$ rpki-client -vvf rpki.apnic.net/member_repository/A917CFD2/1D2A8942E6D311EAA63B2719C4F9AE02/9ZvGR-kMztyU6oWmLrjrGL0DUms.mft File: 9ZvGR-kMztyU6oWmLrjrGL0DUms.mft (raw, json) Hash identifier: +UCgH0eNDY2Ybn/qkwb0Gy4L/kA1d2iO2y0fNFg7jVQ= Subject key identifier: 38:C5:1D:E1:29:16:37:90:93:CC:0E:88:AB:F9:23:EE:7E:26:9D:04 Authority key identifier: F5:9B:C6:47:E9:0C:CE:DC:94:EA:85:A6:2E:B8:EB:18:BD:03:52:6B Certificate issuer: /CN=A917CFD2/serialNumber=F59BC647E90CCEDC94EA85A62EB8EB18BD03526B Certificate serial: 0858 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9ZvGR-kMztyU6oWmLrjrGL0DUms.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CFD2/1D2A8942E6D311EAA63B2719C4F9AE02/9ZvGR-kMztyU6oWmLrjrGL0DUms.mft Manifest number: 084A Signing time: Tue 04 Nov 2025 20:49:43 +0000 Manifest this update: Tue 04 Nov 2025 20:49:42 +0000 Manifest next update: Tue 11 Nov 2025 20:49:42 +0000 Files and hashes: 1: 9ZvGR-kMztyU6oWmLrjrGL0DUms.crl (hash: NGkR2+H1qHuUdZvDYjbU4cJENWoOejHS8BugjU382ys=) 2: EED16B2CEC4211EABC227339C4F9AE02.roa (hash: L4B2evBW9dTHQXVqbxeQ4CNrkuNZaT5qA9O5a+LAGeg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CFD2/1D2A8942E6D311EAA63B2719C4F9AE02/9ZvGR-kMztyU6oWmLrjrGL0DUms.crl rsync://rpki.apnic.net/member_repository/A917CFD2/1D2A8942E6D311EAA63B2719C4F9AE02/9ZvGR-kMztyU6oWmLrjrGL0DUms.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9ZvGR-kMztyU6oWmLrjrGL0DUms.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:49:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2136 (0x858) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CFD2, serialNumber=F59BC647E90CCEDC94EA85A62EB8EB18BD03526B Validity Not Before: Nov 4 20:49:42 2025 GMT Not After : Nov 11 20:49:42 2025 GMT Subject: CN=690a66e7-82ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:f3:e9:3c:a2:2b:b5:51:96:39:98:17:fd:7d: 6d:16:df:81:52:1a:d5:e2:fb:da:c8:8f:ac:ec:de: eb:f0:8f:bf:20:96:e8:40:6a:a7:b3:a3:2f:10:10: 0b:4e:f4:78:32:a7:52:74:18:b5:b3:f8:73:d4:65: 3e:dc:e9:a7:82:91:11:34:a9:9e:21:fa:cf:5e:66: d9:01:ed:8f:f9:7c:ec:9e:01:12:c8:89:ce:77:a1: 82:1e:12:96:fe:8b:ad:14:96:10:3a:2f:45:88:e1: da:c2:5b:7c:ff:07:1e:f9:b3:df:97:e5:cf:92:da: e0:72:a9:be:b3:13:ec:4c:39:50:c2:6c:7e:46:5b: e0:d5:6e:62:c4:48:49:6b:c8:60:27:eb:6a:f2:9f: 2b:7b:be:e3:0c:06:2f:61:62:1d:bc:5a:a8:49:9a: 97:59:d4:ed:87:6c:7d:72:d4:e4:9c:6b:74:3d:d9: 89:9a:44:d1:8d:29:d5:9f:48:1a:88:a3:6b:dc:d5: c6:2f:8e:5e:89:23:f3:58:c8:56:5c:77:6d:40:fd: 3d:3e:ed:0c:57:0a:bb:68:67:9a:3a:f8:11:ef:48: dd:0c:36:d1:ae:fd:7b:ca:fd:f3:36:57:07:d3:3e: b9:38:32:0e:10:ce:99:66:2e:79:95:3b:af:e0:c7: f1:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 38:C5:1D:E1:29:16:37:90:93:CC:0E:88:AB:F9:23:EE:7E:26:9D:04 X509v3 Authority Key Identifier: keyid:F5:9B:C6:47:E9:0C:CE:DC:94:EA:85:A6:2E:B8:EB:18:BD:03:52:6B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CFD2/1D2A8942E6D311EAA63B2719C4F9AE02/9ZvGR-kMztyU6oWmLrjrGL0DUms.