$ rpki-client -vvf rpki.apnic.net/member_repository/A915786A/126DFC961A5511EA88042211C4F9AE02/xxUx0l-AVI9bZR-GSTJfPI_YWTk.mft File: xxUx0l-AVI9bZR-GSTJfPI_YWTk.mft (raw, json) Hash identifier: +pa7/5e0TsHQ0uGBY9LM3nAH/ETN+T+3mgVhDBJTjAI= Subject key identifier: 47:63:C0:4F:DC:04:2D:38:41:63:89:81:20:9C:EB:55:76:10:AC:D8 Authority key identifier: C7:15:31:D2:5F:80:54:8F:5B:65:1F:86:49:32:5F:3C:8F:D8:59:39 Certificate issuer: /CN=A915786A/serialNumber=C71531D25F80548F5B651F8649325F3C8FD85939 Certificate serial: 0C38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xxUx0l-AVI9bZR-GSTJfPI_YWTk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915786A/126DFC961A5511EA88042211C4F9AE02/xxUx0l-AVI9bZR-GSTJfPI_YWTk.mft Manifest number: 0C2D Signing time: Sun 02 Nov 2025 18:38:51 +0000 Manifest this update: Sun 02 Nov 2025 18:38:50 +0000 Manifest next update: Sun 09 Nov 2025 18:38:50 +0000 Files and hashes: 1: xxUx0l-AVI9bZR-GSTJfPI_YWTk.crl (hash: Z1J6t9Vx+ZNCgB5zu5xlhUp+tcRPq367j7nXlKza6ck=) 2: 7A7B776A1F0E11EA92AA6824C4F9AE02.roa (hash: vuAfqS+oupAqLtbWHhdz3OsiJgWg5sczosdrHd8kXwo=) 3: FBFF89FC3AC611EEB790D485C4F9AE02.roa (hash: DQuIcDvil4xhDWRcyNWiHmLcTyjG0SYLvwiCuCDmI90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915786A/126DFC961A5511EA88042211C4F9AE02/xxUx0l-AVI9bZR-GSTJfPI_YWTk.crl rsync://rpki.apnic.net/member_repository/A915786A/126DFC961A5511EA88042211C4F9AE02/xxUx0l-AVI9bZR-GSTJfPI_YWTk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xxUx0l-AVI9bZR-GSTJfPI_YWTk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:38:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3128 (0xc38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915786A, serialNumber=C71531D25F80548F5B651F8649325F3C8FD85939 Validity Not Before: Nov 2 18:38:50 2025 GMT Not After : Nov 9 18:38:50 2025 GMT Subject: CN=6907a53a-250b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:c1:1b:29:70:bd:bc:3c:a1:d8:f6:24:f0:1f: 1e:f7:6f:23:2f:9c:c9:4a:2a:59:e1:0c:04:60:c6: 49:67:28:a2:a0:6e:4d:8c:22:b3:17:5b:ab:35:e0: af:c3:2e:02:1a:dc:26:75:20:ab:95:6a:88:78:62: ad:a0:b1:e7:76:7e:17:a4:17:e2:f4:60:9a:f3:2b: 3f:b4:22:ca:e3:81:e2:ad:b7:45:f8:e9:ca:69:3c: 6c:d1:05:e6:e4:e0:a4:9c:37:b7:e3:ab:ae:36:f2: fa:34:dc:97:e2:78:f3:cb:0b:32:bd:1f:a0:92:0f: ed:17:5e:95:9a:58:45:a6:13:53:e4:35:19:d8:ea: 12:29:8d:dd:84:0b:0f:59:ca:d5:cd:db:5a:be:66: f5:2a:0b:03:b9:7b:01:ff:e4:72:0d:e7:b9:29:e3: 4b:f7:cb:e8:7b:03:09:2a:48:35:ec:83:a0:e4:41: 29:93:5b:3d:21:21:e7:77:8e:19:3f:bc:fd:5a:c1: 47:dc:38:3d:40:21:a5:c1:e9:3d:a2:9d:63:84:bf: 07:19:05:80:38:bd:90:f2:07:50:70:a5:ba:97:4f: b3:72:e2:2c:33:b5:f3:9e:55:44:f9:54:4e:b8:57: 19:13:d9:1c:33:82:fb:30:a0:96:ee:72:65:6b:a4: e8:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 47:63:C0:4F:DC:04:2D:38:41:63:89:81:20:9C:EB:55:76:10:AC:D8 X509v3 Authority Key