$ rpki-client -vvf rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft File: 33HZn0zTs4Mms-1HyOSl35ieQvI.mft (raw, json) Hash identifier: pwhMgUNqrPfElMhWtIGN87ucNAlhpZGV45/wfPvlHgg= Subject key identifier: BE:5B:30:6C:05:42:11:B2:30:69:1B:63:E7:91:14:64:AA:90:CC:A4 Authority key identifier: DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 Certificate issuer: /CN=A915A0EE/serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Certificate serial: 01D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft Manifest number: 01CF Signing time: Mon 03 Nov 2025 02:57:29 +0000 Manifest this update: Mon 03 Nov 2025 02:57:29 +0000 Manifest next update: Mon 10 Nov 2025 02:57:29 +0000 Files and hashes: 1: 33HZn0zTs4Mms-1HyOSl35ieQvI.crl (hash: 2tUINYPCzDH9aOGyj0BVoSOnrzTLfoYQCjGhbpaN61U=) 2: 1BDBCE5013A011EE91039C41C4F9AE02.roa (hash: p/oubbOjEb8Zn+B8haVjlomp+846cFby5ixQFCvfJFE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:57:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 473 (0x1d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915A0EE, serialNumber=DF71D99F4CD3B38326B3ED47C8E4A5DF989E42F2 Validity Not Before: Nov 3 02:57:29 2025 GMT Not After : Nov 10 02:57:29 2025 GMT Subject: CN=69081a19-8f41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:a3:e5:9b:0b:5f:01:9b:86:88:20:55:a0:77: 52:a5:22:99:fd:72:96:a7:a7:65:56:0b:53:62:ff: 83:f1:b4:99:b4:fd:42:f8:a3:37:9f:96:da:af:f4: 52:13:14:58:ac:84:97:90:b2:67:b5:eb:f3:56:2b: 61:51:79:63:90:2d:36:4f:0f:a7:2c:e4:75:74:3c: 0f:65:b6:4a:66:34:23:64:4b:bf:2d:e9:39:75:94: 6c:75:14:c0:33:7c:09:14:76:d8:e5:c1:7d:13:d4: 79:2c:ca:b6:ad:58:3e:6e:46:b6:7a:54:e1:f9:3a: fc:0e:74:0b:15:ba:82:bc:44:68:c4:e8:1d:f1:c2: 7b:11:ee:48:91:e1:bc:49:ff:af:ad:15:83:0f:66: fa:28:bb:d1:79:c2:5b:14:65:80:ab:51:9d:bc:ce: 0c:f9:e1:b9:36:cf:f6:d0:27:38:4e:41:a0:a0:bb: 2e:69:61:00:80:6b:db:48:6f:0d:a6:d2:04:4a:e0: 1f:4c:e0:02:ba:4a:6b:37:06:2e:ca:25:39:36:15: 0d:4b:f2:0b:7b:0c:54:2b:bf:00:77:bd:5f:25:c1: 20:02:e9:ea:2e:18:fc:37:9b:33:3e:d9:dd:8c:46: d3:da:68:59:e0:26:56:70:47:81:64:be:d3:bc:39: 0d:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:5B:30:6C:05:42:11:B2:30:69:1B:63:E7:91:14:64:AA:90:CC:A4 X509v3 Authority Key Identifier: keyid:DF:71:D9:9F:4C:D3:B3:83:26:B3:ED:47:C8:E4:A5:DF:98:9E:42:F2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/33HZn0zTs4Mms-1HyOSl35ieQvI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915A0EE/55C803CA09C011EEBE12583AC4F9AE02/33HZn0zTs4Mms-1HyOSl35ieQvI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:1a:6d:59:91:32:3f:bb:1f:ba:14:53:2b:59:4c:a3:05:3d: