$ rpki-client -vvf rpki.apnic.net/member_repository/A91243FE/98148062956511EC9183BE53C4F9AE02/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.mft File: xwvz3_RQI9Qa9MTfXXZQQLkkGsc.mft (raw, json) Hash identifier: Tewi7PZNxuhBcOUV/PoddfRhcyad9V5cIb6ZDSxiy+U= Subject key identifier: F0:15:8E:CE:78:E7:9E:17:1E:4E:3C:5B:FF:D0:4A:69:FC:7F:9D:DA Authority key identifier: C7:0B:F3:DF:F4:50:23:D4:1A:F4:C4:DF:5D:76:50:40:B9:24:1A:C7 Certificate issuer: /CN=A91243FE/serialNumber=C70BF3DFF45023D41AF4C4DF5D765040B9241AC7 Certificate serial: 03E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91243FE/98148062956511EC9183BE53C4F9AE02/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.mft Manifest number: 03E2 Signing time: Wed 17 Sep 2025 00:59:15 +0000 Manifest this update: Wed 17 Sep 2025 00:59:15 +0000 Manifest next update: Wed 24 Sep 2025 00:59:15 +0000 Files and hashes: 1: xwvz3_RQI9Qa9MTfXXZQQLkkGsc.crl (hash: i1DQXjbuKku9AJvzM2F4R7taRoQKFjRNSw1psYqUHrI=) 2: 5ADF4C92956811EC9028F155C4F9AE02.roa (hash: 6C9pOBCK4sWDlaS78t/pprsEcl/8A0s9Wlk6KVMoAhE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91243FE/98148062956511EC9183BE53C4F9AE02/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.crl rsync://rpki.apnic.net/member_repository/A91243FE/98148062956511EC9183BE53C4F9AE02/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 00:59:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 998 (0x3e6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91243FE, serialNumber=C70BF3DFF45023D41AF4C4DF5D765040B9241AC7 Validity Not Before: Sep 17 00:59:15 2025 GMT Not After : Sep 24 00:59:15 2025 GMT Subject: CN=68ca07e3-9e6a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:c0:c4:e2:4b:e8:d6:1e:e4:1c:95:ec:71:e7: 5f:b4:67:33:41:34:f8:9a:04:0f:a2:3a:b5:2e:dc: ea:1a:76:69:db:56:29:1d:3c:81:55:7e:1d:2d:29: b0:a9:64:23:f0:b5:e6:9d:53:a1:6e:ab:a7:92:ec: e2:c3:55:0e:73:32:e4:bf:6d:49:f4:da:8d:4f:a2: 84:7d:0e:45:67:6a:38:17:59:b0:54:61:2c:d1:e8: 60:89:f6:a1:86:e3:9f:cf:72:51:18:47:a9:8f:6f: 47:5b:e7:52:d4:8c:92:a4:49:0a:8d:e7:5c:31:04: aa:4f:ec:ce:a4:29:7e:a6:fb:67:48:fb:51:6f:18: e8:67:1b:18:a3:7a:06:c8:84:98:ab:6b:e6:d9:31: 63:1a:ec:f5:4f:20:64:e9:57:51:06:ea:86:8a:b3: 89:65:cd:d1:96:3c:03:2a:33:8f:69:d8:bd:28:be: 8f:5d:58:ce:26:cf:5a:35:16:f6:d0:2f:f4:4d:f1: d6:5c:7e:aa:8e:01:53:e2:e1:07:e5:88:18:0b:b7: 21:62:f4:f2:ca:e8:1a:67:ab:c6:34:5f:5e:32:f8: 87:d8:2b:ae:8f:60:a8:f9:40:7c:39:41:d6:97:a3: f7:89:90:77:2c:2e:f3:99:10:a4:ce:25:1d:d9:fb: 62:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:15:8E:CE:78:E7:9E:17:1E:4E:3C:5B:FF:D0:4A:69:FC:7F:9D:DA X509v3 Authority Key Identifier: