$ rpki-client -vvf rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft File: CIaR8feL2c7-2A021lDWd2emvbA.mft (raw, json) Hash identifier: L/ur0RcS99SsvxAbdqqr5AmuPdmwhMy+w5gspxN0QSU= Subject key identifier: 3E:13:82:F4:E2:D6:82:28:88:B1:2F:AF:E5:1B:FE:8D:86:DC:5B:02 Authority key identifier: 08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 Certificate issuer: /CN=A917DA4A/serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Certificate serial: 07DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft Manifest number: 07D9 Signing time: Sun 02 Nov 2025 21:08:55 +0000 Manifest this update: Sun 02 Nov 2025 21:08:55 +0000 Manifest next update: Sun 09 Nov 2025 21:08:55 +0000 Files and hashes: 1: CIaR8feL2c7-2A021lDWd2emvbA.crl (hash: lYBDgoMuPzOAaD86IhSw0OGxOP/L2tfaSaLrwSYasas=) 2: F126F04A11A911EBB5A4DD83C4F9AE02.roa (hash: 7u9lFldLGtHyxwH20hTfSxqKwvd+3v0Fn/UDNDaczHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 21:08:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2015 (0x7df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DA4A, serialNumber=088691F1F78BD9CEFED80D36D650D67767A6BDB0 Validity Not Before: Nov 2 21:08:55 2025 GMT Not After : Nov 9 21:08:55 2025 GMT Subject: CN=6907c867-b6cf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:9c:6c:55:98:31:20:c8:94:87:fd:ab:e0:6c: 02:fc:ee:fb:c5:9a:cc:ec:a3:39:dd:6b:f5:4c:c8: e4:00:55:99:8e:f0:66:06:22:02:07:2d:36:94:e5: 18:17:7e:9a:15:92:a8:eb:fb:ce:8d:fa:c5:5f:59: df:f8:72:26:f9:4b:e7:96:3a:8c:3e:bf:36:c2:c3: 49:46:c7:da:19:4f:08:ff:d7:02:5a:b6:ad:4b:06: 9a:93:c3:83:83:b7:6b:1a:88:90:63:32:04:c7:e9: 41:1d:2f:5f:b8:99:ee:18:9e:40:33:04:90:e8:99: fe:6f:a9:78:58:fa:cf:a5:2b:63:7e:38:ed:b5:9d: 00:32:5e:6b:86:70:2f:70:d1:cc:59:b0:bc:44:eb: 6c:2d:5e:78:b7:97:e4:f9:8f:48:ce:8a:92:2b:b2: 2b:80:14:de:aa:8b:d9:ab:ac:70:7e:06:24:2d:2c: 5d:91:73:04:0d:f6:e1:57:8e:68:19:99:93:df:97: a0:23:e6:5e:2c:44:26:9b:f9:1f:88:3d:82:c4:70: 28:1c:05:36:47:81:db:c6:e6:88:8b:3d:17:e7:79: 67:e8:23:58:4d:e4:33:2b:80:f3:a5:de:aa:12:0b: 35:b0:7f:14:cf:b6:5f:7b:e2:86:42:a1:8b:96:e6: 55:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:13:82:F4:E2:D6:82:28:88:B1:2F:AF:E5:1B:FE:8D:86:DC:5B:02 X509v3 Authority Key Identifier: keyid:08:86:91:F1:F7:8B:D9:CE:FE:D8:0D:36:D6:50:D6:77:67:A6:BD:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CIaR8feL2c7-2A021lDWd2emvbA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DA4A/051DAF5A0DC511EB9C6BBD1CC4F9AE02/CIaR8feL2c7-2A021lDWd2emvbA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:b4:04:22:4d:e2:81:fa:c6:44:98:b5:0e:fe:0d:53:d2:75: