$ rpki-client -vvf rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft File: gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft (raw, json) Hash identifier: TykUSvIzsBtXvyZsq73/Ix7L2+b+XuHxqByK/XTnpW0= Subject key identifier: E0:2C:C7:12:AC:4F:E6:D8:87:50:D9:84:D2:BB:3A:12:C8:8A:7D:9E Authority key identifier: 81:7D:D3:80:2F:26:E5:7E:CE:82:65:CE:86:26:FC:BB:9C:64:E9:D4 Certificate issuer: /CN=A917092C/serialNumber=817DD3802F26E57ECE8265CE8626FCBB9C64E9D4 Certificate serial: EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gX3TgC8m5X7OgmXOhib8u5xk6dQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft Manifest number: DF Signing time: Wed 05 Nov 2025 05:49:14 +0000 Manifest this update: Wed 05 Nov 2025 05:49:13 +0000 Manifest next update: Wed 12 Nov 2025 05:49:13 +0000 Files and hashes: 1: gX3TgC8m5X7OgmXOhib8u5xk6dQ.crl (hash: TIj6Yw5Zrx+7oOty34/P7Dki2Eg5YmaWaFfe9+Cg/4A=) 2: E1F3085E777E11EFB3F75352C4F9AE02.roa (hash: KCUoweqEDh9jHcBtb7W3HaJWTeDZFQpve4LjGr9WIOQ=) 3: E3105D04777E11EFB3F75352C4F9AE02.roa (hash: cAiqdNWzTF0sxkzvHv6yM/PcMz/pHk5XzQwUuq8wOgo=) 4: 8E00FBF2777E11EF8D0ECC4EC4F9AE02.roa (hash: aNcYj3A/gGnj4dxbU3z5mV3zt63Nh4QrgMIUUabFzuw=) 5: E27B5862777E11EFB3F75352C4F9AE02.roa (hash: SHadC7K9t4sf0FTRuN25Sqtx5daSfJ2m5VktpFS9BJc=) 6: E3C4A4EE777E11EFB3F75352C4F9AE02.roa (hash: he2Yg9YLqUGBktzqkNPe9zTZfzSefhfrBKHZ0mm0MXI=) 7: 752774D616A111F0B2CDBC72C4F9AE02.roa (hash: 3FjaUGxyX9keX6h1j1EjjACKPn/PD276JgWOPNcm8Oo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.crl rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gX3TgC8m5X7OgmXOhib8u5xk6dQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:49:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 239 (0xef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917092C, serialNumber=817DD3802F26E57ECE8265CE8626FCBB9C64E9D4 Validity Not Before: Nov 5 05:49:13 2025 GMT Not After : Nov 12 05:49:13 2025 GMT Subject: CN=690ae55a-ae42 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:b5:6d:19:8d:a0:86:6f:6f:9c:f4:7d:43:e4: d6:46:d6:24:b4:10:aa:c3:0a:b6:a1:19:01:5c:e7: 5c:68:d8:f1:70:16:62:71:8c:db:fa:45:ee:4c:2a: 95:aa:f9:fa:09:9f:69:56:f1:9b:8a:70:76:99:d1: 31:28:c8:8a:78:b0:73:98:3a:84:84:5c:43:26:f5: e4:6b:80:95:a7:6d:1a:a1:86:06:25:7a:60:8a:c7: 2e:fa:b8:63:16:24:a1:84:9b:70:e9:91:67:0e:ff: 91:5e:94:3e:36:42:9e:2d:b7:8d:ed:2f:ae:66:9f: fc:3c:00:2e:10:7e:fd:5e:79:a6:1e:dc:c6:20:10: 42:60:83:4d:e1:c4:a4:47:1e:f2:04:96:e8:38:33: 9f:af:3b:6d:fd:f8:72:4e:f1:8b:e0:a2:ad:02:77: 93:cd:b2:76:42:ab:ba:56:8c:02:d7:75:d6:ab:c0: 5d:11:5b:21:d6:e9:7a:32:90:ea:56:62:2a:37:7f: f5:40:f2:a2:aa:23:06:e5:16:9f:a4:c6:aa:da:a4: 79:09:fe:e5:9a:cf:0f:84:5b:53:2e:c5:16:be:80: 8b:a4:39:af:b9:55:38:7e:48:b2:7e:95:42:3d:e0: f5:df:5f:63:3a:3c:a1:2e:9f:99:ec:32:7c:63:55: 