$ rpki-client -vvf rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft File: 28IYSbtMFwTSMZPEG3DGaxqWVi8.mft (raw, json) Hash identifier: NkZiuWeiSTkRPrWl4yhSpOOl2DmeFWd0JyoO3meWlqI= Subject key identifier: D4:FE:57:03:E1:78:CB:DB:0D:4D:00:CA:3F:7F:BC:D3:5F:7A:C6:C8 Authority key identifier: DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F Certificate issuer: /CN=A919C233/serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Certificate serial: 1594 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft Manifest number: 1588 Signing time: Tue 04 Nov 2025 16:51:37 +0000 Manifest this update: Tue 04 Nov 2025 16:51:36 +0000 Manifest next update: Tue 11 Nov 2025 16:51:36 +0000 Files and hashes: 1: 28IYSbtMFwTSMZPEG3DGaxqWVi8.crl (hash: +uGuqyTOddSJ0OS2q4bsgnKwW0SzQGMsDOgxkfP8v0s=) 2: 13EB2806503611F0AE9ACE86C4F9AE02.roa (hash: 5U+qNAcyg11e1mcFFeSSmJQHAt3E5ngFjCNuSAbr96I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:51:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5524 (0x1594) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C233, serialNumber=DBC21849BB4C1704D23193C41B70C66B1A96562F Validity Not Before: Nov 4 16:51:36 2025 GMT Not After : Nov 11 16:51:36 2025 GMT Subject: CN=690a2f18-92c5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:2f:53:53:65:9e:31:52:84:3f:96:6b:fd:8b: ed:38:5a:56:50:d9:52:15:75:5e:93:79:84:e3:ab: df:b7:f1:3b:b3:e0:cf:01:99:83:59:a6:5f:a8:6d: 3a:e7:a1:4b:28:a4:c7:3e:12:dc:9d:fd:86:9b:06: ed:48:d5:44:0d:99:15:d1:73:3b:b6:f5:0d:c8:69: 25:1c:e5:3d:16:b0:1f:c4:6b:7f:3c:b9:4f:d6:30: d2:86:7b:db:c7:93:f5:a7:94:9b:2c:d6:87:2b:b8: 5c:75:d0:50:25:9e:98:6b:9b:b0:6b:d4:ed:36:5d: d0:24:21:27:46:dd:7e:b4:71:75:1c:5c:8c:80:80: d5:3e:2e:7b:3c:c2:cd:07:ea:ee:d0:5f:32:3c:af: 4e:d0:e2:f9:bf:b8:c3:23:d7:11:bc:38:86:3d:da: cc:b6:eb:aa:09:16:2d:a5:51:4f:9a:57:cd:53:3b: ed:b0:88:7a:10:c3:7a:6e:88:99:a9:f9:0a:52:db: 22:f0:68:6b:3f:2f:fd:49:60:44:69:49:bc:41:68: 4b:42:89:e0:c1:90:df:8e:08:5e:e4:2b:85:b9:67: 32:81:87:a4:86:3a:c3:7c:c6:c8:1c:19:c5:52:81: b8:06:1c:8c:98:77:9a:bf:c9:8a:a8:2e:61:2e:ee: f0:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:FE:57:03:E1:78:CB:DB:0D:4D:00:CA:3F:7F:BC:D3:5F:7A:C6:C8 X509v3 Authority Key Identifier: keyid:DB:C2:18:49:BB:4C:17:04:D2:31:93:C4:1B:70:C6:6B:1A:96:56:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/28IYSbtMFwTSMZPEG3DGaxqWVi8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C233/1FDAFD6243E611E8BC415F65C4F9AE02/28IYSbtMFwTSMZPEG3DGaxqWVi8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:fc:d8:33:9d:72:93:c1:d8:a2:2b:52:18:6d:c3:b5:f8:cd: 