$ rpki-client -vvf rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft File: X3A2SNc_YGlFARjbom-WaC1a5so.mft (raw, json) Hash identifier: 097DxyG2RJH5RrjWnL26dgZYWYXJf6HGSSBWIclN4Jg= Subject key identifier: 80:B6:21:84:4E:5F:9C:12:B6:AB:A2:59:9F:23:A8:BD:64:B1:8B:85 Authority key identifier: 5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA Certificate issuer: /CN=A91508BB/serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Certificate serial: 34D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft Manifest number: 34D5 Signing time: Tue 04 Nov 2025 14:41:25 +0000 Manifest this update: Tue 04 Nov 2025 14:41:24 +0000 Manifest next update: Tue 11 Nov 2025 14:41:24 +0000 Files and hashes: 1: X3A2SNc_YGlFARjbom-WaC1a5so.crl (hash: 7FKbzkFN1Z6QdWphyohrs7vXbtKakKD/D58mIpQmiFs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:41:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13525 (0x34d5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91508BB, serialNumber=5F703648D73F6069450118DBA26F96682D5AE6CA Validity Not Before: Nov 4 14:41:24 2025 GMT Not After : Nov 11 14:41:24 2025 GMT Subject: CN=690a1095-7317 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:1d:bb:d1:c8:80:5a:79:c1:da:fd:d4:c1:f3: 70:5e:95:e8:d5:50:c1:bc:30:b5:5d:ad:a0:75:e3: 0a:bd:01:c9:63:07:99:64:09:db:8c:de:46:36:1d: 12:bf:d9:ce:62:9b:c2:93:2d:f3:46:9c:36:9a:48: bd:ce:8c:9e:14:b1:71:ed:f7:1a:7e:9f:ba:99:34: 5a:37:27:ac:ca:6e:de:7e:86:a6:25:76:11:30:31: 75:61:41:15:05:aa:9e:4a:23:68:fc:09:fb:3d:cb: 73:46:f0:a9:73:96:2a:b3:6f:b6:30:76:34:34:36: 8e:0c:ce:73:5f:4a:4b:c3:f0:c5:56:ee:59:c8:82: f6:df:f0:d3:4d:a9:aa:a2:91:97:e2:d6:31:67:02: ac:31:2a:c4:09:90:db:4a:6e:06:e9:69:d2:de:a6: bb:f4:74:78:4c:df:65:26:f8:53:4f:f8:64:10:4a: 81:7e:69:25:97:46:1d:5e:0f:35:7d:8f:ec:46:03: c5:11:e2:ff:07:c5:6e:68:6c:89:ad:73:5f:6d:6f: 5f:8e:c5:99:40:06:3a:0d:50:00:81:87:31:da:8c: 16:b6:46:c7:ca:3e:d7:d1:38:f6:7f:a7:f2:19:fc: fc:25:62:d0:1d:c3:9f:58:25:18:a4:41:6f:0f:f0: c5:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 80:B6:21:84:4E:5F:9C:12:B6:AB:A2:59:9F:23:A8:BD:64:B1:8B:85 X509v3 Authority Key Identifier: keyid:5F:70:36:48:D7:3F:60:69:45:01:18:DB:A2:6F:96:68:2D:5A:E6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X3A2SNc_YGlFARjbom-WaC1a5so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91508BB/5A0D95881D8D11E2A9D607EB08B02CD2/X3A2SNc_YGlFARjbom-WaC1a5so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 