$ rpki-client -vvf rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft File: g3GOntShsiknnjylVdRNbh_KjMU.mft (raw, json) Hash identifier: 49I2MNmBq8N/trIOqDUG7+dvCZNnBOnvvSQPRkAq8po= Subject key identifier: 43:8E:29:30:47:16:D0:5D:E3:C1:BB:9D:C0:39:DD:56:98:B4:08:49 Authority key identifier: 83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 Certificate issuer: /CN=A917A17B/serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Certificate serial: 0CA0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft Manifest number: 0C95 Signing time: Sun 02 Nov 2025 18:23:16 +0000 Manifest this update: Sun 02 Nov 2025 18:23:15 +0000 Manifest next update: Sun 09 Nov 2025 18:23:15 +0000 Files and hashes: 1: g3GOntShsiknnjylVdRNbh_KjMU.crl (hash: 4Bh7n50akCo5TayHNHqR78yCXorAUVzbYG3WNP5IEnU=) 2: A473C9A008F311EE98719810C4F9AE02.roa (hash: I+dyDrUC3DvMgCPW4jStqejUHX8a7vo0aXHEIsgKIwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:23:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3232 (0xca0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917A17B, serialNumber=83718E9ED4A1B229279E3CA555D44D6E1FCA8CC5 Validity Not Before: Nov 2 18:23:15 2025 GMT Not After : Nov 9 18:23:15 2025 GMT Subject: CN=6907a193-a324 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:ad:99:8b:86:44:c1:d4:62:09:fb:48:07:dc: b9:e0:fd:e3:54:09:1d:49:29:01:93:3d:0f:5e:62: 84:c9:71:31:4b:21:d2:e4:27:7b:de:f6:ae:f0:a1: fe:5f:60:f8:0b:7f:2f:c2:7b:34:89:45:48:47:0e: 87:da:3b:1c:e9:01:9c:9d:61:7e:c2:55:ce:ed:88: ef:d6:53:67:1b:3b:18:b6:36:cf:ec:6e:b0:72:03: 1a:36:69:17:dc:16:87:34:ef:a4:b7:e5:75:27:4a: 30:ee:5d:63:66:3b:8d:d2:f1:f3:cb:3e:1e:f4:ae: 7c:2a:36:76:84:d1:f3:f2:cf:e9:8d:3d:dd:fc:90: 37:71:16:2f:2c:35:f6:ef:fb:06:c0:a7:22:d0:d9: e6:7f:31:59:29:26:54:1b:35:09:e9:fc:e5:a3:56: 14:cb:bb:b2:e2:05:01:96:d0:12:c4:11:ac:39:00: cb:80:ff:7a:40:c4:03:16:77:68:d6:26:36:a8:78: a2:b0:7a:4c:02:9d:b6:f3:05:7e:9a:d9:d4:19:6f: ed:e4:d3:38:6d:6e:07:a7:f5:f7:0e:1d:9d:1f:1f: 4a:43:b0:fe:f5:51:43:ea:a4:12:05:69:4a:6e:52: 22:8e:c0:f5:89:27:b7:1b:04:31:c5:ec:e6:86:a4: 96:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:8E:29:30:47:16:D0:5D:E3:C1:BB:9D:C0:39:DD:56:98:B4:08:49 X509v3 Authority Key Identifier: keyid:83:71:8E:9E:D4:A1:B2:29:27:9E:3C:A5:55:D4:4D:6E:1F:CA:8C:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g3GOntShsiknnjylVdRNbh_KjMU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917A17B/85395D6E06D311EABA5D5A49C4F9AE02/g3GOntShsiknnjylVdRNbh_KjMU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:e8:22:d2:ef:d2:f8:fd:ad:6c:a4:8e:99:49:50:d5:38:e1: