$ rpki-client -vvf rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft File: XAq0JfK0I14cgVaDvWyOi3uAtyc.mft (raw, json) Hash identifier: d2f9OMaNl5gjMkdwRfLVMoDq/q/Z4hEXFg4hqJuDMMM= Subject key identifier: 10:D5:66:D0:21:18:A0:58:1B:13:59:0F:6E:AD:0E:8C:A6:12:4C:8A Authority key identifier: 5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27 Certificate issuer: /CN=A917F8A9/serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727 Certificate serial: 09CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft Manifest number: 09B7 Signing time: Wed 22 Oct 2025 20:43:25 +0000 Manifest this update: Wed 22 Oct 2025 20:43:25 +0000 Manifest next update: Wed 29 Oct 2025 20:43:25 +0000 Files and hashes: 1: XAq0JfK0I14cgVaDvWyOi3uAtyc.crl (hash: 5qyG9TGxkGNYJLtgX9SypPiWJpMnRoazezwGwqwiAkE=) 2: 83DC30E0D0DB11EA9336962FC4F9AE02.roa (hash: 1xpqucRPj2sGGfUlw/hjqGcWw2RAvQEPEvj1/o7DLww=) 3: 0774A2C894F211EAB30E7682C4F9AE02.roa (hash: Qe2k4Rmt8cYvrQ25NjhCj6HgTDQ2LTBczeZdX5NMi1Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 20:43:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2510 (0x9ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917F8A9, serialNumber=5C0AB425F2B4235E1C815683BD6C8E8B7B80B727 Validity Not Before: Oct 22 20:43:25 2025 GMT Not After : Oct 29 20:43:25 2025 GMT Subject: CN=68f941ed-d839 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:ae:b2:66:1c:ec:6c:d4:e7:c1:bb:73:5e:f2: 43:b7:24:51:4a:19:9d:a8:79:84:06:ab:1b:5d:bd: 35:ce:a2:ec:45:21:ed:af:4b:a2:86:b5:88:f7:cf: ef:0a:fc:2c:15:3d:2a:ca:72:1d:67:9d:fc:6d:66: 8d:a0:bc:8d:36:6e:42:5c:8c:d5:d7:66:78:91:04: 11:4b:a6:d2:50:8f:f6:16:8d:e2:6a:33:68:d3:aa: 5a:38:53:b3:35:d5:cb:3e:14:23:ef:08:42:01:61: a1:d9:7d:af:50:7b:ff:a0:d7:36:43:78:b5:4e:cd: 2a:67:f3:70:17:01:ad:1a:80:24:2a:e3:ea:e7:6f: c1:5f:ed:86:53:10:40:9b:fe:10:00:8d:de:88:86: f6:3a:aa:16:4d:49:f7:54:5a:86:16:8f:f7:b5:de: d9:a2:be:1c:0a:50:40:62:a2:ac:61:3d:b0:b2:d6: b2:da:05:c1:77:98:49:b3:d7:3a:f5:98:00:dd:e0: f7:2f:18:f0:50:71:aa:f8:ed:1e:50:14:35:2f:1e: 1a:2a:80:67:b9:39:c8:de:43:ee:b8:5d:ee:cb:00: 59:15:a9:c3:4b:73:ec:7e:1f:e1:4e:66:be:21:4c: 0b:b8:81:3a:53:83:3c:cd:c6:f0:23:55:80:b6:e4: f8:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:D5:66:D0:21:18:A0:58:1B:13:59:0F:6E:AD:0E:8C:A6:12:4C:8A X509v3 Authority Key Identifier: keyid:5C:0A:B4:25:F2:B4:23:5E:1C:81:56:83:BD:6C:8E:8B:7B:80:B7:27 