$ rpki-client -vvf rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft File: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft (raw, json) Hash identifier: 52VBzq6OIPajhBNqwKrUUka5HhNarecmmophkR+kTpM= Subject key identifier: B0:3E:E7:40:5E:66:85:89:59:93:B9:CC:E7:74:36:64:94:3C:0B:41 Authority key identifier: F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF Certificate issuer: /CN=A9170C53/serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Certificate serial: 01B5 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft Manifest number: 01B3 Signing time: Sun 19 Oct 2025 05:12:18 +0000 Manifest this update: Sun 19 Oct 2025 05:12:17 +0000 Manifest next update: Sun 26 Oct 2025 05:12:17 +0000 Files and hashes: 1: -UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl (hash: RsCtX9UKpbafUmv8e/4T++MYdimCFT071nZr7EnH818=) 2: C3BB51160DAC11EFB00E6B16C4F9AE02.roa (hash: hGqVPEeuAFuBj/OWUVfAk4cX4VguxOD/9TKwylc/bsY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:12:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 437 (0x1b5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170C53, serialNumber=F9404AA524D4357E0CCC69C7D40D3E66A2E4E6DF Validity Not Before: Oct 19 05:12:17 2025 GMT Not After : Oct 26 05:12:17 2025 GMT Subject: CN=68f47331-6a4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:f5:c2:48:5b:3a:4d:20:05:e3:a0:c0:a2:96: 57:c2:f5:79:04:98:d5:9a:e5:9e:01:7b:51:d9:72: 52:f6:81:4f:61:e6:91:f5:06:c3:87:2e:84:50:8a: d7:0c:06:53:aa:25:17:9e:6e:6c:5e:91:97:61:ad: ef:9a:e8:23:85:83:35:42:e2:7f:79:9f:2b:4f:fd: 32:87:c9:57:9a:ae:55:0b:06:12:0d:7e:0c:e6:c9: d1:28:45:a8:a0:89:89:b4:2b:1a:c4:92:96:70:f5: af:bf:de:dc:fd:13:cc:61:d2:8b:9b:ed:e0:bc:24: 25:2a:38:6b:3c:2b:f9:1e:c6:12:9f:10:cd:e3:fb: 43:49:b5:74:62:5e:ef:f1:bf:d1:f1:30:86:4c:63: 78:3c:9b:78:37:e0:ee:18:74:17:60:e1:2c:3b:d6: 62:2d:a7:77:31:f3:17:e4:82:82:c9:c6:3c:af:86: ac:b0:ae:e7:a3:de:a0:21:81:60:03:6c:30:00:f4: 25:e0:e9:5d:24:8b:9b:27:63:d2:eb:d2:5f:08:da: 78:90:b1:6a:65:fa:4f:9e:1d:b7:03:3d:51:6f:c3: c8:6b:32:53:74:a8:e7:c1:ea:52:66:25:d6:32:c2: 39:b5:d6:96:d5:a9:0f:2e:c1:51:f1:99:01:f4:b9: 8c:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:3E:E7:40:5E:66:85:89:59:93:B9:CC:E7:74:36:64:94:3C:0B:41 X509v3 Authority Key Identifier: keyid:F9:40:4A:A5:24:D4:35:7E:0C:CC:69:C7:D4:0D:3E:66:A2:E4:E6:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170C53/DB63C9A2117611EE9C559A3EC4F9AE02/-UBKpSTUNX4MzGnH1A0-ZqLk5t8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:58:3d:ce:9a:50:e6:46:c1:58:95:c5:26:68:2d:a5:16:15: