$ rpki-client -vvf rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft File: z-PzHk8zetOBIBvzOgGmhfsBal4.mft (raw, json) Hash identifier: 0l2wMISDUtZibc8AuS4oOdNBxA/h55IU1NQ68MhOmxE= Subject key identifier: EB:2F:63:45:98:0D:D4:8A:B3:9E:79:F2:5A:5F:CC:71:1A:15:FC:F5 Authority key identifier: CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E Certificate issuer: /CN=A9128E00/serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Certificate serial: 0D5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft Manifest number: 0D52 Signing time: Sun 02 Nov 2025 18:00:11 +0000 Manifest this update: Sun 02 Nov 2025 18:00:10 +0000 Manifest next update: Sun 09 Nov 2025 18:00:10 +0000 Files and hashes: 1: z-PzHk8zetOBIBvzOgGmhfsBal4.crl (hash: HJ8wZjrTEsFyxJTX3mkGeOSk/WpuZflAgGC84lJfS1c=) 2: D23C5270E02111E9B4A3923FC4F9AE02.roa (hash: zkAhSZ57x5i2z1ecY4hViVs+riusX3XK2gSVsFUEBsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3418 (0xd5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9128E00, serialNumber=CFE3F31E4F337AD381201BF33A01A685FB016A5E Validity Not Before: Nov 2 18:00:10 2025 GMT Not After : Nov 9 18:00:10 2025 GMT Subject: CN=69079c2a-831e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:37:fc:7c:83:d3:ea:1f:0d:a9:14:f5:01:f3: 85:c0:68:70:bf:2a:63:f6:d7:b8:7e:05:94:4b:7e: b8:15:e0:12:83:a0:54:39:c6:58:56:d7:6f:e0:b8: ff:ec:e9:f9:15:01:2b:5f:f5:77:03:55:5c:cf:09: ec:bc:cb:fe:73:05:1b:af:bf:12:fc:b7:4b:ef:ea: 15:b4:e2:0b:c0:e9:30:7f:70:67:3a:4e:55:ce:43: 80:05:b6:74:29:a1:f8:86:0d:db:fb:35:1c:d6:04: 50:ab:2d:68:b9:72:f6:3d:b9:30:f9:0f:a8:e0:03: e5:02:67:1d:f9:e9:69:cb:8d:16:d0:bf:6a:c8:d7: 12:4d:9e:7d:12:98:14:a6:dc:74:02:32:8c:63:3e: 0e:b9:32:44:41:a8:b8:b4:7e:92:6e:64:aa:4d:f2: f0:90:15:1c:79:e7:57:c4:1b:2d:07:27:20:5c:2f: 59:e5:a0:fa:4e:67:aa:e6:80:00:5f:36:c3:ee:70: 00:2c:5f:6b:ac:67:13:df:e5:25:18:65:62:21:01: 1c:67:80:d2:61:cb:7c:ca:8f:4f:e2:9a:9b:19:e8: a8:bc:33:f1:5e:fd:ab:98:d6:c0:de:fc:8c:e1:a0: a4:9d:a9:ea:4c:03:f9:d7:04:40:65:fd:3a:da:1a: 3e:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EB:2F:63:45:98:0D:D4:8A:B3:9E:79:F2:5A:5F:CC:71:1A:15:FC:F5 X509v3 Authority Key Identifier: keyid:CF:E3:F3:1E:4F:33:7A:D3:81:20:1B:F3:3A:01:A6:85:FB:01:6A:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z-PzHk8zetOBIBvzOgGmhfsBal4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9128E00/8991EB9EE02011E982B37A3AC4F9AE02/z-PzHk8zetOBIBvzOgGmhfsBal4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:cc:af:9d:43:84:a3:2a:29:20:76:c8:58:4c:ec:b2:9a:31: 