$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft File: 33HZn0zTs4Mms-1HyOSl35ieQvI.mft (raw, json) Hash identifier: UncMhDHfEb6LwuuA6Tm4P+b9KtiM8Hjq0J9K/BoixNI= Subject key identifier: 0A:A0:D9:40:FC:42:1B:36:0F:52:9C:6C:CB:98:04:75:A7:B9:69:DF Authority key identifier: DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 Certificate issuer: /CN=A915A0EE/serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Certificate serial: 01DA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft Manifest number: 01D0 Signing time: Wed 05 Nov 2025 03:05:42 +0000 Manifest this update: Wed 05 Nov 2025 03:05:42 +0000 Manifest next update: Wed 12 Nov 2025 03:05:42 +0000 Files and hashes: 1: 33HZn0zTs4Mms-1HyOSl35ieQvI.crl (hash: cLvlPHbD7wuXDS7Ynx6d4man38yYHIdWoF1PopCy+0Y=) 2: 1BDBCE5013A011EE91039C41C4F9AE02.roa (hash: p/oubbOjEb8Zn+B8haVjlomp+846cFby5ixQFCvfJFE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:05:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 474 (0x1da) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A0EE, serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Validity Not Before: Nov 5 03:05:42 2025 GMT Not After : Nov 12 03:05:42 2025 GMT Subject: CN=690abf06-f6a3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:93:54:4b:b4:5d:f4:f2:13:92:ff:26:e5:27: 3d:1e:6b:73:ba:96:a8:ed:bd:92:a2:56:5b:d7:7d: a3:68:af:34:c9:59:98:ae:d7:37:c0:42:47:13:cc: 65:73:b4:5d:94:d7:7b:86:f3:69:0e:7e:02:f8:bd: b1:5a:93:30:29:b8:62:73:ea:a9:24:7a:98:d9:2a: 7c:0e:95:30:66:9c:f2:f6:b0:30:ac:30:97:a5:45: 0f:1c:53:f6:d6:f6:bb:a8:76:be:b6:9b:03:a3:1e: da:80:15:c9:c1:a4:e1:69:4c:60:8b:27:ec:b9:e7: 4a:cb:72:2b:3b:4f:3e:98:56:ff:18:84:19:4e:33: 52:57:56:0b:8f:43:5c:66:79:93:60:58:49:28:1b: 70:bc:29:30:0e:f9:8b:0a:67:29:c3:df:77:fc:93: 8f:ed:99:39:1c:05:6c:4d:26:b2:c8:64:e3:b5:dd: ac:6b:35:6d:6c:f4:d6:d5:da:15:0e:1d:4d:bd:23: 62:e4:cc:ae:6e:18:e5:ee:3b:2d:d4:c2:47:ed:b3: b0:77:43:23:f2:fd:54:ba:8c:6c:d5:31:5b:6a:05: f0:a4:da:ee:83:de:a8:1e:02:05:09:f3:02:e5:a1: 8c:75:60:e9:37:50:d5:a2:77:f3:fe:e3:2d:1e:79: a2:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:A0:D9:40:FC:42:1B:36:0F:52:9C:6C:CB:98:04:75:A7:B9:69:DF X509v3 Authority Key Identifier: keyid:DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:9c:97:60:bc:7e:af:44:5b:3b:87:bd:1f:3f:df:d7:4c:e6: 4f:17:11:2d:c1:b0:32:91:5e:c7:ba:43:c8:a4:04:1f:e6:cd: 7c:99:68:1d:b3:11:a1:69:e3:fc:51:42:ad:7c:b5:b8:b8:e7: f2:5a:ed:5a:45:11:e0:7d:1b:58:1c:f1:89:a3:e2:cb:2a:fd: f2:3f:f3:22:4e:5a:ba:a3:8a:64:3a:d2:5c:56:88:d3:5f:5f: 71:df:55:b3:b5:0e:b2:74:ab:fd:1d:54:0e:99:bb:7d:85:4f: 6b:3d:06:b2:f5:86:f4:25:49:16:98:8e:00:97:82:48:f4:38: e3:1a:c2:74:ea:5a:b1:27:57:a8:47:92:ca:99:5b:30:db:a2: 44:d3:8f:62:01:51:04:55:34:d4:0f:37:e3:65:d0:fe:3a:a4: 2a:e7:2b:7a:7b:00:1b:6a:c3:7c:1c:5a:84:26:26:49:50:57: 9b:b1:82:93:f2:74:6f:aa:c4:7d:90:08:1b:10:1f:be:f1:5b: 8c:21:d5:81:6f:6d:c2:3f:66:23:0e:bd:20:7d:37:79:8c:be: 19:de:d5:89:13:44:55:94:0b:96:df:e8:48:b2:65:d1:54:ba: 08:60:79:09:5e:3d:47:29:cd:c1:cc:03:ba:3b:af:24:7b:1e: b3:96:9c:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEwRUUxMTAvBgNVBAUTKERGNzFEOTlGNENEM0IzODMyNkIzRUQ0N0M4RTRBNURG OTg5RTQyRjIwHhcNMjUxMTA1MDMwNTQyWhcNMjUxMTEyMDMwNTQyWjAYMRYwFAYD VQQDEw02OTBhYmYwNi1mNmEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxJNUS7Rd9PITkv8m5Sc9Hmtzupao7b2SolZb132jaK80yVmYrtc3wEJHE8xl c7RdlNd7hvNpDn4C+L2xWpMwKbhic+qpJHqY2Sp8DpUwZpzy9rAwrDCXpUUPHFP2 1va7qHa+tpsDox7agBXJwaThaUxgiyfsuedKy3IrO08+mFb/GIQZTjNSV1YLj0Nc ZnmTYFhJKBtwvCkwDvmLCmcpw993/JOP7Zk5HAVsTSayyGTjtd2sazVtbPTW1doV Dh1NvSNi5Myubhjl7jst1MJH7bOwd0Mj8v1Uuoxs1TFbagXwpNrug96oHgIFCfMC 5aGMdWDpN1DVonfz/uMtHnmiuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAqg2UD8 Qhs2D1KcbMuYBHWnuWnfMB8GA1UdIwQYMBaAFN9x2Z9M07ODJrPtR8jkpd+YnkLy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBFRS81NUM4MDNDQTA5 QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0TW1zLTFIeU9TbDM1aWVR dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMzSFpuMHpUczRNbXMtMUh5T1NsMzVpZVF2SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QTBFRS81NUM4MDNDQTA5QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0 TW1zLTFIeU9TbDM1aWVRdkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCrnJdgvH6vRFs7h70fP9/XTOZPFxEtwbAykV7HukPIpAQf5s18mWgd sxGhaeP8UUKtfLW4uOfyWu1aRRHgfRtYHPGJo+LLKv3yP/MiTlq6o4pkOtJcVojT X19x31WztQ6ydKv9HVQOmbt9hU9rPQay9Yb0JUkWmI4Al4JI9DjjGsJ06lqxJ1eo R5LKmVsw26JE049iAVEEVTTUDzfjZdD+OqQq5yt6ewAbasN8HFqEJiZJUFebsYKT 8nRvqsR9kAgbEB++8VuMIdWBb23CP2YjDr0gfTd5jL4Z3tWJE0RVlAuW3+hIsmXR VLoIYHkJXj1HKc3BzAO6O68kex6zlpxZ -----END CERTIFICATE-----Generated at Wed Nov 5 15:05:01 2025 by rpki-client