db:1f:62:25:4c:09:3c:17:54:a5:34:7e:e0:21:9f:31:05:99: c8:91:ac:fc:cb:66:2f:8d:ba:cd:a0:05:b7:d2:16:85:2a:95: 30:bf:56:6a:c8:f1:b0:c7:68:df:7f:55:1c:9d:cd:9a:19:de: 9c:ee:e0:79:a0:a1:e2:3e:1d:89:f8:7e:af:7f:cb:98:1a:08: 79:78:00:06:96:6c:12:24:99:4c:b4:6b:c0:69:67:dc:74:a1: d3:c1:a6:25:8a:e3:b7:0b:4b:77:ef:9e:0b:76:a2:1c:a1:73: e5:f8:03:fb:64:b0:3f:b7:62:25:dd:bd:ef:61:e3:ea:e3:c3: 93:fd:b3:f7:c8:a8:b4:80:52:ca:77:ef:6e:79:7e:c9:b1:ac: b8:2d:b0:e4:3f:56:12:bc:a0:00:e6:f0:9a:83:99:bc:25:26: 96:77:dc:c2:da:5b:d3:22:23:c4:b9:b6:6f:60:3c:c4:66:4c: cc:34:be:6c:a1:10:d7:f2:61:cd:13:c2:e7:bb:f7:95:89:8b: 39:a3:2e:4b:e4:7b:75:c0:5b:9f:36:4f:c9:81:51:01:0c:05: 52:48:e0:b8:3a:69:32:53:a3:ce:85:b8:6e:65:9b:dd:a2:7a: 16:07:c6:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzBDNTMxMTAvBgNVBAUTKEY5NDA0QUE1MjRENDM1N0UwQ0NDNjlDN0Q0MEQzRTY2 QTJFNEU2REYwHhcNMjUxMDE5MDUxMjE3WhcNMjUxMDI2MDUxMjE3WjAYMRYwFAYD VQQDEw02OGY0NzMzMS02YTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs/XCSFs6TSAF46DAopZXwvV5BJjVmuWeAXtR2XJS9oFPYeaR9QbDhy6EUIrX DAZTqiUXnm5sXpGXYa3vmugjhYM1QuJ/eZ8rT/0yh8lXmq5VCwYSDX4M5snRKEWo oImJtCsaxJKWcPWvv97c/RPMYdKLm+3gvCQlKjhrPCv5HsYSnxDN4/tDSbV0Yl7v 8b/R8TCGTGN4PJt4N+DuGHQXYOEsO9ZiLad3MfMX5IKCycY8r4assK7no96gIYFg A2wwAPQl4OldJIubJ2PS69JfCNp4kLFqZfpPnh23Az1Rb8PIazJTdKjnwepSZiXW MsI5tdaW1akPLsFR8ZkB9LmMTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLA+50Be ZoWJWZO5zOd0NmSUPAtBMB8GA1UdIwQYMBaAFPlASqUk1DV+DMxpx9QNPmai5Obf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MEM1My9EQjYzQzlBMjEx NzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5YNE16R25IMUEwLVpxTGs1 dDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1VQktwU1RVTlg0TXpHbkgxQTAtWnFMazV0OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MEM1My9EQjYzQzlBMjExNzYxMUVFOUM1NTlBM0VDNEY5QUUwMi8tVUJLcFNUVU5Y NE16R25IMUEwLVpxTGs1dDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCWD3OmlDmRsFYlcUmaC2lFhXbH2IlTAk8F1SlNH7gIZ8xBZnIkaz8 y2YvjbrNoAW30haFKpUwv1ZqyPGwx2jff1Ucnc2aGd6c7uB5oKHiPh2J+H6vf8uY Ggh5eAAGlmwSJJlMtGvAaWfcdKHTwaYliuO3C0t3754LdqIcoXPl+AP7ZLA/t2Il 3b3vYePq48OT/bP3yKi0gFLKd+9ueX7Jsay4LbDkP1YSvKAA5vCag5m8JSaWd9zC 2lvTIiPEubZvYDzEZkzMNL5soRDX8mHNE8Lnu/eViYs5oy5L5Ht1wFufNk/JgVEB DAVSSOC4OmkyU6POhbhuZZvdonoWB8Zl -----END CERTIFICATE-----Generated at Tue Oct 21 02:10:43 2025 by rpki-client