a3:11:32:4e:6f:40:83:a5:60:25:cb:b9:35:75:c6:4e:68:d7: d8:95:ed:50:8d:51:12:21:07:c3:60:e2:fd:83:18:dd:7f:1c: 59:de:8c:7a:48:c6:9e:c0:5c:62:10:03:26:23:6f:26:50:cd: 5f:9f:40:1b:ed:b1:06:89:59:20:e8:d9:4e:73:1e:6d:29:a5: 29:33:64:23:46:74:f3:e1:b8:b0:d8:b0:36:a4:61:a8:f1:bb: 83:94:df:c2:ba:4e:28:d8:c3:49:b8:c8:46:e6:f5:9d:db:5b: 37:e0:e2:ba:08:40:04:df:b6:5e:a2:e4:4d:5e:4c:be:f1:bc: db:17:2d:a3:28:12:18:9d:f3:f0:8a:81:a3:d2:a3:33:58:77: cf:e5:dc:5c:b9:1e:4f:3d:f9:4c:1d:f2:61:c0:3a:89:c5:17: ec:90:2c:b8:c7:3b:e5:ac:97:da:f7:25:2e:92:2e:a0:2c:ef: 49:bd:35:32:32:b0:7f:62:b8:4b:75:d7:e9:4d:96:2c:23:f0: ff:a2:80:e9:d6:2d:f9:46:79:36:8d:7b:5d:01:70:20:32:be: c3:20:b0:4e:32:e3:77:6c:9c:b6:4d:32:8c:c8:3b:e9:73:d7: 3a:78:27:e4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB98wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RBNEExMTAvBgNVBAUTKDA4ODY5MUYxRjc4QkQ5Q0VGRUQ4MEQzNkQ2NTBENjc3 NjdBNkJEQjAwHhcNMjUxMTAyMjEwODU1WhcNMjUxMTA5MjEwODU1WjAYMRYwFAYD VQQDEw02OTA3Yzg2Ny1iNmNmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy5xsVZgxIMiUh/2r4GwC/O77xZrM7KM53Wv1TMjkAFWZjvBmBiICBy02lOUY F36aFZKo6/vOjfrFX1nf+HIm+UvnljqMPr82wsNJRsfaGU8I/9cCWratSwaak8OD g7drGoiQYzIEx+lBHS9fuJnuGJ5AMwSQ6Jn+b6l4WPrPpStjfjjttZ0AMl5rhnAv cNHMWbC8ROtsLV54t5fk+Y9IzoqSK7IrgBTeqovZq6xwfgYkLSxdkXMEDfbhV45o GZmT35egI+ZeLEQmm/kfiD2CxHAoHAU2R4HbxuaIiz0X53ln6CNYTeQzK4Dzpd6q Egs1sH8Uz7Zfe+KGQqGLluZVcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD4TgvTi 1oIoiLEvr+Ub/o2G3FsCMB8GA1UdIwQYMBaAFAiGkfH3i9nO/tgNNtZQ1ndnpr2w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REE0QS8wNTFEQUY1QTBE QzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJjNy0yQTAyMWxEV2QyZW12 YkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NJYVI4ZmVMMmM3LTJBMDIxbERXZDJlbXZiQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REE0QS8wNTFEQUY1QTBEQzUxMUVCOUM2QkJEMUNDNEY5QUUwMi9DSWFSOGZlTDJj Ny0yQTAyMWxEV2QyZW12YkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjtAQiTeKB+sZEmLUO/g1T0nWjETJOb0CDpWAly7k1dcZOaNfYle1Q jVESIQfDYOL9gxjdfxxZ3ox6SMaewFxiEAMmI28mUM1fn0Ab7bEGiVkg6NlOcx5t KaUpM2QjRnTz4biw2LA2pGGo8buDlN/Cuk4o2MNJuMhG5vWd21s34OK6CEAE37Ze ouRNXky+8bzbFy2jKBIYnfPwioGj0qMzWHfP5dxcuR5PPflMHfJhwDqJxRfskCy4 xzvlrJfa9yUuki6gLO9JvTUyMrB/YrhLddfpTZYsI/D/ooDp1i35Rnk2jXtdAXAg Mr7DILBOMuN3bJy2TTKMyDvpc9c6eCfk -----END CERTIFICATE-----Generated at Mon Nov 3 18:10:26 2025 by rpki-client