$ rpki-client -vvf rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft File: DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft (raw, json) Hash identifier: mv+3U/H0ubIvfz9WgKomnaRqq+AUsUdDddVGL4hPOJs= Subject key identifier: 54:15:04:F3:84:4F:F0:A7:01:D8:6D:73:11:95:15:56:D1:E2:26:1E Authority key identifier: 0D:E1:67:9D:21:D3:9B:61:F0:26:50:A4:14:EC:9D:04:62:C5:E4:18 Certificate issuer: /CN=A917D3A1/serialNumber=0DE1679D21D39B61F02650A414EC9D0462C5E418 Certificate serial: 3538 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft Manifest number: 3511 Signing time: Sun 02 Nov 2025 14:26:29 +0000 Manifest this update: Sun 02 Nov 2025 14:26:29 +0000 Manifest next update: Sun 09 Nov 2025 14:26:29 +0000 Files and hashes: 1: DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl (hash: Cl+khtQepqVZCsI0ti9xd1ePWyVlOTFBKirc1PE9VGc=) 2: B3B5B50E117711EEA0E5E040C4F9AE02.roa (hash: 6CSktOcA4MnBe9beO9qKaaWhMjSNipfCRcL+x7I1JgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 14:26:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13624 (0x3538) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917D3A1, serialNumber=0DE1679D21D39B61F02650A414EC9D0462C5E418 Validity Not Before: Nov 2 14:26:29 2025 GMT Not After : Nov 9 14:26:29 2025 GMT Subject: CN=69076a15-616e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:9b:d4:0d:b2:e5:71:33:b7:06:76:5f:73:82: 20:ba:e9:92:0c:8c:8f:46:f3:32:8a:b9:8a:fc:e4: cc:08:f0:dd:bd:eb:72:e6:10:f9:0b:f7:58:62:af: 70:fa:53:da:ee:e5:3c:27:d6:a8:93:ee:1a:9b:44: 64:76:95:83:7c:d4:aa:be:a8:cf:2d:05:96:73:57: 4c:f8:a1:8a:fd:0e:7d:7a:52:1c:ed:98:5c:58:39: 04:97:84:45:36:84:1b:51:9b:79:94:99:b5:46:1f: 7d:e8:e4:c8:2d:7d:85:b1:d0:81:7a:dc:b7:dc:8e: 3c:81:34:a8:75:81:5e:ae:3d:97:c5:c0:02:cf:89: ba:0b:b8:31:56:4d:d1:1f:ed:1d:95:ad:ff:9d:4b: 79:93:3a:76:91:39:35:55:99:3f:77:18:17:1a:a6: 1b:8a:12:57:f6:8f:f0:5c:f8:d4:41:76:67:5b:0d: 3f:7a:9b:5b:4c:3c:f0:39:46:1d:ee:bc:b1:89:0d: c9:fd:4f:dc:34:08:31:9d:44:ce:c2:a4:b0:71:1b: e2:11:86:ba:73:a9:02:97:33:30:ec:c8:03:70:dd: 8e:50:d3:58:59:ca:e1:fe:a0:da:8d:69:f5:bc:b8: fc:9f:29:56:fc:0d:53:69:50:ce:f3:7f:72:5d:56: e2:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 54:15:04:F3:84:4F:F0:A7:01:D8:6D:73:11:95:15:56:D1:E2:26:1E X509v3 Authority Key Identifier: keyid:0D:E1:67:9D:21:D3:9B:61:F0:26:50:A4:14:EC:9D:04:62:C5:E4:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917D3A1/607AE9541D8611E299BA94DD08B02CD2/DeFnnSHTm2HwJlCkFOydBGLF5Bg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:14:a0:f3:6e:9b:30:a6:b2:b8:21:73:37:bb:9f:21:cf:e6: