$ rpki-client -vvf rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft File: IPxzgnJ0AC605K7oniD9DRc_soU.mft (raw, json) Hash identifier: g2YmLTZsBzvvqRV192mXS7BiOLiKn2lTnePoW/Mftu4= Subject key identifier: 9B:C2:34:CD:09:54:6D:49:52:C4:50:DA:CA:A4:F4:AE:2F:6A:AC:06 Authority key identifier: 20:FC:73:82:72:74:00:2E:B4:E4:AE:E8:9E:20:FD:0D:17:3F:B2:85 Certificate issuer: /CN=A91578DF/serialNumber=20FC73827274002EB4E4AEE89E20FD0D173FB285 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPxzgnJ0AC605K7oniD9DRc_soU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft Manifest number: 1E Signing time: Wed 05 Nov 2025 08:02:32 +0000 Manifest this update: Wed 05 Nov 2025 08:02:32 +0000 Manifest next update: Wed 12 Nov 2025 08:02:32 +0000 Files and hashes: 1: IPxzgnJ0AC605K7oniD9DRc_soU.crl (hash: 5IbCe9nmwmsiFi2MC86xooJ98aMOxOF5drIXrPszvVo=) 2: 067CE6C895C811F09500A713C4F9AE02.roa (hash: DaXXWX4PSZTEEnKA/Wr/hB6+tz0WGbj29+yIsXyWSwM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.crl rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPxzgnJ0AC605K7oniD9DRc_soU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 08:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91578DF, serialNumber=20FC73827274002EB4E4AEE89E20FD0D173FB285 Validity Not Before: Nov 5 08:02:32 2025 GMT Not After : Nov 12 08:02:32 2025 GMT Subject: CN=690b0498-aa7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:ba:49:d0:8f:7f:3a:8a:74:55:17:f7:c2:c7: f7:3b:f4:35:dd:6d:f3:5c:2c:d0:67:dc:d8:a3:71: be:fc:7c:35:52:e2:1d:b5:db:17:4b:bd:59:45:68: f1:ce:79:cc:12:30:ad:1e:70:cc:1d:12:7f:c0:cf: ba:ed:bc:72:ce:e3:dc:8b:c3:31:5e:c0:8c:39:4e: b2:16:d3:52:f7:11:71:b5:b9:3a:d3:ff:1d:51:21: 1b:1c:f9:59:bb:b2:f0:98:6e:79:cb:6e:2b:93:d4: 6c:32:6c:5c:66:c9:ae:0d:a7:0a:68:d5:6b:d3:4a: d1:08:00:c5:76:23:54:32:39:c8:cc:61:ca:28:9f: 42:93:f7:f1:41:01:33:72:dd:94:b2:4c:f3:d1:ab: ba:68:e1:36:d7:43:d4:dc:3a:34:9a:e2:f8:1e:93: 8f:ac:80:51:2e:33:08:b3:8e:86:a2:e7:a2:fc:fb: b2:bd:95:15:00:dc:21:c0:a5:dd:11:23:85:b1:3b: 80:c3:4b:22:68:57:1d:51:d2:d9:63:32:67:50:72: c0:88:7f:ab:0c:cf:c8:09:e5:ec:e5:3e:3b:27:bb: aa:53:16:d7:0e:71:db:d7:e0:94:36:06:e6:57:8e: 7e:1a:ca:96:5c:c7:6c:31:e7:95:fa:39:d1:a8:4e: f3:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:C2:34:CD:09:54:6D:49:52:C4:50:DA:CA:A4:F4:AE:2F:6A:AC:06 X509v3 Authority Key Identifier: keyid:20:FC:73:82:72:74:00:2E:B4:E4:AE:E8:9E:20:FD:0D:17:3F:B2:85 