx4vpo9U2+YWkznSk4BLXI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.crl rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXp42D7DjxcRAnMoE5hEns3RBQA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:25:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1685 (0x695) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9168D20, serialNumber=717A78D83EC38F17110273281398449ECDD10500 Validity Not Before: Nov 2 22:25:41 2025 GMT Not After : Nov 9 22:25:41 2025 GMT Subject: CN=6907da66-3748 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:ba:5d:df:51:24:22:f5:62:7a:94:15:4c:bc: 24:4a:f4:be:7f:10:ca:58:7b:e7:d2:a2:c1:5f:a0: 40:bc:df:1f:9c:50:19:49:8a:e3:b0:95:39:c5:1e: 1a:24:77:4f:f0:a0:43:d3:e5:dd:ea:bc:fa:d5:f2: 30:2f:aa:61:51:d3:e2:ec:78:af:38:05:bf:dc:04: 9a:b3:a7:17:df:46:82:50:06:2d:a0:0e:e4:3f:6d: 15:c9:2b:bf:05:21:1b:44:d6:70:3c:8a:64:a0:e6: 16:50:79:27:9d:36:d3:60:25:28:c9:7a:d0:d4:2b: 38:28:3f:9f:ce:f0:52:cc:dc:cb:8d:53:41:ef:2f: 7a:4e:56:a4:29:b2:95:80:86:13:a7:d4:46:30:8d: 54:c0:b2:26:b8:47:29:18:47:f3:ac:7e:6a:92:14: 4c:3c:c5:68:a6:f5:f1:68:dc:e2:08:34:ff:3b:6a: 3f:66:5a:48:34:90:a1:44:a5:bd:0a:a6:77:a3:d2: f7:1e:f2:98:9b:20:79:af:05:f7:8d:4a:12:7f:87: c0:13:e6:31:da:45:33:46:f5:5b:75:16:3f:87:97: 07:63:a1:f5:d5:1e:3b:3e:dd:75:53:97:64:a8:bb: 3c:71:5d:7e:ba:e3:99:ae:fb:99:33:fb:dd:1b:f7: 4b:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:DB:51:3D:FB:7D:EA:C1:69:2C:16:25:22:C8:79:E7:B1:14:5C:42 X509v3 Authority Key Identifier: keyid:71:7A:78:D8:3E:C3:8F:17:11:02:73:28:13:98:44:9E:CD:D1:05:00 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cXp42D7DjxcRAnMoE5hEns3RBQA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9168D20/C0C6AE5C935B11EB91086D55C4F9AE02/cXp42D7DjxcRAnMoE5hEns3RBQA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e1:d8:3c:6b:37:07:62:1f:00:2b:60:61:d8:90:d7:43:90:bf: b4:ed:96:d2:56:47:1b:94:07:75:15:42:19:a8:38:de:c0:a9: 61:dd:41:5a:21:cb:b0:98:c9:de:62:24:f2:68:47:4e:20:fa: 94:25:bd:11:a4:82:14:b2:4d:c6:a2:88:ba:a4:18:53:ba:2e: dc:9b:89:38:1a:06:4f:50:cb:96:31:18:80:c1:c9:8c:db:05: eb:c0:ea:65:fc:e3:32:e9:37:14:44:19:c0:9d:5a:8c:4c:1b: 38:4f:f4:7b:d0:c7:7a:ff:17:2a:c5:e0:1a:44:46:a7:3d:42: 54:27:52:b9:27:a9:b3:58:18:18:e7:24:e6:c2:ab:5d:25:f8: c8:73:08:76:06:60:e9:07:4d:cd:62:2d:8e:15:94:c0:9e:1f: b6:f5:c9:30:a9:90:18:a6:b5:44:35:59:e0:91:12:10:c7:f3: 21:8b:44:9c:17:26:fd:8c:29:af:03:7d:95:0d:d9:eb:db:91: 9c:9e:98:5a:00:c3:ec:e5:1b:fc:bb:11:1d:01:09:14:ab:32: fe:69:01:91:4e:9c:82:52:1c:3d:13:61:42:63:12:07:35:da: 95:db:99:5f:6c:4a:ec:e4:98:6e:39:80:f9:7a:d6:41:1a:4b: 8e:a0:e0:87 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjhEMjAxMTAvBgNVBAUTKDcxN0E3OEQ4M0VDMzhGMTcxMTAyNzMyODEzOTg0NDlF Q0REMTA1MDAwHhcNMjUxMTAyMjIyNTQxWhcNMjUxMTA5MjIyNTQxWjAYMRYwFAYD VQQDEw02OTA3ZGE2Ni0zNzQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwLpd31EkIvViepQVTLwkSvS+fxDKWHvn0qLBX6BAvN8fnFAZSYrjsJU5xR4a JHdP8KBD0+Xd6rz61fIwL6phUdPi7HivOAW/3ASas6cX30aCUAYtoA7kP20VySu/ BSEbRNZwPIpkoOYWUHknnTbTYCUoyXrQ1Cs4KD+fzvBSzNzLjVNB7y96TlakKbKV gIYTp9RGMI1UwLImuEcpGEfzrH5qkhRMPMVopvXxaNziCDT/O2o/ZlpINJChRKW9 CqZ3o9L3HvKYmyB5rwX3jUoSf4fAE+Yx2kUzRvVbdRY/h5cHY6H11R47Pt11U5dk qLs8cV1+uuOZrvuZM/vdG/dLoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFvbUT37 ferBaSwWJSLIeeexFFxCMB8GA1UdIwQYMBaAFHF6eNg+w48XEQJzKBOYRJ7N0QUA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2OEQyMC9DMEM2QUU1Qzkz NUIxMUVCOTEwODZENTVDNEY5QUUwMi9jWHA0MkQ3RGp4Y1JBbk1vRTVoRW5zM1JC UUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NYcDQyRDdEanhjUkFuTW9FNWhFbnMzUkJRQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 OEQyMC9DMEM2QUU1QzkzNUIxMUVCOTEwODZENTVDNEY5QUUwMi9jWHA0MkQ3RGp4 Y1JBbk1vRTVoRW5zM1JCUUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDh2DxrNwdiHwArYGHYkNdDkL+07ZbSVkcblAd1FUIZqDjewKlh3UFa IcuwmMneYiTyaEdOIPqUJb0RpIIUsk3Gooi6pBhTui7cm4k4GgZPUMuWMRiAwcmM 2wXrwOpl/OMy6TcURBnAnVqMTBs4T/R70Md6/xcqxeAaREanPUJUJ1K5J6mzWBgY 5yTmwqtdJfjIcwh2BmDpB03NYi2OFZTAnh+29ckwqZAYprVENVngkRIQx/Mhi0Sc Fyb9jCmvA32VDdnr25GcnphaAMPs5Rv8uxEdAQkUqzL+aQGRTpyCUhw9E2FCYxIH NdqV25lfbErs5JhuOYD5etZBGkuOoOCH -----END CERTIFICATE-----Generated at Mon Nov 3 18:06:48 2025 by rpki-client