$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft File: cx5XsN_ep5G6TV1xly2oEF3JPos.mft (raw, json) Hash identifier: pVHJ/rz53ydw8qjXB1cjZ1RBIfjiXw7fh6iI3bmyUbY= Subject key identifier: 6A:EC:A8:FB:E4:52:F5:F2:C8:54:49:D8:25:67:FA:2E:85:A1:E5:00 Authority key identifier: 73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B Certificate issuer: /CN=A91AA444/serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Certificate serial: 0153 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft Manifest number: 0151 Signing time: Wed 29 Oct 2025 03:59:14 +0000 Manifest this update: Wed 29 Oct 2025 03:59:14 +0000 Manifest next update: Wed 05 Nov 2025 03:59:14 +0000 Files and hashes: 1: cx5XsN_ep5G6TV1xly2oEF3JPos.crl (hash: dQZQDH4SUJG7CRVFXNYTtfbAxOyqGH88/DIggiLYXl4=) 2: 24DD519CEEA311EFA5EDDD76C4F9AE02.roa (hash: +mEj5z+agEcnRzWZMjR0oYobGLfQGCXmi+n1VzU085s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 05 Nov 2025 03:59:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 339 (0x153) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA444, serialNumber=731E57B0DFDEA791BA4D5D71972DA8105DC93E8B Validity Not Before: Oct 29 03:59:14 2025 GMT Not After : Nov 5 03:59:14 2025 GMT Subject: CN=69019112-2b8f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:67:8b:87:ef:e7:44:12:f0:2a:32:24:62:50: d3:8a:36:5f:df:b9:ec:83:a2:13:b2:aa:7c:70:53: ed:4f:22:c7:39:8b:21:df:8b:0c:e7:00:5f:28:ec: 81:bf:2b:69:df:cf:8d:7a:fd:b1:17:6d:5a:4a:4e: fe:d4:d8:82:92:9a:44:1b:5d:67:be:23:49:47:af: 4d:32:c3:a9:37:66:ce:66:22:7d:32:9a:52:1d:5e: 83:30:1e:ce:8f:68:53:2e:0b:73:45:9c:87:0f:a9: 26:14:1f:6a:8e:04:aa:c0:60:92:2f:99:d0:ff:14: 26:1c:0b:d9:78:44:16:c8:1d:6d:1b:2e:e9:af:4e: eb:12:e7:f9:cf:7b:c2:d3:55:ed:34:2d:fb:5f:37: 43:7f:bf:b5:07:70:9b:75:ad:0d:65:c1:73:b9:5d: 8c:66:09:f4:a6:bc:19:c5:aa:95:ee:f5:c7:22:fd: 0d:14:f1:d9:90:86:36:5a:ac:88:7b:77:0c:4f:c4: ad:90:d5:28:68:85:34:15:a7:7b:d6:6d:f7:f7:af: 1c:d8:8e:ab:46:e2:f5:6f:5c:81:5c:66:5a:f3:29: f9:e8:62:a5:c6:f7:f7:b9:9e:57:7a:46:81:ba:a0: 9e:ed:02:6d:17:5d:26:a1:d1:1d:42:13:ce:d1:9f: ef:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:EC:A8:FB:E4:52:F5:F2:C8:54:49:D8:25:67:FA:2E:85:A1:E5:00 X509v3 Authority Key Identifier: keyid:73:1E:57:B0:DF:DE:A7:91:BA:4D:5D:71:97:2D:A8:10:5D:C9:3E:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cx5XsN_ep5G6TV1xly2oEF3JPos.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA444/8DCE274AB11D11EEA3363319C4F9AE02/cx5XsN_ep5G6TV1xly2oEF3JPos.