$ rpki-client -vvf rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft File: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft (raw, json) Hash identifier: MiKELBbSJAOhiMju4+JeEnbCzDlXjginyPAsj4/aF1U= Subject key identifier: FC:13:90:03:90:6B:B1:06:BB:AD:94:60:74:94:B5:72:8A:9F:5C:63 Authority key identifier: DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 Certificate issuer: /CN=A912BAAD/serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Certificate serial: 0C4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft Manifest number: 0C3E Signing time: Tue 04 Nov 2025 18:46:56 +0000 Manifest this update: Tue 04 Nov 2025 18:46:55 +0000 Manifest next update: Tue 11 Nov 2025 18:46:55 +0000 Files and hashes: 1: 3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl (hash: dy81UHXzfUxOBnnXxgJKfdBYI9+/ucl+QXRrTAR3l/k=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:46:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3149 (0xc4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BAAD, serialNumber=DDF884911AD3F28CC9D96A8C24A939A65F8B2576 Validity Not Before: Nov 4 18:46:55 2025 GMT Not After : Nov 11 18:46:55 2025 GMT Subject: CN=690a4a20-1157 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:c7:0a:d0:76:0c:7b:5c:57:ab:ed:02:a6:3a: 59:d2:f1:50:b5:f3:d7:18:b7:d7:13:a4:32:b0:b8: 36:bb:a3:7f:88:99:8b:43:7d:9d:87:a4:0b:71:9a: 59:25:4e:b2:7f:7e:b2:74:98:95:f4:ba:c8:81:da: 0c:4c:5d:34:67:81:ed:03:0e:83:3a:10:33:3d:76: 7e:7c:8a:b4:fc:c4:99:99:1c:3f:79:30:8a:74:3c: 62:29:1c:a8:47:86:ac:5b:a7:5d:f4:3a:9c:1e:18: d1:f5:e3:8b:74:3e:ba:a4:18:95:e3:d2:de:fc:6d: 05:03:a9:b7:0f:08:49:13:f1:a1:e8:87:a7:da:ca: 77:fc:87:a1:dd:3c:94:37:5c:5d:37:d1:b9:80:85: 5a:67:e6:ea:a1:70:8e:c4:84:44:93:bd:f0:e6:16: 3d:0c:6a:13:f1:33:89:48:40:04:5c:10:ff:68:67: 8b:e6:a9:0a:4d:e9:32:68:07:76:bd:9a:1a:7b:90: 49:5a:f5:c4:40:7d:aa:21:83:eb:ea:d6:93:4e:69: 93:49:d0:ca:6d:b3:25:f9:59:73:22:d7:aa:5f:44: 43:f0:0d:2e:40:10:ea:dc:8a:2d:78:30:b4:b1:cd: 87:58:5e:56:88:e2:d5:36:88:dd:b6:de:d0:3d:0b: 75:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FC:13:90:03:90:6B:B1:06:BB:AD:94:60:74:94:B5:72:8A:9F:5C:63 X509v3 Authority Key Identifier: keyid:DD:F8:84:91:1A:D3:F2:8C:C9:D9:6A:8C:24:A9:39:A6:5F:8B:25:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BAAD/521ADDC8184811EA9078562BC4F9AE02/3fiEkRrT8ozJ2WqMJKk5pl-LJXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:41:ba:17:55:a2:fb:3f:26:45:5c:37:14:c2:cc:13:a0:e0: 4a:28:03:c0:77:d2:fc:19:1a:4b:aa:61:ea:5c:33:d7:b0:60: 6c:e1:db:4a:eb:86:be:32:b4:7a:b9:97:1f:20:c4:c0:0c:20: 7a:62:ef:dc:88:4f:7f:97:9d:42:1b:55:4d:a7:93:8b:a7:a7: ef:32:d4:e4:47:a5:56:d4:0d:b9:3a:b3:90:88:e0:64:7e:85: fb:c4:2a:03:3d:8b:84:db:22:6a:7a:66:5c:2c:60:6f:ac:4c: 38:c0:a9:3e:0b:77:1e:cf:ef:03:de:e1:fa:f2:ba:8c:7c:e2: a6:00:e3:31:9d:48:bd:72:73:ba:0f:ad:b7:8f:74:66:fe:81: 86:44:95:37:95:8f:09:2c:b3:23:f9:d6:1b:80:e0:20:24:f7: 62:f3:35:7c:eb:9c:1d:92:62:62:5a:24:14:1e:6b:a2:39:55: b1:0c:48:fd:e1:69:cc:6e:0c:50:c4:eb:c3:ff:51:ec:ca:e7: ce:2b:3a:8f:04:64:cf:e6:f8:44:41:87:25:0b:f0:69:43:36: 29:17:57:4c:07:d2:11:c1:42:67:fa:9b:be:c7:17:42:22:8d: 06:f6:35:59:8e:fc:e1:2f:2b:99:eb:18:f9:10:70:89:ff:31: 7e:12:13:61 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDE0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJBQUQxMTAvBgNVBAUTKERERjg4NDkxMUFEM0YyOENDOUQ5NkE4QzI0QTkzOUE2 NUY4QjI1NzYwHhcNMjUxMTA0MTg0NjU1WhcNMjUxMTExMTg0NjU1WjAYMRYwFAYD VQQDEw02OTBhNGEyMC0xMTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2scK0HYMe1xXq+0CpjpZ0vFQtfPXGLfXE6QysLg2u6N/iJmLQ32dh6QLcZpZ JU6yf36ydJiV9LrIgdoMTF00Z4HtAw6DOhAzPXZ+fIq0/MSZmRw/eTCKdDxiKRyo R4asW6dd9DqcHhjR9eOLdD66pBiV49Le/G0FA6m3DwhJE/Gh6Ien2sp3/Ieh3TyU N1xdN9G5gIVaZ+bqoXCOxIREk73w5hY9DGoT8TOJSEAEXBD/aGeL5qkKTekyaAd2 vZoae5BJWvXEQH2qIYPr6taTTmmTSdDKbbMl+VlzIteqX0RD8A0uQBDq3IoteDC0 sc2HWF5WiOLVNojdtt7QPQt1EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPwTkAOQ a7EGu62UYHSUtXKKn1xjMB8GA1UdIwQYMBaAFN34hJEa0/KMydlqjCSpOaZfiyV2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkFBRC81MjFBRERDODE4 NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhvekoyV3FNSktrNXBsLUxK WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNmaUVrUnJUOG96SjJXcU1KS2s1cGwtTEpYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkFBRC81MjFBRERDODE4NDgxMUVBOTA3ODU2MkJDNEY5QUUwMi8zZmlFa1JyVDhv ekoyV3FNSktrNXBsLUxKWFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAQboXVaL7PyZFXDcUwswToOBKKAPAd9L8GRpLqmHqXDPXsGBs4dtK 64a+MrR6uZcfIMTADCB6Yu/ciE9/l51CG1VNp5OLp6fvMtTkR6VW1A25OrOQiOBk foX7xCoDPYuE2yJqemZcLGBvrEw4wKk+C3cez+8D3uH68rqMfOKmAOMxnUi9cnO6 D623j3Rm/oGGRJU3lY8JLLMj+dYbgOAgJPdi8zV865wdkmJiWiQUHmuiOVWxDEj9 4WnMbgxQxOvD/1HsyufOKzqPBGTP5vhEQYclC/BpQzYpF1dMB9IRwUJn+pu+xxdC Io0G9jVZjvzhLyuZ6xj5EHCJ/zF+EhNh -----END CERTIFICATE-----Generated at Wed Nov 5 19:28:24 2025 by rpki-client