$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft File: C33smHxhdR0-2h2_PnwipzoV3u0.mft (raw, json) Hash identifier: KNaH7p8QU/d3RVs8MrMxgBo29DneWCpbMqre7gvyx2A= Subject key identifier: F8:3A:90:00:9B:95:B3:17:23:C0:3F:35:8B:01:DB:C1:FF:9C:E6:69 Authority key identifier: 0B:7D:EC:98:7C:61:75:1D:3E:DA:1D:BF:3E:7C:22:A7:3A:15:DE:ED Certificate issuer: /CN=A91C0E57/serialNumber=0B7DEC987C61751D3EDA1DBF3E7C22A73A15DEED Certificate serial: 0524 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft Manifest number: 051E Signing time: Sat 25 Oct 2025 02:13:00 +0000 Manifest this update: Sat 25 Oct 2025 02:12:59 +0000 Manifest next update: Sat 01 Nov 2025 02:12:59 +0000 Files and hashes: 1: C33smHxhdR0-2h2_PnwipzoV3u0.crl (hash: 4Mqe7jfgwEnx2tynhVNjrsCbRZ/10or34aX4RGFNzuU=) 2: 60A8F48A25D211ECB2CCF633C4F9AE02.roa (hash: +PbEWtYSfIT5V18KuiJqAnYLDPzBVBUjvZLUMUeffC4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.crl rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Nov 2025 02:12:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1316 (0x524) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0E57, serialNumber=0B7DEC987C61751D3EDA1DBF3E7C22A73A15DEED Validity Not Before: Oct 25 02:12:59 2025 GMT Not After : Nov 1 02:12:59 2025 GMT Subject: CN=68fc322b-0936 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:cf:f4:5d:34:01:11:d2:b3:63:c3:db:c9:9b: c3:76:f2:7d:00:78:d0:8d:06:2d:15:ca:c9:1d:95: 51:97:06:80:f3:50:8c:02:dc:64:a5:e1:39:87:fd: 5d:41:d5:11:97:1e:02:6e:c2:6d:54:cd:72:d8:44: 54:34:32:3f:0c:d2:69:24:34:de:e9:87:a3:36:30: 0a:6e:24:05:40:a3:71:32:aa:13:d9:93:37:69:e2: 63:27:0f:4c:6f:b4:c5:c1:73:4e:35:f6:87:66:5a: 36:72:c9:08:1c:24:98:f8:ef:b8:3d:f2:00:1a:3c: 80:b9:c3:f3:fb:50:6c:c3:d3:06:c9:95:6c:74:5e: 48:8f:78:59:fd:9f:4d:1a:bc:12:c4:d2:c6:20:45: 6c:94:a7:55:3c:e7:b2:9b:24:e3:c4:44:c5:e2:0f: c0:37:17:7b:6d:fc:a4:82:b3:f2:9c:b2:ce:90:16: dc:3f:d4:dd:e3:f9:c8:16:4d:eb:b0:bd:b7:b6:ec: 3d:0c:8a:27:c6:e6:53:81:11:98:80:cb:84:3b:14: 7b:45:79:67:5b:a8:e8:5e:35:29:5d:70:f3:01:7b: 87:76:28:61:38:9f:8a:ea:03:cf:a0:50:81:89:0b: 17:84:57:3e:4a:73:69:2d:7a:b8:80:70:09:5d:5a: 1a:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:3A:90:00:9B:95:B3:17:23:C0:3F:35:8B:01:DB:C1:FF:9C:E6:69 X509v3 Authority Key Identifier: keyid:0B:7D:EC:98:7C:61:75:1D:3E:DA:1D:BF:3E:7C:22:A7:3A:15:DE:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:c9:93:57:23:36:f2:76:4a:60:98:a7:23:b4:58:82:74:3b: 