97:86:8c:20:b4:1f:65:b3:82:4e:82:d4:ca:fa:df:4b:77:94: c1:fe:4e:aa:ea:0c:36:e9:32:c5:1d:96:67:0c:f9:b4:6a:34: da:0e:c0:6f:7a:91:77:cb:d5:75:54:77:77:82:ca:c8:d7:81: 52:f7:91:dd:5a:16:75:fe:a6:cf:13:ab:3e:2b:7d:e4:e7:1f: ed:94:44:61:3d:18:bb:97:a6:26:12:2b:f0:2f:76:96:34:9f: 42:7d:cc:aa:57:23:48:9d:f8:8f:89:0a:55:d2:8b:01:cc:60: 91:45:81:1a:ed:4a:11:48:a5:24:31:38:4e:cc:aa:e8:99:28: 6f:f1:49:5e:82:51:d2:cd:5c:a4:61:b5:1e:7e:7d:02:a7:38: 5b:af:ae:05:bd:93:2f:aa:08:48:c8:50:52:33:7b:df:5c:a2: 40:52:83:1d:7b:33:4f:04:a2:82:a3:63:bb:06:4b:84:dc:98: 7b:9f:5a:4a:6b:bd:48:a7:d8:c2:c9:21:28:91:f4:d8:bd:b3: 85:dd:1b:ed:e5:19:8b:af:1d:1f:00:4a:d5:8a:61:69:da:2a: 77:81:a3:e1:0c:9f:e2:52:f9:9f:d8:c5:24:42:e2:6b:1f:11: 69:13:a3:71 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUMyMzMxMTAvBgNVBAUTKERCQzIxODQ5QkI0QzE3MDREMjMxOTNDNDFCNzBDNjZC MUE5NjU2MkYwHhcNMjUxMTA0MTY1MTM2WhcNMjUxMTExMTY1MTM2WjAYMRYwFAYD VQQDEw02OTBhMmYxOC05MmM1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1C9TU2WeMVKEP5Zr/YvtOFpWUNlSFXVek3mE46vft/E7s+DPAZmDWaZfqG06 56FLKKTHPhLcnf2GmwbtSNVEDZkV0XM7tvUNyGklHOU9FrAfxGt/PLlP1jDShnvb x5P1p5SbLNaHK7hcddBQJZ6Ya5uwa9TtNl3QJCEnRt1+tHF1HFyMgIDVPi57PMLN B+ru0F8yPK9O0OL5v7jDI9cRvDiGPdrMtuuqCRYtpVFPmlfNUzvtsIh6EMN6boiZ qfkKUtsi8GhrPy/9SWBEaUm8QWhLQongwZDfjghe5CuFuWcygYekhjrDfMbIHBnF UoG4BhyMmHeav8mKqC5hLu7wYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNT+VwPh eMvbDU0Ayj9/vNNfesbIMB8GA1UdIwQYMBaAFNvCGEm7TBcE0jGTxBtwxmsallYv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzIzMy8xRkRBRkQ2MjQz RTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3VFNNWlBFRzNER2F4cVdW aTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzI4SVlTYnRNRndUU01aUEVHM0RHYXhxV1ZpOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzIzMy8xRkRBRkQ2MjQzRTYxMUU4QkM0MTVGNjVDNEY5QUUwMi8yOElZU2J0TUZ3 VFNNWlBFRzNER2F4cVdWaTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAu/NgznXKTwdiiK1IYbcO1+M2XhowgtB9ls4JOgtTK+t9Ld5TB/k6q 6gw26TLFHZZnDPm0ajTaDsBvepF3y9V1VHd3gsrI14FS95HdWhZ1/qbPE6s+K33k 5x/tlERhPRi7l6YmEivwL3aWNJ9CfcyqVyNInfiPiQpV0osBzGCRRYEa7UoRSKUk MThOzKromShv8UleglHSzVykYbUefn0Cpzhbr64FvZMvqghIyFBSM3vfXKJAUoMd ezNPBKKCo2O7BkuE3Jh7n1pKa71Ip9jCySEokfTYvbOF3Rvt5RmLrx0fAErVimFp 2ip3gaPhDJ/iUvmf2MUkQuJrHxFpE6Nx -----END CERTIFICATE-----Generated at Wed Nov 5 19:28:36 2025 by rpki-client