$ rpki-client -vvf rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft File: U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft (raw, json) Hash identifier: VTfXVLUCbDdLtkHrzxKnDsP9XZh5rPh+wMrv+1UCOj4= Subject key identifier: 81:45:88:05:85:D8:0E:4B:0B:4C:D3:6B:88:42:AA:32:7D:B0:36:6A Authority key identifier: 53:9B:B7:6C:8A:43:79:A4:DE:39:9C:05:2D:38:C1:B4:53:A6:6F:1B Certificate issuer: /CN=A914E070/serialNumber=539BB76C8A4379A4DE399C052D38C1B453A66F1B Certificate serial: 0156 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft Manifest number: 0152 Signing time: Mon 03 Nov 2025 04:16:13 +0000 Manifest this update: Mon 03 Nov 2025 04:16:13 +0000 Manifest next update: Mon 10 Nov 2025 04:16:13 +0000 Files and hashes: 1: U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl (hash: zjpeDXPQxP2JfTwYOyzJI37b3xm/S3MCRdoVL9GckIU=) 2: 3772F678BC1211EE8C54FD2EC4F9AE02.roa (hash: BVkUXHmaunafReC96ZYpGOgVThUwi3Y9iPZ+tZjaqqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:16:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 342 (0x156) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E070, serialNumber=539BB76C8A4379A4DE399C052D38C1B453A66F1B Validity Not Before: Nov 3 04:16:13 2025 GMT Not After : Nov 10 04:16:13 2025 GMT Subject: CN=69082c8d-b594 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:7b:ad:8f:82:7b:b3:de:99:6d:ab:5e:0f:15: 36:9c:a3:8a:b9:93:d6:4a:88:3e:0e:3f:02:d2:56: f2:3a:1d:3b:8c:28:52:a3:36:c4:37:26:eb:07:c0: 3c:c1:ac:54:d9:3a:32:da:4f:b5:ad:84:c7:68:75: 57:04:8a:e7:ca:c5:b1:03:a0:d1:93:1c:93:0d:77: d6:f0:73:87:42:46:b6:7d:8c:d9:03:cb:e8:13:61: a0:3d:47:2d:c8:d2:a4:93:21:11:23:35:6a:ec:9b: 46:b4:65:98:6f:13:19:fc:e3:e1:97:72:63:2e:e1: 0d:bf:98:c1:df:91:bd:36:6e:b1:a2:77:11:34:c0: b6:fe:66:c5:33:eb:92:79:40:25:bc:a1:9c:98:ac: e7:d8:6f:44:af:48:7c:5e:50:9c:ae:01:fd:3f:25: ed:24:34:f3:80:cc:1f:99:86:e1:bb:18:f8:9f:8d: ee:a0:81:4c:72:9e:d4:16:96:a3:eb:78:ca:6b:77: 50:32:19:c9:e6:8b:d3:72:03:24:c8:c4:72:83:de: af:ff:2f:0c:44:08:f1:1f:8c:43:19:4a:db:b2:ea: f6:94:e4:61:fe:ee:25:15:26:f8:dc:5d:4e:70:bb: 9d:72:e4:e7:ff:82:59:5e:94:15:06:e0:55:c2:6d: a4:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:45:88:05:85:D8:0E:4B:0B:4C:D3:6B:88:42:AA:32:7D:B0:36:6A X509v3 Authority Key Identifier: keyid:53:9B:B7:6C:8A:43:79:A4:DE:39:9C:05:2D:38:C1:B4:53:A6:6F:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5u3bIpDeaTeOZwFLTjBtFOmbxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E070/89C5597CBC1011EE8BEB137AC4F9AE02/U5u3bIpDeaTeOZwFLTjBtFOmbxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8c:98:9f:51:7c:94:2a:b6:79:af:59:27:2b:7f:04:f4:88:b3: