$ rpki-client -vvf rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft File: NAlJ7LhXg2NX8QJTxpQnIggZex0.mft (raw, json) Hash identifier: mUHtXDEICADk1gOxSz/AkHH+uTzi7S1834Hyvum3rFc= Subject key identifier: EC:9E:F2:DC:26:85:4A:98:BB:81:2F:30:30:7C:87:4C:E7:00:49:77 Authority key identifier: 34:09:49:EC:B8:57:83:63:57:F1:02:53:C6:94:27:22:08:19:7B:1D Certificate issuer: /CN=A916BC76/serialNumber=340949ECB857836357F10253C694272208197B1D Certificate serial: 0580 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft Manifest number: 057B Signing time: Sun 02 Nov 2025 23:16:07 +0000 Manifest this update: Sun 02 Nov 2025 23:16:06 +0000 Manifest next update: Sun 09 Nov 2025 23:16:06 +0000 Files and hashes: 1: NAlJ7LhXg2NX8QJTxpQnIggZex0.crl (hash: BImchd5X9jqnJOH/vw3XqqwXcfx99vQOM1eBhkk20MI=) 2: F44B1F40FC1711EBA835010DC4F9AE02.roa (hash: Y4KIW6waXy9by1Ft4XI4IDDdWRGAFQ3T1gtKYgu91qw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.crl rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 23:16:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1408 (0x580) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916BC76, serialNumber=340949ECB857836357F10253C694272208197B1D Validity Not Before: Nov 2 23:16:06 2025 GMT Not After : Nov 9 23:16:06 2025 GMT Subject: CN=6907e636-4415 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:0e:ad:e5:7b:e5:bc:fb:6d:11:e7:fd:e6:fe: d9:10:c3:9f:cd:a2:24:7d:47:76:e2:e5:73:79:73: 22:f1:42:86:70:bf:70:88:25:69:4e:3f:5e:50:c0: f0:8a:6c:c7:16:3b:70:28:8a:22:46:aa:e3:bc:a7: 9d:40:29:51:0a:d0:16:1e:0a:c6:53:e8:76:c4:91: 1e:84:b9:ba:99:c4:13:f9:39:f5:ea:aa:40:7e:ca: 1d:4a:e8:12:bf:6c:8f:52:34:48:77:f6:62:45:14: aa:2e:d2:82:f1:6e:67:1a:17:f2:a7:90:e7:31:72: ae:18:ae:ae:34:1a:eb:10:c5:65:76:d0:4f:3f:3b: 75:ca:1d:83:5b:5c:29:7d:1e:73:90:4a:63:6f:a3: 04:d2:65:7f:62:6e:82:98:c0:db:95:1b:01:3d:89: cb:ac:e5:f4:fe:5c:2d:15:f1:cf:00:5b:e3:9c:7e: 32:f2:f7:a0:f8:1c:4b:fa:d1:5d:1f:bc:22:31:0d: 51:65:2c:13:1e:51:ad:cd:8f:f2:40:40:de:d7:2d: 30:a8:91:b1:87:f1:0f:58:99:92:68:44:40:3f:f8: 5c:2e:77:99:62:62:c9:bc:92:4d:b7:47:6d:a2:e1: 7b:f6:4e:01:41:42:3e:e7:9a:00:51:9a:f8:fb:c4: bc:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EC:9E:F2:DC:26:85:4A:98:BB:81:2F:30:30:7C:87:4C:E7:00:49:77 X509v3 Authority Key Identifier: keyid:34:09:49:EC:B8:57:83:63:57:F1:02:53:C6:94:27:22:08:19:7B:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NAlJ7LhXg2NX8QJTxpQnIggZex0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916BC76/6136A172FC1511EB9E50BC0AC4F9AE02/NAlJ7LhXg2NX8QJTxpQnIggZex0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:b0:c5:32:c8:d9:e6:13:10:b3:e1:0b:5a:4d:b4:77:b2:09: