$ rpki-client -vvf rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft File: XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft (raw, json) Hash identifier: ksOiHYwcPkGfgGOZy5zg2DXbZ/aLNJO56cWicmlqF7I= Subject key identifier: 10:34:36:97:7F:F4:3F:2C:45:C5:1D:DE:5C:FF:9C:F3:A7:3F:8C:D3 Authority key identifier: 5F:1C:53:4A:EE:FF:4E:38:0C:E5:A0:9A:10:84:BF:8F:57:09:ED:08 Certificate issuer: /CN=A91A467D/serialNumber=5F1C534AEEFF4E380CE5A09A1084BF8F5709ED08 Certificate serial: 0B3A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft Manifest number: 0B33 Signing time: Tue 04 Nov 2025 19:22:21 +0000 Manifest this update: Tue 04 Nov 2025 19:22:20 +0000 Manifest next update: Tue 11 Nov 2025 19:22:20 +0000 Files and hashes: 1: XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl (hash: +NT1d/A1mfuRnQ+BIGGv53FixP/FgdfDudakfKbZeJw=) 2: 43272DE249AA11EABABC8610C4F9AE02.roa (hash: ArNuSAGS500F2Au8BkBemb4Fqw5PMgC4H5tbUjnLNK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:22:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2874 (0xb3a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A467D, serialNumber=5F1C534AEEFF4E380CE5A09A1084BF8F5709ED08 Validity Not Before: Nov 4 19:22:20 2025 GMT Not After : Nov 11 19:22:20 2025 GMT Subject: CN=690a526d-55e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:ea:7b:fb:96:e0:34:0e:f8:32:f7:ec:05:57: a1:ae:35:dd:23:2a:21:dd:1c:42:8f:8f:ab:ca:a9: cd:f5:1f:96:03:11:92:5b:ba:22:25:a4:10:b4:13: 23:dd:1e:81:3a:48:2d:6a:01:0b:ac:8c:8d:7d:7b: 61:c0:4a:1d:8b:28:b1:21:d6:44:ea:78:f6:f2:7c: 16:2e:f5:c7:8c:6e:9f:2b:df:72:ac:48:af:0b:a9: 6f:4a:78:31:ec:95:27:fd:77:fc:b2:bb:26:74:bb: f2:b0:66:73:95:13:59:1c:54:65:8c:d2:b9:1e:72: cd:bc:ef:a2:80:8e:7a:7b:fb:45:00:f5:75:97:2a: 8a:e4:c1:b8:1d:4e:48:25:8c:9d:3f:96:dc:f6:c7: 5a:61:fc:18:a1:01:7a:ad:66:33:30:d0:13:da:62: f2:76:ff:fa:3f:1a:c8:c6:d0:ea:56:07:fe:cc:a9: a0:3a:53:dc:fb:1f:de:07:89:5a:44:f2:53:b0:47: bb:12:0f:ee:17:d7:53:e1:5b:59:d6:2b:de:bf:30: 5a:d1:f3:5d:4d:57:c5:1c:cc:88:67:2e:5c:9f:e6: 51:65:38:87:50:a3:26:38:7f:8d:1c:6d:3c:66:2e: 4a:3a:7d:28:42:b8:53:26:e2:23:c1:c6:4b:ee:78: a2:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 10:34:36:97:7F:F4:3F:2C:45:C5:1D:DE:5C:FF:9C:F3:A7:3F:8C:D3 X509v3 Authority Key Identifier: keyid:5F:1C:53:4A:EE:FF:4E:38:0C:E5:A0:9A:10:84:BF:8F:57:09:ED:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A467D/848E7D1849A911EAA6FDD30FC4F9AE02/XxxTSu7_TjgM5aCaEIS_j1cJ7Qg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d9:7a:52:0f:c5:f6:85:69:9a:a4:d3:12:6f:b5:c4:e3:e6:fb: