$ rpki-client -vvf rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft File: 3q8cjeT-PFHGkVP8r5_owq1vjiY.mft (raw, json) Hash identifier: C1CkUJ+TubEEw5EZcNzjxXchLRn1CGOTpSduX+q5XJc= Subject key identifier: A1:95:0E:81:CC:69:4A:DD:D3:4A:AD:D1:25:25:8F:34:DB:6A:51:6A Authority key identifier: DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 Certificate issuer: /CN=A917AC33/serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Certificate serial: 016C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft Manifest number: 0169 Signing time: Thu 06 Nov 2025 23:38:41 +0000 Manifest this update: Thu 06 Nov 2025 23:38:41 +0000 Manifest next update: Thu 13 Nov 2025 23:38:41 +0000 Files and hashes: 1: 3q8cjeT-PFHGkVP8r5_owq1vjiY.crl (hash: HmiHJzf0VIe1M1rjXPlSoK0zKzMjuc16dhyaCmSVnuw=) 2: 1C2EA330925011EE9571EE40C4F9AE02.roa (hash: g1vuB/s+fKkz9lQDwgz7uwUHIIgwyYOpfROfbA+7Aro=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Nov 2025 23:38:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 364 (0x16c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917AC33, serialNumber=DEAF1C8DE4FE3C51C69153FCAF9FE8C2AD6F8E26 Validity Not Before: Nov 6 23:38:41 2025 GMT Not After : Nov 13 23:38:41 2025 GMT Subject: CN=690d3181-1bbf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:28:fa:47:41:ec:92:fc:5b:14:dc:24:76:dc: fc:dc:2a:a8:a0:d0:a8:f4:22:71:7d:de:aa:24:5b: aa:f7:d5:95:7d:02:2d:c1:02:69:0d:fa:62:e0:c2: 05:bb:d4:3a:4b:b6:3b:f9:e2:cc:f8:a9:c1:75:0d: 71:c2:6d:2c:64:0e:39:3c:41:1e:b6:f6:dd:96:b9: 92:4a:68:08:88:eb:cf:12:92:9c:c5:40:59:d8:47: 8b:34:d3:be:ed:ef:4a:75:51:50:ce:68:fa:6d:d5: 95:90:96:79:0d:08:e7:57:f4:4d:de:fd:92:bd:86: d8:b0:36:28:34:36:68:f8:f7:31:8a:e4:c6:bb:c5: ec:47:13:0e:0b:c9:90:e5:85:fe:91:15:60:fc:74: c5:53:bd:f4:ba:ca:b5:81:4f:4e:70:0c:cf:6d:0d: f8:62:a3:8c:9d:20:03:09:c3:7f:23:96:3a:a9:36: fa:50:92:82:29:c7:07:7d:28:d8:16:9f:5c:de:e4: 13:9d:2e:d5:54:f2:94:fc:46:fb:9b:d1:6b:1b:30: 79:37:54:56:7f:fb:6d:fd:5b:dc:56:73:28:62:d9: 56:cd:ac:d2:a2:42:61:3a:a1:8a:08:94:84:d5:64: 7b:85:bf:7c:5e:4a:00:9d:3b:00:ec:58:61:5c:93: 03:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A1:95:0E:81:CC:69:4A:DD:D3:4A:AD:D1:25:25:8F:34:DB:6A:51:6A X509v3 Authority Key Identifier: keyid:DE:AF:1C:8D:E4:FE:3C:51:C6:91:53:FC:AF:9F:E8:C2:AD:6F:8E:26 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3q8cjeT-PFHGkVP8r5_owq1vjiY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917AC33/B0BFAC34924F11EEA8C22440C4F9AE02/3q8cjeT-PFHGkVP8r5_owq1vjiY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:07:08:01:63:35:6e:45:43:ad:ca:e0:72:91:f5:87:26:4c: