$ rpki-client -vvf rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft File: 3FejmXtffOj7ybTZiz1F1jMHcRg.mft (raw, json) Hash identifier: bHZNpWUhTJgVDSk/wE30plO+Tnyc+M2/pA0otZUNIDA= Subject key identifier: BD:63:5E:25:58:92:1A:96:DA:42:15:C4:09:30:A9:D6:F2:8F:60:B9 Authority key identifier: DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 Certificate issuer: /CN=A917CABB/serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Certificate serial: 0C6C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft Manifest number: 0C64 Signing time: Tue 04 Nov 2025 18:40:27 +0000 Manifest this update: Tue 04 Nov 2025 18:40:26 +0000 Manifest next update: Tue 11 Nov 2025 18:40:26 +0000 Files and hashes: 1: 3FejmXtffOj7ybTZiz1F1jMHcRg.crl (hash: XMrq8+ilclb9u+eC/2v54iJEQsthrHDa4z34MUl+XAg=) 2: 17BA5658D1FA11EDA0A31C2FC4F9AE02.roa (hash: 1qzItKWorYUUOmMK79qcFmJ05vCRXkNln617yx1hDtI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:40:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3180 (0xc6c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917CABB, serialNumber=DC57A3997B5F7CE8FBC9B4D98B3D45D633077118 Validity Not Before: Nov 4 18:40:26 2025 GMT Not After : Nov 11 18:40:26 2025 GMT Subject: CN=690a489b-7e03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:b5:e1:e0:59:dc:41:9e:bb:b1:c6:0f:18:23: bc:ff:f1:21:70:ad:f0:67:28:1e:61:95:67:96:4f: 14:36:41:e6:7d:00:89:62:54:e8:79:57:5b:08:14: bd:43:9b:b7:41:51:12:5b:15:be:04:86:56:0b:0b: 91:22:af:e8:9e:db:93:13:36:6f:07:9d:69:68:9f: f8:31:2a:8d:08:59:38:11:e7:80:e0:c3:3a:7e:d3: c2:97:95:5a:93:1b:f5:43:ca:f3:8e:9c:03:07:fa: 70:b2:c2:5b:8f:1b:b3:2a:10:50:25:ae:4b:ef:9e: 17:4c:15:8c:eb:37:22:3f:1f:84:ed:a0:dd:7f:a0: 5f:a1:f8:32:32:90:dd:84:36:52:ac:46:4f:74:c8: c6:eb:e6:6c:60:a6:87:f5:e2:c5:28:39:b6:40:b4: c4:5f:f4:07:38:6c:ca:4a:0c:4e:19:58:d8:4a:32: 1e:5b:4c:29:96:1f:d2:10:7a:f8:8c:38:6f:90:f3: 50:e1:9a:a1:dc:ac:97:54:31:f3:23:d2:fe:e7:a5: 0c:e2:a5:8f:d0:2d:12:8e:e8:b2:eb:87:91:3f:9b: 5c:56:dc:48:ae:57:39:70:6b:d1:f6:c1:ed:3f:01: b8:f3:67:8d:8c:11:ec:3b:4a:21:f2:16:c8:7b:38: df:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:63:5E:25:58:92:1A:96:DA:42:15:C4:09:30:A9:D6:F2:8F:60:B9 X509v3 Authority Key Identifier: keyid:DC:57:A3:99:7B:5F:7C:E8:FB:C9:B4:D9:8B:3D:45:D6:33:07:71:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3FejmXtffOj7ybTZiz1F1jMHcRg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917CABB/07675F1E0F6911EAA9D52650C4F9AE02/3FejmXtffOj7ybTZiz1F1jMHcRg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:d8:08:59:ed:0d:13:54:6f:ba:a5:ad:2e:d0:03:60:91:7c: 