df:b2:64:01:85:71:d5:39:cc:e6:c0:9a:58:02:cf:32:ad:72: 22:7b:7b:ec:8b:e8:a5:05:71:06:55:b9:a0:43:22:e0:85:61: 36:b9:00:5a:97:83:f6:5b:ec:2d:f8:b9:01:4a:d5:26:11:f7: a1:07:21:bc:85:56:0a:d2:84:09:ee:28:1a:40:e9:9c:5c:5b: cb:3c:3c:b7:73:16:c1:f0:a8:15:1b:ca:59:ae:a0:d4:0c:8d: 6d:80:9e:a2:27:cc:d6:ae:32:7b:66:a3:12:9f:7b:87:aa:e9: 90:f2:c4:45:a9:06:f6:de:60:bd:3e:26:db:aa:33:8d:62:28: 84:94:20:8d:c8:22:c8:04:64:d1:40:3d:6b:f9:dd:ff:85:96: 62:8e:bd:07:57:3d:ad:2b:54:56:52:bf:ae:d1:0d:f8:2b:5d: c2:29:5a:3e:0e:fb:f0:88:02:c7:f3:f3:37:9d:42:cc:0e:fc: c9:51:08:73:de:27:31:c3:1f:33:8c:61:13:84:e4:c3:f7:65: ef:15:75:7f:2d:d3:33:03:0e:7c:e0:af:d8:0b:64:ab:7e:07: 43:39:b0:f6:fc:4a:86:9e:de:0c:ab:95:34:58:63:c2:e6:c6: 5d:a8:b2:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0ExN0IxMTAvBgNVBAUTKDgzNzE4RTlFRDRBMUIyMjkyNzlFM0NBNTU1RDQ0RDZF MUZDQThDQzUwHhcNMjUxMTAyMTgyMzE1WhcNMjUxMTA5MTgyMzE1WjAYMRYwFAYD VQQDEw02OTA3YTE5My1hMzI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnq2Zi4ZEwdRiCftIB9y54P3jVAkdSSkBkz0PXmKEyXExSyHS5Cd73vau8KH+ X2D4C38vwns0iUVIRw6H2jsc6QGcnWF+wlXO7Yjv1lNnGzsYtjbP7G6wcgMaNmkX 3BaHNO+kt+V1J0ow7l1jZjuN0vHzyz4e9K58KjZ2hNHz8s/pjT3d/JA3cRYvLDX2 7/sGwKci0NnmfzFZKSZUGzUJ6fzlo1YUy7uy4gUBltASxBGsOQDLgP96QMQDFndo 1iY2qHiisHpMAp228wV+mtnUGW/t5NM4bW4Hp/X3Dh2dHx9KQ7D+9VFD6qQSBWlK blIijsD1iSe3GwQxxezmhqSW/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEOOKTBH FtBd48G7ncA53VaYtAhJMB8GA1UdIwQYMBaAFINxjp7UobIpJ548pVXUTW4fyozF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QTE3Qi84NTM5NUQ2RTA2 RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNpa25uanlsVmRSTmJoX0tq TVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2czR09udFNoc2lrbm5qeWxWZFJOYmhfS2pNVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QTE3Qi84NTM5NUQ2RTA2RDMxMUVBQkE1RDVBNDlDNEY5QUUwMi9nM0dPbnRTaHNp a25uanlsVmRSTmJoX0tqTVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCR6CLS79L4/a1spI6ZSVDVOOHfsmQBhXHVOczmwJpYAs8yrXIie3vs i+ilBXEGVbmgQyLghWE2uQBal4P2W+wt+LkBStUmEfehByG8hVYK0oQJ7igaQOmc XFvLPDy3cxbB8KgVG8pZrqDUDI1tgJ6iJ8zWrjJ7ZqMSn3uHqumQ8sRFqQb23mC9 PibbqjONYiiElCCNyCLIBGTRQD1r+d3/hZZijr0HVz2tK1RWUr+u0Q34K13CKVo+ DvvwiALH8/M3nULMDvzJUQhz3icxwx8zjGEThOTD92XvFXV/LdMzAw584K/YC2Sr fgdDObD2/EqGnt4Mq5U0WGPC5sZdqLJX -----END CERTIFICATE-----Generated at Mon Nov 3 18:13:31 2025 by rpki-client