$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft File: MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft (raw, json) Hash identifier: 9blknu5LHDRNJQBU5bfFFZdUs2i/63DSvrji6pTUnl4= Subject key identifier: D6:94:2B:32:56:95:B6:A8:D4:23:E5:B2:AB:6D:F8:44:7F:E5:76:2D Authority key identifier: 30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 Certificate issuer: /CN=A91B9EC7/serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Certificate serial: 0173 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft Manifest number: 0171 Signing time: Wed 05 Nov 2025 03:57:54 +0000 Manifest this update: Wed 05 Nov 2025 03:57:53 +0000 Manifest next update: Wed 12 Nov 2025 03:57:53 +0000 Files and hashes: 1: MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl (hash: YkTKr1mdi5QQvHoIWLt9NR3f3fV2cXsRW3zaXB56mhU=) 2: 02FC3E3C82A511EEA1F2710DC4F9AE02.roa (hash: 6W6Gywd7YHiIdjjDyCFNskNZyB3wgY++Ir7hfO/X2TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:57:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 371 (0x173) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9EC7, serialNumber=306E34FA84DA090C6001B35464BB8C426357D928 Validity Not Before: Nov 5 03:57:53 2025 GMT Not After : Nov 12 03:57:53 2025 GMT Subject: CN=690acb42-0182 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:06:a6:53:11:c9:a7:10:42:68:7a:1f:66:33: 13:26:de:13:c0:d5:c8:90:d1:56:5d:ec:b9:1d:e2: 10:49:3f:2d:20:1b:5e:98:fe:b6:f3:97:c3:ba:72: 85:fd:a7:27:a5:18:b8:71:c4:89:47:a2:f4:3c:1a: 2b:3e:34:87:c5:96:f7:4e:0c:31:96:77:bb:f5:c0: fd:fc:2b:a7:d8:10:ad:48:a9:f2:14:4d:16:77:9d: 46:b7:72:f5:51:ae:30:18:9a:63:4f:1f:03:66:b2: aa:72:72:76:62:b3:52:6a:01:1b:c1:d0:f5:6d:2d: a8:5d:0e:4d:41:01:fd:8d:2a:41:6d:9b:9d:43:b8: 26:8f:96:e2:10:ca:a9:f0:e2:31:6d:20:6c:e0:e0: d7:a9:85:6d:cb:56:27:06:23:f0:c0:03:2a:43:7b: 60:9e:67:1e:fa:d2:47:b0:ee:f6:c9:b4:75:55:99: a5:07:51:4e:1f:1b:01:7d:dc:9e:2f:0e:89:27:11: 20:b1:15:d5:62:3a:b8:7c:0f:dc:61:f8:38:f4:a5: 8c:6f:af:e1:ed:6a:c4:c3:05:6d:f7:59:98:71:61: 37:ad:ff:28:5f:d3:4e:a1:6e:02:cf:02:98:9f:77: 6f:b5:3a:f8:0d:0f:fd:74:fe:9b:74:9e:b2:44:03: 7d:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:94:2B:32:56:95:B6:A8:D4:23:E5:B2:AB:6D:F8:44:7F:E5:76:2D X509v3 Authority Key Identifier: keyid:30:6E:34:FA:84:DA:09:0C:60:01:B3:54:64:BB:8C:42:63:57:D9:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MG40-oTaCQxgAbNUZLuMQmNX2Sg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9EC7/E63F2F8A82A311EE9B117357C4F9AE02/MG40-oTaCQxgAbNUZLuMQmNX2Sg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:67:8b:51:28:3c:68:8c:3f:09:f3:12:18:b0:8a:a9:00:d7: 