$ rpki-client -vvf rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft File: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft (raw, json) Hash identifier: AMau72pq/8iSi3MwXjP6qRh93dHft8xlw/db0tjxJE4= Subject key identifier: DC:1F:8C:55:0F:F7:18:22:77:36:7D:40:DE:AC:BD:23:54:99:14:C6 Authority key identifier: CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 Certificate issuer: /CN=A919B5BB/serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Certificate serial: 2127 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft Manifest number: 211B Signing time: Tue 04 Nov 2025 16:02:10 +0000 Manifest this update: Tue 04 Nov 2025 16:02:10 +0000 Manifest next update: Tue 11 Nov 2025 16:02:10 +0000 Files and hashes: 1: ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl (hash: ity1w5L1OaP1jfhLTd51gZ3RvkQKA5kHjyfllYMB12U=) 2: C49E2E22FF0111E591C15659C4F9AE02.roa (hash: oBzh3F7vXr0+lbZGHQqiGoRJzyM9Q1R1dON0koDXQXQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:02:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8487 (0x2127) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919B5BB, serialNumber=CAC4478F0FDD9AE41E24E9FC67F851FF43C33309 Validity Not Before: Nov 4 16:02:10 2025 GMT Not After : Nov 11 16:02:10 2025 GMT Subject: CN=690a2382-ca74 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:fe:8b:2b:bb:7a:cf:3b:05:a7:d8:47:f1:ee: 16:37:18:6c:fd:38:c5:38:5c:52:d0:37:85:f6:6f: 31:ef:46:81:08:7d:45:d5:33:fb:bc:ab:34:6a:36: e5:72:62:5d:aa:32:d8:5f:a3:56:64:1a:d1:35:7a: 80:2b:00:ed:1e:6e:30:2d:98:4c:cc:88:10:d7:fe: 6e:13:a4:8a:16:1e:23:66:03:37:7c:9d:41:97:0b: 4d:6b:d9:e1:a9:51:0f:eb:c5:09:17:3f:1e:42:11: 29:01:2f:d6:d3:27:c6:ff:bb:f4:ff:9f:bf:d9:3c: d6:20:24:ce:bf:77:7f:1c:94:f7:9c:b7:ea:81:3c: 86:29:a5:39:9d:5f:1d:a9:d7:67:86:82:a2:8f:75: 97:b6:96:0b:70:42:ae:b6:59:1d:5c:db:cd:f8:66: 2c:87:61:a1:26:8b:1a:27:b6:e2:b5:58:55:ce:f3: c1:e8:87:05:e8:21:03:95:24:f0:78:99:8e:96:5d: 1b:79:77:d1:aa:3f:3b:1a:03:f1:6f:6a:66:a6:93: 6d:8b:54:80:ce:32:bf:69:f6:26:60:6f:a6:eb:52: 56:71:08:b6:0f:38:e8:17:0d:c5:19:21:6d:03:d9: e3:f3:c8:c0:f2:8d:27:ce:78:e2:20:a2:dd:ba:9e: d3:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:1F:8C:55:0F:F7:18:22:77:36:7D:40:DE:AC:BD:23:54:99:14:C6 X509v3 Authority Key Identifier: keyid:CA:C4:47:8F:0F:DD:9A:E4:1E:24:E9:FC:67:F8:51:FF:43:C3:33:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919B5BB/44BBC14CFF0111E5B1CFB058C4F9AE02/ysRHjw_dmuQeJOn8Z_hR_0PDMwk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:bb:ee:4f:98:bc:4c:dd:a0:c2:ab:f8:66:88:c9:7a:c0:1f: 