89:81:08:f2:da:44:5f:56:71:11:e1:c2:96:50:04:21:b8:4d: de:87:b1:ea:ed:f4:b8:7a:a7:6c:b4:01:42:a3:6d:2c:eb:f9: 25:c2:b3:7b:b4:8a:ca:1b:11:b2:11:1e:54:e6:39:47:60:d0: 12:47:5c:3a:26:cc:1e:ce:76:23:2b:d9:95:0a:51:9d:9c:97: 0f:3f:3d:bc:f6:12:82:28:86:80:ab:6f:aa:8f:e6:cd:be:fe: 29:b8:8d:0d:47:00:c6:bd:b3:49:9d:23:dc:9e:81:b6:ba:4e: f4:37:a1:e4:d0:f6:3b:30:f5:cb:3b:9a:21:b9:6f:ec:02:00: 8f:50:ed:af:3a:2e:ea:60:4c:1e:4b:96:70:b3:54:4f:65:73: 32:a4:3b:00:e9:89:f3:06:5b:1d:bd:35:1d:7e:07:28:a1:5a: 8a:90:ac:59:76:7a:eb:0f:05:bb:83:c5:a9:7f:01:c5:55:c6: 52:b3:a9:7c:ae:3e:4f:eb:d8:b6:a8:21:a9:08:69:85:08:77: 7e:17:a6:bc:b5:8f:83:2f:49:ce:4d:fc:1c:91:60:45:de:2b: cc:e8:d4:98:9f:e8:5d:f1:c0:7a:e1:d5:c4:c2:06:78:85:55: 5f:cf:cb:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDGwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0NBQkIxMTAvBgNVBAUTKERDNTdBMzk5N0I1RjdDRThGQkM5QjREOThCM0Q0NUQ2 MzMwNzcxMTgwHhcNMjUxMTA0MTg0MDI2WhcNMjUxMTExMTg0MDI2WjAYMRYwFAYD VQQDEw02OTBhNDg5Yi03ZTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3bXh4FncQZ67scYPGCO8//EhcK3wZygeYZVnlk8UNkHmfQCJYlToeVdbCBS9 Q5u3QVESWxW+BIZWCwuRIq/ontuTEzZvB51paJ/4MSqNCFk4EeeA4MM6ftPCl5Va kxv1Q8rzjpwDB/pwssJbjxuzKhBQJa5L754XTBWM6zciPx+E7aDdf6BfofgyMpDd hDZSrEZPdMjG6+ZsYKaH9eLFKDm2QLTEX/QHOGzKSgxOGVjYSjIeW0wplh/SEHr4 jDhvkPNQ4Zqh3KyXVDHzI9L+56UM4qWP0C0Sjuiy64eRP5tcVtxIrlc5cGvR9sHt PwG482eNjBHsO0oh8hbIezjfUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL1jXiVY khqW2kIVxAkwqdbyj2C5MB8GA1UdIwQYMBaAFNxXo5l7X3zo+8m02Ys9RdYzB3EY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3Q0FCQi8wNzY3NUYxRTBG NjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZPajd5YlRaaXoxRjFqTUhj UmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNGZWptWHRmZk9qN3liVFppejFGMWpNSGNSZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 Q0FCQi8wNzY3NUYxRTBGNjkxMUVBQTlENTI2NTBDNEY5QUUwMi8zRmVqbVh0ZmZP ajd5YlRaaXoxRjFqTUhjUmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCh2AhZ7Q0TVG+6pa0u0ANgkXyJgQjy2kRfVnER4cKWUAQhuE3eh7Hq 7fS4eqdstAFCo20s6/klwrN7tIrKGxGyER5U5jlHYNASR1w6JsweznYjK9mVClGd nJcPPz289hKCKIaAq2+qj+bNvv4puI0NRwDGvbNJnSPcnoG2uk70N6Hk0PY7MPXL O5ohuW/sAgCPUO2vOi7qYEweS5Zws1RPZXMypDsA6YnzBlsdvTUdfgcooVqKkKxZ dnrrDwW7g8WpfwHFVcZSs6l8rj5P69i2qCGpCGmFCHd+F6a8tY+DL0nOTfwckWBF 3ivM6NSYn+hd8cB64dXEwgZ4hVVfz8u5 -----END CERTIFICATE-----Generated at Wed Nov 5 16:40:58 2025 by rpki-client