a2:61:14:9a:34:ef:d8:43:d4:29:57:7c:e7:fb:b4:e9:a2:66: cb:e9:ad:41:c7:ac:9b:a3:5c:4c:9b:be:e3:83:23:c1:be:24: 3d:54:83:05:27:d7:f1:91:61:c4:88:93:73:30:a0:5d:ab:1d: 17:4c:d3:c4:65:9f:a8:88:2f:73:68:dd:c9:9f:7c:77:b1:51: 7e:c5:6a:48:8f:88:97:09:5c:be:ee:f7:40:96:e7:57:5d:c1: 6d:98:1c:0f:02:c3:c4:a8:6c:af:25:48:ed:70:fe:16:14:d3: ac:c1:ac:bd:34:9e:06:a4:3d:2c:4f:bb:31:39:84:21:70:94: 1d:ad:1d:dc:8e:89:40:e7:3d:6e:08:e5:7f:a5:2b:ad:a8:9e: 7e:6a:73:ec:a9:ef:e8:3c:32:26:09:fb:27:fc:92:b6:cb:c1: 31:24:cf:9f:85:9f:8c:55:4a:12:46:c8:44:e6:ce:f1:96:b1: f7:0f:4d:88:97:d2:f0:d9:d0:51:84:15:80:bd:c5:0b:d0:6c: 3f:7f:18:43:9f:94:cd:1e:7d:8e:2d:36:f0:eb:d1:2f:94:ad: 57:74:ba:9f:7f:94:63:ac:3b:83:d9:c9:6c:76:cc:7d:d1:27: f6:20:68:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUEwRUUxMTAvBgNVBAUTKERGNzFEOTlGNENEM0IzODMyNkIzRUQ0N0M4RTRBNURG OTg5RTQyRjIwHhcNMjUxMTAzMDI1NzI5WhcNMjUxMTEwMDI1NzI5WjAYMRYwFAYD VQQDEw02OTA4MWExOS04ZjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzKPlmwtfAZuGiCBVoHdSpSKZ/XKWp6dlVgtTYv+D8bSZtP1C+KM3n5bar/RS ExRYrISXkLJntevzVithUXljkC02Tw+nLOR1dDwPZbZKZjQjZEu/Lek5dZRsdRTA M3wJFHbY5cF9E9R5LMq2rVg+bka2elTh+Tr8DnQLFbqCvERoxOgd8cJ7Ee5IkeG8 Sf+vrRWDD2b6KLvRecJbFGWAq1GdvM4M+eG5Ns/20Cc4TkGgoLsuaWEAgGvbSG8N ptIESuAfTOACukprNwYuyiU5NhUNS/ILewxUK78Ad71fJcEgAunqLhj8N5szPtnd jEbT2mhZ4CZWcEeBZL7TvDkNdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL5bMGwF QhGyMGkbY+eRFGSqkMykMB8GA1UdIwQYMBaAFN9x2Z9M07ODJrPtR8jkpd+YnkLy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QTBFRS81NUM4MDNDQTA5 QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0TW1zLTFIeU9TbDM1aWVR dkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMzSFpuMHpUczRNbXMtMUh5T1NsMzVpZVF2SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QTBFRS81NUM4MDNDQTA5QzAxMUVFQkUxMjU4M0FDNEY5QUUwMi8zM0habjB6VHM0 TW1zLTFIeU9TbDM1aWVRdkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxGm1ZkTI/ux+6FFMrWUyjBT2iYRSaNO/YQ9QpV3zn+7TpombL6a1B x6ybo1xMm77jgyPBviQ9VIMFJ9fxkWHEiJNzMKBdqx0XTNPEZZ+oiC9zaN3Jn3x3 sVF+xWpIj4iXCVy+7vdAludXXcFtmBwPAsPEqGyvJUjtcP4WFNOsway9NJ4GpD0s T7sxOYQhcJQdrR3cjolA5z1uCOV/pSutqJ5+anPsqe/oPDImCfsn/JK2y8ExJM+f hZ+MVUoSRshE5s7xlrH3D02Il9Lw2dBRhBWAvcUL0Gw/fxhDn5TNHn2OLTbw69Ev lK1XdLqff5RjrDuD2clsdsx90Sf2IGiJ -----END CERTIFICATE-----Generated at Tue Nov 4 19:05:15 2025 by rpki-client