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d2:a1:68:7a:38:65:44:c5:c9:1d:ca:8c:5c:9f:39:08:90:86: e4:44:61:4a:5f:a4:07:2d:ff:53:75:de:bb:0e:65:d2:7b:6f: 18:6b:2b:94:b1:67:58:2c:39:82:e4:cc:eb:b5:b1:5b:d3:c8: f3:54:04:31:51:2a:6e:c1:03:30:e1:6d:32:fb:11:3b:dd:bc: 5f:ed:10:8d:98:77:cd:74:84:c6:8c:b8:b7:d2:7a:25:49:59: 4b:af:b4:eb:67:76:e6:cd:ff:48:7f:15:b0:fc:a6:18:24:2f: 0a:1c:76:7d:3f:bc:ae:78:b2:de:75:f3:dc:10:65:3a:2f:33: 5c:29:72:53:8a:c0:c4:51:62:55:e9:ec:9b:b0:05:c3:5c:b2: b6:34:3d:5e:ea:cd:b1:b0:41:79:71:d9:74:3a:f7:c7:4e:b6: 83:e3:e7:c4:52:24:c1:d4:8d:bf:2e:08:63:0f:89:40:58:13: 6e:69:c9:2e:1f:30:96:cd:47:1d:15:73:23:9b:19:fe:71:72: 56:af:2f:ba:d6:69:f9:1a:ec:d1:10:4f:73:6a:08:de:0c:8f: be:a9:c3:eb:cb:f3:ad:b1:3d:79:35:9b:39:68:fc:b2:48:4e: e5:77:e9:4c:9b:bf:03:16:8f:4e:3b:ee:ce:38:76:a5:87:2f: 63:c3:8d:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUE0NDQxMTAvBgNVBAUTKDczMUU1N0IwREZERUE3OTFCQTRENUQ3MTk3MkRBODEw NURDOTNFOEIwHhcNMjUxMDI5MDM1OTE0WhcNMjUxMTA1MDM1OTE0WjAYMRYwFAYD VQQDEw02OTAxOTExMi0yYjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAumeLh+/nRBLwKjIkYlDTijZf37nsg6ITsqp8cFPtTyLHOYsh34sM5wBfKOyB vytp38+Nev2xF21aSk7+1NiCkppEG11nviNJR69NMsOpN2bOZiJ9MppSHV6DMB7O j2hTLgtzRZyHD6kmFB9qjgSqwGCSL5nQ/xQmHAvZeEQWyB1tGy7pr07rEuf5z3vC 01XtNC37XzdDf7+1B3Cbda0NZcFzuV2MZgn0prwZxaqV7vXHIv0NFPHZkIY2WqyI e3cMT8StkNUoaIU0Fad71m33968c2I6rRuL1b1yBXGZa8yn56GKlxvf3uZ5XekaB uqCe7QJtF10modEdQhPO0Z/vEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGrsqPvk UvXyyFRJ2CVn+i6FoeUAMB8GA1UdIwQYMBaAFHMeV7Df3qeRuk1dcZctqBBdyT6L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTQ0NC84RENFMjc0QUIx MUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1RzZUVjF4bHkyb0VGM0pQ b3MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2N4NVhzTl9lcDVHNlRWMXhseTJvRUYzSlBvcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTQ0NC84RENFMjc0QUIxMUQxMUVFQTMzNjMzMTlDNEY5QUUwMi9jeDVYc05fZXA1 RzZUVjF4bHkyb0VGM0pQb3MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDSoWh6OGVExckdyoxcnzkIkIbkRGFKX6QHLf9Tdd67DmXSe28YayuU sWdYLDmC5MzrtbFb08jzVAQxUSpuwQMw4W0y+xE73bxf7RCNmHfNdITGjLi30nol SVlLr7TrZ3bmzf9IfxWw/KYYJC8KHHZ9P7yueLLedfPcEGU6LzNcKXJTisDEUWJV 6eybsAXDXLK2ND1e6s2xsEF5cdl0OvfHTraD4+fEUiTB1I2/LghjD4lAWBNuacku HzCWzUcdFXMjmxn+cXJWry+61mn5GuzREE9zagjeDI++qcPry/OtsT15NZs5aPyy SE7ld+lMm78DFo9OO+7OOHalhy9jw400 -----END CERTIFICATE-----Generated at Wed Oct 29 15:46:50 2025 by rpki-client