Identifier: keyid:C7:15:31:D2:5F:80:54:8F:5B:65:1F:86:49:32:5F:3C:8F:D8:59:39 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915786A/126DFC961A5511EA88042211C4F9AE02/xxUx0l-AVI9bZR-GSTJfPI_YWTk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xxUx0l-AVI9bZR-GSTJfPI_YWTk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915786A/126DFC961A5511EA88042211C4F9AE02/xxUx0l-AVI9bZR-GSTJfPI_YWTk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 39:1b:ba:a8:3d:a0:2b:d2:0a:44:90:6c:4f:b3:c4:0b:25:0c: 45:41:46:09:fb:3a:2f:c9:3f:e9:6e:b6:e9:84:64:13:ed:75: 4f:e7:b8:6e:2c:66:ec:48:70:75:7d:73:6d:b9:94:7d:c2:fc: 3f:63:80:45:aa:b1:e6:58:d3:5b:03:8e:27:49:a5:ae:e0:e7: 73:ab:bc:85:93:47:fa:ca:1d:70:73:ab:90:d5:6e:f7:30:15: 58:d9:5f:70:a6:d5:da:d9:fe:02:c3:15:ad:dd:70:2f:fa:72: 7e:8a:b2:50:23:d5:52:f9:a6:49:ff:41:5f:8e:37:ae:52:a5: fc:85:94:89:38:9c:44:bb:04:78:c7:ad:72:3d:29:6f:08:18: 16:b0:1b:fe:10:c1:dc:6f:09:d3:0f:14:f0:28:3c:57:c0:33: 89:b3:a7:0e:47:9a:00:f8:02:c2:f9:21:9a:81:ef:a0:10:7c: 84:0c:9f:51:8c:bb:21:21:16:83:e3:b5:27:5f:30:67:10:e0: 0e:69:4b:a0:03:1a:df:06:da:3c:fd:a1:f9:3f:3f:95:22:19: 67:b3:ac:16:98:20:c1:1a:33:b2:2a:71:c1:37:68:49:a4:a9: 83:e0:ce:1b:f0:8d:42:ce:67:31:80:a9:37:07:69:7c:bf:59: e7:76:87:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTc4NkExMTAvBgNVBAUTKEM3MTUzMUQyNUY4MDU0OEY1QjY1MUY4NjQ5MzI1RjND OEZEODU5MzkwHhcNMjUxMTAyMTgzODUwWhcNMjUxMTA5MTgzODUwWjAYMRYwFAYD VQQDEw02OTA3YTUzYS0yNTBiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtcEbKXC9vDyh2PYk8B8e928jL5zJSipZ4QwEYMZJZyiioG5NjCKzF1urNeCv wy4CGtwmdSCrlWqIeGKtoLHndn4XpBfi9GCa8ys/tCLK44HirbdF+OnKaTxs0QXm 5OCknDe346uuNvL6NNyX4njzywsyvR+gkg/tF16VmlhFphNT5DUZ2OoSKY3dhAsP WcrVzdtavmb1KgsDuXsB/+RyDee5KeNL98voewMJKkg17IOg5EEpk1s9ISHnd44Z P7z9WsFH3Dg9QCGlwek9op1jhL8HGQWAOL2Q8gdQcKW6l0+zcuIsM7XznlVE+VRO uFcZE9kcM4L7MKCW7nJla6TodQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEdjwE/c BC04QWOJgSCc61V2EKzYMB8GA1UdIwQYMBaAFMcVMdJfgFSPW2UfhkkyXzyP2Fk5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Nzg2QS8xMjZERkM5NjFB NTUxMUVBODgwNDIyMTFDNEY5QUUwMi94eFV4MGwtQVZJOWJaUi1HU1RKZlBJX1lX VGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3h4VXgwbC1BVkk5YlpSLUdTVEpmUElfWVdUay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Nzg2QS8xMjZERkM5NjFBNTUxMUVBODgwNDIyMTFDNEY5QUUwMi94eFV4MGwtQVZJ OWJaUi1HU1RKZlBJX1lXVGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA5G7qoPaAr0gpEkGxPs8QLJQxFQUYJ+zovyT/pbrbphGQT7XVP57hu LGbsSHB1fXNtuZR9wvw/Y4BFqrHmWNNbA44nSaWu4Odzq7yFk0f6yh1wc6uQ1W73 MBVY2V9wptXa2f4CwxWt3XAv+nJ+irJQI9VS+aZJ/0FfjjeuUqX8hZSJOJxEuwR4 x61yPSlvCBgWsBv+EMHcbwnTDxTwKDxXwDOJs6cOR5oA+ALC+SGage+gEHyEDJ9R jLshIRaD47UnXzBnEOAOaUugAxrfBto8/aH5Pz+VIhlns6wWmCDBGjOyKnHBN2hJ pKmD4M4b8I1CzmcxgKk3B2l8v1nndocp -----END CERTIFICATE-----Generated at Mon Nov 3 18:19:52 2025 by rpki-client