$ rpki-client -vvf rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft File: D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft (raw, json) Hash identifier: DPHFnZPsqQArxCbOpLussBoh3y3bjl6O1sakB4G5bi0= Subject key identifier: 24:19:F5:8F:86:D4:86:68:7F:8A:1D:93:69:EC:C1:57:2A:22:52:35 Authority key identifier: 0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 Certificate issuer: /CN=A911E0B4/serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Certificate serial: AA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft Manifest number: A7 Signing time: Sun 19 Oct 2025 09:26:12 +0000 Manifest this update: Sun 19 Oct 2025 09:26:11 +0000 Manifest next update: Sun 26 Oct 2025 09:26:11 +0000 Files and hashes: 1: D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl (hash: VFNlXXgiWr3d6AF5JIKzPk9TkbigQpZIMLFKxonmHDc=) 2: 5AF3ECBEAFBA11EF91955453C4F9AE02.roa (hash: x22vmPwJWZ5KhIsY5PtxJtvF9T7oNt50WfxUCDRwJlo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:26:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 170 (0xaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911E0B4, serialNumber=0FD4437521DB5C0BC99E45B59754FF7B671F86F3 Validity Not Before: Oct 19 09:26:11 2025 GMT Not After : Oct 26 09:26:11 2025 GMT Subject: CN=68f4aeb4-e29d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:25:4d:58:4e:8c:76:87:42:92:56:91:17:37: 45:35:d2:c8:f6:e6:05:d2:bd:d7:c5:d4:a6:79:58: 11:fe:94:90:1c:80:50:a2:c7:3a:8d:dc:b5:07:89: fb:37:a7:4f:db:42:0e:70:15:33:b9:30:7d:54:dc: b7:4b:03:83:14:2b:ab:c0:98:f3:8e:04:1a:9a:ff: 2c:89:69:d0:52:db:83:c6:29:98:d0:68:2d:be:e7: d7:16:d6:60:09:a4:64:58:24:c6:aa:8a:e3:38:df: f3:f0:b9:ec:c6:4f:4e:ef:56:f0:9b:20:50:2d:a6: 85:2a:fd:e1:38:cf:78:64:bd:f8:3d:99:84:27:2c: 43:6f:33:a2:40:93:fa:1e:b3:62:b3:fc:9c:59:73: 8d:9b:a4:c3:d5:fa:48:00:04:8c:31:9e:21:e1:78: 87:58:d1:c2:ca:85:c8:55:3e:2c:81:21:0a:2c:af: 9c:01:98:fe:89:b4:d3:5f:49:7f:93:7f:35:54:15: 02:c0:68:4e:ca:3f:75:cb:00:b5:a8:5f:ec:43:6c: 15:17:3d:46:45:74:8d:5b:df:20:28:7e:e4:41:d7: 47:9c:94:c6:37:d0:19:2b:9e:a8:90:86:3a:46:98: e5:0c:c7:31:60:61:52:a9:c3:75:54:7b:a0:65:27: 40:79 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:19:F5:8F:86:D4:86:68:7F:8A:1D:93:69:EC:C1:57:2A:22:52:35 X509v3 Authority Key Identifier: keyid:0F:D4:43:75:21:DB:5C:0B:C9:9E:45:B5:97:54:FF:7B:67:1F:86:F3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D9RDdSHbXAvJnkW1l1T_e2cfhvM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911E0B4/E96489AEAF3811EFA20DD013C4F9AE02/D9RDdSHbXAvJnkW1l1T_e2cfhvM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:03:f4:89:1e:b6:52:30:87:7b:f8:96:3f:99:7c:a8:68:8f: 