33:b6:45:2c:cb:87:ac:70:35:56:f4:e0:0f:f6:31:cc:4f:4e: 1c:ab:87:f8:06:d3:19:81:a3:30:85:46:b2:1b:30:99:ca:69: 0f:41:7a:ca:da:08:0a:f2:39:35:95:2c:f6:90:08:29:c5:06: fc:5e:13:0e:ee:f6:5a:63:10:57:e9:09:fb:67:ef:df:01:e7: cb:a7:17:97:63:d7:2e:0e:1c:13:98:83:28:b9:e4:ec:6e:32: dd:94:e4:69:a4:d0:84:52:7d:0d:4e:ca:43:5b:65:7f:d4:c6: 57:2e:69:70:07:d2:30:8d:19:ed:f0:ea:25:88:fe:48:86:da: 7c:21:df:55:88:d6:1f:b0:67:32:34:8b:93:5b:59:bd:9b:5e: 16:18:77:48:04:1a:90:ab:b0:88:f7:1f:4e:1d:c8:c3:ea:77: 6c:6b:d4:72:43:16:d3:dc:0d:20:50:2b:5e:eb:7f:c9:5c:50: 2b:b0:56:19:67:3c:08:88:e0:3c:32:72:3f:42:e1:8d:dd:09: 28:15:a6:75:9b:eb:83:9f:e8:95:7d:ae:3a:7d:96:b5:5c:8b: 68:b1:5f:01:e0:6f:0e:4d:72:46:91:15:be:09:27:32:af:b2: e6:40:b7:bb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICIScwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUI1QkIxMTAvBgNVBAUTKENBQzQ0NzhGMEZERDlBRTQxRTI0RTlGQzY3Rjg1MUZG NDNDMzMzMDkwHhcNMjUxMTA0MTYwMjEwWhcNMjUxMTExMTYwMjEwWjAYMRYwFAYD VQQDEw02OTBhMjM4Mi1jYTc0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn/6LK7t6zzsFp9hH8e4WNxhs/TjFOFxS0DeF9m8x70aBCH1F1TP7vKs0ajbl cmJdqjLYX6NWZBrRNXqAKwDtHm4wLZhMzIgQ1/5uE6SKFh4jZgM3fJ1BlwtNa9nh qVEP68UJFz8eQhEpAS/W0yfG/7v0/5+/2TzWICTOv3d/HJT3nLfqgTyGKaU5nV8d qddnhoKij3WXtpYLcEKutlkdXNvN+GYsh2GhJosaJ7bitVhVzvPB6IcF6CEDlSTw eJmOll0beXfRqj87GgPxb2pmppNti1SAzjK/afYmYG+m61JWcQi2DzjoFw3FGSFt A9nj88jA8o0nznjiIKLdup7TrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNwfjFUP 9xgidzZ9QN6svSNUmRTGMB8GA1UdIwQYMBaAFMrER48P3ZrkHiTp/Gf4Uf9DwzMJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QjVCQi80NEJCQzE0Q0ZG MDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11UWVKT244Wl9oUl8wUERN d2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzUkhqd19kbXVRZUpPbjhaX2hSXzBQRE13ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QjVCQi80NEJCQzE0Q0ZGMDExMUU1QjFDRkIwNThDNEY5QUUwMi95c1JIandfZG11 UWVKT244Wl9oUl8wUERNd2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAau+5PmLxM3aDCq/hmiMl6wB8ztkUsy4escDVW9OAP9jHMT04cq4f4 BtMZgaMwhUayGzCZymkPQXrK2ggK8jk1lSz2kAgpxQb8XhMO7vZaYxBX6Qn7Z+/f AefLpxeXY9cuDhwTmIMoueTsbjLdlORppNCEUn0NTspDW2V/1MZXLmlwB9IwjRnt 8OoliP5Ihtp8Id9ViNYfsGcyNIuTW1m9m14WGHdIBBqQq7CI9x9OHcjD6ndsa9Ry QxbT3A0gUCte63/JXFArsFYZZzwIiOA8MnI/QuGN3QkoFaZ1m+uDn+iVfa46fZa1 XItosV8B4G8OTXJGkRW+CScyr7LmQLe7 -----END CERTIFICATE-----Generated at Wed Nov 5 20:46:33 2025 by rpki-client