02:d5:33:a0:e4:07:66:ad:e0:35:94:38:fe:0d:25:b7:5a:be: 49:58:7f:43:59:4f:1d:4a:7d:a0:f2:5b:30:09:b4:d1:a4:92: 83:88:27:53:7d:c3:e8:13:70:8f:68:f4:e5:d0:50:a9:ae:ae: 19:0e:04:55:ec:cb:3f:59:4f:30:08:67:e7:73:95:24:b6:3d: 95:a9:a2:4e:76:db:3b:c0:91:29:98:e1:9c:62:07:ce:8b:68: bf:25:15:02:03:56:c0:f9:2c:8f:7e:40:6f:a7:a6:50:07:f9: fc:55:85:38:45:df:3b:f7:0b:dd:ed:18:97:1f:70:44:ed:05: 51:50:a3:15:34:4a:ad:94:28:cb:25:3d:2c:ea:04:16:d6:bd: c1:87:6d:13:12:30:c8:7f:26:ee:97:99:57:58:83:8c:26:72: 6a:d7:4e:33:44:0e:74:a2:a2:4a:83:a0:5f:d7:b7:27:d1:6e: b3:0c:07:59:79:7b:cf:06:1c:d4:de:4b:b8:42:3e:13:c0:1b: ba:22:fe:6b:44:38:74:5e:a9:98:05:74:cf:64:9a:b9:7d:1b: aa:f1:99:bc:80:51:0e:2c:9e:3a:cd:de:3c:e9:c4:35:c4:35: da:c2:f5:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjhFMDAxMTAvBgNVBAUTKENGRTNGMzFFNEYzMzdBRDM4MTIwMUJGMzNBMDFBNjg1 RkIwMTZBNUUwHhcNMjUxMTAyMTgwMDEwWhcNMjUxMTA5MTgwMDEwWjAYMRYwFAYD VQQDEw02OTA3OWMyYS04MzFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAujf8fIPT6h8NqRT1AfOFwGhwvypj9te4fgWUS364FeASg6BUOcZYVtdv4Lj/ 7On5FQErX/V3A1VczwnsvMv+cwUbr78S/LdL7+oVtOILwOkwf3BnOk5VzkOABbZ0 KaH4hg3b+zUc1gRQqy1ouXL2Pbkw+Q+o4APlAmcd+elpy40W0L9qyNcSTZ59EpgU ptx0AjKMYz4OuTJEQai4tH6SbmSqTfLwkBUceedXxBstBycgXC9Z5aD6Tmeq5oAA XzbD7nAALF9rrGcT3+UlGGViIQEcZ4DSYct8yo9P4pqbGeiovDPxXv2rmNbA3vyM 4aCknanqTAP51wRAZf062ho+fQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOsvY0WY DdSKs5558lpfzHEaFfz1MB8GA1UdIwQYMBaAFM/j8x5PM3rTgSAb8zoBpoX7AWpe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyOEUwMC84OTkxRUI5RUUw MjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0T0JJQnZ6T2dHbWhmc0Jh bDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3otUHpIazh6ZXRPQklCdnpPZ0dtaGZzQmFsNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy OEUwMC84OTkxRUI5RUUwMjAxMUU5ODJCMzdBM0FDNEY5QUUwMi96LVB6SGs4emV0 T0JJQnZ6T2dHbWhmc0JhbDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCOzK+dQ4SjKikgdshYTOyymjEC1TOg5AdmreA1lDj+DSW3Wr5JWH9D WU8dSn2g8lswCbTRpJKDiCdTfcPoE3CPaPTl0FCprq4ZDgRV7Ms/WU8wCGfnc5Uk tj2VqaJOdts7wJEpmOGcYgfOi2i/JRUCA1bA+SyPfkBvp6ZQB/n8VYU4Rd879wvd 7RiXH3BE7QVRUKMVNEqtlCjLJT0s6gQW1r3Bh20TEjDIfybul5lXWIOMJnJq104z RA50oqJKg6Bf17cn0W6zDAdZeXvPBhzU3ku4Qj4TwBu6Iv5rRDh0XqmYBXTPZJq5 fRuq8Zm8gFEOLJ46zd486cQ1xDXawvWX -----END CERTIFICATE-----Generated at Mon Nov 3 18:14:43 2025 by rpki-client