$ rpki-client -vvf rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft File: 433E2CR2A-hIwAZsRFuc2NpzUNY.mft (raw, json) Hash identifier: Ol2WeJzcEZ3Ukb4yA7VBXeQPzFQdIQC33GEvIX454BY= Subject key identifier: 64:81:53:24:AF:25:3A:AA:1C:0A:5B:FD:32:17:2A:3C:16:9E:7B:53 Authority key identifier: E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 Certificate issuer: /CN=A916C8F2/serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Certificate serial: 43 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft Manifest number: 42 Signing time: Wed 05 Nov 2025 07:36:11 +0000 Manifest this update: Wed 05 Nov 2025 07:36:11 +0000 Manifest next update: Wed 12 Nov 2025 07:36:11 +0000 Files and hashes: 1: 433E2CR2A-hIwAZsRFuc2NpzUNY.crl (hash: kslxsdxUuhu/I7NIjJPUE6pEPEcwvMnBz+0I1gZMstw=) 2: 730C503A56C611F096620043C4F9AE02.roa (hash: m+BAyP5CIYN6CIS7MvKKiKoAky/65ZLjF2ZjJHqu8U0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:36:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 67 (0x43) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C8F2, serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Validity Not Before: Nov 5 07:36:11 2025 GMT Not After : Nov 12 07:36:11 2025 GMT Subject: CN=690afe6b-8b07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:80:63:14:1f:3b:e0:94:50:56:c2:3e:67:62: a3:d3:11:85:4a:c6:c2:0a:38:1f:b6:65:75:78:05: e4:dc:b4:3f:0d:58:dd:77:f4:b9:44:10:59:f0:f6: da:1b:d4:71:7e:14:33:94:a3:5e:ed:af:ea:69:22: 88:74:5c:8a:ba:64:4f:5a:7a:33:5c:76:3f:01:82: 50:5c:c2:75:fa:74:11:f1:e7:e5:0b:69:68:87:cb: ac:1d:6d:78:5e:b4:49:24:25:86:a4:c8:af:69:f5: ee:4c:e5:6d:36:d1:5e:99:b9:e7:71:03:84:7b:c6: 0f:2f:e6:c6:e3:cb:32:2c:01:35:29:47:a4:d8:92: 94:bd:26:63:e5:0b:03:01:c0:5e:41:9f:2e:86:a0: d1:f3:51:be:77:8c:4a:36:51:e8:c9:18:26:88:4f: cb:4e:b9:d1:73:54:ed:d3:77:9f:63:fb:8e:36:b7: fd:36:fe:98:87:b2:58:92:82:72:bd:44:a3:2f:f9: d6:b0:cc:7d:87:ee:5d:85:78:14:39:4a:0e:4c:39: 4d:36:50:0b:73:09:e0:e5:c5:54:63:f2:1b:ce:ea: 60:66:0a:1d:c8:5b:d2:8d:8f:4e:09:fa:d9:20:2d: 99:ac:96:55:01:01:0b:63:bc:c1:cb:aa:65:67:94: 95:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:81:53:24:AF:25:3A:AA:1C:0A:5B:FD:32:17:2A:3C:16:9E:7B:53 X509v3 Authority Key Identifier: keyid:E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:9d:97:33:a1:45:74:3c:88:91:41:04:cc:cd:c1:99:77:ad: 5f:e2:ae:12:91:ab:ee:39:76:c8:c2:7b:cc:62:d0:f2:05:ca: 87:ee:db:50:79:11:24:86:f9:92:02:16:39:c2:a2:2d:a1:4c: a7:6d:ee:e7:45:6f:47:70:8d:eb:b0:69:12:03:82:6e:b2:2c: fc:ee:2a:61:0e:77:22:63:c4:21:07:d3:03:e8:0e:19:2e:66: e8:f9:35:c1:92:ee:40:39:03:1b:9d:64:e3:72:fe:58:61:06: 9f:31:19:de:f3:5c:6e:99:8b:08:a4:37:6e:2c:77:d1:8d:57: 53:69:b1:cc:52:91:64:31:15:f9:8f:97:94:05:5a:12:e5:1b: b4:7a:71:a7:28:2a:b1:49:c2:f1:a2:88:97:14:80:5e:68:fc: ff:c3:60:e2:86:e6:6b:13:68:b9:11:ba:b6:1d:d2:09:a7:1d: 62:1a:1f:b5:8d:4a:dc:e8:e8:a9:53:6f:66:3a:6f:34:f9:6c: f3:84:7b:db:6b:80:b8:5c:8b:49:10:d9:a6:51:22:90:58:97: 46:35:1e:a4:16:27:c5:20:75:73:c2:6a:60:6a:cd:f7:3f:c2: 70:ba:1f:01:d5:45:3c:cd:70:a8:71:ab:59:52:70:d5:aa:ff: 16:69:fa:2b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBQzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QzhGMjExMC8GA1UEBRMoRTM3REM0RDgyNDc2MDNFODQ4QzAwNjZDNDQ1QjlDRDhE QTczNTBENjAeFw0yNTExMDUwNzM2MTFaFw0yNTExMTIwNzM2MTFaMBgxFjAUBgNV BAMTDTY5MGFmZTZiLThiMDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC/gGMUHzvglFBWwj5nYqPTEYVKxsIKOB+2ZXV4BeTctD8NWN139LlEEFnw9tob 1HF+FDOUo17tr+ppIoh0XIq6ZE9aejNcdj8BglBcwnX6dBHx5+ULaWiHy6wdbXhe tEkkJYakyK9p9e5M5W020V6ZuedxA4R7xg8v5sbjyzIsATUpR6TYkpS9JmPlCwMB wF5Bny6GoNHzUb53jEo2UejJGCaIT8tOudFzVO3Td59j+442t/02/piHsliSgnK9 RKMv+dawzH2H7l2FeBQ5Sg5MOU02UAtzCeDlxVRj8hvO6mBmCh3IW9KNj04J+tkg LZmsllUBAQtjvMHLqmVnlJX9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZIFTJK8l OqocClv9MhcqPBaee1MwHwYDVR0jBBgwFoAU433E2CR2A+hIwAZsRFuc2NpzUNYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDOEYyLzI4N0RFNzM2NTZD NjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1oSXdBWnNSRnVjMk5welVO WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNDMzRTJDUjJBLWhJd0Fac1JGdWMyTnB6VU5ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZD OEYyLzI4N0RFNzM2NTZDNjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1o SXdBWnNSRnVjMk5welVOWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALydlzOhRXQ8iJFBBMzNwZl3rV/irhKRq+45dsjCe8xi0PIFyofu21B5 ESSG+ZICFjnCoi2hTKdt7udFb0dwjeuwaRIDgm6yLPzuKmEOdyJjxCEH0wPoDhku Zuj5NcGS7kA5AxudZONy/lhhBp8xGd7zXG6ZiwikN24sd9GNV1NpscxSkWQxFfmP l5QFWhLlG7R6cacoKrFJwvGiiJcUgF5o/P/DYOKG5msTaLkRurYd0gmnHWIaH7WN Stzo6KlTb2Y6bzT5bPOEe9trgLhci0kQ2aZRIpBYl0Y1HqQWJ8UgdXPCamBqzfc/ wnC6HwHVRTzNcKhxq1lScNWq/xZp+is= -----END CERTIFICATE-----Generated at Wed Nov 5 10:26:02 2025 by rpki-client