$ rpki-client -vvf rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft File: dd3NDNRiWKwZGsOQoskl2MA1qFc.mft (raw, json) Hash identifier: vkTu3KP97jJg71dDqQhtQ1YDFspbFxqLDXWJiv47fbc= Subject key identifier: 83:1B:05:A1:25:87:B0:A1:79:21:8F:E2:1E:C5:05:F3:FA:87:ED:D1 Authority key identifier: 75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 Certificate issuer: /CN=A917E04F/serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Certificate serial: 0ECE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft Manifest number: 0EC6 Signing time: Tue 04 Nov 2025 17:44:02 +0000 Manifest this update: Tue 04 Nov 2025 17:44:01 +0000 Manifest next update: Tue 11 Nov 2025 17:44:01 +0000 Files and hashes: 1: dd3NDNRiWKwZGsOQoskl2MA1qFc.crl (hash: ykWm64rKX2XxHgHHtNo+b7L0eq8yqEch8Ysr7OTl3+U=) 2: 9C9389D4970311E9B7D3DE5AC4F9AE02.roa (hash: 0msFIFHq8Bi6Dy0orrBJDRYbRJioucs5FAZf2jEryJs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:44:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3790 (0xece) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E04F, serialNumber=75DDCD0CD46258AC191AC390A2C925D8C035A857 Validity Not Before: Nov 4 17:44:01 2025 GMT Not After : Nov 11 17:44:01 2025 GMT Subject: CN=690a3b61-d2e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:48:e4:b8:49:96:6c:cc:ea:0d:f5:12:db:96: 9d:ce:5c:a5:96:f3:20:87:93:a9:e2:87:67:b0:62: 9e:fc:fc:b2:65:8e:f5:ba:3b:90:53:bb:3c:bc:ff: 8f:66:49:02:32:db:32:70:53:b8:31:9b:a2:a9:3f: b5:56:db:04:1c:54:1b:aa:df:87:65:a5:ea:1f:45: f9:ea:7f:ac:24:75:c8:4b:4f:2b:aa:c8:1b:3e:4c: 43:6c:82:6d:c3:ef:cd:3e:c7:21:c4:81:f5:53:cd: 31:23:3d:4b:55:e4:55:23:82:90:94:ca:35:2d:7d: 55:53:0c:d7:ee:d2:e4:45:81:5a:06:a7:c9:91:39: ee:d8:b4:ef:cb:bc:cd:31:5c:46:93:46:c4:60:59: 44:6a:8f:60:43:65:38:2f:22:e9:5d:17:ce:31:77: 82:c6:5a:70:dd:c8:56:43:84:92:6f:a7:66:43:9b: 6a:96:98:cc:f9:c6:71:67:44:d5:08:98:53:e2:b5: 97:75:fe:8b:93:4d:05:4b:86:19:e3:f2:7d:48:d3: 9f:07:f6:4b:4c:74:0b:53:89:54:8b:04:b0:fa:d9: 5f:82:46:ad:1e:61:64:52:d2:eb:1e:0a:13:f5:ff: e0:e2:2a:68:3b:7b:71:3e:74:b4:e1:cb:9e:8f:67: dc:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:1B:05:A1:25:87:B0:A1:79:21:8F:E2:1E:C5:05:F3:FA:87:ED:D1 X509v3 Authority Key Identifier: keyid:75:DD:CD:0C:D4:62:58:AC:19:1A:C3:90:A2:C9:25:D8:C0:35:A8:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/dd3NDNRiWKwZGsOQoskl2MA1qFc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E04F/418537F4970311E9B4B7B25AC4F9AE02/dd3NDNRiWKwZGsOQoskl2MA1qFc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:d2:55:a0:65:2c:f9:46:81:ee:4b:bd:c8:0e:24:7c:9a:38: e5:b9:2c:d7:8a:62:02:d9:27:6b:01:47:b9:74:30:0d:36:77: 3e:82:c8:7d:ef:e4:7a:13:7b:10:f1:c3:24:ba:65:54:86:26: 9f:a7:22:01:27:3c:b0:e2:b0:13:f7:69:e5:ab:c0:ce:e9:f7: 2e:a2:02:b3:c6:82:df:e0:03:e9:e0:12:37:4a:4f:74:d7:f5: 48:97:b8:ce:bb:e3:3d:61:8e:82:d6:dd:03:fc:a1:d1:6a:ca: 3e:7f:1f:05:30:5d:86:cd:36:ed:58:1e:ae:1a:07:82:89:c1: a7:7b:da:12:ad:4d:fc:fe:a6:5a:d4:8c:94:dd:a9:ea:32:a7: 60:a4:b9:f5:89:d6:d6:af:47:95:6e:03:b5:81:cf:3a:80:ed: d5:92:f4:00:29:4a:83:25:e3:c1:4f:28:1f:22:52:16:81:cf: a8:d8:22:f3:e4:99:9c:49:9f:88:fc:f5:7b:42:6c:67:6d:a1: c8:1a:08:a8:b6:f8:84:81:35:e8:2f:b2:00:a1:79:cb:64:27: cb:eb:de:f8:e5:a5:4e:91:be:b3:e7:3e:be:ce:7c:81:e0:39: 92:30:5c:76:2e:27:03:3f:fd:fc:ea:53:92:ca:4c:14:7b:cb: 42:c3:e6:f3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDs4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0UwNEYxMTAvBgNVBAUTKDc1RERDRDBDRDQ2MjU4QUMxOTFBQzM5MEEyQzkyNUQ4 QzAzNUE4NTcwHhcNMjUxMTA0MTc0NDAxWhcNMjUxMTExMTc0NDAxWjAYMRYwFAYD VQQDEw02OTBhM2I2MS1kMmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAykjkuEmWbMzqDfUS25adzlyllvMgh5Op4odnsGKe/PyyZY71ujuQU7s8vP+P ZkkCMtsycFO4MZuiqT+1VtsEHFQbqt+HZaXqH0X56n+sJHXIS08rqsgbPkxDbIJt w+/NPschxIH1U80xIz1LVeRVI4KQlMo1LX1VUwzX7tLkRYFaBqfJkTnu2LTvy7zN MVxGk0bEYFlEao9gQ2U4LyLpXRfOMXeCxlpw3chWQ4SSb6dmQ5tqlpjM+cZxZ0TV CJhT4rWXdf6Lk00FS4YZ4/J9SNOfB/ZLTHQLU4lUiwSw+tlfgkatHmFkUtLrHgoT 9f/g4ipoO3txPnS04cuej2fcTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIMbBaEl h7CheSGP4h7FBfP6h+3RMB8GA1UdIwQYMBaAFHXdzQzUYlisGRrDkKLJJdjANahX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTA0Ri80MTg1MzdGNDk3 MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdLd1pHc09Rb3NrbDJNQTFx RmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2RkM05ETlJpV0t3WkdzT1Fvc2tsMk1BMXFGYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTA0Ri80MTg1MzdGNDk3MDMxMUU5QjRCN0IyNUFDNEY5QUUwMi9kZDNORE5SaVdL d1pHc09Rb3NrbDJNQTFxRmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAG0lWgZSz5RoHuS73IDiR8mjjluSzXimIC2SdrAUe5dDANNnc+gsh9 7+R6E3sQ8cMkumVUhiafpyIBJzyw4rAT92nlq8DO6fcuogKzxoLf4APp4BI3Sk90 1/VIl7jOu+M9YY6C1t0D/KHRaso+fx8FMF2GzTbtWB6uGgeCicGne9oSrU38/qZa 1IyU3anqMqdgpLn1idbWr0eVbgO1gc86gO3VkvQAKUqDJePBTygfIlIWgc+o2CLz 5JmcSZ+I/PV7QmxnbaHIGgiotviEgTXoL7IAoXnLZCfL69745aVOkb6z5z6+znyB 4DmSMFx2LicDP/386lOSykwUe8tCw+bz -----END CERTIFICATE-----Generated at Wed Nov 5 17:56:52 2025 by rpki-client