$ rpki-client -vvf rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft File: XLKYvBpwUBeAXFYfCQoNR5UOar0.mft (raw, json) Hash identifier: r2emeCXRWDgdKJ/ZIzrqLyC3NbJBD79l3XzbqQbwYz4= Subject key identifier: D3:58:D2:C2:D9:C2:BF:4E:56:81:22:90:0C:7B:23:0F:0E:43:04:D6 Authority key identifier: 5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD Certificate issuer: /CN=A912BFC5/serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Certificate serial: 2554 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft Manifest number: 2554 Signing time: Tue 04 Nov 2025 14:16:30 +0000 Manifest this update: Tue 04 Nov 2025 14:16:30 +0000 Manifest next update: Tue 11 Nov 2025 14:16:30 +0000 Files and hashes: 1: XLKYvBpwUBeAXFYfCQoNR5UOar0.crl (hash: DWJIZzvJLDs4HQ/8I8f7fmAlQcmF7Us3cZU0iaC9r/g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:16:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9556 (0x2554) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912BFC5, serialNumber=5CB298BC1A705017805C561F090A0D47950E6ABD Validity Not Before: Nov 4 14:16:30 2025 GMT Not After : Nov 11 14:16:30 2025 GMT Subject: CN=690a0abe-a51e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:33:a5:53:04:13:69:99:15:16:14:ba:71:e5: cf:6e:6c:be:5c:fd:ee:04:d3:43:4a:02:25:68:d1: 39:ab:f1:51:c0:8d:12:ba:92:4f:3e:49:fc:3b:ec: f7:4b:84:f3:ff:95:c2:bf:af:e7:46:d6:5e:dc:a3: 48:3d:bc:9d:ac:2a:34:8b:a4:d5:35:0e:97:0f:11: c0:6e:37:07:36:ba:59:6f:cc:ab:60:f3:18:ef:c4: 1d:62:47:62:79:23:79:8f:f3:76:ee:41:39:82:40: 67:72:23:d0:34:ce:68:58:99:bd:a3:43:1f:c6:c8: c5:67:ca:0d:06:63:89:7c:1d:df:39:60:a0:05:68: e4:48:2f:ab:eb:22:68:6f:25:0b:19:79:31:6c:32: 66:47:30:7a:64:0a:ab:69:d7:41:af:b9:f6:26:be: 29:ba:23:8a:72:b6:4c:48:24:df:e0:d4:91:6f:d0: 45:b7:48:11:6e:ef:ef:b8:0a:7b:09:f9:77:ed:20: 2a:a0:76:1f:82:b7:c9:1e:54:ac:37:fe:3b:b5:b9: 72:c6:55:d1:65:c9:29:3b:90:c7:17:56:4b:c8:c1: 21:49:5a:1d:b5:ea:f9:f4:f2:f9:d5:b3:65:9e:20: 33:6c:44:8e:8b:fa:18:67:4c:83:1b:ae:11:16:2d: 7f:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:58:D2:C2:D9:C2:BF:4E:56:81:22:90:0C:7B:23:0F:0E:43:04:D6 X509v3 Authority Key Identifier: keyid:5C:B2:98:BC:1A:70:50:17:80:5C:56:1F:09:0A:0D:47:95:0E:6A:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XLKYvBpwUBeAXFYfCQoNR5UOar0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912BFC5/3F34203E290511E593BFC626C4F9AE02/XLKYvBpwUBeAXFYfCQoNR5UOar0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:39:e7:e9:0a:1d:c1:3a:83:4c:bb:2e:b4:cf:5b:e6:33:4d: 