60:f6:da:50:4a:94:74:5c:84:bf:2e:9a:4d:fe:54:72:22:e9: 62:2f:cb:cf:5d:a0:a9:a6:cb:c3:2e:d8:a6:f9:e1:06:55:99: 0e:4f:3b:24:b0:c4:a0:47:83:29:09:c8:07:5b:0f:35:a8:72: 29:20:4d:42:d0:5c:27:67:3a:dc:69:55:ad:83:e3:4e:d2:fb: 5c:73:5d:c8:d9:fe:ae:c6:5e:2a:0b:d8:96:57:e5:5f:06:c0: c9:d3:64:d4:d5:11:90:62:83:c3:88:eb:bc:12:3c:55:e1:31: 8a:75:ae:2b:cd:a0:98:0c:d0:b9:70:98:71:f8:06:e1:f4:0b: 81:48:2b:b4:8c:96:8d:f7:c0:67:e8:99:bf:b3:bf:fa:36:9f: 9e:1a:44:a3:2e:f6:65:18:38:2d:e9:58:66:f2:31:f9:41:55: b1:41:ad:82:7c:85:25:48:58:82:62:24:c0:27:80:f5:f7:52: bb:9c:9a:a9:b6:65:f3:9a:d2:22:25:8e:46:48:1a:e0:cb:d1: 12:d5:8f:7d:b3:02:01:89:a7:60:23:bb:6c:d7:3b:b6:a5:30: 3f:69:f0:87:b4:0f:ce:4c:b6:9b:24:42:88:d5:be:2e:99:c6: f2:ef:af:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBSQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBFNTcxMTAvBgNVBAUTKDBCN0RFQzk4N0M2MTc1MUQzRURBMURCRjNFN0MyMkE3 M0ExNURFRUQwHhcNMjUxMDI1MDIxMjU5WhcNMjUxMTAxMDIxMjU5WjAYMRYwFAYD VQQDEw02OGZjMzIyYi0wOTM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7c/0XTQBEdKzY8PbyZvDdvJ9AHjQjQYtFcrJHZVRlwaA81CMAtxkpeE5h/1d QdURlx4CbsJtVM1y2ERUNDI/DNJpJDTe6YejNjAKbiQFQKNxMqoT2ZM3aeJjJw9M b7TFwXNONfaHZlo2cskIHCSY+O+4PfIAGjyAucPz+1Bsw9MGyZVsdF5Ij3hZ/Z9N GrwSxNLGIEVslKdVPOeymyTjxETF4g/ANxd7bfykgrPynLLOkBbcP9Td4/nIFk3r sL23tuw9DIonxuZTgRGYgMuEOxR7RXlnW6joXjUpXXDzAXuHdihhOJ+K6gPPoFCB iQsXhFc+SnNpLXq4gHAJXVoaVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPg6kACb lbMXI8A/NYsB28H/nOZpMB8GA1UdIwQYMBaAFAt97Jh8YXUdPtodvz58Iqc6Fd7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEU1Ny9GQ0MxOEExNDIw NEUxMUVDQjEzRUUxN0FDNEY5QUUwMi9DMzNzbUh4aGRSMC0yaDJfUG53aXB6b1Yz dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MzM3NtSHhoZFIwLTJoMl9QbndpcHpvVjN1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MEU1Ny9GQ0MxOEExNDIwNEUxMUVDQjEzRUUxN0FDNEY5QUUwMi9DMzNzbUh4aGRS MC0yaDJfUG53aXB6b1YzdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBwyZNXIzbydkpgmKcjtFiCdDtg9tpQSpR0XIS/LppN/lRyIuliL8vP XaCppsvDLtim+eEGVZkOTzsksMSgR4MpCcgHWw81qHIpIE1C0FwnZzrcaVWtg+NO 0vtcc13I2f6uxl4qC9iWV+VfBsDJ02TU1RGQYoPDiOu8EjxV4TGKda4rzaCYDNC5 cJhx+Abh9AuBSCu0jJaN98Bn6Jm/s7/6Np+eGkSjLvZlGDgt6Vhm8jH5QVWxQa2C fIUlSFiCYiTAJ4D191K7nJqptmXzmtIiJY5GSBrgy9ES1Y99swIBiadgI7ts1zu2 pTA/afCHtA/OTLabJEKI1b4umcby769Z -----END CERTIFICATE-----Generated at Sat Oct 25 15:07:59 2025 by rpki-client