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IPxzgnJ0AC605K7oniD9DRc_soU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91578DF/051CF1D495C711F0ABE2FD5FC4F9AE02/IPxzgnJ0AC605K7oniD9DRc_soU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:50:6e:00:e6:d6:39:b1:05:c9:5c:ac:76:6d:1b:be:67:97: c2:68:62:c5:0d:56:56:f8:7c:c4:bb:e8:bd:5b:61:f0:08:9f: a0:02:99:cc:c1:cf:a0:51:15:b7:36:a4:fa:5b:2b:f0:94:b6: dc:22:66:3e:6a:46:51:b8:55:a0:ae:75:12:4f:82:56:c7:1e: 0a:bb:5e:48:e5:b3:11:19:96:51:30:b8:84:28:9d:01:6c:98: fe:3b:49:64:c5:18:ed:3f:9f:b5:f4:46:ef:cf:2f:5c:bf:fe: f3:b4:4c:a3:c5:1e:fb:39:bc:a3:5e:3a:ec:d7:b7:c2:b1:0f: 85:42:de:0b:a4:8d:21:19:85:46:98:35:dd:ce:69:c3:a5:1c: 30:0b:3c:36:4c:1a:26:31:bb:17:0c:03:bd:d8:e6:b9:9b:fb: 5b:fe:d3:4a:00:ed:24:43:a5:9b:7f:be:6c:71:e0:82:77:03: 27:1d:cd:3d:c0:92:65:46:24:4e:43:73:1d:2c:ad:b0:e5:ba: 13:ae:ad:88:6f:11:01:cd:dc:0f:30:6a:e9:86:9c:c5:bb:57: 65:f8:a6:90:02:cc:02:56:54:d6:7a:b4:7c:f2:e1:85:95:b7: e6:67:40:d9:1f:43:fd:99:ac:13:42:6e:b4:22:fc:b3:29:ca: 98:ca:4e:8e -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NzhERjExMC8GA1UEBRMoMjBGQzczODI3Mjc0MDAyRUI0RTRBRUU4OUUyMEZEMEQx NzNGQjI4NTAeFw0yNTExMDUwODAyMzJaFw0yNTExMTIwODAyMzJaMBgxFjAUBgNV BAMTDTY5MGIwNDk4LWFhN2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDduknQj386inRVF/fCx/c79DXdbfNcLNBn3Nijcb78fDVS4h212xdLvVlFaPHO ecwSMK0ecMwdEn/Az7rtvHLO49yLwzFewIw5TrIW01L3EXG1uTrT/x1RIRsc+Vm7 svCYbnnLbiuT1GwybFxmya4Npwpo1WvTStEIAMV2I1QyOcjMYcoon0KT9/FBATNy 3ZSyTPPRq7po4TbXQ9TcOjSa4vgek4+sgFEuMwizjoai56L8+7K9lRUA3CHApd0R I4WxO4DDSyJoVx1R0tljMmdQcsCIf6sMz8gJ5ezlPjsnu6pTFtcOcdvX4JQ2BuZX jn4aypZcx2wx55X6OdGoTvP7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUm8I0zQlU bUlSxFDayqT0ri9qrAYwHwYDVR0jBBgwFoAUIPxzgnJ0AC605K7oniD9DRc/soUw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3OERGLzA1MUNGMUQ0OTVD NzExRjBBQkUyRkQ1RkM0RjlBRTAyL0lQeHpnbkowQUM2MDVLN29uaUQ5RFJjX3Nv VS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSVB4emduSjBBQzYwNUs3b25pRDlEUmNfc29VLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU3 OERGLzA1MUNGMUQ0OTVDNzExRjBBQkUyRkQ1RkM0RjlBRTAyL0lQeHpnbkowQUM2 MDVLN29uaUQ5RFJjX3NvVS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJ1QbgDm1jmxBclcrHZtG75nl8JoYsUNVlb4fMS76L1bYfAIn6ACmczB z6BRFbc2pPpbK/CUttwiZj5qRlG4VaCudRJPglbHHgq7XkjlsxEZllEwuIQonQFs mP47SWTFGO0/n7X0Ru/PL1y//vO0TKPFHvs5vKNeOuzXt8KxD4VC3gukjSEZhUaY Nd3OacOlHDALPDZMGiYxuxcMA73Y5rmb+1v+00oA7SRDpZt/vmxx4IJ3AycdzT3A kmVGJE5Dcx0srbDluhOurYhvEQHN3A8waumGnMW7V2X4ppACzAJWVNZ6tHzy4YWV t+ZnQNkfQ/2ZrBNCbrQi/LMpypjKTo4= -----END CERTIFICATE-----Generated at Wed Nov 5 09:29:57 2025 by rpki-client