$ rpki-client -vvf rpki.apnic.net/member_repository/A91F9C95/BA3EC86E217211EA8B7EF880C4F9AE02/Ur9vYuvKJrHcQn--r-cg-7CXwhs.mft File: Ur9vYuvKJrHcQn--r-cg-7CXwhs.mft (raw, json) Hash identifier: QRT+p15Jqe9Zh+rZBMLS2qLVsuHd4HvkNWV32psOV+M= Subject key identifier: 74:12:2D:CA:E1:CF:B7:03:8B:AE:4B:FC:CF:AD:4A:A8:AD:14:74:72 Authority key identifier: 52:BF:6F:62:EB:CA:26:B1:DC:42:7F:BE:AF:E7:20:FB:B0:97:C2:1B Certificate issuer: /CN=A91F9C95/serialNumber=52BF6F62EBCA26B1DC427FBEAFE720FBB097C21B Certificate serial: 0C03 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur9vYuvKJrHcQn--r-cg-7CXwhs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F9C95/BA3EC86E217211EA8B7EF880C4F9AE02/Ur9vYuvKJrHcQn--r-cg-7CXwhs.mft Manifest number: 0BFD Signing time: Sun 02 Nov 2025 18:47:57 +0000 Manifest this update: Sun 02 Nov 2025 18:47:57 +0000 Manifest next update: Sun 09 Nov 2025 18:47:57 +0000 Files and hashes: 1: Ur9vYuvKJrHcQn--r-cg-7CXwhs.crl (hash: KBkni7dXoV6LFc5ph9FJKmMB0nXChI1QrLC1asv+MQQ=) 2: C7F8C83C217311EA93A29F82C4F9AE02.roa (hash: r5uWTU+sYs/vGgm5oMxXApeoTDyzrDhvLimJL0rhlzg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F9C95/BA3EC86E217211EA8B7EF880C4F9AE02/Ur9vYuvKJrHcQn--r-cg-7CXwhs.crl rsync://rpki.apnic.net/member_repository/A91F9C95/BA3EC86E217211EA8B7EF880C4F9AE02/Ur9vYuvKJrHcQn--r-cg-7CXwhs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur9vYuvKJrHcQn--r-cg-7CXwhs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:47:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3075 (0xc03) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F9C95, serialNumber=52BF6F62EBCA26B1DC427FBEAFE720FBB097C21B Validity Not Before: Nov 2 18:47:57 2025 GMT Not After : Nov 9 18:47:57 2025 GMT Subject: CN=6907a75d-b8a9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:53:ee:72:3d:e7:0e:9b:4c:b4:e1:38:b1:12: 16:c5:50:64:12:ac:62:49:44:a4:62:6d:6d:9e:dd: 44:21:a6:43:75:43:87:25:59:f6:ac:7e:3e:36:8e: 32:2f:1d:56:b1:8d:48:96:0c:06:81:2e:61:00:9b: 87:f8:9a:3f:00:e7:21:58:92:e2:3c:15:37:2a:58: 1d:57:0b:4d:a6:36:5b:36:a4:bb:b0:8f:09:0a:4e: d7:f0:27:3d:01:8e:ee:38:19:41:10:ca:c2:39:e2: 1b:b5:a6:aa:3a:96:b8:7c:d3:d1:55:b8:90:36:15: 07:2e:43:61:39:c5:e2:ba:f2:dc:2b:76:68:1a:67: bc:8a:ea:d8:7f:7a:41:4c:82:88:a2:1b:99:74:8c: c0:a7:dc:a8:8a:0e:5e:dc:1d:fc:57:ad:9b:f0:bf: 08:d5:13:36:d4:b5:7c:67:3a:61:5d:90:b9:e4:06: 18:c0:10:ba:2e:a0:09:3b:7e:b6:96:69:8c:f8:e0: 6a:ae:36:9b:cc:e7:f9:4a:b4:f4:24:3d:7e:09:a6: 4a:47:1a:56:55:90:43:c6:10:0c:46:34:a5:01:51: f1:2d:15:f2:e2:ad:1f:bf:10:9a:39:87:c6:3f:c2: 77:e5:b5:f1:e6:d7:4a:ed:4b:7c:ee:ec:70:1c:05: 20:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:12:2D:CA:E1:CF:B7:03:8B:AE:4B:FC:CF:AD:4A:A8:AD:14:74:72 X509v3 Authority Key Identifier: