$ rpki-client -vvf rpki.apnic.net/member_repository/A91172C6/0AA4D6646A4D11E99F05432EC4F9AE02/WXbvXQvxZojiXsXi3Iyp9a-uG1M.mft File: WXbvXQvxZojiXsXi3Iyp9a-uG1M.mft (raw, json) Hash identifier: d56khsvfAo6OMdtEGKqiIuZcT2w1cHBa3PBhFx57sPE= Subject key identifier: 9D:C7:46:28:7D:C5:50:19:21:97:F8:8B:12:B3:01:EF:E3:4A:1C:0F Authority key identifier: 59:76:EF:5D:0B:F1:66:88:E2:5E:C5:E2:DC:8C:A9:F5:AF:AE:1B:53 Certificate issuer: /CN=A91172C6/serialNumber=5976EF5D0BF16688E25EC5E2DC8CA9F5AFAE1B53 Certificate serial: 0FAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WXbvXQvxZojiXsXi3Iyp9a-uG1M.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91172C6/0AA4D6646A4D11E99F05432EC4F9AE02/WXbvXQvxZojiXsXi3Iyp9a-uG1M.mft Manifest number: 0FA5 Signing time: Tue 04 Nov 2025 17:36:19 +0000 Manifest this update: Tue 04 Nov 2025 17:36:18 +0000 Manifest next update: Tue 11 Nov 2025 17:36:18 +0000 Files and hashes: 1: WXbvXQvxZojiXsXi3Iyp9a-uG1M.crl (hash: Ratmp6YPW1cq9j+cwhuRnpnkvYVm11AWCQ/zKEtnKVs=) 2: 16FA72386A4E11E992F4832FC4F9AE02.roa (hash: JDJx+bW699vTjkG4SZTOilca+2ZG/Wo+x5hxTR1zUag=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91172C6/0AA4D6646A4D11E99F05432EC4F9AE02/WXbvXQvxZojiXsXi3Iyp9a-uG1M.crl rsync://rpki.apnic.net/member_repository/A91172C6/0AA4D6646A4D11E99F05432EC4F9AE02/WXbvXQvxZojiXsXi3Iyp9a-uG1M.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WXbvXQvxZojiXsXi3Iyp9a-uG1M.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:36:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4014 (0xfae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91172C6, serialNumber=5976EF5D0BF16688E25EC5E2DC8CA9F5AFAE1B53 Validity Not Before: Nov 4 17:36:18 2025 GMT Not After : Nov 11 17:36:18 2025 GMT Subject: CN=690a3993-3393 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:80:48:a0:c0:5c:57:4b:88:b0:17:f1:a8:10: 2f:c9:b2:1f:c6:fb:01:6c:00:82:8f:6a:d9:7b:07: 12:95:20:48:e3:38:a6:15:6a:d4:ca:dc:a5:ae:49: 98:b9:44:68:50:f6:b7:e0:fc:d1:a2:3b:b7:9f:af: 28:db:15:8b:21:e1:4a:f4:33:ac:18:c8:92:09:51: 52:e6:f2:9c:05:d7:87:f6:97:e5:c9:77:cb:7c:ce: 61:c9:7e:b2:89:d5:b7:24:f6:f4:b9:3e:3d:59:da: 71:50:d8:f7:ac:2d:04:b1:c5:25:c8:87:06:62:ed: 6e:07:21:db:32:24:6a:0a:8b:5c:4f:d5:e3:52:e5: 1c:31:0b:41:f6:65:88:94:3b:ce:9c:a8:82:f0:a1: 2e:7f:e8:3e:ef:a0:5a:a3:7a:50:cd:8c:ab:18:1c: 30:3a:5e:aa:81:1d:83:d8:bd:28:14:3d:89:a6:23: d4:03:12:7b:4c:1f:8e:e0:0c:ed:e0:54:3c:cc:b1: f7:84:24:e2:09:55:06:d1:6b:1a:d1:cc:43:ec:32: be:7f:8c:4c:e0:d5:43:68:cf:ed:c5:1a:ee:ff:28: 7a:fa:06:30:d3:f5:2e:50:f3:ba:df:6f:65:bd:a2: ef:f3:e9:3c:95:f7:57:4b:e2:18:05:57:bc:5d:b1: fc:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:C7:46:28:7D:C5:50:19:21:97:F8:8B:12:B3:01:EF:E3:4A:1C:0F X509v3 Authority Key Identifier: keyid:59:76:EF:5D:0B:F1:66:88:E2:5E:C5:E2:DC:8C:A9:F5:AF:AE:1B:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91172C6/0AA4D6646A4D11E99F05432EC4F9AE02/WXbvXQvxZojiXsXi3Iyp9a-uG1M.