$ rpki-client -vvf rpki.apnic.net/member_repository/A9170304/AB8249B21D8E11E2B18226ED08B02CD2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.mft File: X8J5LPRAuFeDnWiKcLYPB2KrqzU.mft (raw, json) Hash identifier: ugVR5a0YMvdU8uVll2dJVy9AWYaBmaNKzPakNOkmMBQ= Subject key identifier: 94:36:FD:78:F8:F8:75:8E:09:33:E4:FF:E0:78:5F:10:DD:29:54:7F Authority key identifier: 5F:C2:79:2C:F4:40:B8:57:83:9D:68:8A:70:B6:0F:07:62:AB:AB:35 Certificate issuer: /CN=A9170304/serialNumber=5FC2792CF440B857839D688A70B60F0762ABAB35 Certificate serial: 34E8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9170304/AB8249B21D8E11E2B18226ED08B02CD2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.mft Manifest number: 34DF Signing time: Tue 04 Nov 2025 14:43:12 +0000 Manifest this update: Tue 04 Nov 2025 14:43:12 +0000 Manifest next update: Tue 11 Nov 2025 14:43:12 +0000 Files and hashes: 1: X8J5LPRAuFeDnWiKcLYPB2KrqzU.crl (hash: ivxMl5g5rh9ZQDsXJhRCrwYqoIOLZ2zsMo7zNtlFYjo=) 2: 6D106CEE3AA011EB963B4842C4F9AE02.roa (hash: m1Ja+K+BQF88h58Y18w9A7vu3WiRuOsB65pKsql8BvI=) 3: 3A304DB4F54411EE8FF34627C4F9AE02.roa (hash: Zl4gUZhHt66LNUFLaLmernm+th1hHU0/5O3LszjxBds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9170304/AB8249B21D8E11E2B18226ED08B02CD2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.crl rsync://rpki.apnic.net/member_repository/A9170304/AB8249B21D8E11E2B18226ED08B02CD2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:43:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13544 (0x34e8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9170304, serialNumber=5FC2792CF440B857839D688A70B60F0762ABAB35 Validity Not Before: Nov 4 14:43:12 2025 GMT Not After : Nov 11 14:43:12 2025 GMT Subject: CN=690a1100-093b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:de:61:1d:2a:bc:70:d8:81:79:ad:dd:3b:ad: 61:a8:00:f0:3b:ae:49:3a:7f:a3:b2:96:58:b5:fa: c9:c1:e8:3d:05:44:ba:29:ab:b0:68:3f:98:e0:34: 5f:a6:b5:70:2f:83:d4:be:1d:20:fb:eb:a8:32:86: 44:64:f3:07:6c:4d:d0:3d:b8:f7:2f:46:54:99:db: c3:a4:fe:19:30:d4:60:c4:53:8b:39:a2:ff:e6:34: c7:c1:51:ce:80:f8:21:90:be:b1:9b:66:53:86:19: 4b:49:3b:5c:a7:32:d9:08:0c:24:db:e8:7d:73:cf: 50:36:09:5e:eb:aa:b9:e6:15:47:73:e4:4d:c3:8a: f6:c0:ea:95:14:d2:bb:91:47:de:72:cd:ec:e5:f1: 25:b6:bd:0e:51:55:de:a1:51:01:d3:6a:bf:8c:45: e4:b7:47:52:65:32:d6:22:ec:23:f1:b4:bd:bd:9f: 0d:86:14:cf:56:38:22:64:56:14:31:7c:fb:1d:99: a6:54:55:f5:24:72:14:26:37:56:14:cb:75:2c:0f: 83:1b:4a:89:b2:7e:19:0b:49:61:0d:cc:cc:2d:1a: ce:78:b6:98:ed:14:03:e7:e0:97:4e:ee:ba:4b:dd: 23:c3:9f:e9:c3:b9:c5:2c:9e:12:13:ba:d9:3f:e5: bf:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 94:36:FD:78:F8:F8:75:8E:09:33:E4:FF:E0:78:5F:10:DD:29:54:7F X509v3 Authority