$ rpki-client -vvf rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft File: ZUCRhgKOxUzUW1g0_77K9LePGcI.mft (raw, json) Hash identifier: 7UYKCdD1KQSsvIbyOI2xb2W/0FdBP5Omgx6vhIQXyHM= Subject key identifier: F4:BD:36:8B:E3:C9:CA:E0:F4:B3:1E:7B:3F:25:07:56:4B:39:18:11 Authority key identifier: 65:40:91:86:02:8E:C5:4C:D4:5B:58:34:FF:BE:CA:F4:B7:8F:19:C2 Certificate issuer: /CN=A917BBF1/serialNumber=65409186028EC54CD45B5834FFBECAF4B78F19C2 Certificate serial: 0CA6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft Manifest number: 0C89 Signing time: Tue 04 Nov 2025 18:35:23 +0000 Manifest this update: Tue 04 Nov 2025 18:35:22 +0000 Manifest next update: Tue 11 Nov 2025 18:35:22 +0000 Files and hashes: 1: ZUCRhgKOxUzUW1g0_77K9LePGcI.crl (hash: /FFOMc/bWpyGcS+6k7fDXzZywBj58j94nTdPpo0mes8=) 2: 7136F65A37A811EE94E32169C4F9AE02.roa (hash: MIgp6SPzmtBLaTAJ8Ko+cWBy6IjOqEZ3q2z4VBixHmI=) 3: 1B54858065B711EE93D6ED6DC4F9AE02.roa (hash: GsJaSUcatISwdkkhFSUQBWiCBZOPMZtERdw74sbshGA=) 4: FF4F13D4448711ECA80CFC34C4F9AE02.roa (hash: pvvlftNep3JGBrkiJAisunxpzryLA3gGytWzHa5BKMk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.crl rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:35:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3238 (0xca6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917BBF1, serialNumber=65409186028EC54CD45B5834FFBECAF4B78F19C2 Validity Not Before: Nov 4 18:35:22 2025 GMT Not After : Nov 11 18:35:22 2025 GMT Subject: CN=690a476b-ee4a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:9d:52:bb:75:39:db:7d:1d:00:9e:77:6c:be: 20:09:15:e0:0c:9d:c6:a2:c3:e0:09:7f:5f:08:32: eb:93:a0:0c:89:52:2f:48:94:ec:77:3f:33:0a:7e: 65:9f:83:46:8b:5b:11:c7:89:ef:39:33:d9:86:af: 13:89:fc:57:4c:09:e1:f0:2b:76:37:f5:5e:d0:28: d2:5b:31:63:cd:70:a8:47:ce:d1:95:d1:4c:91:16: 68:20:c9:7b:dd:b1:67:a1:5d:1e:24:98:42:cc:ab: 48:a3:5e:8d:91:88:ae:fb:ec:8f:76:29:df:11:25: 5a:f8:d4:72:b5:da:b3:b6:b3:14:68:ca:1e:fe:e7: 5f:c5:f1:1c:fe:61:4b:23:56:5c:e8:81:ac:aa:f8: 6e:d8:cf:56:01:9b:19:b5:35:09:42:27:b4:12:57: a8:6e:80:e3:95:2a:ec:42:fb:14:6e:8d:36:95:eb: d1:1b:cd:9b:e5:24:50:0b:d4:c8:04:bf:10:81:77: f3:97:a3:84:63:40:34:10:f0:3f:23:fb:a9:18:45: 72:f7:a5:8e:79:2f:a5:19:ca:41:97:29:16:47:d5: 90:5f:54:91:9d:f5:14:6b:93:d5:75:17:cd:bf:2b: b9:48:0f:37:63:ea:50:eb:25:88:db:c9:90:fc:53: bd:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:BD:36:8B:E3:C9:CA:E0:F4:B3:1E:7B:3F:25:07:56:4B:39:18:11 X509v3 Authority Key Identifier: