$ rpki-client -vvf rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft File: IPxzgnJ0AC605K7oniD9DRc_soU.mft (raw, json) Hash identifier: qdilezc3S/5fTkE5JQ+eO5/ICqU7Ldevs5AZzifkHsc= Subject key identifier: 7A:86:05:7C:DC:20:6E:12:23:27:43:97:3A:72:9A:23:A7:AA:23:1F Authority key identifier: 20:FC:73:82:72:74:00:2E:B4:E4:AE:E8:9E:20:FD:0D:17:3F:B2:85 Certificate issuer: /CN=A91578DF/serialNumber=20FC73827274002EB4E4AEE89E20FD0D173FB285 Certificate serial: 21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPxzgnJ0AC605K7oniD9DRc_soU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft Manifest number: 1D Signing time: Mon 03 Nov 2025 07:51:00 +0000 Manifest this update: Mon 03 Nov 2025 07:50:59 +0000 Manifest next update: Mon 10 Nov 2025 07:50:59 +0000 Files and hashes: 1: IPxzgnJ0AC605K7oniD9DRc_soU.crl (hash: 9P9bKBRHZVHRZhoajWGwF4M3xp4OFVUizAztAlRFqFo=) 2: 067CE6C895C811F09500A713C4F9AE02.roa (hash: DaXXWX4PSZTEEnKA/Wr/hB6+tz0WGbj29+yIsXyWSwM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.crl rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPxzgnJ0AC605K7oniD9DRc_soU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:50:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 33 (0x21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91578DF, serialNumber=20FC73827274002EB4E4AEE89E20FD0D173FB285 Validity Not Before: Nov 3 07:50:59 2025 GMT Not After : Nov 10 07:50:59 2025 GMT Subject: CN=69085ee4-4f24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d5:d8:43:5b:5c:1f:f0:6a:99:ba:2f:11:d1: 24:76:8d:ca:eb:ce:1d:42:eb:0a:e9:ee:c2:4f:82: bf:24:54:48:cf:88:45:17:d7:ab:c9:5a:61:21:64: 2b:21:e3:4b:08:a5:e6:9c:94:ea:31:e9:24:0f:d8: f5:2a:ba:22:1e:e1:c4:6c:be:c9:04:5a:c3:f8:70: b7:5c:33:76:53:a2:cb:1e:ca:bf:bd:96:5d:0a:9c: 23:f7:93:6a:c4:0c:f1:5c:c1:9e:27:19:8f:51:25: 13:d5:23:ac:61:5d:c3:36:8f:c3:40:2e:49:0b:1e: 16:8d:03:e6:c1:64:ea:63:dd:57:25:18:84:f7:2d: 10:b6:f1:dc:93:da:08:10:d1:50:ab:30:e0:0b:2a: ac:f6:f7:4f:22:f1:4d:3c:71:38:9f:8d:26:74:28: a6:09:55:6b:13:59:6b:11:7b:4b:09:9c:18:7b:17: 21:b6:ae:54:ce:fa:13:9d:e8:45:1c:1f:4e:8a:0b: 31:44:94:84:56:7b:80:6a:90:c4:61:7d:73:49:f2: ea:3e:71:b8:5a:4d:4a:78:e9:0b:f8:7d:fb:4d:c2: 55:0f:03:47:ce:b2:dc:83:00:e8:49:37:2a:83:d9: f8:07:fd:d0:5d:f0:2c:03:51:61:23:5e:8b:e6:9c: 7e:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:86:05:7C:DC:20:6E:12:23:27:43:97:3A:72:9A:23:A7:AA:23:1F X509v3 Authority Key Identifier: