$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: FBqVdvpSK9d9OGhSK9k1nEaLtIXruOrBe5qPRekR/o8= Subject key identifier: 3D:1E:75:AE:30:D3:CD:BE:75:56:17:B8:11:56:9A:9B:01:56:92:2F Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 083C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07FF Signing time: Tue 04 Nov 2025 21:18:19 +0000 Manifest this update: Tue 04 Nov 2025 21:18:19 +0000 Manifest next update: Tue 11 Nov 2025 21:18:19 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: x4OyBzhCgTCDT9lJ9E7ABOGaLM/oyyULB3gEd/oSGMM=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 21:18:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2108 (0x83c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Nov 4 21:18:19 2025 GMT Not After : Nov 11 21:18:19 2025 GMT Subject: CN=690a6d9b-8084 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:7c:0d:d0:84:a1:1e:05:35:2a:05:ce:55:2e: 06:4a:19:2c:09:40:8c:60:a7:26:64:1b:e5:66:6e: c3:98:f0:ad:d5:26:e2:c2:11:d5:2e:d2:38:00:bf: 5f:00:f0:7b:6f:82:6c:92:78:a5:07:aa:56:88:2a: c7:a9:69:fc:55:a0:bc:f8:60:76:9c:7a:e7:65:36: 7e:fd:47:64:78:fd:e8:06:8d:68:af:c7:54:71:ff: f0:e1:6e:29:d6:e9:4c:c3:98:75:d2:3f:1f:15:14: 98:ba:eb:ac:02:d4:4c:76:10:09:8b:db:f9:70:7b: b1:05:1c:23:48:1e:c2:b9:fd:75:ca:36:b7:51:da: ee:21:20:e0:6d:fb:3d:10:b1:ce:84:c6:07:1b:a2: 59:31:c8:fa:88:e9:4c:be:c9:9b:32:80:fc:31:98: d0:f3:c7:4e:fc:29:d7:77:19:a1:6c:2b:07:79:ac: 1d:97:12:32:c2:46:6d:c5:66:9c:47:5c:39:72:6d: 56:85:1a:44:52:33:8c:e7:b3:6b:41:01:3b:ae:a0: 4b:1d:ac:31:80:91:1d:85:cf:e8:29:ae:ae:d0:8f: 3c:db:92:7e:46:3c:51:ab:08:fc:a7:00:19:a7:b8: f8:b1:e7:08:d9:58:18:35:a7:ba:96:6c:ee:ff:cf: 04:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3D:1E:75:AE:30:D3:CD:BE:75:56:17:B8:11:56:9A:9B:01:56:92:2F X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:df:83:58:f4:ae:01:c8:35:a2:a5:04:95:98:59:16:be:23: 49:33:76:bd:a9:94:54:21:b3:bc:48:90:e5:28:ca:a9:b5:1c: 94:49:89:f8:5a:39:43:c0:2b:b4:09:d5:52:a3:41:5c:e5:40: 92:47:60:dc:22:c9:c6:fb:93:e1:24:56:b7:33:6c:5c:49:b5: df:15:cb:2a:83:e3:b3:f0:b2:ba:72:3c:8b:91:60:a8:eb:d0: 84:4e:c8:b8:b9:19:7b:d5:24:43:88:bc:25:73:6c:4c:73:60: 8f:32:7d:f2:15:9c:af:46:30:c3:28:e0:86:11:63:7b:79:e8: cb:32:1d:4b:e5:f7:e6:79:76:52:ee:24:a7:6f:0b:54:dd:20: c6:07:01:9f:64:dc:71:9e:d5:be:99:5e:c1:01:47:1c:72:3b: 25:e8:c8:7d:8e:7b:b8:8c:38:1e:de:6a:9e:5a:32:22:68:35: 77:c5:6d:69:e7:8f:e3:9c:9c:c7:0a:24:41:12:18:a0:33:44: 2d:48:db:87:1d:c8:be:81:42:0d:29:77:c7:da:5e:aa:fd:e2: ec:3d:e3:18:ec:d9:12:03:64:3b:ac:dd:f0:ba:2f:0a:e3:48: b2:4f:d4:4c:5f:ee:a5:de:4c:0b:c0:5c:85:35:33:f8:00:95: 57:df:c2:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUxMTA0MjExODE5WhcNMjUxMTExMjExODE5WjAYMRYwFAYD VQQDEw02OTBhNmQ5Yi04MDg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwnwN0IShHgU1KgXOVS4GShksCUCMYKcmZBvlZm7DmPCt1SbiwhHVLtI4AL9f APB7b4JsknilB6pWiCrHqWn8VaC8+GB2nHrnZTZ+/UdkeP3oBo1or8dUcf/w4W4p 1ulMw5h10j8fFRSYuuusAtRMdhAJi9v5cHuxBRwjSB7Cuf11yja3UdruISDgbfs9 ELHOhMYHG6JZMcj6iOlMvsmbMoD8MZjQ88dO/CnXdxmhbCsHeawdlxIywkZtxWac R1w5cm1WhRpEUjOM57NrQQE7rqBLHawxgJEdhc/oKa6u0I8825J+RjxRqwj8pwAZ p7j4secI2VgYNae6lmzu/88EgQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD0eda4w 082+dVYXuBFWmpsBVpIvMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAb34NY9K4ByDWipQSVmFkWviNJM3a9qZRUIbO8SJDlKMqptRyUSYn4 WjlDwCu0CdVSo0Fc5UCSR2DcIsnG+5PhJFa3M2xcSbXfFcsqg+Oz8LK6cjyLkWCo 69CETsi4uRl71SRDiLwlc2xMc2CPMn3yFZyvRjDDKOCGEWN7eejLMh1L5ffmeXZS 7iSnbwtU3SDGBwGfZNxxntW+mV7BAUcccjsl6Mh9jnu4jDge3mqeWjIiaDV3xW1p 54/jnJzHCiRBEhigM0QtSNuHHci+gUINKXfH2l6q/eLsPeMY7NkSA2Q7rN3wui8K 40iyT9RMX+6l3kwLwFyFNTP4AJVX38IX -----END CERTIFICATE-----Generated at Wed Nov 5 18:35:26 2025 by rpki-client