$ rpki-client -vvf rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft File: 1ppgVl8zchSc5uL8nnI9SQZ2doo.mft (raw, json) Hash identifier: D5IjBCQWL+8JRgTXzSRPbZcTJ9iifJmZjQROxakF8As= Subject key identifier: A7:B6:7E:BF:33:20:CB:B3:A7:C8:AF:1D:F2:B6:07:7C:EE:3F:1F:57 Authority key identifier: D6:9A:60:56:5F:33:72:14:9C:E6:E2:FC:9E:72:3D:49:06:76:76:8A Certificate issuer: /CN=A9185F7D/serialNumber=D69A60565F3372149CE6E2FC9E723D490676768A Certificate serial: 34D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft Manifest number: 34D4 Signing time: Sun 02 Nov 2025 14:58:22 +0000 Manifest this update: Sun 02 Nov 2025 14:58:22 +0000 Manifest next update: Sun 09 Nov 2025 14:58:22 +0000 Files and hashes: 1: 1ppgVl8zchSc5uL8nnI9SQZ2doo.crl (hash: /0AiVNj8I5BVFFY+4j2uCeHk8+FzunaZnrUjnWVq8r4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.crl rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 14:58:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13524 (0x34d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185F7D, serialNumber=D69A60565F3372149CE6E2FC9E723D490676768A Validity Not Before: Nov 2 14:58:22 2025 GMT Not After : Nov 9 14:58:22 2025 GMT Subject: CN=6907718e-4dc6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:0c:88:75:4b:c5:fc:7c:a8:17:07:cc:41:da: c5:ce:2c:5e:fd:8f:1e:6b:30:bb:00:81:a8:46:b4: 5a:ba:e7:c8:3e:39:3d:5a:4d:5b:dc:ec:31:ae:64: e8:e4:8a:9f:f3:21:4d:94:64:22:4a:0b:b2:b8:81: 8b:02:c9:56:be:18:8c:4c:b4:1e:41:e2:86:c5:e9: c2:0d:fb:ef:53:30:ff:5d:e9:79:b7:72:03:2c:54: 03:26:66:44:8b:8d:42:c7:08:83:9e:72:d9:c9:2c: 72:25:94:6a:0a:a6:80:bc:62:39:9d:99:e7:9c:e7: 72:be:0a:0f:b2:f8:5d:e3:ef:d2:55:77:b2:52:df: 23:6b:4b:23:cf:84:f4:34:d8:f6:bf:99:e6:51:08: ab:36:f3:1d:18:62:f6:9a:56:95:f4:36:20:9b:18: 64:5e:90:85:96:e3:b7:c7:f4:1d:e1:0b:84:6a:4f: 1e:e3:5c:cc:c2:31:81:cf:a9:31:27:36:21:1d:d6: 65:b6:8b:0d:8f:09:91:0e:21:88:b5:0b:00:07:ab: e9:ca:ff:6d:19:2c:c4:df:70:12:8d:d9:7f:96:3b: 45:dd:96:db:5c:a4:a6:3a:b7:e4:5f:13:4b:6f:7a: 90:9b:6e:6b:8e:c6:39:43:50:1f:bc:84:1b:30:e9: 22:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A7:B6:7E:BF:33:20:CB:B3:A7:C8:AF:1D:F2:B6:07:7C:EE:3F:1F:57 X509v3 Authority Key Identifier: keyid:D6:9A:60:56:5F:33:72:14:9C:E6:E2:FC:9E:72:3D:49:06:76:76:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1ppgVl8zchSc5uL8nnI9SQZ2doo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185F7D/69753F581D9C11E2A6FBF08A08B02CD2/1ppgVl8zchSc5uL8nnI9SQZ2doo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:ae:c4:af:2b:25:50:48:81:3c:41:cd:9d:94:e6:7b:71:5d: 