$ rpki-client -vvf rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft File: -AoX4Y4_OhL3UjNnLorGf4DlL98.mft (raw, json) Hash identifier: ItUDNYQhPxsC0uRLrloDhlVWvYR0v9c/qFKoThL4Ji0= Subject key identifier: 97:9D:E5:A6:CA:E0:17:45:A8:3B:95:03:7E:20:67:7B:E3:E8:D0:A5 Authority key identifier: F8:0A:17:E1:8E:3F:3A:12:F7:52:33:67:2E:8A:C6:7F:80:E5:2F:DF Certificate issuer: /CN=A916423B/serialNumber=F80A17E18E3F3A12F75233672E8AC67F80E52FDF Certificate serial: 01C1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-AoX4Y4_OhL3UjNnLorGf4DlL98.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft Manifest number: 01BE Signing time: Mon 03 Nov 2025 02:58:40 +0000 Manifest this update: Mon 03 Nov 2025 02:58:40 +0000 Manifest next update: Mon 10 Nov 2025 02:58:40 +0000 Files and hashes: 1: -AoX4Y4_OhL3UjNnLorGf4DlL98.crl (hash: EgRdgVRPfh+58lBZxA5y8y6SpXb2v3QK4RsHefIwdho=) 2: 593888C40AB811EE97CC7A32C4F9AE02.roa (hash: Hgvy/rbsLEaWAnrB/PMoMX/RB2XdkdZAeykYpDBMbDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.crl rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-AoX4Y4_OhL3UjNnLorGf4DlL98.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:58:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 449 (0x1c1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916423B, serialNumber=F80A17E18E3F3A12F75233672E8AC67F80E52FDF Validity Not Before: Nov 3 02:58:40 2025 GMT Not After : Nov 10 02:58:40 2025 GMT Subject: CN=69081a60-baee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:bd:7a:84:a7:18:b1:19:96:80:a5:10:0f:7c: bc:92:45:1b:44:ab:49:3c:8a:c1:93:48:8e:ef:0a: 01:de:c8:fe:92:28:58:5d:b0:6a:ce:7d:ed:2f:cb: 92:2f:a6:6d:86:6d:64:12:ef:38:b7:41:80:43:82: f7:01:11:a5:1d:85:91:06:00:4b:43:2f:03:67:a1: 34:8d:35:cc:ef:1d:6e:5a:03:74:b2:fd:03:43:e4: e3:1e:01:2c:bc:dc:36:f3:5f:ad:9c:9c:71:fd:4c: 3d:e4:60:e6:f5:55:1a:b9:b6:58:99:d7:fd:a2:fb: df:95:3f:0e:f0:c6:8f:69:cf:9d:55:e5:fb:76:27: 3e:33:d1:cb:90:2a:b6:c4:04:bf:16:49:13:47:be: b7:b0:59:f4:42:40:b2:d1:8b:f4:48:32:10:2c:58: 82:c0:20:69:d6:61:e3:f2:06:49:3a:b2:48:e7:df: 2a:2e:15:2c:30:91:17:96:7e:59:05:fb:04:47:d1: 5e:be:07:73:e4:65:98:fc:7a:72:a8:78:60:8b:1b: 35:ae:33:15:af:28:92:b2:84:1e:e6:03:2e:36:77: b1:e5:57:08:c4:a9:0d:e7:6f:2c:53:6d:06:17:35: 36:71:76:ef:6e:05:9a:19:77:f8:14:25:04:37:a7: 61:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:9D:E5:A6:CA:E0:17:45:A8:3B:95:03:7E:20:67:7B:E3:E8:D0:A5 X509v3 Authority Key Identifier: keyid:F8:0A:17:E1:8E:3F:3A:12:F7:52:33:67:2E:8A:C6:7F:80:E5:2F:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-AoX4Y4_OhL3UjNnLorGf4DlL98.