$ rpki-client -vvf rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft File: Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft (raw, json) Hash identifier: mNVg7KGtLhs6at7wgg6bPL2zwUMS/kw3SW3FexVIfAk= Subject key identifier: 57:95:DE:6F:3E:43:2D:CD:A4:76:B2:FF:08:2E:44:63:D7:CD:A7:E5 Authority key identifier: 49:DD:D1:E4:C5:A9:FC:76:66:26:D2:FA:3B:66:37:DA:80:EA:2F:D2 Certificate issuer: /CN=A916156D/serialNumber=49DDD1E4C5A9FC766626D2FA3B6637DA80EA2FD2 Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft Manifest number: 4A Signing time: Wed 05 Nov 2025 07:33:28 +0000 Manifest this update: Wed 05 Nov 2025 07:33:27 +0000 Manifest next update: Wed 12 Nov 2025 07:33:27 +0000 Files and hashes: 1: Sd3R5MWp_HZmJtL6O2Y32oDqL9I.crl (hash: n8Ro69GaQod2s92NFPLisEbTh55pKne5tOpCkYdHOaU=) 2: 850105504F3D11F0A0960F7CC4F9AE02.roa (hash: ycoxpKT+DpgcLoAUSWd+EWSk4JnPGKou98k0R1luHMk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.crl rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:33:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916156D, serialNumber=49DDD1E4C5A9FC766626D2FA3B6637DA80EA2FD2 Validity Not Before: Nov 5 07:33:27 2025 GMT Not After : Nov 12 07:33:27 2025 GMT Subject: CN=690afdc8-49ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:91:e7:12:c8:93:30:95:30:2c:ac:da:a6:16: ac:86:db:39:85:dd:c0:4c:27:9d:32:d6:87:cb:94: 2b:78:41:98:2e:ba:0f:cd:80:e0:de:87:df:a1:e3: 23:d7:b6:e4:bf:5d:c1:a8:db:e8:f0:1e:57:7e:f6: 38:1f:41:3a:fa:68:2f:18:1f:da:8f:42:89:a9:3b: 0d:ed:52:9b:f5:0d:ad:bb:ef:5b:f7:2e:44:ec:3a: da:44:2f:81:eb:c8:79:82:ab:5a:44:cd:fd:34:45: e8:a5:9a:b0:ac:2b:6a:34:65:9d:ec:53:4e:72:59: ec:a9:b4:14:f5:b6:4a:3a:ea:d4:a9:cb:9c:1a:8a: 12:47:2c:e8:39:6d:f7:86:37:2c:f1:fa:df:c8:20: dc:5e:5e:74:16:1b:41:46:28:41:4b:79:8c:fd:6e: 83:c9:ea:06:4a:9a:77:2c:7d:79:07:62:94:c1:e2: 4b:1c:c0:36:e7:89:a7:16:e6:6a:46:1c:25:39:70: 7c:7a:a2:7e:30:c3:60:db:4d:a2:40:a7:b6:c6:7b: 47:0e:b3:47:b9:7b:dd:7c:99:79:a0:e9:b5:26:12: bb:bb:b8:2e:df:88:51:74:78:53:2f:03:f1:83:0c: 8a:d4:13:76:76:f0:c1:79:24:7e:da:b1:6a:8c:f7: 32:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 57:95:DE:6F:3E:43:2D:CD:A4:76:B2:FF:08:2E:44:63:D7:CD:A7:E5 X509v3 Authority Key Identifier: keyid:49:DD:D1:E4:C5:A9:FC:76:66:26:D2:FA:3B:66:37:DA:80:EA:2F:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916156D/7CD3DEAC4E8911F0A81C6716C4F9AE02/Sd3R5MWp_HZmJtL6O2Y32oDqL9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:34:e5:2e:9f:e1:e3:e0:32:b9:cd:97:4d:47:73:b5:03:5d: 