keyid:20:FC:73:82:72:74:00:2E:B4:E4:AE:E8:9E:20:FD:0D:17:3F:B2:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPxzgnJ0AC605K7oniD9DRc_soU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:b1:54:1d:f3:68:6e:15:cf:25:bc:d5:2c:bc:88:2f:1d:3a: 6c:a3:b1:69:d7:41:67:b6:3a:9d:21:4a:0b:b7:43:ce:14:8c: 26:d4:e6:b5:09:09:5e:fd:14:4a:f1:9f:ec:34:e1:db:4a:7f: be:49:c4:08:f8:65:42:8d:d4:30:f8:f0:80:45:a7:ab:69:b2: c0:8b:a4:98:d2:82:a6:66:90:2b:db:07:b6:37:77:69:de:04: 4a:f3:5f:91:65:d5:b9:9d:e1:15:83:cc:88:3c:f2:51:cd:61: 99:20:59:e6:a4:80:52:94:fe:b7:d1:07:8d:23:14:b8:68:39: 5a:50:88:00:10:71:4e:9d:05:55:c8:1a:39:eb:03:4e:52:11: 1f:cd:98:fb:d1:d5:d8:71:43:c1:d9:1e:73:6a:98:0a:ad:38: 10:3f:c0:40:d9:02:12:a3:a8:3e:9f:8d:02:33:79:b2:d3:98: 94:6d:5a:f6:18:96:00:88:bc:04:04:5b:77:da:50:ba:30:c9: 3d:75:58:3f:53:3e:0b:a0:48:f1:80:84:dd:74:d7:54:95:9d: 0b:25:f9:0b:29:f9:b4:4a:0c:ff:d4:fb:f2:19:96:48:00:da: e4:f7:ad:2f:0d:5a:74:b9:0d:c2:bb:b2:c9:01:84:17:42:92: a7:32:11:b8 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBITANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NzhERjExMC8GA1UEBRMoMjBGQzczODI3Mjc0MDAyRUI0RTRBRUU4OUUyMEZEMEQx NzNGQjI4NTAeFw0yNTExMDMwNzUwNTlaFw0yNTExMTAwNzUwNTlaMBgxFjAUBgNV BAMTDTY5MDg1ZWU0LTRmMjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC61dhDW1wf8GqZui8R0SR2jcrrzh1C6wrp7sJPgr8kVEjPiEUX16vJWmEhZCsh 40sIpeaclOox6SQP2PUquiIe4cRsvskEWsP4cLdcM3ZTosseyr+9ll0KnCP3k2rE DPFcwZ4nGY9RJRPVI6xhXcM2j8NALkkLHhaNA+bBZOpj3VclGIT3LRC28dyT2ggQ 0VCrMOALKqz2908i8U08cTifjSZ0KKYJVWsTWWsRe0sJnBh7FyG2rlTO+hOd6EUc H06KCzFElIRWe4BqkMRhfXNJ8uo+cbhaTUp46Qv4fftNwlUPA0fOstyDAOhJNyqD 2fgH/dBd8CwDUWEjXovmnH6HAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUeoYFfNwg bhIjJ0OXOnKaI6eqIx8wHwYDVR0jBBgwFoAUIPxzgnJ0AC605K7oniD9DRc/soUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3OERGLzA1MUNGMUQ0OTVD NzExRjBBQkUyRkQ1RkM0RjlBRTAyL0lQeHpnbkowQUM2MDVLN29uaUQ5RFJjX3Nv VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSVB4emduSjBBQzYwNUs3b25pRDlEUmNfc29VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 OERGLzA1MUNGMUQ0OTVDNzExRjBBQkUyRkQ1RkM0RjlBRTAyL0lQeHpnbkowQUM2 MDVLN29uaUQ5RFJjX3NvVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJWxVB3zaG4VzyW81Sy8iC8dOmyjsWnXQWe2Op0hSgu3Q84UjCbU5rUJ CV79FErxn+w04dtKf75JxAj4ZUKN1DD48IBFp6tpssCLpJjSgqZmkCvbB7Y3d2ne BErzX5Fl1bmd4RWDzIg88lHNYZkgWeakgFKU/rfRB40jFLhoOVpQiAAQcU6dBVXI GjnrA05SER/NmPvR1dhxQ8HZHnNqmAqtOBA/wEDZAhKjqD6fjQIzebLTmJRtWvYY lgCIvAQEW3faULowyT11WD9TPgugSPGAhN1011SVnQsl+Qsp+bRKDP/U+/IZlkgA 2uT3rS8NWnS5DcK7sskBhBdCkqcyEbg= -----END CERTIFICATE-----Generated at Mon Nov 3 18:10:13 2025 by rpki-client