$ rpki-client -vvf rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft File: 4XM7lw_d92f_GVQoQ34SQqN2knc.mft (raw, json) Hash identifier: Z+7X235MtoDnVv5Ex5aX461K6GhlWYuo/luXkfNk0Q8= Subject key identifier: 6C:84:E2:4A:39:01:8D:2F:19:43:DE:31:D2:8A:98:50:74:8B:8C:45 Authority key identifier: E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 Certificate issuer: /CN=A912E5CB/serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Certificate serial: 0226 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft Manifest number: 0223 Signing time: Wed 05 Nov 2025 02:09:52 +0000 Manifest this update: Wed 05 Nov 2025 02:09:52 +0000 Manifest next update: Wed 12 Nov 2025 02:09:52 +0000 Files and hashes: 1: 4XM7lw_d92f_GVQoQ34SQqN2knc.crl (hash: kgjjr4BAwMkK6ihZoGXUXYQ+XS++/15MxuF7gprtaJE=) 2: 5FF4FD52704C11ED97935E7DC4F9AE02.roa (hash: C5+qR+xwM5riTT+23t/1tPZQq66L4etzO1hAZvNu09M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:09:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 550 (0x226) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912E5CB, serialNumber=E1733B970FDDF767FF195428437E1242A3769277 Validity Not Before: Nov 5 02:09:52 2025 GMT Not After : Nov 12 02:09:52 2025 GMT Subject: CN=690ab1f0-6147 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:5c:89:61:69:56:1d:62:41:c7:a3:dd:69:72: 79:c3:34:35:be:1c:84:06:9a:e7:45:fe:57:34:c3: f6:0b:7d:64:8a:3f:8e:f7:7d:f3:09:57:c6:0a:c3: 25:df:0d:1a:cb:91:35:4b:11:fb:7c:53:6b:96:99: d0:2a:d9:84:87:bc:18:e0:34:df:a3:e0:fe:3a:fa: db:49:a2:76:ba:64:d1:ca:b4:ac:e2:d9:fe:70:f7: 64:cf:90:a6:f5:95:75:c0:68:dc:b9:c7:ff:48:62: 07:a7:58:29:6a:f3:3c:03:6e:9b:b8:06:58:95:1b: 1a:f2:cb:80:d5:36:ef:bd:5e:4b:51:41:a8:13:ac: 6a:9c:bc:43:a0:b0:f3:a5:d0:0a:11:ca:fc:f7:ba: e8:00:92:7c:18:d2:bf:78:f5:7c:95:24:b7:1b:ff: ff:e2:5c:c8:74:be:71:e3:4b:34:5c:1e:31:85:36: e6:58:43:d4:62:89:a6:4c:a7:dd:55:70:3b:95:c3: 58:ee:a5:bd:49:15:7c:05:77:b6:96:5e:d8:57:64: f2:00:fb:cd:10:a0:16:55:98:5f:af:1d:cf:15:76: 66:fd:b4:51:e9:16:29:b7:84:14:e9:07:95:da:1d: b1:55:3f:f7:eb:8a:42:32:c9:7e:41:38:5e:45:65: fd:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:84:E2:4A:39:01:8D:2F:19:43:DE:31:D2:8A:98:50:74:8B:8C:45 X509v3 Authority Key Identifier: keyid:E1:73:3B:97:0F:DD:F7:67:FF:19:54:28:43:7E:12:42:A3:76:92:77 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4XM7lw_d92f_GVQoQ34SQqN2knc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912E5CB/5288DCE0704911EDB6E1FB78C4F9AE02/4XM7lw_d92f_GVQoQ34SQqN2knc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:a4:a2:81:9c:b8:28:9d:87:d0:9c:ad:29:38:f4:83:a1:41: 