dd:ab:60:14:09:23:a2:96:83:23:78:e4:be:5a:ca:8f:60:47: 37:78:f8:86:e7:eb:57:3f:0c:d4:a4:7b:7c:0d:82:11:82:67: 66:c4:a7:1b:f2:e0:05:f6:33:90:82:85:77:8b:ca:66:9d:3f: 5d:19:8e:b9:90:83:7c:77:cf:bd:6b:e6:90:b2:42:93:ec:60: 60:b6:17:6f:48:1b:7f:b3:b2:aa:46:e6:1b:2a:95:47:fb:fd: 60:da:7f:a1:87:37:8c:66:7a:99:73:8d:61:69:20:d2:1f:e7: 63:8c:80:3e:e3:a6:70:af:12:1d:66:5b:5e:c4:1a:f7:bf:0b: 0f:5f:7d:4e:5d:2b:ad:8c:82:2f:6b:15:18:f2:60:b2:10:31: 1b:0a:9e:73:3a:eb:64:5e:33:53:9b:ce:c6:c8:fa:09:6c:76: d7:86:0a:75:9b:fb:4d:71:e8:9f:8e:6d:9b:bd:43:64:d1:17: 9b:54:8c:6b:1a:df:09:59:7d:93:b0:89:2d:d1:7d:86:04:63: 14:0d:1e:5a:69:cc:bc:31:0d:c4:48:3d:4a:6b:35:fd:6d:02: b6:71:e0:74:a6:6b:44:32:59:73:6a:e5:da:21:19:23:6d:9e: c7:d8:1d:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEUwNzAxMTAvBgNVBAUTKDUzOUJCNzZDOEE0Mzc5QTRERTM5OUMwNTJEMzhDMUI0 NTNBNjZGMUIwHhcNMjUxMTAzMDQxNjEzWhcNMjUxMTEwMDQxNjEzWjAYMRYwFAYD VQQDEw02OTA4MmM4ZC1iNTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApXutj4J7s96ZbateDxU2nKOKuZPWSog+Dj8C0lbyOh07jChSozbENybrB8A8 waxU2Toy2k+1rYTHaHVXBIrnysWxA6DRkxyTDXfW8HOHQka2fYzZA8voE2GgPUct yNKkkyERIzVq7JtGtGWYbxMZ/OPhl3JjLuENv5jB35G9Nm6xoncRNMC2/mbFM+uS eUAlvKGcmKzn2G9Er0h8XlCcrgH9PyXtJDTzgMwfmYbhuxj4n43uoIFMcp7UFpaj 63jKa3dQMhnJ5ovTcgMkyMRyg96v/y8MRAjxH4xDGUrbsur2lORh/u4lFSb43F1O cLudcuTn/4JZXpQVBuBVwm2kqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIFFiAWF 2A5LC0zTa4hCqjJ9sDZqMB8GA1UdIwQYMBaAFFObt2yKQ3mk3jmcBS04wbRTpm8b MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTA3MC84OUM1NTk3Q0JD MTAxMUVFOEJFQjEzN0FDNEY5QUUwMi9VNXUzYklwRGVhVGVPWndGTFRqQnRGT21i eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U1dTNiSXBEZWFUZU9ad0ZMVGpCdEZPbWJ4cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTA3MC84OUM1NTk3Q0JDMTAxMUVFOEJFQjEzN0FDNEY5QUUwMi9VNXUzYklwRGVh VGVPWndGTFRqQnRGT21ieHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCMmJ9RfJQqtnmvWScrfwT0iLPdq2AUCSOiloMjeOS+WsqPYEc3ePiG 5+tXPwzUpHt8DYIRgmdmxKcb8uAF9jOQgoV3i8pmnT9dGY65kIN8d8+9a+aQskKT 7GBgthdvSBt/s7KqRuYbKpVH+/1g2n+hhzeMZnqZc41haSDSH+djjIA+46ZwrxId ZltexBr3vwsPX31OXSutjIIvaxUY8mCyEDEbCp5zOutkXjNTm87GyPoJbHbXhgp1 m/tNceifjm2bvUNk0RebVIxrGt8JWX2TsIkt0X2GBGMUDR5aacy8MQ3ESD1KazX9 bQK2ceB0pmtEMllzauXaIRkjbZ7H2B0G -----END CERTIFICATE-----Generated at Mon Nov 3 18:14:36 2025 by rpki-client