27:95:a4:be:b8:49:af:59:32:2e:63:52:24:4f:03:e3:11:6c: bb:0d:4b:af:53:08:30:dc:9b:03:26:63:32:93:fa:47:a9:b5: ad:48:ad:de:3a:ae:58:78:6d:e8:24:82:9c:7c:74:51:04:06: c3:43:d6:67:07:5e:fd:75:4d:18:25:0a:50:7f:e1:f9:52:1f: 93:8c:c7:12:25:ba:d0:77:8f:f8:cc:20:5a:83:75:4a:ec:14: 05:e9:f8:57:c8:9b:2a:77:a8:d7:cf:6b:b9:03:9a:27:c0:d2: f1:08:2b:0c:d4:c8:5b:98:0a:a3:11:45:24:50:d6:00:9f:02: a3:8a:3f:d1:5f:7d:ad:8a:bf:46:da:3d:b9:f6:42:d9:4b:d3: ed:3d:6a:7c:a9:0f:f8:7a:c9:f7:8c:93:39:8e:66:ac:e9:a3: d8:78:eb:05:94:ee:17:80:11:31:de:12:5a:03:5e:de:9a:18: 9e:90:20:96:10:41:85:32:99:fa:05:78:f6:94:8a:63:46:53: eb:fb:cf:84:0d:6d:b9:85:da:5c:2e:93:93:17:2a:a1:9b:3d: 05:63:91:a5:e0:b4:0b:be:ba:a1:a6:00:e9:05:17:69:9f:d7: d3:11:49:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjlFQzcxMTAvBgNVBAUTKDMwNkUzNEZBODREQTA5MEM2MDAxQjM1NDY0QkI4QzQy NjM1N0Q5MjgwHhcNMjUxMTA1MDM1NzUzWhcNMjUxMTEyMDM1NzUzWjAYMRYwFAYD VQQDEw02OTBhY2I0Mi0wMTgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtgamUxHJpxBCaHofZjMTJt4TwNXIkNFWXey5HeIQST8tIBtemP6285fDunKF /acnpRi4ccSJR6L0PBorPjSHxZb3Tgwxlne79cD9/Cun2BCtSKnyFE0Wd51Gt3L1 Ua4wGJpjTx8DZrKqcnJ2YrNSagEbwdD1bS2oXQ5NQQH9jSpBbZudQ7gmj5biEMqp 8OIxbSBs4ODXqYVty1YnBiPwwAMqQ3tgnmce+tJHsO72ybR1VZmlB1FOHxsBfdye Lw6JJxEgsRXVYjq4fA/cYfg49KWMb6/h7WrEwwVt91mYcWE3rf8oX9NOoW4CzwKY n3dvtTr4DQ/9dP6bdJ6yRAN9dQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNaUKzJW lbao1CPlsqtt+ER/5XYtMB8GA1UdIwQYMBaAFDBuNPqE2gkMYAGzVGS7jEJjV9ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOUVDNy9FNjNGMkY4QTgy QTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNReGdBYk5VWkx1TVFtTlgy U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01HNDAtb1RhQ1F4Z0FiTlVaTHVNUW1OWDJTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OUVDNy9FNjNGMkY4QTgyQTMxMUVFOUIxMTczNTdDNEY5QUUwMi9NRzQwLW9UYUNR eGdBYk5VWkx1TVFtTlgyU2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKZ4tRKDxojD8J8xIYsIqpANcnlaS+uEmvWTIuY1IkTwPjEWy7DUuv Uwgw3JsDJmMyk/pHqbWtSK3eOq5YeG3oJIKcfHRRBAbDQ9ZnB179dU0YJQpQf+H5 Uh+TjMcSJbrQd4/4zCBag3VK7BQF6fhXyJsqd6jXz2u5A5onwNLxCCsM1MhbmAqj EUUkUNYAnwKjij/RX32tir9G2j259kLZS9PtPWp8qQ/4esn3jJM5jmas6aPYeOsF lO4XgBEx3hJaA17emhiekCCWEEGFMpn6BXj2lIpjRlPr+8+EDW25hdpcLpOTFyqh mz0FY5Gl4LQLvrqhpgDpBRdpn9fTEUnC -----END CERTIFICATE-----Generated at Wed Nov 5 19:32:44 2025 by rpki-client