a4:7f:88:fb:db:e0:52:97:7b:7e:df:1c:42:57:b2:6a:01:cf: 02:3f:72:b9:2c:ea:2c:22:78:a4:a9:df:1e:f5:88:2c:0e:2b: 98:59:10:bc:e0:a9:8c:2a:a7:61:59:53:fa:e4:77:cc:30:61: 00:4a:02:35:42:ea:4f:82:bc:65:4a:31:93:f4:33:3c:1e:8a: 1e:d9:0a:82:33:3f:ba:b7:04:94:92:79:45:f8:81:89:21:66: 6a:6b:fc:95:d1:0b:4d:22:cc:2a:bc:e2:9f:81:12:57:f3:60: 25:41:36:c9:a3:1d:12:2a:d5:92:43:fa:2a:f5:b1:e5:be:5f: 6d:81:d5:47:1d:4a:05:1c:db:9b:b6:f9:85:5e:89:4f:e2:0e: 2d:f3:21:4b:6c:14:3e:dd:b1:54:41:11:fe:73:9d:bc:91:60: d4:5c:08:bb:c9:d1:f6:e3:9c:d2:c8:d0:97:00:02:11:1a:85: 6a:d3:5d:5b:2b:04:12:aa:d5:18:59:cc:bd:3d:81:9a:a6:97: 51:da:b3:cc:1e:1a:3c:01:c4:6f:d1:53:1b:d1:77:42:7e:57: 6c:39:02:f7:d1:1f:c6:1a:63:2b:9f:de:c6:41:05:a6:3f:ee: e4:e2:aa:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0FDMzMxMTAvBgNVBAUTKERFQUYxQzhERTRGRTNDNTFDNjkxNTNGQ0FGOUZFOEMy QUQ2RjhFMjYwHhcNMjUxMTA2MjMzODQxWhcNMjUxMTEzMjMzODQxWjAYMRYwFAYD VQQDEw02OTBkMzE4MS0xYmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqSj6R0HskvxbFNwkdtz83CqooNCo9CJxfd6qJFuq99WVfQItwQJpDfpi4MIF u9Q6S7Y7+eLM+KnBdQ1xwm0sZA45PEEetvbdlrmSSmgIiOvPEpKcxUBZ2EeLNNO+ 7e9KdVFQzmj6bdWVkJZ5DQjnV/RN3v2SvYbYsDYoNDZo+PcxiuTGu8XsRxMOC8mQ 5YX+kRVg/HTFU730usq1gU9OcAzPbQ34YqOMnSADCcN/I5Y6qTb6UJKCKccHfSjY Fp9c3uQTnS7VVPKU/Eb7m9FrGzB5N1RWf/tt/VvcVnMoYtlWzazSokJhOqGKCJSE 1WR7hb98XkoAnTsA7FhhXJMDAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKGVDoHM aUrd00qt0SUljzTbalFqMB8GA1UdIwQYMBaAFN6vHI3k/jxRxpFT/K+f6MKtb44m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QUMzMy9CMEJGQUMzNDky NEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBGSEdrVlA4cjVfb3dxMXZq aVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNxOGNqZVQtUEZIR2tWUDhyNV9vd3ExdmppWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QUMzMy9CMEJGQUMzNDkyNEYxMUVFQThDMjI0NDBDNEY5QUUwMi8zcThjamVULVBG SEdrVlA4cjVfb3dxMXZqaVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArBwgBYzVuRUOtyuBykfWHJkykf4j72+BSl3t+3xxCV7JqAc8CP3K5 LOosInikqd8e9YgsDiuYWRC84KmMKqdhWVP65HfMMGEASgI1QupPgrxlSjGT9DM8 Hooe2QqCMz+6twSUknlF+IGJIWZqa/yV0QtNIswqvOKfgRJX82AlQTbJox0SKtWS Q/oq9bHlvl9tgdVHHUoFHNubtvmFXolP4g4t8yFLbBQ+3bFUQRH+c528kWDUXAi7 ydH245zSyNCXAAIRGoVq011bKwQSqtUYWcy9PYGappdR2rPMHho8AcRv0VMb0XdC fldsOQL30R/GGmMrn97GQQWmP+7k4qqR -----END CERTIFICATE-----Generated at Fri Nov 7 12:41:40 2025 by rpki-client