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/9ZvGR-kMztyU6oWmLrjrGL0DUms.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CFD2/1D2A8942E6D311EAA63B2719C4F9AE02/9ZvGR-kMztyU6oWmLrjrGL0DUms.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:4e:72:a1:74:cf:2d:d2:17:46:fe:fe:c5:6a:d7:e6:50:dd: 83:70:3f:94:a4:51:e6:2f:3b:56:02:57:2f:eb:a1:ba:5f:ca: 8d:70:80:e7:0a:a8:26:66:eb:80:01:0c:30:e2:19:9e:a1:99: df:db:e3:f7:9d:cf:13:e9:08:d9:c2:41:8c:e8:1a:c9:c6:01: 28:6d:c1:52:7e:1b:14:10:47:d4:42:90:c3:11:02:b1:fb:11: da:ab:7a:1a:f3:35:e4:c2:78:8a:4e:31:52:05:3c:b1:21:64: 73:b0:1f:83:80:01:45:67:bf:f1:b7:11:51:df:62:6b:67:a1: 39:17:86:6e:35:11:0f:ff:c7:18:3c:09:ca:af:78:06:94:31: fd:54:d0:7a:aa:17:fc:ca:cf:ba:98:95:6a:e6:74:48:4c:56: 3a:2a:23:b0:2f:19:c2:f4:60:95:a4:95:e8:7f:48:8a:21:81: aa:64:41:7f:c0:98:26:06:01:dd:49:5d:1a:be:cf:03:00:d9: e6:3d:5f:b0:fa:37:1a:5d:f8:f4:79:70:43:fb:52:37:62:9a: e0:b6:ef:4a:2b:f9:9b:aa:e0:04:65:f2:0c:88:8b:68:76:00: b4:c4:66:9f:3b:c3:40:3f:74:ba:bc:5e:3d:5c:5c:9f:ba:ff: bc:ac:f8:c0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NGRDIxMTAvBgNVBAUTKEY1OUJDNjQ3RTkwQ0NFREM5NEVBODVBNjJFQjhFQjE4 QkQwMzUyNkIwHhcNMjUxMTA0MjA0OTQyWhcNMjUxMTExMjA0OTQyWjAYMRYwFAYD VQQDEw02OTBhNjZlNy04MmVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsvPpPKIrtVGWOZgX/X1tFt+BUhrV4vvayI+s7N7r8I+/IJboQGqns6MvEBAL TvR4MqdSdBi1s/hz1GU+3OmngpERNKmeIfrPXmbZAe2P+XzsngESyInOd6GCHhKW /outFJYQOi9FiOHawlt8/wce+bPfl+XPktrgcqm+sxPsTDlQwmx+Rlvg1W5ixEhJ a8hgJ+tq8p8re77jDAYvYWIdvFqoSZqXWdTth2x9ctTknGt0PdmJmkTRjSnVn0ga iKNr3NXGL45eiSPzWMhWXHdtQP09Pu0MVwq7aGeaOvgR70jdDDbRrv17yv3zNlcH 0z65ODIOEM6ZZi55lTuv4MfxxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDjFHeEp FjeQk8wOiKv5I+5+Jp0EMB8GA1UdIwQYMBaAFPWbxkfpDM7clOqFpi646xi9A1Jr MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0ZEMi8xRDJBODk0MkU2 RDMxMUVBQTYzQjI3MTlDNEY5QUUwMi85WnZHUi1rTXp0eVU2b1dtTHJqckdMMERV bXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzladkdSLWtNenR5VTZvV21McmpyR0wwRFVtcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0ZEMi8xRDJBODk0MkU2RDMxMUVBQTYzQjI3MTlDNEY5QUUwMi85WnZHUi1rTXp0 eVU2b1dtTHJqckdMMERVbXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjTnKhdM8t0hdG/v7FatfmUN2DcD+UpFHmLztWAlcv66G6X8qNcIDn CqgmZuuAAQww4hmeoZnf2+P3nc8T6QjZwkGM6BrJxgEobcFSfhsUEEfUQpDDEQKx +xHaq3oa8zXkwniKTjFSBTyxIWRzsB+DgAFFZ7/xtxFR32JrZ6E5F4ZuNREP/8cY PAnKr3gGlDH9VNB6qhf8ys+6mJVq5nRITFY6KiOwLxnC9GCVpJXof0iKIYGqZEF/ wJgmBgHdSV0avs8DANnmPV+w+jcaXfj0eXBD+1I3Yprgtu9KK/mbquAEZfIMiIto dgC0xGafO8NAP3S6vF49XFyfuv+8rPjA -----END CERTIFICATE-----Generated at Wed Nov 5 19:32:39 2025 by rpki-client