9c:83:6d:8e:fe:f1:d3:bd:b5:79:05:e6:b3:f5:52:83:74:9b: 34:e8:19:34:70:20:2a:2b:32:2b:82:d1:3d:44:b2:47:1c:2c: 01:c8:ac:58:e6:3e:3a:af:7b:74:e6:a0:f0:b2:b0:4e:e0:cf: 18:d0:82:69:a9:1a:5a:88:10:f8:d0:3b:21:75:a2:83:e3:3a: 2a:87:30:aa:4d:d6:bf:4c:4e:f6:43:4e:f7:91:c7:ef:b1:cc: 29:4a:17:a7:23:80:dc:89:93:31:75:60:eb:7d:c6:15:4f:30: 3f:86:da:0a:57:04:34:41:b8:5e:d2:53:d3:ab:25:3d:92:d8: 8e:77:8e:44:0e:b1:e0:86:08:86:03:1c:05:1c:a1:d0:4f:d9: 42:91:32:31:3e:23:79:67:b1:9e:b9:1d:0a:d8:15:d5:fd:ed: d5:af:a0:c4:bb:cf:2c:eb:5e:b0:12:b7:9f:b4:60:59:ff:6e: 08:ab:93:06:55:92:b8:ec:26:bf:b8:e8:db:2c:f2:a4:3d:ba: 2e:a6:22:a3:10:c0:2c:44:29:ee:32:30:66:da:25:40:c0:9d: d5:fd:20:b7:b3:4c:e3:56:b2:59:a7:7e:e9:6f:fc:70:1e:a3: 6a:89:7e:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVGN0QxMTAvBgNVBAUTKEQ2OUE2MDU2NUYzMzcyMTQ5Q0U2RTJGQzlFNzIzRDQ5 MDY3Njc2OEEwHhcNMjUxMTAyMTQ1ODIyWhcNMjUxMTA5MTQ1ODIyWjAYMRYwFAYD VQQDEw02OTA3NzE4ZS00ZGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuQyIdUvF/HyoFwfMQdrFzixe/Y8eazC7AIGoRrRauufIPjk9Wk1b3OwxrmTo 5Iqf8yFNlGQiSguyuIGLAslWvhiMTLQeQeKGxenCDfvvUzD/Xel5t3IDLFQDJmZE i41CxwiDnnLZySxyJZRqCqaAvGI5nZnnnOdyvgoPsvhd4+/SVXeyUt8ja0sjz4T0 NNj2v5nmUQirNvMdGGL2mlaV9DYgmxhkXpCFluO3x/Qd4QuEak8e41zMwjGBz6kx JzYhHdZltosNjwmRDiGItQsAB6vpyv9tGSzE33ASjdl/ljtF3ZbbXKSmOrfkXxNL b3qQm25rjsY5Q1AfvIQbMOkiUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKe2fr8z IMuzp8ivHfK2B3zuPx9XMB8GA1UdIwQYMBaAFNaaYFZfM3IUnObi/J5yPUkGdnaK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUY3RC82OTc1M0Y1ODFE OUMxMUUyQTZGQkYwOEEwOEIwMkNEMi8xcHBnVmw4emNoU2M1dUw4bm5JOVNRWjJk b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFwcGdWbDh6Y2hTYzV1TDhubkk5U1FaMmRvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUY3RC82OTc1M0Y1ODFEOUMxMUUyQTZGQkYwOEEwOEIwMkNEMi8xcHBnVmw4emNo U2M1dUw4bm5JOVNRWjJkb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMrsSvKyVQSIE8Qc2dlOZ7cV2cg22O/vHTvbV5Beaz9VKDdJs06Bk0 cCAqKzIrgtE9RLJHHCwByKxY5j46r3t05qDwsrBO4M8Y0IJpqRpaiBD40DshdaKD 4zoqhzCqTda/TE72Q073kcfvscwpShenI4DciZMxdWDrfcYVTzA/htoKVwQ0Qbhe 0lPTqyU9ktiOd45EDrHghgiGAxwFHKHQT9lCkTIxPiN5Z7GeuR0K2BXV/e3Vr6DE u88s616wEreftGBZ/24Iq5MGVZK47Ca/uOjbLPKkPboupiKjEMAsRCnuMjBm2iVA wJ3V/SC3s0zjVrJZp37pb/xwHqNqiX4o -----END CERTIFICATE-----Generated at Mon Nov 3 18:07:06 2025 by rpki-client