6c:f5:49:6b:29:8a:e6:5a:b0:51:03:76:3c:06:07:e1:f2:f0: 82:df:67:ca:5c:8d:26:6b:67:ee:6c:69:e7:34:90:66:8a:84: 49:c3:19:d7:96:c3:97:d1:01:f5:65:43:21:2d:61:22:48:58: aa:d3:2c:99:c8:94:e1:69:e3:82:45:d0:da:59:93:e6:b0:2e: b3:f1:a9:50:48:c9:9b:04:67:d1:d7:ba:77:96:6c:8a:16:40: 93:d3:92:15:62:00:18:64:b7:2a:a8:e3:a8:c4:d0:bd:98:d3: 47:44:32:60:2f:f9:48:5e:ea:27:e6:c8:13:73:b2:57:30:6f: 58:e3:eb:19:08:6c:e5:f7:b4:19:0a:55:82:d7:c7:b0:78:d7: 64:e0:af:4b:8c:b2:88:0f:12:fc:89:c1:d1:ba:42:6a:d6:4c: 81:bb:ee:bd:10:ac:2b:49:2c:e3:b9:6c:20:91:7a:96:3f:b9: 27:20:74:59:77:3e:34:06:5d:df:1c:da:97:ec:8f:58:b5:25: 39:3f:25:b3:4c:36:27:96:17:1f:21:f1:b7:ae:bc:17:16:58: 8a:f6:50:7a:c0:5b:8b:63:96:23:7e:54:3e:8e:c1:0c:fa:d4: 7a:8c:a0:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkJGQzUxMTAvBgNVBAUTKDVDQjI5OEJDMUE3MDUwMTc4MDVDNTYxRjA5MEEwRDQ3 OTUwRTZBQkQwHhcNMjUxMTA0MTQxNjMwWhcNMjUxMTExMTQxNjMwWjAYMRYwFAYD VQQDEw02OTBhMGFiZS1hNTFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxDOlUwQTaZkVFhS6ceXPbmy+XP3uBNNDSgIlaNE5q/FRwI0SupJPPkn8O+z3 S4Tz/5XCv6/nRtZe3KNIPbydrCo0i6TVNQ6XDxHAbjcHNrpZb8yrYPMY78QdYkdi eSN5j/N27kE5gkBnciPQNM5oWJm9o0MfxsjFZ8oNBmOJfB3fOWCgBWjkSC+r6yJo byULGXkxbDJmRzB6ZAqraddBr7n2Jr4puiOKcrZMSCTf4NSRb9BFt0gRbu/vuAp7 Cfl37SAqoHYfgrfJHlSsN/47tblyxlXRZckpO5DHF1ZLyMEhSVodter59PL51bNl niAzbESOi/oYZ0yDG64RFi1/SQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNNY0sLZ wr9OVoEikAx7Iw8OQwTWMB8GA1UdIwQYMBaAFFyymLwacFAXgFxWHwkKDUeVDmq9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQkZDNS8zRjM0MjAzRTI5 MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VCZUFYRllmQ1FvTlI1VU9h cjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1hMS1l2QnB3VUJlQVhGWWZDUW9OUjVVT2FyMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy QkZDNS8zRjM0MjAzRTI5MDUxMUU1OTNCRkM2MjZDNEY5QUUwMi9YTEtZdkJwd1VC ZUFYRllmQ1FvTlI1VU9hcjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAdOefpCh3BOoNMuy60z1vmM01s9UlrKYrmWrBRA3Y8Bgfh8vCC32fK XI0ma2fubGnnNJBmioRJwxnXlsOX0QH1ZUMhLWEiSFiq0yyZyJThaeOCRdDaWZPm sC6z8alQSMmbBGfR17p3lmyKFkCT05IVYgAYZLcqqOOoxNC9mNNHRDJgL/lIXuon 5sgTc7JXMG9Y4+sZCGzl97QZClWC18eweNdk4K9LjLKIDxL8icHRukJq1kyBu+69 EKwrSSzjuWwgkXqWP7knIHRZdz40Bl3fHNqX7I9YtSU5PyWzTDYnlhcfIfG3rrwX FliK9lB6wFuLY5YjflQ+jsEM+tR6jKCV -----END CERTIFICATE-----Generated at Wed Nov 5 19:47:04 2025 by rpki-client