c7:32:40:46:d2:0b:91:61:e3:d5:4d:47:11:0c:97:c0:98:97: 3f:ef:c5:41:9b:98:ab:93:a8:41:4d:e8:c2:94:52:45:05:fd: fd:42:d4:2b:41:30:57:5b:3b:25:d2:9b:bc:89:25:c1:96:22: f8:8d:8d:41:ab:be:aa:2b:3d:c4:fd:4a:65:53:27:03:b1:45: 58:3a:c3:c4:94:0a:c4:a9:44:0e:d3:58:c7:a1:3f:d2:b8:54: d9:85:60:94:11:af:2a:bd:32:44:c2:68:46:ed:39:d2:a5:fe: a7:37:b9:d7:02:30:0d:71:62:bf:46:4f:d7:e4:29:a6:6a:d4: 66:bc:b3:02:bc:36:47:2b:f1:53:4c:0d:11:1e:81:39:67:e2: 3f:36:a8:97:cd:32:a8:36:0c:12:bd:e7:c1:36:7d:e8:cc:47: ad:e6:4f:58:93:3d:33:9f:f4:04:4a:08:7e:3b:fb:d5:14:d6: 5d:26:2a:b9:0e:71:e8:22:a5:aa:c9:dc:2d:3a:e0:a2:f2:97: 80:7f:14:88:cb:ab:f1:cb:7d:ed:37:7b:ad:ca:c4:41:ce:68: d1:f7:c8:65:a8:6d:78:ff:2c:f1:a5:19:d3:7c:11:ef:37:19: f1:d5:2b:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNTgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0QzQTExMTAvBgNVBAUTKDBERTE2NzlEMjFEMzlCNjFGMDI2NTBBNDE0RUM5RDA0 NjJDNUU0MTgwHhcNMjUxMTAyMTQyNjI5WhcNMjUxMTA5MTQyNjI5WjAYMRYwFAYD VQQDEw02OTA3NmExNS02MTZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5JvUDbLlcTO3BnZfc4IguumSDIyPRvMyirmK/OTMCPDdvety5hD5C/dYYq9w +lPa7uU8J9aok+4am0RkdpWDfNSqvqjPLQWWc1dM+KGK/Q59elIc7ZhcWDkEl4RF NoQbUZt5lJm1Rh996OTILX2FsdCBety33I48gTSodYFerj2XxcACz4m6C7gxVk3R H+0dla3/nUt5kzp2kTk1VZk/dxgXGqYbihJX9o/wXPjUQXZnWw0/eptbTDzwOUYd 7ryxiQ3J/U/cNAgxnUTOwqSwcRviEYa6c6kClzMw7MgDcN2OUNNYWcrh/qDajWn1 vLj8nylW/A1TaVDO839yXVbiAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFQVBPOE T/CnAdhtcxGVFVbR4iYeMB8GA1UdIwQYMBaAFA3hZ50h05th8CZQpBTsnQRixeQY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RDNBMS82MDdBRTk1NDFE ODYxMUUyOTlCQTk0REQwOEIwMkNEMi9EZUZublNIVG0ySHdKbENrRk95ZEJHTEY1 QmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0RlRm5uU0hUbTJId0psQ2tGT3lkQkdMRjVCZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RDNBMS82MDdBRTk1NDFEODYxMUUyOTlCQTk0REQwOEIwMkNEMi9EZUZublNIVG0y SHdKbENrRk95ZEJHTEY1QmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKFKDzbpswprK4IXM3u58hz+bHMkBG0guRYePVTUcRDJfAmJc/78VB m5irk6hBTejClFJFBf39QtQrQTBXWzsl0pu8iSXBliL4jY1Bq76qKz3E/UplUycD sUVYOsPElArEqUQO01jHoT/SuFTZhWCUEa8qvTJEwmhG7TnSpf6nN7nXAjANcWK/ Rk/X5CmmatRmvLMCvDZHK/FTTA0RHoE5Z+I/NqiXzTKoNgwSvefBNn3ozEet5k9Y kz0zn/QESgh+O/vVFNZdJiq5DnHoIqWqydwtOuCi8peAfxSIy6vxy33tN3utysRB zmjR98hlqG14/yzxpRnTfBHvNxnx1SsZ -----END CERTIFICATE-----Generated at Tue Nov 4 08:19:25 2025 by rpki-client