keyid:C7:0B:F3:DF:F4:50:23:D4:1A:F4:C4:DF:5D:76:50:40:B9:24:1A:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91243FE/98148062956511EC9183BE53C4F9AE02/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91243FE/98148062956511EC9183BE53C4F9AE02/xwvz3_RQI9Qa9MTfXXZQQLkkGsc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:92:fc:9a:03:e5:96:19:66:78:76:b9:42:db:ed:13:4e:79: 88:0b:f4:77:f8:b2:75:34:68:31:08:71:96:d5:38:96:de:3c: 7c:bb:5b:f2:84:26:17:b8:1c:56:f3:cb:ab:fd:77:9d:e2:52: 7a:3b:20:05:f6:9a:96:5f:a2:0f:a6:65:a7:36:98:be:2f:2f: f6:fd:d0:b9:ec:a2:04:5b:9e:fd:a6:43:0c:90:75:f8:fa:08: 63:87:e2:da:52:3f:96:be:9b:fd:b2:e7:02:b9:e8:fb:ba:8b: a6:e5:72:70:cb:83:3f:d5:4e:d7:3d:b8:a4:3f:54:c7:94:cc: e6:a2:45:70:cf:8c:f9:7d:f5:9c:7a:98:48:b5:8d:d0:15:81: a5:b2:c3:35:3f:e2:e3:ad:91:79:79:00:51:8d:de:14:96:63: c1:11:91:63:3f:cf:03:35:16:51:3b:58:fb:28:8f:42:b5:97: e3:9f:3f:78:ea:62:cd:f1:2f:9f:7e:f6:84:0e:5a:99:ba:cb: 83:d7:d0:1a:4d:c0:ce:4e:30:fe:96:ae:8e:9e:e0:77:40:1e: ad:a7:6a:46:47:e8:e3:b5:cd:d4:64:92:fb:73:70:85:c4:5a: db:67:8a:b7:f2:a3:70:0c:98:ac:7f:7d:3f:d7:77:f9:62:4c: 31:e3:47:70 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA+YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQzRkUxMTAvBgNVBAUTKEM3MEJGM0RGRjQ1MDIzRDQxQUY0QzRERjVENzY1MDQw QjkyNDFBQzcwHhcNMjUwOTE3MDA1OTE1WhcNMjUwOTI0MDA1OTE1WjAYMRYwFAYD VQQDEw02OGNhMDdlMy05ZTZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5cDE4kvo1h7kHJXscedftGczQTT4mgQPojq1LtzqGnZp21YpHTyBVX4dLSmw qWQj8LXmnVOhbqunkuziw1UOczLkv21J9NqNT6KEfQ5FZ2o4F1mwVGEs0ehgifah huOfz3JRGEepj29HW+dS1IySpEkKjedcMQSqT+zOpCl+pvtnSPtRbxjoZxsYo3oG yISYq2vm2TFjGuz1TyBk6VdRBuqGirOJZc3RljwDKjOPadi9KL6PXVjOJs9aNRb2 0C/0TfHWXH6qjgFT4uEH5YgYC7chYvTyyugaZ6vGNF9eMviH2Cuuj2Co+UB8OUHW l6P3iZB3LC7zmRCkziUd2ftimQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPAVjs54 554XHk48W//QSmn8f53aMB8GA1UdIwQYMBaAFMcL89/0UCPUGvTE3112UEC5JBrH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDNGRS85ODE0ODA2Mjk1 NjUxMUVDOTE4M0JFNTNDNEY5QUUwMi94d3Z6M19SUUk5UWE5TVRmWFhaUVFMa2tH c2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h3dnozX1JRSTlRYTlNVGZYWFpRUUxra0dzYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NDNGRS85ODE0ODA2Mjk1NjUxMUVDOTE4M0JFNTNDNEY5QUUwMi94d3Z6M19SUUk5 UWE5TVRmWFhaUVFMa2tHc2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAykvyaA+WWGWZ4drlC2+0TTnmIC/R3+LJ1NGgxCHGW1TiW3jx8u1vy hCYXuBxW88ur/Xed4lJ6OyAF9pqWX6IPpmWnNpi+Ly/2/dC57KIEW579pkMMkHX4 +ghjh+LaUj+Wvpv9sucCuej7uoum5XJwy4M/1U7XPbikP1THlMzmokVwz4z5ffWc ephItY3QFYGlssM1P+LjrZF5eQBRjd4UlmPBEZFjP88DNRZRO1j7KI9CtZfjnz94 6mLN8S+ffvaEDlqZusuD19AaTcDOTjD+lq6OnuB3QB6tp2pGR+jjtc3UZJL7c3CF xFrbZ4q38qNwDJisf30/13f5Ykwx40dw -----END CERTIFICATE-----Generated at Fri Sep 19 00:41:19 2025 by rpki-client