58:5d:8e:eb:3f:51:be:87:32:45:9c:13:05:2d:a4:56:dd:55: 1f:89:8e:96:4a:ce:41:7e:d7:2e:82:73:bb:c3:96:b4:02:53: de:64:3b:24:74:c2:c8:77:a7:bf:af:60:22:da:29:14:18:dd: 4d:2e:f2:30:e5:e3:35:44:6f:86:cd:47:8e:67:cc:1f:1f:6e: cc:bc:21:3f:54:40:53:4e:49:bc:bf:2d:74:e9:6d:58:77:c1: 1e:28:5b:97:26:9e:53:c1:2f:e3:96:b0:a9:c7:c4:e7:ae:5a: 53:7e:fb:8a:27:7e:b7:c4:90:ef:96:0b:df:2e:39:03:c5:28: 7b:b2:d6:d1:84:aa:07:83:e8:19:85:ab:b8:ff:08:9f:c2:7b: 8e:c1:31:95:3a:17:cd:3f:50:a8:e0:ff:de:1e:92:6e:91:87: d9:ea:c7:43:8a:2b:41:e3:ac:49:4e:5c:08:83:c9:16:1d:33: 86:39:2f:11:2f:4d:71:6a:7c:27:f6:a3:23:24:db:28:76:f2: 20:67:28:ef:80:21:04:60:06:75:bc:98:9e:11:23:8f:f6:68: c8:77:41:d7:d1:70:aa:09:6b:13:f6:3c:b1:78:6d:d2:fa:68: f0:d9:ac:76 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MTU2RDExMC8GA1UEBRMoNDlEREQxRTRDNUE5RkM3NjY2MjZEMkZBM0I2NjM3REE4 MEVBMkZEMjAeFw0yNTExMDUwNzMzMjdaFw0yNTExMTIwNzMzMjdaMBgxFjAUBgNV BAMTDTY5MGFmZGM4LTQ5YWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC4kecSyJMwlTAsrNqmFqyG2zmF3cBMJ50y1ofLlCt4QZguug/NgODeh9+h4yPX tuS/XcGo2+jwHld+9jgfQTr6aC8YH9qPQompOw3tUpv1Da2771v3LkTsOtpEL4Hr yHmCq1pEzf00ReilmrCsK2o0ZZ3sU05yWeyptBT1tko66tSpy5waihJHLOg5bfeG Nyzx+t/IINxeXnQWG0FGKEFLeYz9boPJ6gZKmncsfXkHYpTB4kscwDbniacW5mpG HCU5cHx6on4ww2DbTaJAp7bGe0cOs0e5e918mXmg6bUmEru7uC7fiFF0eFMvA/GD DIrUE3Z28MF5JH7asWqM9zL/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUV5Xebz5D Lc2kdrL/CC5EY9fNp+UwHwYDVR0jBBgwFoAUSd3R5MWp/HZmJtL6O2Y32oDqL9Iw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYxNTZELzdDRDNERUFDNEU4 OTExRjBBODFDNjcxNkM0RjlBRTAyL1NkM1I1TVdwX0habUp0TDZPMlkzMm9EcUw5 SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvU2QzUjVNV3BfSFptSnRMNk8yWTMyb0RxTDlJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYx NTZELzdDRDNERUFDNEU4OTExRjBBODFDNjcxNkM0RjlBRTAyL1NkM1I1TVdwX0ha bUp0TDZPMlkzMm9EcUw5SS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKc05S6f4ePgMrnNl01Hc7UDXVhdjus/Ub6HMkWcEwUtpFbdVR+JjpZK zkF+1y6Cc7vDlrQCU95kOyR0wsh3p7+vYCLaKRQY3U0u8jDl4zVEb4bNR45nzB8f bsy8IT9UQFNOSby/LXTpbVh3wR4oW5cmnlPBL+OWsKnHxOeuWlN++4onfrfEkO+W C98uOQPFKHuy1tGEqgeD6BmFq7j/CJ/Ce47BMZU6F80/UKjg/94ekm6Rh9nqx0OK K0HjrElOXAiDyRYdM4Y5LxEvTXFqfCf2oyMk2yh28iBnKO+AIQRgBnW8mJ4RI4/2 aMh3QdfRcKoJaxP2PLF4bdL6aPDZrHY= -----END CERTIFICATE-----Generated at Wed Nov 5 17:18:26 2025 by rpki-client