85:a9:05:e3:84:47:69:8f:35:84:5c:04:8b:fd:71:de:86:5e: 15:5c:4e:de:48:c8:df:85:04:bf:69:be:c2:e6:f6:07:7a:c9: 76:b7:a0:63:57:f3:e0:2f:f1:de:3d:26:7d:da:62:48:5a:d3: 82:74:e7:c9:91:97:15:2d:e2:99:16:b7:c0:e4:62:09:7d:e2: 40:65:cc:8a:c3:cf:cd:7b:8a:be:af:71:32:60:da:a6:21:d0: 9d:cd:3f:b7:cb:bb:86:87:14:23:22:7a:e0:c3:ee:27:a7:97: c3:2e:0a:02:3e:22:ec:45:6e:d5:95:9f:04:7b:cc:ab:dc:ca: 78:80:05:b5:a7:96:d9:16:8f:a3:3f:22:24:ff:5f:7d:b6:6c: 64:d3:9a:c0:bf:0a:21:cf:0b:65:8d:e9:1d:cb:41:f6:6f:da: a9:09:ac:71:61:93:24:fc:d2:ee:6d:5e:ad:b7:fa:91:20:4d: 89:1c:63:93:8e:62:b1:2e:86:37:e7:3e:ef:23:86:e6:a8:40: 56:74:82:ac:b2:6e:24:02:51:0d:05:fd:6a:f2:d5:db:9f:08: aa:69:17:7e:0a:fe:dc:5b:0a:c5:db:cc:ff:e3:8b:77:1d:b4: dc:2e:e5:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkU1Q0IxMTAvBgNVBAUTKEUxNzMzQjk3MEZEREY3NjdGRjE5NTQyODQzN0UxMjQy QTM3NjkyNzcwHhcNMjUxMTA1MDIwOTUyWhcNMjUxMTEyMDIwOTUyWjAYMRYwFAYD VQQDEw02OTBhYjFmMC02MTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzVyJYWlWHWJBx6PdaXJ5wzQ1vhyEBprnRf5XNMP2C31kij+O933zCVfGCsMl 3w0ay5E1SxH7fFNrlpnQKtmEh7wY4DTfo+D+OvrbSaJ2umTRyrSs4tn+cPdkz5Cm 9ZV1wGjcucf/SGIHp1gpavM8A26buAZYlRsa8suA1TbvvV5LUUGoE6xqnLxDoLDz pdAKEcr897roAJJ8GNK/ePV8lSS3G///4lzIdL5x40s0XB4xhTbmWEPUYommTKfd VXA7lcNY7qW9SRV8BXe2ll7YV2TyAPvNEKAWVZhfrx3PFXZm/bRR6RYpt4QU6QeV 2h2xVT/364pCMsl+QTheRWX9IwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGyE4ko5 AY0vGUPeMdKKmFB0i4xFMB8GA1UdIwQYMBaAFOFzO5cP3fdn/xlUKEN+EkKjdpJ3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRTVDQi81Mjg4RENFMDcw NDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDkyZl9HVlFvUTM0U1FxTjJr bmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRYTTdsd19kOTJmX0dWUW9RMzRTUXFOMmtuYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RTVDQi81Mjg4RENFMDcwNDkxMUVEQjZFMUZCNzhDNEY5QUUwMi80WE03bHdfZDky Zl9HVlFvUTM0U1FxTjJrbmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/pKKBnLgonYfQnK0pOPSDoUGFqQXjhEdpjzWEXASL/XHehl4VXE7e SMjfhQS/ab7C5vYHesl2t6BjV/PgL/HePSZ92mJIWtOCdOfJkZcVLeKZFrfA5GIJ feJAZcyKw8/Ne4q+r3EyYNqmIdCdzT+3y7uGhxQjInrgw+4np5fDLgoCPiLsRW7V lZ8Ee8yr3Mp4gAW1p5bZFo+jPyIk/199tmxk05rAvwohzwtljekdy0H2b9qpCaxx YZMk/NLubV6tt/qRIE2JHGOTjmKxLoY35z7vI4bmqEBWdIKssm4kAlENBf1q8tXb nwiqaRd+Cv7cWwrF28z/44t3HbTcLuWU -----END CERTIFICATE-----Generated at Wed Nov 5 13:31:57 2025 by rpki-client