$ rpki-client -vvf rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft File: xCIPUDVWR7fICyzovHEmqsLiLTc.mft (raw, json) Hash identifier: nyuhEdyeW0royPrzED4M1JMlPhITpVZJjOlYzb1pifE= Subject key identifier: 6F:8E:4A:FB:B9:A5:4A:0C:45:2E:3A:BD:6F:F9:F5:8A:17:8F:5E:D2 Authority key identifier: C4:22:0F:50:35:56:47:B7:C8:0B:2C:E8:BC:71:26:AA:C2:E2:2D:37 Certificate issuer: /CN=A919D64D/serialNumber=C4220F50355647B7C80B2CE8BC7126AAC2E22D37 Certificate serial: 3504 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xCIPUDVWR7fICyzovHEmqsLiLTc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft Manifest number: 34E9 Signing time: Wed 22 Oct 2025 14:18:57 +0000 Manifest this update: Wed 22 Oct 2025 14:18:56 +0000 Manifest next update: Wed 29 Oct 2025 14:18:56 +0000 Files and hashes: 1: xCIPUDVWR7fICyzovHEmqsLiLTc.crl (hash: mWXqhsdLCH8sVUSv4osSIsgftCJb7ShCY9MGQN4Q1oc=) 2: 2C5F8752A10D11EFB9BE8476C4F9AE02.roa (hash: jPj9bTXq8/V0TwHLgDmyYaPhRw7As2Sxl+kCUunMcow=) 3: 8C2774CA0F3511EF93020023C4F9AE02.roa (hash: ks6ZHeQSlWbDyKZP3PDWWDRvxvqWjlQTJpFGHN+LCL4=) 4: D7ABA864DFE611ED8872DE0EC4F9AE02.roa (hash: dgki84RnKxfDFSXW7buISP/w97pblO+d10cyHqDLr80=) 5: F8E58782A10C11EFA3C0F375C4F9AE02.roa (hash: YmetKHnU5ANrgA6cs+nuZb/Ddq+jw2xRjEtksMKjh6c=) 6: 24C4305A7CD911EEB0B4C962C4F9AE02.roa (hash: e5E6IXPuP1rU/JKfEU2JqffZsvpnjnyYycraO2Bit8Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.crl rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xCIPUDVWR7fICyzovHEmqsLiLTc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 14:18:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13572 (0x3504) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919D64D, serialNumber=C4220F50355647B7C80B2CE8BC7126AAC2E22D37 Validity Not Before: Oct 22 14:18:56 2025 GMT Not After : Oct 29 14:18:56 2025 GMT Subject: CN=68f8e7d0-5430 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:a6:96:2d:93:54:e5:21:72:dd:85:c1:88:b9: 1a:f5:a4:25:12:6c:c0:d9:e8:36:a1:cb:2a:62:ab: 65:4c:1f:b1:a2:aa:e8:2b:d2:4f:ed:de:d8:95:4f: 84:2a:eb:b8:22:9a:8a:cf:5e:64:b2:e9:9e:67:42: c8:2b:74:be:3d:8c:c5:31:56:15:64:40:80:59:b0: 64:ca:ca:bc:19:af:5c:92:30:9c:97:53:37:5b:0c: f3:4a:6e:78:24:ef:35:c3:8f:9d:44:4e:0c:68:65: f8:ad:c3:3b:59:75:f0:5a:a2:48:63:71:e9:37:6d: 9e:fd:10:da:c0:c7:04:a9:0a:10:ca:6a:74:e4:25: bf:74:6c:1d:7a:c1:5d:cb:e1:30:64:99:57:b9:a9: f3:6f:77:c5:3a:b0:0d:db:b8:35:eb:6f:dc:26:1d: ec:82:c1:7c:55:d0:b8:ab:ed:32:de:e9:c6:04:b1: 97:fa:ad:67:9b:15:65:fc:a2:7b:7c:c6:e8:0d:c5: 7f:b7:07:11:60:5e:cd:a4:20:9d:b8:8b:e7:a0:f9: 85:e4:49:ff:9d:04:e5:46:81:82:4d:6a:d7:ee:bf: 4f:eb:38:c4:40:17:24:06:03:33:fd:c8:87:a5:99: be:0b:47:7b:6c:98:50:47:4d:85:10:df:96:59:f3: a5:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:8E:4A:FB:B9:A5:4A:0C:45:2E:3A:BD:6F:F9:F5:8A:17:8F:5E:D2 