b4:9b:f7:e1:e5:a3:55:78:46:a2:23:d1:d0:28:f5:7d:46:df: cd:37:cc:79:08:b5:ee:7f:61:4b:84:5f:20:8c:d0:0f:4b:52: e6:3e:4f:29:c3:a5:93:24:39:e7:89:86:64:55:0c:af:02:a8: af:fd:87:e6:78:75:dc:98:35:01:05:6c:ca:79:1d:40:d7:76: a9:4e:06:b5:be:ef:5d:dd:1e:be:c7:6f:2a:a0:78:fe:e2:89: d5:e7:b8:33:be:0a:b7:7a:41:64:dd:72:3a:1a:28:70:e0:06: 09:2a:34:d8:1d:25:3b:1f:fd:ee:b0:2b:06:3f:41:64:ed:eb: 75:fc:ba:42:e6:1b:64:6d:9d:79:03:67:6c:1a:11:26:33:04: 9d:d0:f4:b7:99:87:6c:83:4b:be:12:53:9f:b8:34:10:e0:cb: 36:21:fa:db:64:71:ee:88:6f:ea:eb:b5:29:b1:93:e7:16:a7: 94:96:27:5f:b6:35:04:1e:dc:60:cf:b9:46:03:ad:01:ac:48: e8:be:20:dd:45:fb:11:d9:93:da:04:9b:cc:0a:7a:3f:59:93: 96:b4:04:d8:78:38:e6:6d:e5:d1:7f:b9:1a:9b:cf:00:ce:c3: 1d:a6:1b:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCzowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ2N0QxMTAvBgNVBAUTKDVGMUM1MzRBRUVGRjRFMzgwQ0U1QTA5QTEwODRCRjhG NTcwOUVEMDgwHhcNMjUxMTA0MTkyMjIwWhcNMjUxMTExMTkyMjIwWjAYMRYwFAYD VQQDEw02OTBhNTI2ZC01NWU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvOp7+5bgNA74MvfsBVehrjXdIyoh3RxCj4+ryqnN9R+WAxGSW7oiJaQQtBMj 3R6BOkgtagELrIyNfXthwEodiyixIdZE6nj28nwWLvXHjG6fK99yrEivC6lvSngx 7JUn/Xf8srsmdLvysGZzlRNZHFRljNK5HnLNvO+igI56e/tFAPV1lyqK5MG4HU5I JYydP5bc9sdaYfwYoQF6rWYzMNAT2mLydv/6PxrIxtDqVgf+zKmgOlPc+x/eB4la RPJTsEe7Eg/uF9dT4VtZ1ivevzBa0fNdTVfFHMyIZy5cn+ZRZTiHUKMmOH+NHG08 Zi5KOn0oQrhTJuIjwcZL7niiOQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBA0Npd/ 9D8sRcUd3lz/nPOnP4zTMB8GA1UdIwQYMBaAFF8cU0ru/044DOWgmhCEv49XCe0I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDY3RC84NDhFN0QxODQ5 QTkxMUVBQTZGREQzMEZDNEY5QUUwMi9YeHhUU3U3X1RqZ001YUNhRUlTX2oxY0o3 UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h4eFRTdTdfVGpnTTVhQ2FFSVNfajFjSjdRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDY3RC84NDhFN0QxODQ5QTkxMUVBQTZGREQzMEZDNEY5QUUwMi9YeHhUU3U3X1Rq Z001YUNhRUlTX2oxY0o3UWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDZelIPxfaFaZqk0xJvtcTj5vu0m/fh5aNVeEaiI9HQKPV9Rt/NN8x5 CLXuf2FLhF8gjNAPS1LmPk8pw6WTJDnniYZkVQyvAqiv/YfmeHXcmDUBBWzKeR1A 13apTga1vu9d3R6+x28qoHj+4onV57gzvgq3ekFk3XI6Gihw4AYJKjTYHSU7H/3u sCsGP0Fk7et1/LpC5htkbZ15A2dsGhEmMwSd0PS3mYdsg0u+ElOfuDQQ4Ms2Ifrb ZHHuiG/q67UpsZPnFqeUlidftjUEHtxgz7lGA60BrEjoviDdRfsR2ZPaBJvMCno/ WZOWtATYeDjmbeXRf7kam88AzsMdphu5 -----END CERTIFICATE-----Generated at Wed Nov 5 13:47:02 2025 by rpki-client