keyid:65:40:91:86:02:8E:C5:4C:D4:5B:58:34:FF:BE:CA:F4:B7:8F:19:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZUCRhgKOxUzUW1g0_77K9LePGcI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917BBF1/245DC5CA0AF711EAA85A5D1AC4F9AE02/ZUCRhgKOxUzUW1g0_77K9LePGcI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:49:0f:e9:36:49:5d:ca:14:77:ab:45:d2:fc:1d:5f:1d:9f: 80:b3:81:48:53:c4:87:77:ed:1b:28:b7:23:fd:89:0e:b3:f0: 27:13:78:fe:b7:bb:db:63:21:e7:74:3b:fa:ce:86:bf:2c:7e: f0:ae:0f:26:0b:d1:06:cd:ea:6a:aa:85:3e:07:4b:16:85:ca: b3:a8:2b:d6:89:f6:09:56:de:99:3f:1a:db:6b:04:41:e2:7e: 5c:0e:d0:ef:cc:cc:3a:c3:80:a0:05:87:b4:fd:01:27:a8:94: e3:53:75:3c:d0:b8:41:c0:6b:74:db:47:92:f6:d1:0e:af:1d: e3:1f:a0:93:f6:7e:4e:87:cb:58:46:a0:6a:30:8b:bb:48:80: 64:e0:88:db:94:89:03:56:1c:d5:ca:f2:36:a2:19:50:3b:1f: d2:11:bc:36:93:b3:ca:86:4c:b5:4c:b4:e4:e0:3b:87:c4:03: 97:ba:bb:29:1a:4f:83:89:7e:34:0c:19:ce:5a:cf:37:b4:44: 51:8c:9f:ef:2e:4e:ca:db:06:34:ed:8f:60:22:20:f4:ee:33: a1:b4:3a:9e:15:a0:f7:2b:51:02:5e:11:1f:4d:59:04:a4:c2: 16:26:c1:a5:6b:56:cd:40:54:cb:b8:a2:6d:00:88:63:af:58: 7e:ee:6f:8e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDKYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0JCRjExMTAvBgNVBAUTKDY1NDA5MTg2MDI4RUM1NENENDVCNTgzNEZGQkVDQUY0 Qjc4RjE5QzIwHhcNMjUxMTA0MTgzNTIyWhcNMjUxMTExMTgzNTIyWjAYMRYwFAYD VQQDEw02OTBhNDc2Yi1lZTRhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu51Su3U5230dAJ53bL4gCRXgDJ3GosPgCX9fCDLrk6AMiVIvSJTsdz8zCn5l n4NGi1sRx4nvOTPZhq8TifxXTAnh8Ct2N/Ve0CjSWzFjzXCoR87RldFMkRZoIMl7 3bFnoV0eJJhCzKtIo16NkYiu++yPdinfESVa+NRytdqztrMUaMoe/udfxfEc/mFL I1Zc6IGsqvhu2M9WAZsZtTUJQie0EleoboDjlSrsQvsUbo02levRG82b5SRQC9TI BL8QgXfzl6OEY0A0EPA/I/upGEVy96WOeS+lGcpBlykWR9WQX1SRnfUUa5PVdRfN vyu5SA83Y+pQ6yWI28mQ/FO93QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPS9Novj ycrg9LMeez8lB1ZLORgRMB8GA1UdIwQYMBaAFGVAkYYCjsVM1FtYNP++yvS3jxnC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QkJGMS8yNDVEQzVDQTBB RjcxMUVBQTg1QTVEMUFDNEY5QUUwMi9aVUNSaGdLT3hVelVXMWcwXzc3SzlMZVBH Y0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pVQ1JoZ0tPeFV6VVcxZzBfNzdLOUxlUEdjSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QkJGMS8yNDVEQzVDQTBBRjcxMUVBQTg1QTVEMUFDNEY5QUUwMi9aVUNSaGdLT3hV elVXMWcwXzc3SzlMZVBHY0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAISQ/pNkldyhR3q0XS/B1fHZ+As4FIU8SHd+0bKLcj/YkOs/AnE3j+ t7vbYyHndDv6zoa/LH7wrg8mC9EGzepqqoU+B0sWhcqzqCvWifYJVt6ZPxrbawRB 4n5cDtDvzMw6w4CgBYe0/QEnqJTjU3U80LhBwGt020eS9tEOrx3jH6CT9n5Oh8tY RqBqMIu7SIBk4IjblIkDVhzVyvI2ohlQOx/SEbw2k7PKhky1TLTk4DuHxAOXursp Gk+DiX40DBnOWs83tERRjJ/vLk7K2wY07Y9gIiD07jOhtDqeFaD3K1ECXhEfTVkE pMIWJsGla1bNQFTLuKJtAIhjr1h+7m+O -----END CERTIFICATE-----Generated at Wed Nov 5 19:22:42 2025 by rpki-client