X509v3 Authority Key Identifier: keyid:C4:22:0F:50:35:56:47:B7:C8:0B:2C:E8:BC:71:26:AA:C2:E2:2D:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xCIPUDVWR7fICyzovHEmqsLiLTc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919D64D/D9333FE41D6E11E2A85080B008B02CD2/xCIPUDVWR7fICyzovHEmqsLiLTc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:5d:4f:26:85:0e:81:96:7f:0f:84:37:3c:98:9a:2a:2f:dd: 15:92:65:8c:41:d6:41:44:a3:03:81:2f:a6:26:63:5c:7b:af: 5a:3a:c4:3f:c8:4b:25:a5:27:f0:b5:f0:4e:f5:a3:22:c4:3d: 86:87:d6:fe:53:82:e6:f1:2b:84:d4:f6:23:e5:17:72:27:19: 4c:6a:6b:4a:ef:96:e2:ac:3c:71:24:d3:89:ea:05:50:56:60: ea:b2:ad:f0:1f:59:83:1e:cd:39:fd:31:b6:fb:43:68:50:80: f5:eb:05:57:0c:e5:c8:ea:b4:1c:96:6b:bf:13:b4:9a:cc:ed: 77:e4:a3:7f:09:65:2c:1a:18:83:7f:b4:1b:4f:f7:e5:89:29: 69:13:f1:31:52:3d:ca:90:3e:cd:c5:db:70:39:27:11:dd:d4: 2a:fa:e3:af:71:f5:28:40:f9:a9:78:27:27:0a:88:ca:22:fd: 99:f7:bf:e9:ca:c2:cf:59:f6:36:fb:28:cd:d6:0f:94:7c:ee: 6a:1a:d4:47:61:01:5f:f9:c6:f9:ec:c6:e3:22:64:03:81:a3: a2:88:29:e5:ab:09:62:e1:e6:12:57:32:a5:f6:62:98:96:b0: 3e:0f:54:b2:53:6a:0f:12:cd:51:c9:0a:b9:9b:d4:d8:e9:c6: 50:fc:c7:bf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNQQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUQ2NEQxMTAvBgNVBAUTKEM0MjIwRjUwMzU1NjQ3QjdDODBCMkNFOEJDNzEyNkFB QzJFMjJEMzcwHhcNMjUxMDIyMTQxODU2WhcNMjUxMDI5MTQxODU2WjAYMRYwFAYD VQQDEw02OGY4ZTdkMC01NDMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwaaWLZNU5SFy3YXBiLka9aQlEmzA2eg2ocsqYqtlTB+xoqroK9JP7d7YlU+E Kuu4IpqKz15ksumeZ0LIK3S+PYzFMVYVZECAWbBkysq8Ga9ckjCcl1M3WwzzSm54 JO81w4+dRE4MaGX4rcM7WXXwWqJIY3HpN22e/RDawMcEqQoQymp05CW/dGwdesFd y+EwZJlXuanzb3fFOrAN27g162/cJh3sgsF8VdC4q+0y3unGBLGX+q1nmxVl/KJ7 fMboDcV/twcRYF7NpCCduIvnoPmF5En/nQTlRoGCTWrX7r9P6zjEQBckBgMz/ciH pZm+C0d7bJhQR02FEN+WWfOlcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG+OSvu5 pUoMRS46vW/59YoXj17SMB8GA1UdIwQYMBaAFMQiD1A1Vke3yAss6LxxJqrC4i03 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RDY0RC9EOTMzM0ZFNDFE NkUxMUUyQTg1MDgwQjAwOEIwMkNEMi94Q0lQVURWV1I3ZklDeXpvdkhFbXFzTGlM VGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hDSVBVRFZXUjdmSUN5em92SEVtcXNMaUxUYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RDY0RC9EOTMzM0ZFNDFENkUxMUUyQTg1MDgwQjAwOEIwMkNEMi94Q0lQVURWV1I3 ZklDeXpvdkhFbXFzTGlMVGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKXU8mhQ6Bln8PhDc8mJoqL90VkmWMQdZBRKMDgS+mJmNce69aOsQ/ yEslpSfwtfBO9aMixD2Gh9b+U4Lm8SuE1PYj5RdyJxlMamtK75birDxxJNOJ6gVQ VmDqsq3wH1mDHs05/TG2+0NoUID16wVXDOXI6rQclmu/E7SazO135KN/CWUsGhiD f7QbT/fliSlpE/ExUj3KkD7NxdtwOScR3dQq+uOvcfUoQPmpeCcnCojKIv2Z97/p ysLPWfY2+yjN1g+UfO5qGtRHYQFf+cb57MbjImQDgaOiiCnlqwli4eYSVzKl9mKY lrA+D1SyU2oPEs1RyQq5m9TY6cZQ/Me/ -----END CERTIFICATE-----Generated at Wed Oct 22 22:43:00 2025 by rpki-client