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WXbvXQvxZojiXsXi3Iyp9a-uG1M.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91172C6/0AA4D6646A4D11E99F05432EC4F9AE02/WXbvXQvxZojiXsXi3Iyp9a-uG1M.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:88:9e:d6:2e:02:c2:18:41:2d:90:0b:6f:62:60:85:b8:ef: c4:fb:58:fb:e9:38:4d:0a:e4:1c:fe:1c:81:03:60:01:4d:74: 15:5b:59:17:ef:09:75:aa:93:1f:f7:78:18:0f:10:c5:09:ee: 85:8a:b9:34:ad:0f:18:cc:28:08:16:8f:7f:53:c4:6a:71:46: 25:7b:83:98:85:ce:92:18:b0:14:44:58:a8:41:e3:b0:c7:71: f5:1b:83:7d:d2:a6:c2:16:ae:9a:6c:57:af:54:f3:1b:f8:9e: cf:9f:eb:69:50:a2:a3:da:ec:72:ba:92:6f:93:3e:b5:db:a6: 81:30:b7:4d:b9:4d:cd:bf:93:bf:96:21:b5:84:12:50:b4:db: 14:24:a0:a7:35:00:83:bf:35:7f:95:05:b4:75:d0:9f:17:f7: 97:0d:82:da:d5:56:1c:69:8b:c9:ba:fd:77:9e:ff:bf:bd:73: e0:8a:af:27:27:df:be:14:2b:58:49:3e:a6:8b:5d:6c:32:ce: c5:fb:7b:1c:24:89:8e:6a:c1:1a:89:f0:8e:72:85:3e:46:13: e7:c8:f0:98:8f:7f:f4:4b:3c:65:cf:75:3e:4a:42:3b:27:61: 64:62:db:26:0b:de:b5:0d:0e:ac:ad:8a:24:5c:70:bc:f0:3a: 9f:f3:0a:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICD64wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTcyQzYxMTAvBgNVBAUTKDU5NzZFRjVEMEJGMTY2ODhFMjVFQzVFMkRDOENBOUY1 QUZBRTFCNTMwHhcNMjUxMTA0MTczNjE4WhcNMjUxMTExMTczNjE4WjAYMRYwFAYD VQQDEw02OTBhMzk5My0zMzkzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt4BIoMBcV0uIsBfxqBAvybIfxvsBbACCj2rZewcSlSBI4zimFWrUytylrkmY uURoUPa34PzRoju3n68o2xWLIeFK9DOsGMiSCVFS5vKcBdeH9pflyXfLfM5hyX6y idW3JPb0uT49WdpxUNj3rC0EscUlyIcGYu1uByHbMiRqCotcT9XjUuUcMQtB9mWI lDvOnKiC8KEuf+g+76Bao3pQzYyrGBwwOl6qgR2D2L0oFD2JpiPUAxJ7TB+O4Azt 4FQ8zLH3hCTiCVUG0Wsa0cxD7DK+f4xM4NVDaM/txRru/yh6+gYw0/UuUPO6329l vaLv8+k8lfdXS+IYBVe8XbH8SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ3HRih9 xVAZIZf4ixKzAe/jShwPMB8GA1UdIwQYMBaAFFl2710L8WaI4l7F4tyMqfWvrhtT MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNzJDNi8wQUE0RDY2NDZB NEQxMUU5OUYwNTQzMkVDNEY5QUUwMi9XWGJ2WFF2eFpvamlYc1hpM0l5cDlhLXVH MU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1dYYnZYUXZ4Wm9qaVhzWGkzSXlwOWEtdUcxTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NzJDNi8wQUE0RDY2NDZBNEQxMUU5OUYwNTQzMkVDNEY5QUUwMi9XWGJ2WFF2eFpv amlYc1hpM0l5cDlhLXVHMU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1iJ7WLgLCGEEtkAtvYmCFuO/E+1j76ThNCuQc/hyBA2ABTXQVW1kX 7wl1qpMf93gYDxDFCe6Firk0rQ8YzCgIFo9/U8RqcUYle4OYhc6SGLAURFioQeOw x3H1G4N90qbCFq6abFevVPMb+J7Pn+tpUKKj2uxyupJvkz6126aBMLdNuU3Nv5O/ liG1hBJQtNsUJKCnNQCDvzV/lQW0ddCfF/eXDYLa1VYcaYvJuv13nv+/vXPgiq8n J9++FCtYST6mi11sMs7F+3scJImOasEaifCOcoU+RhPnyPCYj3/0Szxlz3U+SkI7 J2FkYtsmC961DQ6srYokXHC88Dqf8wqD -----END CERTIFICATE-----Generated at Wed Nov 5 16:42:42 2025 by rpki-client