$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: uaRlqIIa4ZO3CntzD7arzDQZuwWCmR9gDgzJ9j//3gE= Subject key identifier: 37:30:56:50:59:B9:7C:41:ED:2F:F7:93:41:0A:0F:31:41:05:CD:B0 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: D7 Signing time: Mon 03 Nov 2025 05:40:48 +0000 Manifest this update: Mon 03 Nov 2025 05:40:47 +0000 Manifest next update: Mon 10 Nov 2025 05:40:47 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: yxM6L5rMYjDKOy4NxgV5DQSvn6ViOn58/v0PHknyO6c=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: 0W2/njWu/4NeHHOITSUzSzI4ic/vgB1fnauNrzPM4sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:40:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Nov 3 05:40:47 2025 GMT Not After : Nov 10 05:40:47 2025 GMT Subject: CN=69084060-8016 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:9d:b9:9d:ee:6f:8b:e5:d0:ce:0c:cb:e0:66: bc:5d:e2:18:42:72:cc:6f:f9:39:16:6f:d4:f5:e2: 53:0f:9b:f8:d6:13:58:6b:dc:03:cc:20:c2:3b:52: 41:1a:7e:43:36:cd:49:5b:a3:d7:f9:f8:32:0b:80: 6e:53:0e:5e:57:31:17:5e:08:f8:93:81:2f:8f:fd: cc:43:f1:26:42:22:f0:58:b0:a3:14:6b:e8:f1:56: 31:d3:55:25:41:99:db:29:c7:e8:66:ae:e4:c7:9e: 32:d3:31:2a:3e:50:a8:9f:66:bf:bf:ca:38:73:b0: 1d:fc:d0:46:00:ae:34:8a:96:80:b8:86:23:0a:b3: 16:0d:d2:2c:2d:75:29:ac:fe:fc:32:a8:92:8d:d6: ed:0c:80:cf:cc:b3:e9:8f:2f:47:af:a9:6a:1d:f4: cf:59:d9:25:ac:0a:83:eb:97:fb:cf:7a:99:89:e0: f7:99:bb:f9:e2:37:bb:5d:6f:90:e9:1c:ec:e0:a0: b1:09:65:cd:1b:de:ff:bc:a4:c5:0d:eb:07:9f:ff: 38:84:e8:14:c0:d7:bb:3e:36:ab:44:cf:cf:b4:42: 0d:d7:24:0a:a7:7d:f8:87:f6:5b:dc:09:26:73:a3: c5:91:97:bb:96:ec:b1:9e:2e:ff:fb:45:e7:83:bc: 1a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 37:30:56:50:59:B9:7C:41:ED:2F:F7:93:41:0A:0F:31:41:05:CD:B0 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:33:d1:38:c6:c7:a7:31:fc:f8:fd:97:39:f3:03:ce:9c:79: ea:4a:66:0a:d6:df:69:ff:73:79:8d:15:f6:3b:75:f1:67:bd: 14:20:7d:a9:df:6c:42:f0:32:2a:e0:4c:20:16:ca:35:90:dd: c1:a2:ac:6c:57:be:06:97:ed:7f:a7:3f:72:a7:bb:3a:a3:a5: f8:c1:58:eb:8f:54:65:da:25:39:2a:8a:de:45:e2:01:23:7e: 5a:11:de:f5:d4:ab:20:c8:91:d1:49:0e:9e:0d:9b:4f:bb:95: d0:76:fe:41:02:94:b6:cf:98:86:01:56:8b:33:70:d9:b1:ce: 87:a2:75:b4:a4:3c:ab:da:78:0c:9a:52:48:f5:c6:f3:46:ee: ab:17:bf:05:50:be:26:d8:02:5e:7d:88:e4:b1:17:de:e3:ad: ff:55:ab:30:87:ad:a5:d2:be:cf:f4:89:c9:d5:c3:0a:93:82: f4:4e:19:2f:c0:6b:31:20:94:d1:f3:4e:07:b5:9d:da:f7:c4: eb:e6:fb:bb:2b:88:c0:27:7c:ab:8c:fa:8e:7b:ac:d0:4a:82: 4d:dc:48:6c:e1:24:71:a1:c4:66:6f:b0:d3:ec:56:bd:30:ca: 57:66:d1:cc:37:0a:69:f0:78:18:f6:3d:6a:b2:7a:42:97:e3: dd:1d:6a:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUxMTAzMDU0MDQ3WhcNMjUxMTEwMDU0MDQ3WjAYMRYwFAYD VQQDEw02OTA4NDA2MC04MDE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAs525ne5vi+XQzgzL4Ga8XeIYQnLMb/k5Fm/U9eJTD5v41hNYa9wDzCDCO1JB Gn5DNs1JW6PX+fgyC4BuUw5eVzEXXgj4k4Evj/3MQ/EmQiLwWLCjFGvo8VYx01Ul QZnbKcfoZq7kx54y0zEqPlCon2a/v8o4c7Ad/NBGAK40ipaAuIYjCrMWDdIsLXUp rP78MqiSjdbtDIDPzLPpjy9Hr6lqHfTPWdklrAqD65f7z3qZieD3mbv54je7XW+Q 6Rzs4KCxCWXNG97/vKTFDesHn/84hOgUwNe7PjarRM/PtEIN1yQKp334h/Zb3Akm c6PFkZe7luyxni7/+0Xng7waVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDcwVlBZ uXxB7S/3k0EKDzFBBc2wMB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQM9E4xsenMfz4/Zc58wPOnHnqSmYK1t9p/3N5jRX2O3XxZ70UIH2p 32xC8DIq4EwgFso1kN3BoqxsV74Gl+1/pz9yp7s6o6X4wVjrj1Rl2iU5KoreReIB I35aEd711KsgyJHRSQ6eDZtPu5XQdv5BApS2z5iGAVaLM3DZsc6HonW0pDyr2ngM mlJI9cbzRu6rF78FUL4m2AJefYjksRfe463/Vaswh62l0r7P9InJ1cMKk4L0Thkv wGsxIJTR804HtZ3a98Tr5vu7K4jAJ3yrjPqOe6zQSoJN3Ehs4SRxocRmb7DT7Fa9 MMpXZtHMNwpp8HgY9j1qsnpCl+PdHWpT -----END CERTIFICATE-----Generated at Mon Nov 3 18:17:19 2025 by rpki-client