0b:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E0:2C:C7:12:AC:4F:E6:D8:87:50:D9:84:D2:BB:3A:12:C8:8A:7D:9E X509v3 Authority Key Identifier: keyid:81:7D:D3:80:2F:26:E5:7E:CE:82:65:CE:86:26:FC:BB:9C:64:E9:D4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/gX3TgC8m5X7OgmXOhib8u5xk6dQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917092C/E2C077DE776611EFB55ED279C4F9AE02/gX3TgC8m5X7OgmXOhib8u5xk6dQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:5d:8e:7c:00:d9:7d:6f:92:50:d4:81:e5:37:3d:4f:da:ee: bb:f3:c0:c9:53:6d:96:e8:54:59:e2:fa:9d:3c:37:86:4f:aa: 89:92:10:be:56:96:ac:7e:89:e0:50:23:cf:1a:89:19:f0:18: 52:d2:82:ca:a4:e0:d5:e3:25:22:ef:3c:7d:39:36:16:8a:e4: ab:a7:43:6f:f5:67:dd:5f:47:3c:78:a6:bd:ef:78:3e:a3:a1: 1a:86:96:ee:96:34:3c:61:84:67:9d:78:c3:b0:c9:b6:d6:f8: af:2d:35:5b:b7:58:31:be:66:19:16:5a:07:e6:f3:25:cc:26: 33:f8:e4:07:9d:19:74:01:8c:2e:a9:e8:04:89:53:d7:9f:91: 06:e1:ad:ee:db:6a:2d:3a:bc:ff:48:0f:a1:86:38:5f:43:f6: ba:73:e9:17:da:16:89:56:c6:35:c5:0e:3a:3f:ca:c5:64:fb: 35:82:56:15:7d:c5:17:34:47:b0:b9:f4:2b:97:27:bc:63:42: 96:bc:6d:cb:db:83:64:e8:b0:64:f4:f6:15:c6:28:e5:3e:da: 43:6e:b7:e2:2c:b5:8b:26:38:d8:b5:ac:8e:47:40:ba:ce:fa: b6:50:f4:b2:5e:9b:74:87:d0:45:ab:f6:d2:d1:f2:f8:b6:f5: dd:8f:3b:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzA5MkMxMTAvBgNVBAUTKDgxN0REMzgwMkYyNkU1N0VDRTgyNjVDRTg2MjZGQ0JC OUM2NEU5RDQwHhcNMjUxMTA1MDU0OTEzWhcNMjUxMTEyMDU0OTEzWjAYMRYwFAYD VQQDEw02OTBhZTU1YS1hZTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA37VtGY2ghm9vnPR9Q+TWRtYktBCqwwq2oRkBXOdcaNjxcBZicYzb+kXuTCqV qvn6CZ9pVvGbinB2mdExKMiKeLBzmDqEhFxDJvXka4CVp20aoYYGJXpgiscu+rhj FiShhJtw6ZFnDv+RXpQ+NkKeLbeN7S+uZp/8PAAuEH79XnmmHtzGIBBCYINN4cSk Rx7yBJboODOfrztt/fhyTvGL4KKtAneTzbJ2Qqu6VowC13XWq8BdEVsh1ul6MpDq VmIqN3/1QPKiqiMG5RafpMaq2qR5Cf7lms8PhFtTLsUWvoCLpDmvuVU4fkiyfpVC PeD1319jOjyhLp+Z7DJ8Y1ULAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOAsxxKs T+bYh1DZhNK7OhLIin2eMB8GA1UdIwQYMBaAFIF904AvJuV+zoJlzoYm/LucZOnU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MDkyQy9FMkMwNzdERTc3 NjYxMUVGQjU1RUQyNzlDNEY5QUUwMi9nWDNUZ0M4bTVYN09nbVhPaGliOHU1eGs2 ZFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2dYM1RnQzhtNVg3T2dtWE9oaWI4dTV4azZkUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MDkyQy9FMkMwNzdERTc3NjYxMUVGQjU1RUQyNzlDNEY5QUUwMi9nWDNUZ0M4bTVY N09nbVhPaGliOHU1eGs2ZFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzXY58ANl9b5JQ1IHlNz1P2u6788DJU22W6FRZ4vqdPDeGT6qJkhC+ VpasfongUCPPGokZ8BhS0oLKpODV4yUi7zx9OTYWiuSrp0Nv9WfdX0c8eKa973g+ o6EahpbuljQ8YYRnnXjDsMm21vivLTVbt1gxvmYZFloH5vMlzCYz+OQHnRl0AYwu qegEiVPXn5EG4a3u22otOrz/SA+hhjhfQ/a6c+kX2haJVsY1xQ46P8rFZPs1glYV fcUXNEewufQrlye8Y0KWvG3L24Nk6LBk9PYVxijlPtpDbrfiLLWLJjjYtayOR0C6 zvq2UPSyXpt0h9BFq/bS0fL4tvXdjzuW -----END CERTIFICATE-----Generated at Wed Nov 5 12:08:07 2025 by rpki-client