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XAq0JfK0I14cgVaDvWyOi3uAtyc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917F8A9/2AA0433094F011EA83EF1E7DC4F9AE02/XAq0JfK0I14cgVaDvWyOi3uAtyc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:40:bc:26:df:ce:a1:e8:2c:12:71:d1:78:a9:6b:23:81:ee: 97:4d:b9:f0:4a:ba:29:37:8b:f3:12:73:c4:e5:6c:0c:09:de: a2:27:6f:16:84:16:91:49:0d:3a:2c:42:84:e1:ee:75:0b:68: 11:c3:b3:d2:8a:ec:3d:7c:c9:e2:49:e2:03:51:dc:58:32:44: 54:8a:bd:ad:4e:17:f8:5d:12:77:92:c7:52:10:19:9f:7a:da: 55:51:7a:c7:dd:d6:fa:c9:15:26:d3:21:dc:32:06:20:20:d3: b6:94:02:9c:5d:46:6f:d1:29:39:ea:f5:b0:a9:5e:5c:d2:9f: 2b:b7:f0:d0:6c:59:7f:f1:dd:46:25:46:f9:b4:6a:ad:8d:e3: 03:89:8f:aa:fd:37:59:42:0e:19:63:df:e3:a1:de:4e:34:31: 80:13:61:e8:90:da:84:d0:8b:ff:1e:76:0c:9d:e4:29:a9:b2: a9:ce:da:46:d4:13:43:3f:ff:cf:83:ca:8f:12:55:86:18:2e: ad:62:d8:d1:4d:55:bd:fb:23:5e:15:ff:3a:ae:eb:e6:a0:a4: 65:f7:59:30:86:26:dc:6b:61:20:4f:91:99:5a:cf:9d:31:5c: e7:6e:70:86:cf:9e:28:76:81:4d:69:d9:b0:90:0e:d3:d1:58: de:fa:1e:d2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0Y4QTkxMTAvBgNVBAUTKDVDMEFCNDI1RjJCNDIzNUUxQzgxNTY4M0JENkM4RThC N0I4MEI3MjcwHhcNMjUxMDIyMjA0MzI1WhcNMjUxMDI5MjA0MzI1WjAYMRYwFAYD VQQDEw02OGY5NDFlZC1kODM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApq6yZhzsbNTnwbtzXvJDtyRRShmdqHmEBqsbXb01zqLsRSHtr0uihrWI98/v CvwsFT0qynIdZ538bWaNoLyNNm5CXIzV12Z4kQQRS6bSUI/2Fo3iajNo06paOFOz NdXLPhQj7whCAWGh2X2vUHv/oNc2Q3i1Ts0qZ/NwFwGtGoAkKuPq52/BX+2GUxBA m/4QAI3eiIb2OqoWTUn3VFqGFo/3td7Zor4cClBAYqKsYT2wstay2gXBd5hJs9c6 9ZgA3eD3LxjwUHGq+O0eUBQ1Lx4aKoBnuTnI3kPuuF3uywBZFanDS3Psfh/hTma+ IUwLuIE6U4M8zcbwI1WAtuT41QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBDVZtAh GKBYGxNZD26tDoymEkyKMB8GA1UdIwQYMBaAFFwKtCXytCNeHIFWg71sjot7gLcn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RjhBOS8yQUEwNDMzMDk0 RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkxNGNnVmFEdld5T2kzdUF0 eWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hBcTBKZkswSTE0Y2dWYUR2V3lPaTN1QXR5Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RjhBOS8yQUEwNDMzMDk0RjAxMUVBODNFRjFFN0RDNEY5QUUwMi9YQXEwSmZLMEkx NGNnVmFEdld5T2kzdUF0eWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkQLwm386h6CwScdF4qWsjge6XTbnwSropN4vzEnPE5WwMCd6iJ28W hBaRSQ06LEKE4e51C2gRw7PSiuw9fMniSeIDUdxYMkRUir2tThf4XRJ3ksdSEBmf etpVUXrH3db6yRUm0yHcMgYgINO2lAKcXUZv0Sk56vWwqV5c0p8rt/DQbFl/8d1G JUb5tGqtjeMDiY+q/TdZQg4ZY9/jod5ONDGAE2HokNqE0Iv/HnYMneQpqbKpztpG 1BNDP//Pg8qPElWGGC6tYtjRTVW9+yNeFf86ruvmoKRl91kwhibca2EgT5GZWs+d MVznbnCGz54odoFNadmwkA7T0Vje+h7S -----END CERTIFICATE-----Generated at Thu Oct 23 10:00:09 2025 by rpki-client