6d:be:28:3e:fa:21:a1:dc:60:2d:07:e5:4d:cf:1e:6e:89:09: 05:fb:06:7e:6e:84:65:f0:df:a5:ca:c0:d6:5e:78:fc:1b:a2: 6a:72:05:c2:f1:03:15:d3:1c:93:1e:c6:5b:e7:3c:e5:3c:55: 35:52:28:8d:3b:f4:39:d0:8f:b7:0a:c9:98:f5:60:ed:f1:db: 7c:73:91:63:45:c8:31:71:77:f3:8d:40:42:c0:92:67:58:2c: db:6f:41:66:fe:5d:d6:6d:3b:9a:fe:1c:3d:54:67:4d:48:82: 0e:1f:01:a9:6e:f6:f3:87:5d:a3:d3:bd:5b:72:81:16:49:28: 93:4b:ed:bc:39:97:dd:d0:c8:dc:af:19:78:44:51:52:d6:fb: 1e:1f:8f:69:49:ac:3b:db:66:78:6a:1a:98:b1:4c:16:96:6e: 41:9d:7c:07:86:bf:2d:bd:6f:8e:d5:be:ea:17:cd:16:84:a1: ce:e0:21:6f:7d:9f:f4:32:fd:45:cc:7b:27:32:0c:c2:10:57: a5:c7:60:35:ab:ac:db:e8:8a:82:7b:cc:9f:c1:bf:c5:04:9c: c9:35:be:f0:a5:be:11:8d:9c:8f:f9:2e:80:d9:5e:dc:bf:1c: 82:4e:d1:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUUwQjQxMTAvBgNVBAUTKDBGRDQ0Mzc1MjFEQjVDMEJDOTlFNDVCNTk3NTRGRjdC NjcxRjg2RjMwHhcNMjUxMDE5MDkyNjExWhcNMjUxMDI2MDkyNjExWjAYMRYwFAYD VQQDEw02OGY0YWViNC1lMjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0SVNWE6MdodCklaRFzdFNdLI9uYF0r3XxdSmeVgR/pSQHIBQosc6jdy1B4n7 N6dP20IOcBUzuTB9VNy3SwODFCurwJjzjgQamv8siWnQUtuDximY0GgtvufXFtZg CaRkWCTGqorjON/z8Lnsxk9O71bwmyBQLaaFKv3hOM94ZL34PZmEJyxDbzOiQJP6 HrNis/ycWXONm6TD1fpIAASMMZ4h4XiHWNHCyoXIVT4sgSEKLK+cAZj+ibTTX0l/ k381VBUCwGhOyj91ywC1qF/sQ2wVFz1GRXSNW98gKH7kQddHnJTGN9AZK56okIY6 RpjlDMcxYGFSqcN1VHugZSdAeQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCQZ9Y+G 1IZof4odk2nswVcqIlI1MB8GA1UdIwQYMBaAFA/UQ3Uh21wLyZ5FtZdU/3tnH4bz MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRTBCNC9FOTY0ODlBRUFG MzgxMUVGQTIwREQwMTNDNEY5QUUwMi9EOVJEZFNIYlhBdkpua1cxbDFUX2UyY2Zo dk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0Q5UkRkU0hiWEF2Sm5rVzFsMVRfZTJjZmh2TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RTBCNC9FOTY0ODlBRUFGMzgxMUVGQTIwREQwMTNDNEY5QUUwMi9EOVJEZFNIYlhB dkpua1cxbDFUX2UyY2Zodk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/A/SJHrZSMId7+JY/mXyoaI9tvig++iGh3GAtB+VNzx5uiQkF+wZ+ boRl8N+lysDWXnj8G6JqcgXC8QMV0xyTHsZb5zzlPFU1UiiNO/Q50I+3CsmY9WDt 8dt8c5FjRcgxcXfzjUBCwJJnWCzbb0Fm/l3WbTua/hw9VGdNSIIOHwGpbvbzh12j 071bcoEWSSiTS+28OZfd0Mjcrxl4RFFS1vseH49pSaw722Z4ahqYsUwWlm5BnXwH hr8tvW+O1b7qF80WhKHO4CFvfZ/0Mv1FzHsnMgzCEFelx2A1q6zb6IqCe8yfwb/F BJzJNb7wpb4RjZyP+S6A2V7cvxyCTtEU -----END CERTIFICATE-----Generated at Mon Oct 20 21:26:25 2025 by rpki-client