$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: +HIY7f/a7WbeAt4Y6UJXOLH4OEG//1vABaVh3s5k2G8= Subject key identifier: 9D:99:83:04:74:B1:B9:98:05:3D:10:56:C6:94:CE:20:CB:63:27:32 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: D8 Signing time: Wed 05 Nov 2025 05:50:30 +0000 Manifest this update: Wed 05 Nov 2025 05:50:29 +0000 Manifest next update: Wed 12 Nov 2025 05:50:29 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: ZytAVy5zIax5t11KB63ku7IYME3DP1zI3WT8XwJgao0=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: 0W2/njWu/4NeHHOITSUzSzI4ic/vgB1fnauNrzPM4sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:50:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Nov 5 05:50:29 2025 GMT Not After : Nov 12 05:50:29 2025 GMT Subject: CN=690ae5a5-97b6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:92:b4:2d:ef:62:98:7f:51:9f:03:8d:5e:ab: 1e:3a:4f:3c:52:30:f3:d6:c2:0a:04:34:ab:03:11: ad:65:37:2f:ab:91:14:d1:56:65:9e:f4:89:d8:f4: b4:bd:f1:99:fd:1d:20:46:52:cc:d6:9a:a8:58:79: e4:60:40:18:fc:eb:f1:c8:92:3e:cb:0f:2c:2c:0b: 1d:35:9d:07:48:02:3b:34:f0:b3:2e:64:0f:0a:ed: 6a:b0:91:ce:ca:80:63:fe:80:72:84:5b:d3:ae:58: d0:42:3c:53:e4:1a:be:f6:1c:5d:61:59:55:48:2d: ad:bf:44:be:2d:e1:bf:15:ff:33:a4:ef:79:32:71: 17:99:69:e7:6b:05:97:6f:ec:75:a4:ef:a2:bb:46: 7f:92:60:15:93:ac:47:e4:d2:74:5f:4c:8e:35:f2: 28:19:43:4b:a7:69:8c:2f:4a:56:17:2e:cc:04:f4: b2:8a:6a:b4:16:28:a5:b0:54:58:37:61:13:28:84: 42:96:2e:93:b0:1a:cd:c2:00:a8:0a:8f:ba:d4:9e: 7c:11:f7:15:bb:a1:88:9f:fa:d2:cb:63:29:74:2d: 67:f3:b6:9d:4c:4f:bf:b3:95:b2:b7:07:10:fb:50: 94:3e:ca:68:76:f1:a0:7e:f6:f6:30:1c:cc:94:93: d0:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:99:83:04:74:B1:B9:98:05:3D:10:56:C6:94:CE:20:CB:63:27:32 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:c4:6c:69:46:78:3c:45:5c:b2:ab:07:ca:46:f0:c0:e0:dc: fa:72:f6:de:e7:e4:2a:68:20:96:5c:f0:f4:ad:de:5c:61:0a: 09:fb:ff:b5:4d:dc:50:e4:da:2a:bf:1e:de:fe:28:2c:2b:ef: 77:50:c5:20:30:74:97:09:6b:83:a0:8f:31:49:42:54:c3:31: cd:65:4b:ee:25:f3:aa:96:b2:0a:b4:c4:0e:3e:d7:2a:49:a7: 15:01:a3:eb:84:48:cb:c4:e4:c7:fa:74:85:73:e1:66:4d:32: 4a:c8:1d:83:46:a0:67:82:00:98:a7:e6:77:22:d6:80:28:03: 72:e6:b4:15:62:76:49:67:2c:e8:62:77:c3:5d:dd:d8:15:fe: 71:3e:8c:1c:d7:fa:e3:88:8a:9b:7a:5a:5d:68:26:a2:88:c7: c8:d4:1f:00:1a:ff:26:bf:21:da:1b:0f:86:d1:43:91:cb:5a: 4e:09:8e:e9:23:53:1c:70:f3:4c:c4:70:df:a8:7b:7a:ae:a2: 7c:ee:a7:14:92:b1:3b:54:cf:27:6b:ca:66:7b:1d:f1:a3:66: 2d:3e:e1:3f:3c:1f:44:50:4e:a6:47:41:78:59:8a:3a:5a:10: 86:53:57:61:97:05:c5:ea:52:a2:52:3d:12:b8:84:9b:42:c5: e9:d1:99:fe -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUxMTA1MDU1MDI5WhcNMjUxMTEyMDU1MDI5WjAYMRYwFAYD VQQDEw02OTBhZTVhNS05N2I2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZK0Le9imH9RnwONXqseOk88UjDz1sIKBDSrAxGtZTcvq5EU0VZlnvSJ2PS0 vfGZ/R0gRlLM1pqoWHnkYEAY/OvxyJI+yw8sLAsdNZ0HSAI7NPCzLmQPCu1qsJHO yoBj/oByhFvTrljQQjxT5Bq+9hxdYVlVSC2tv0S+LeG/Ff8zpO95MnEXmWnnawWX b+x1pO+iu0Z/kmAVk6xH5NJ0X0yONfIoGUNLp2mML0pWFy7MBPSyimq0FiilsFRY N2ETKIRCli6TsBrNwgCoCo+61J58EfcVu6GIn/rSy2MpdC1n87adTE+/s5WytwcQ +1CUPspodvGgfvb2MBzMlJPQuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ2ZgwR0 sbmYBT0QVsaUziDLYycyMB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZxGxpRng8RVyyqwfKRvDA4Nz6cvbe5+QqaCCWXPD0rd5cYQoJ+/+1 TdxQ5Noqvx7e/igsK+93UMUgMHSXCWuDoI8xSUJUwzHNZUvuJfOqlrIKtMQOPtcq SacVAaPrhEjLxOTH+nSFc+FmTTJKyB2DRqBnggCYp+Z3ItaAKANy5rQVYnZJZyzo YnfDXd3YFf5xPowc1/rjiIqbelpdaCaiiMfI1B8AGv8mvyHaGw+G0UORy1pOCY7p I1MccPNMxHDfqHt6rqJ87qcUkrE7VM8na8pmex3xo2YtPuE/PB9EUE6mR0F4WYo6 WhCGU1dhlwXF6lKiUj0SuISbQsXp0Zn+ -----END CERTIFICATE-----Generated at Wed Nov 5 11:55:37 2025 by rpki-client