73:8c:bc:d0:5e:d1:6d:b0:00:39:ff:07:c2:27:0d:eb:41:17: 68:97:24:41:26:d8:5e:72:f0:f7:5d:fa:78:8d:5c:23:49:2e: 9d:44:20:a8:81:e6:1b:e4:e0:aa:50:a5:2c:16:dc:be:23:4f: 62:cf:91:fa:af:56:c8:4e:5e:9b:2c:74:10:1c:c3:b3:a5:0d: b8:59:9b:8e:b8:1b:8a:76:60:a1:97:2e:bd:35:17:48:e5:c9: 3f:21:65:52:14:c6:b2:e6:d3:fb:18:e2:e8:ee:29:98:20:bd: 55:41:85:e3:b5:2c:50:6d:e1:c8:c1:ac:98:fc:5e:70:d7:fb: 5a:50:79:cf:24:46:84:7d:88:62:ef:78:b8:aa:14:4e:28:a0: 98:77:ff:44:04:95:19:8b:2d:80:51:84:69:e8:23:f7:2b:f7: c4:03:53:dd:3d:83:df:ee:f5:91:04:1b:c5:f3:30:7d:af:24: cd:47:8a:fe:e0:62:d7:54:40:6e:fa:da:7d:ec:18:b7:1c:57: 6e:af:18:24:ab:a1:2f:8b:11:6a:39:fd:ba:30:74:e7:22:61: 3f:3a:bf:a5:5c:89:fc:c0:40:28:c7:1f:d0:e4:06:30:33:27: ce:f1:a7:51:7e:75:b4:b9:8a:18:e9:09:f8:48:39:98:00:b1: d0:a1:63:5d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA4QkIxMTAvBgNVBAUTKDVGNzAzNjQ4RDczRjYwNjk0NTAxMThEQkEyNkY5NjY4 MkQ1QUU2Q0EwHhcNMjUxMTA0MTQ0MTI0WhcNMjUxMTExMTQ0MTI0WjAYMRYwFAYD VQQDEw02OTBhMTA5NS03MzE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtB270ciAWnnB2v3UwfNwXpXo1VDBvDC1Xa2gdeMKvQHJYweZZAnbjN5GNh0S v9nOYpvCky3zRpw2mki9zoyeFLFx7fcafp+6mTRaNyesym7efoamJXYRMDF1YUEV BaqeSiNo/An7PctzRvCpc5Yqs2+2MHY0NDaODM5zX0pLw/DFVu5ZyIL23/DTTamq opGX4tYxZwKsMSrECZDbSm4G6WnS3qa79HR4TN9lJvhTT/hkEEqBfmkll0YdXg81 fY/sRgPFEeL/B8VuaGyJrXNfbW9fjsWZQAY6DVAAgYcx2owWtkbHyj7X0Tj2f6fy Gfz8JWLQHcOfWCUYpEFvD/DFQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIC2IYRO X5wStquiWZ8jqL1ksYuFMB8GA1UdIwQYMBaAFF9wNkjXP2BpRQEY26JvlmgtWubK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDhCQi81QTBEOTU4ODFE OEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lHbEZBUmpib20tV2FDMWE1 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1gzQTJTTmNfWUdsRkFSamJvbS1XYUMxYTVzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDhCQi81QTBEOTU4ODFEOEQxMUUyQTlENjA3RUIwOEIwMkNEMi9YM0EyU05jX1lH bEZBUmpib20tV2FDMWE1c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBzjLzQXtFtsAA5/wfCJw3rQRdolyRBJthecvD3Xfp4jVwjSS6dRCCo geYb5OCqUKUsFty+I09iz5H6r1bITl6bLHQQHMOzpQ24WZuOuBuKdmChly69NRdI 5ck/IWVSFMay5tP7GOLo7imYIL1VQYXjtSxQbeHIwayY/F5w1/taUHnPJEaEfYhi 73i4qhROKKCYd/9EBJUZiy2AUYRp6CP3K/fEA1PdPYPf7vWRBBvF8zB9ryTNR4r+ 4GLXVEBu+tp97Bi3HFdurxgkq6EvixFqOf26MHTnImE/Or+lXIn8wEAoxx/Q5AYw MyfO8adRfnW0uYoY6Qn4SDmYALHQoWNd -----END CERTIFICATE-----Generated at Wed Nov 5 19:21:14 2025 by rpki-client