cb:aa:a0:e1:f5:f7:0c:f2:a9:7a:08:26:c0:94:c3:7e:5b:0e: 82:11:98:86:6f:d8:ac:02:1c:01:fa:61:d2:6c:20:07:3e:e0: 4a:9e:90:07:6d:7a:4d:02:e8:47:93:2b:31:a2:d1:16:c2:3a: ac:fa:57:83:69:60:b1:87:86:fb:ea:02:06:60:08:84:d9:90: 8a:97:0a:35:8c:d5:cc:54:13:8a:b2:bd:88:6f:ae:a7:f5:44: f2:2c:cf:8d:d2:0f:f7:2c:dd:1f:53:65:78:81:b4:6b:41:2a: 73:96:27:4a:f8:e6:e2:ac:79:71:b1:2a:e2:73:16:49:c5:fd: a9:0f:ac:3e:44:b6:34:31:a1:65:5e:66:30:ad:cb:37:c6:55: fc:5d:a4:06:a6:cb:e4:cc:fb:93:00:52:de:d2:bf:fc:ce:4b: ff:0b:66:0e:4e:cb:13:0d:28:d7:cd:92:0b:49:01:52:0c:31: 5b:14:8b:be:eb:b9:a5:5c:98:37:96:b8:d8:8e:2d:5f:a6:a6: af:21:5b:34:71:00:06:ee:4c:aa:2c:52:ad:8e:df:e4:9d:ad: 20:e9:f5:2b:69:4a:4a:50:b2:0b:d5:05:43:9b:34:f6:40:16: 9f:a7:70:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBYAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkJDNzYxMTAvBgNVBAUTKDM0MDk0OUVDQjg1NzgzNjM1N0YxMDI1M0M2OTQyNzIy MDgxOTdCMUQwHhcNMjUxMTAyMjMxNjA2WhcNMjUxMTA5MjMxNjA2WjAYMRYwFAYD VQQDEw02OTA3ZTYzNi00NDE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvQ6t5XvlvPttEef95v7ZEMOfzaIkfUd24uVzeXMi8UKGcL9wiCVpTj9eUMDw imzHFjtwKIoiRqrjvKedQClRCtAWHgrGU+h2xJEehLm6mcQT+Tn16qpAfsodSugS v2yPUjRId/ZiRRSqLtKC8W5nGhfyp5DnMXKuGK6uNBrrEMVldtBPPzt1yh2DW1wp fR5zkEpjb6ME0mV/Ym6CmMDblRsBPYnLrOX0/lwtFfHPAFvjnH4y8veg+BxL+tFd H7wiMQ1RZSwTHlGtzY/yQEDe1y0wqJGxh/EPWJmSaERAP/hcLneZYmLJvJJNt0dt ouF79k4BQUI+55oAUZr4+8S8AwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOye8twm hUqYu4EvMDB8h0znAEl3MB8GA1UdIwQYMBaAFDQJSey4V4NjV/ECU8aUJyIIGXsd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QkM3Ni82MTM2QTE3MkZD MTUxMUVCOUU1MEJDMEFDNEY5QUUwMi9OQWxKN0xoWGcyTlg4UUpUeHBRbklnZ1pl eDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05BbEo3TGhYZzJOWDhRSlR4cFFuSWdnWmV4MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QkM3Ni82MTM2QTE3MkZDMTUxMUVCOUU1MEJDMEFDNEY5QUUwMi9OQWxKN0xoWGcy Tlg4UUpUeHBRbklnZ1pleDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA0sMUyyNnmExCz4QtaTbR3sgnLqqDh9fcM8ql6CCbAlMN+Ww6CEZiG b9isAhwB+mHSbCAHPuBKnpAHbXpNAuhHkysxotEWwjqs+leDaWCxh4b76gIGYAiE 2ZCKlwo1jNXMVBOKsr2Ib66n9UTyLM+N0g/3LN0fU2V4gbRrQSpzlidK+ObirHlx sSricxZJxf2pD6w+RLY0MaFlXmYwrcs3xlX8XaQGpsvkzPuTAFLe0r/8zkv/C2YO TssTDSjXzZILSQFSDDFbFIu+67mlXJg3lrjYji1fpqavIVs0cQAG7kyqLFKtjt/k na0g6fUraUpKULIL1QVDmzT2QBafp3Bd -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:05 2025 by rpki-client