keyid:52:BF:6F:62:EB:CA:26:B1:DC:42:7F:BE:AF:E7:20:FB:B0:97:C2:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F9C95/BA3EC86E217211EA8B7EF880C4F9AE02/Ur9vYuvKJrHcQn--r-cg-7CXwhs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ur9vYuvKJrHcQn--r-cg-7CXwhs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F9C95/BA3EC86E217211EA8B7EF880C4F9AE02/Ur9vYuvKJrHcQn--r-cg-7CXwhs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 84:aa:5f:41:86:c1:7f:34:3a:39:d8:71:5c:9c:7d:7a:64:b9: ec:aa:17:f2:b0:28:4e:a6:01:44:b6:4b:80:13:fe:7a:5b:14: cf:ab:8a:33:a2:07:c2:7c:ce:2e:f1:de:2d:da:f3:01:70:47: 38:60:ee:a9:cd:1d:a9:df:7a:7f:66:df:54:c9:c9:05:fd:75: d5:ec:dd:51:5d:5d:ff:51:df:46:0a:75:ce:87:7b:51:f1:74: e2:41:3e:f1:f3:48:b5:d0:12:c8:79:9a:44:87:9c:0b:62:f8: 5c:a3:c1:4b:1e:2e:e9:e6:c9:a2:31:a7:79:c4:8f:20:cc:3a: b8:67:55:b8:e0:fc:4e:34:59:f1:02:dd:5f:7e:48:90:12:40: 2f:01:2b:6b:53:03:f4:71:df:0c:e0:bf:0b:c2:59:bf:ec:d7: 43:b2:a1:bf:85:ba:ab:9f:ae:5e:0f:77:85:38:0f:f6:ed:c1: 88:01:60:7f:6e:ec:25:8c:56:2e:7d:63:5f:38:ad:75:15:b4: d7:ee:48:d4:a5:aa:39:39:07:43:8e:d8:aa:c8:cb:9d:1f:da: 1e:a7:8e:60:e1:f5:5e:28:fe:b8:df:a6:4c:35:df:73:14:7d: 31:9f:47:8b:1a:2d:ec:0a:27:da:86:a3:02:2d:3e:e5:a8:7e: ef:54:63:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDAMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjlDOTUxMTAvBgNVBAUTKDUyQkY2RjYyRUJDQTI2QjFEQzQyN0ZCRUFGRTcyMEZC QjA5N0MyMUIwHhcNMjUxMTAyMTg0NzU3WhcNMjUxMTA5MTg0NzU3WjAYMRYwFAYD VQQDEw02OTA3YTc1ZC1iOGE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz1Pucj3nDptMtOE4sRIWxVBkEqxiSUSkYm1tnt1EIaZDdUOHJVn2rH4+No4y Lx1WsY1IlgwGgS5hAJuH+Jo/AOchWJLiPBU3KlgdVwtNpjZbNqS7sI8JCk7X8Cc9 AY7uOBlBEMrCOeIbtaaqOpa4fNPRVbiQNhUHLkNhOcXiuvLcK3ZoGme8iurYf3pB TIKIohuZdIzAp9yoig5e3B38V62b8L8I1RM21LV8ZzphXZC55AYYwBC6LqAJO362 lmmM+OBqrjabzOf5SrT0JD1+CaZKRxpWVZBDxhAMRjSlAVHxLRXy4q0fvxCaOYfG P8J35bXx5tdK7Ut87uxwHAUgtQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHQSLcrh z7cDi65L/M+tSqitFHRyMB8GA1UdIwQYMBaAFFK/b2Lryiax3EJ/vq/nIPuwl8Ib MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOUM5NS9CQTNFQzg2RTIx NzIxMUVBOEI3RUY4ODBDNEY5QUUwMi9Vcjl2WXV2S0pySGNRbi0tci1jZy03Q1h3 aHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VyOXZZdXZLSnJIY1FuLS1yLWNnLTdDWHdocy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OUM5NS9CQTNFQzg2RTIxNzIxMUVBOEI3RUY4ODBDNEY5QUUwMi9Vcjl2WXV2S0py SGNRbi0tci1jZy03Q1h3aHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCEql9BhsF/NDo52HFcnH16ZLnsqhfysChOpgFEtkuAE/56WxTPq4oz ogfCfM4u8d4t2vMBcEc4YO6pzR2p33p/Zt9UyckF/XXV7N1RXV3/Ud9GCnXOh3tR 8XTiQT7x80i10BLIeZpEh5wLYvhco8FLHi7p5smiMad5xI8gzDq4Z1W44PxONFnx At1ffkiQEkAvAStrUwP0cd8M4L8Lwlm/7NdDsqG/hbqrn65eD3eFOA/27cGIAWB/ buwljFYufWNfOK11FbTX7kjUpao5OQdDjtiqyMudH9oep45g4fVeKP6436ZMNd9z FH0xn0eLGi3sCifahqMCLT7lqH7vVGMF -----END CERTIFICATE-----Generated at Mon Nov 3 18:13:14 2025 by rpki-client