Key Identifier: keyid:5F:C2:79:2C:F4:40:B8:57:83:9D:68:8A:70:B6:0F:07:62:AB:AB:35 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9170304/AB8249B21D8E11E2B18226ED08B02CD2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9170304/AB8249B21D8E11E2B18226ED08B02CD2/X8J5LPRAuFeDnWiKcLYPB2KrqzU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:ac:40:3a:db:f8:9f:63:a0:1f:52:21:59:e3:08:92:67:7b: 28:42:29:4d:6d:fc:2d:bd:aa:fe:4b:92:ee:89:9e:10:a5:1f: 56:aa:e4:33:d3:c3:54:a8:3a:45:43:cb:a6:63:8b:38:f1:be: 08:81:c0:b3:8c:40:ae:52:e2:41:3f:a1:17:91:f8:2a:f1:3f: a9:4c:b6:cf:1f:71:aa:7a:10:63:17:a8:ab:b9:45:f0:d0:4d: 5c:7f:1a:e2:ca:d0:71:a4:c1:92:f6:49:5f:5f:33:6c:14:6d: 1b:d4:db:27:b9:e0:ba:07:12:36:37:14:7d:c1:b7:28:c9:c4: b1:40:7a:77:ff:13:6f:02:80:77:32:52:7e:f0:51:6b:76:c3: e5:61:94:c5:1d:77:46:0f:31:cd:50:96:9f:a2:17:7b:c2:b0: 08:09:06:be:72:38:e8:8c:d1:18:78:02:55:9f:8b:1c:59:e2: 17:05:0a:81:9e:ab:c9:e6:f6:f7:6f:f7:e6:ac:f3:d4:c7:bf: 4d:a7:47:25:45:6c:ba:0e:90:4b:19:5a:ba:56:68:d2:e1:bf: 8c:98:3b:fc:25:c8:45:df:ea:96:15:9a:f7:00:26:51:20:29: a5:78:af:df:36:10:fe:95:2d:69:a1:22:90:90:ad:94:81:7c: dd:a9:c7:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzAzMDQxMTAvBgNVBAUTKDVGQzI3OTJDRjQ0MEI4NTc4MzlENjg4QTcwQjYwRjA3 NjJBQkFCMzUwHhcNMjUxMTA0MTQ0MzEyWhcNMjUxMTExMTQ0MzEyWjAYMRYwFAYD VQQDEw02OTBhMTEwMC0wOTNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyt5hHSq8cNiBea3dO61hqADwO65JOn+jspZYtfrJweg9BUS6KauwaD+Y4DRf prVwL4PUvh0g++uoMoZEZPMHbE3QPbj3L0ZUmdvDpP4ZMNRgxFOLOaL/5jTHwVHO gPghkL6xm2ZThhlLSTtcpzLZCAwk2+h9c89QNgle66q55hVHc+RNw4r2wOqVFNK7 kUfecs3s5fEltr0OUVXeoVEB02q/jEXkt0dSZTLWIuwj8bS9vZ8NhhTPVjgiZFYU MXz7HZmmVFX1JHIUJjdWFMt1LA+DG0qJsn4ZC0lhDczMLRrOeLaY7RQD5+CXTu66 S90jw5/pw7nFLJ4SE7rZP+W/1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJQ2/Xj4 +HWOCTPk/+B4XxDdKVR/MB8GA1UdIwQYMBaAFF/CeSz0QLhXg51oinC2Dwdiq6s1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDMwNC9BQjgyNDlCMjFE OEUxMUUyQjE4MjI2RUQwOEIwMkNEMi9YOEo1TFBSQXVGZURuV2lLY0xZUEIyS3Jx elUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1g4SjVMUFJBdUZlRG5XaUtjTFlQQjJLcnF6VS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MDMwNC9BQjgyNDlCMjFEOEUxMUUyQjE4MjI2RUQwOEIwMkNEMi9YOEo1TFBSQXVG ZURuV2lLY0xZUEIyS3JxelUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLrEA62/ifY6AfUiFZ4wiSZ3soQilNbfwtvar+S5LuiZ4QpR9WquQz 08NUqDpFQ8umY4s48b4IgcCzjECuUuJBP6EXkfgq8T+pTLbPH3GqehBjF6iruUXw 0E1cfxriytBxpMGS9klfXzNsFG0b1NsnueC6BxI2NxR9wbcoycSxQHp3/xNvAoB3 MlJ+8FFrdsPlYZTFHXdGDzHNUJafohd7wrAICQa+cjjojNEYeAJVn4scWeIXBQqB nqvJ5vb3b/fmrPPUx79Np0clRWy6DpBLGVq6VmjS4b+MmDv8JchF3+qWFZr3ACZR ICmleK/fNhD+lS1poSKQkK2UgXzdqcf2 -----END CERTIFICATE-----Generated at Wed Nov 5 13:51:52 2025 by rpki-client