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916423B/DC49A5FA0AB211EE80B35537C4F9AE02/-AoX4Y4_OhL3UjNnLorGf4DlL98.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:42:1b:2f:dd:83:ea:ef:17:ed:ae:c3:4c:0d:14:c8:4e:5f: 4f:e8:f9:20:a5:35:9b:90:20:47:1e:0a:93:1d:f1:d9:8d:95: e8:8e:b4:3f:3d:85:b2:d8:a8:db:66:72:48:bd:e4:74:ef:a0: 6f:40:61:d1:28:ed:9b:23:c5:9c:61:71:8f:fb:b0:ff:cf:3a: 0d:3d:87:72:91:ca:26:08:0c:6b:e0:25:7d:f6:3e:a9:38:a1: 0d:e3:1a:eb:98:d4:3b:31:e6:c7:51:6a:2c:58:ba:6b:83:96: 48:a8:60:d7:44:da:be:16:2b:5e:e1:2b:8b:d6:db:23:24:16: 4c:3e:d1:1c:3b:42:f1:be:88:a6:06:ce:8a:5e:90:98:38:c7: 1d:74:97:10:c0:26:f6:48:a4:9b:fc:5c:e1:a6:39:65:fe:b7: 3e:da:a0:9e:36:3b:9e:0e:13:da:ee:43:06:e4:c3:11:ab:cb: 1f:00:cb:bd:c1:fd:8a:a6:eb:7a:2b:59:32:14:5b:8e:ff:95: 50:d6:46:39:71:28:e2:37:b9:83:34:1a:03:6e:80:eb:2f:55: c6:c7:85:76:d5:b3:f1:e6:bc:00:0e:21:87:1d:47:0b:63:db: 3c:4d:af:62:64:22:cc:a8:94:08:31:fe:8a:a8:78:bb:34:3a: fc:88:12:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAcEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjQyM0IxMTAvBgNVBAUTKEY4MEExN0UxOEUzRjNBMTJGNzUyMzM2NzJFOEFDNjdG ODBFNTJGREYwHhcNMjUxMTAzMDI1ODQwWhcNMjUxMTEwMDI1ODQwWjAYMRYwFAYD VQQDEw02OTA4MWE2MC1iYWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwr16hKcYsRmWgKUQD3y8kkUbRKtJPIrBk0iO7woB3sj+kihYXbBqzn3tL8uS L6Zthm1kEu84t0GAQ4L3ARGlHYWRBgBLQy8DZ6E0jTXM7x1uWgN0sv0DQ+TjHgEs vNw281+tnJxx/Uw95GDm9VUaubZYmdf9ovvflT8O8MaPac+dVeX7dic+M9HLkCq2 xAS/FkkTR763sFn0QkCy0Yv0SDIQLFiCwCBp1mHj8gZJOrJI598qLhUsMJEXln5Z BfsER9Fevgdz5GWY/HpyqHhgixs1rjMVryiSsoQe5gMuNnex5VcIxKkN528sU20G FzU2cXbvbgWaGXf4FCUEN6dhzQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJed5abK 4BdFqDuVA34gZ3vj6NClMB8GA1UdIwQYMBaAFPgKF+GOPzoS91IzZy6Kxn+A5S/f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2NDIzQi9EQzQ5QTVGQTBB QjIxMUVFODBCMzU1MzdDNEY5QUUwMi8tQW9YNFk0X09oTDNVak5uTG9yR2Y0RGxM OTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1Bb1g0WTRfT2hMM1VqTm5Mb3JHZjREbEw5OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 NDIzQi9EQzQ5QTVGQTBBQjIxMUVFODBCMzU1MzdDNEY5QUUwMi8tQW9YNFk0X09o TDNVak5uTG9yR2Y0RGxMOTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRQhsv3YPq7xftrsNMDRTITl9P6PkgpTWbkCBHHgqTHfHZjZXojrQ/ PYWy2KjbZnJIveR076BvQGHRKO2bI8WcYXGP+7D/zzoNPYdykcomCAxr4CV99j6p OKEN4xrrmNQ7MebHUWosWLprg5ZIqGDXRNq+Fite4SuL1tsjJBZMPtEcO0Lxvoim Bs6KXpCYOMcddJcQwCb2SKSb/Fzhpjll/rc+2qCeNjueDhPa7kMG5MMRq8sfAMu9 wf2Kput6K1kyFFuO/5VQ1kY5cSjiN7mDNBoDboDrL1XGx4V21bPx5rwADiGHHUcL Y9s8Ta9iZCLMqJQIMf6KqHi7NDr8iBL1 -----END CERTIFICATE-----Generated at Tue Nov 4 09:46:20 2025 by rpki-client