$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft File: _whTCVKXG6BlIktSH1ZWO20hJO0.mft (raw, json) Hash identifier: Jx90ZXpY9ImCguYlXQaNaTutyjnXAeqNAaTSOtqWd20= Subject key identifier: 5B:F8:A2:90:C2:B1:1F:A3:20:2C:7B:53:BA:0E:9F:69:FB:FA:E8:DF Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0D3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft Manifest number: 0D39 Signing time: Tue 04 Nov 2025 18:07:12 +0000 Manifest this update: Tue 04 Nov 2025 18:07:12 +0000 Manifest next update: Tue 11 Nov 2025 18:07:12 +0000 Files and hashes: 1: _whTCVKXG6BlIktSH1ZWO20hJO0.crl (hash: crPwvnlY1uy7fxqyhgwnpohmnYAgqs7jtFOd/NWYDN0=) 2: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (hash: 7Dst7szyPWooV+5WFj8vI4oANvEvXDCaESLYXfhjMk0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:07:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3391 (0xd3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475, serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: Nov 4 18:07:12 2025 GMT Not After : Nov 11 18:07:12 2025 GMT Subject: CN=690a40d0-becd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:fc:1b:64:99:cb:da:1f:2b:35:d5:0e:d6:4a: 53:09:83:12:64:8d:26:d6:e8:e9:43:53:88:9b:59: a8:06:41:e0:a2:a6:a6:d8:9a:4f:2a:5e:35:43:24: 61:c6:b5:7c:c1:98:31:b4:40:9c:ab:53:c4:19:da: b1:ca:26:71:74:5c:b0:3b:cb:61:ac:9d:8b:da:b9: 1d:cd:a5:84:87:65:b2:e0:70:58:b2:49:c5:5f:b9: 8a:72:e9:70:7b:1f:04:f7:63:be:70:c6:43:57:14: 64:94:6b:c6:3c:e6:ef:81:0b:c4:ba:a3:7d:ce:5a: 87:ef:2f:b2:27:4f:4b:eb:fa:48:19:13:10:00:72: 03:d6:29:0d:ce:8a:fa:22:2e:60:55:cd:06:81:7d: 60:a4:62:08:39:78:1f:41:45:f5:fc:01:7e:10:0c: a7:42:84:34:7f:07:ef:63:5a:ea:07:4b:8c:07:33: d4:4c:fc:b3:ec:bf:e6:bc:48:dd:92:96:79:b7:22: d9:da:1f:09:74:7c:cb:95:3b:7f:1f:ba:fa:b0:88: e7:f3:23:b1:70:26:00:a7:9d:f5:51:07:24:3e:5e: 3f:a0:0b:f3:5c:ea:f5:d7:b3:d0:3c:db:40:d3:9c: f8:29:8a:11:49:da:9f:55:f7:7b:a1:74:3a:f1:48: 5f:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:F8:A2:90:C2:B1:1F:A3:20:2C:7B:53:BA:0E:9F:69:FB:FA:E8:DF X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:4e:50:ab:c7:64:51:b9:44:26:85:06:d9:8e:93:40:2d:4d: 81:59:fa:44:fb:12:2b:f0:bd:cd:57:3e:2f:5a:e8:2d:2a:8e: 4d:f5:89:e0:dc:0e:13:93:ec:c1:5f:9b:3c:03:a5:3a:3b:9f: 61:d9:f3:6a:8b:46:95:0e:73:09:d8:6e:b7:dd:63:3c:a7:42: 33:38:34:ed:4d:50:32:17:57:3d:b0:b6:32:a9:fe:57:81:d9: cf:dc:a6:58:eb:d7:ad:08:9f:25:cb:40:8e:f3:f9:50:65:4f: d8:12:c4:12:cc:6a:f1:ea:58:13:25:65:6f:a1:e9:cb:a8:56: 1b:2a:eb:37:55:51:e1:98:45:24:ab:ab:72:19:79:1e:a1:5a: fe:49:65:73:b1:86:96:50:10:e0:b7:40:86:a9:39:40:7b:4f: 2b:14:61:5f:a6:43:b8:dd:ec:90:a0:b8:a2:a4:8f:65:32:eb: 0b:04:2e:68:5f:f4:5d:1a:aa:a9:b5:d0:a4:a3:9b:2e:00:c1: 54:e3:dd:75:a8:b1:c1:9a:2f:d8:3c:74:10:b7:41:77:ca:32: 2f:14:9f:8f:1a:56:09:04:97:79:06:c1:29:3f:fd:cb:c9:5b: e9:9d:1c:94:61:72:88:c2:99:f9:1b:8d:28:46:9a:af:71:7a: 10:ac:04:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjUxMTA0MTgwNzEyWhcNMjUxMTExMTgwNzEyWjAYMRYwFAYD VQQDEw02OTBhNDBkMC1iZWNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwPwbZJnL2h8rNdUO1kpTCYMSZI0m1ujpQ1OIm1moBkHgoqam2JpPKl41QyRh xrV8wZgxtECcq1PEGdqxyiZxdFywO8thrJ2L2rkdzaWEh2Wy4HBYsknFX7mKculw ex8E92O+cMZDVxRklGvGPObvgQvEuqN9zlqH7y+yJ09L6/pIGRMQAHID1ikNzor6 Ii5gVc0GgX1gpGIIOXgfQUX1/AF+EAynQoQ0fwfvY1rqB0uMBzPUTPyz7L/mvEjd kpZ5tyLZ2h8JdHzLlTt/H7r6sIjn8yOxcCYAp531UQckPl4/oAvzXOr117PQPNtA 05z4KYoRSdqfVfd7oXQ68UhfKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFv4opDC sR+jICx7U7oOn2n7+ujfMB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTQ3NS9EQkZCM0VCNEU0MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2 QmxJa3RTSDFaV08yMGhKTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBiTlCrx2RRuUQmhQbZjpNALU2BWfpE+xIr8L3NVz4vWugtKo5N9Yng 3A4Tk+zBX5s8A6U6O59h2fNqi0aVDnMJ2G633WM8p0IzODTtTVAyF1c9sLYyqf5X gdnP3KZY69etCJ8ly0CO8/lQZU/YEsQSzGrx6lgTJWVvoenLqFYbKus3VVHhmEUk q6tyGXkeoVr+SWVzsYaWUBDgt0CGqTlAe08rFGFfpkO43eyQoLiipI9lMusLBC5o X/RdGqqptdCko5suAMFU4911qLHBmi/YPHQQt0F3yjIvFJ+PGlYJBJd5BsEpP/3L yVvpnRyUYXKIwpn5G40oRpqvcXoQrATQ -----END CERTIFICATE-----Generated at Wed Nov 5 05:48:46 2025 by rpki-client