$ rpki-client -vvf rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft File: C33smHxhdR0-2h2_PnwipzoV3u0.mft (raw, json) Hash identifier: P6fMaYZZCayvJnlJoLzkPbDOkkSy2ne1ii/bFtANYZo= Subject key identifier: 55:DE:59:9A:09:18:B0:D4:A0:C6:D6:CC:77:C6:52:07:31:34:C0:B8 Authority key identifier: 0B:7D:EC:98:7C:61:75:1D:3E:DA:1D:BF:3E:7C:22:A7:3A:15:DE:ED Certificate issuer: /CN=A91C0E57/serialNumber=0B7DEC987C61751D3EDA1DBF3E7C22A73A15DEED Certificate serial: 052D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft Manifest number: 0526 Signing time: Tue 04 Nov 2025 23:44:23 +0000 Manifest this update: Tue 04 Nov 2025 23:44:23 +0000 Manifest next update: Tue 11 Nov 2025 23:44:23 +0000 Files and hashes: 1: C33smHxhdR0-2h2_PnwipzoV3u0.crl (hash: o4FJxnnJTFygBIjIgYDfm76RORLWQpmJZMm6r1WqhPI=) 2: 60A8F48A25D211ECB2CCF633C4F9AE02.roa (hash: DBSMAaVKSu+pqc7fO689Fw0nJpqzkZ1jfjGBu9BRx34=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.crl rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:44:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1325 (0x52d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C0E57, serialNumber=0B7DEC987C61751D3EDA1DBF3E7C22A73A15DEED Validity Not Before: Nov 4 23:44:23 2025 GMT Not After : Nov 11 23:44:23 2025 GMT Subject: CN=690a8fd7-a796 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:a0:cc:ef:21:30:58:c7:6c:18:cb:ff:9a:ed: 61:56:1a:0b:9c:b0:47:2d:bd:18:21:1e:89:2a:b9: b3:3a:99:94:29:e4:1a:3f:35:be:a5:f6:ab:de:2a: 23:1b:9e:27:2f:72:ca:8c:e9:ce:5d:e0:ef:7d:8b: 79:d9:6d:16:0f:17:21:a4:49:fc:78:15:04:2e:00: 4c:30:e4:b0:ad:d8:ea:77:f8:9e:35:25:0f:40:9f: b5:14:f7:df:09:c8:a9:a1:3f:e3:e6:f8:ea:89:bb: 9d:09:bd:da:68:aa:98:1e:eb:e6:2d:02:2f:96:91: 05:a4:dd:47:ed:56:9a:8a:9c:49:28:98:27:0a:af: ae:a0:97:8a:eb:01:63:f9:38:58:20:f8:cd:ed:28: 98:32:26:56:ff:c8:13:e6:e9:9f:2e:7f:6f:45:bd: e1:ed:a6:41:db:83:b1:5d:db:ed:88:e6:29:fd:a5: 40:20:de:6f:05:cc:a0:f6:7b:44:92:5f:8c:f8:67: 4b:d3:69:eb:9b:06:87:13:2e:b3:77:17:ed:52:46: c5:3f:d4:08:13:3e:d1:fa:b8:f6:ca:81:5a:ec:7c: 33:4f:18:89:b8:79:25:60:0b:66:fe:c9:4c:79:bf: ef:ec:30:60:c4:63:47:f5:93:d7:e8:47:6f:1c:d0: 08:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 55:DE:59:9A:09:18:B0:D4:A0:C6:D6:CC:77:C6:52:07:31:34:C0:B8 X509v3 Authority Key Identifier: keyid:0B:7D:EC:98:7C:61:75:1D:3E:DA:1D:BF:3E:7C:22:A7:3A:15:DE:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C33smHxhdR0-2h2_PnwipzoV3u0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C0E57/FCC18A14204E11ECB13EE17AC4F9AE02/C33smHxhdR0-2h2_PnwipzoV3u0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:d6:3e:7c:ec:90:f4:2e:05:a7:29:d1:ac:fd:3b:2d:84:66: 51:73:95:f9:c7:64:eb:bd:4e:9a:4a:2f:c6:32:71:21:ba:9b: 88:3b:e9:63:46:6c:2c:d7:b0:b1:81:ef:79:09:76:c3:65:3a: 35:57:80:5a:19:5d:3c:87:c1:e7:cd:6f:60:c9:45:5f:71:72: ff:20:4e:45:3b:4f:0a:1b:bd:0f:ba:82:3b:47:55:54:f9:1d: 20:68:fa:04:4c:eb:02:d3:b9:1e:90:51:2c:b1:f4:d0:36:37: 8b:b2:72:f0:d4:3c:50:3b:b0:3d:d2:96:f4:a0:02:4a:73:e7: e3:43:46:fa:94:ee:ab:c0:fc:c3:4a:c9:fc:c5:ac:37:da:58: 9e:0a:f9:d0:71:d2:c1:86:b1:97:4b:37:4d:a2:cc:d6:26:a5: c4:7c:21:c3:e4:ca:8f:09:2f:d0:11:b6:2c:c0:a6:0a:83:d2: d0:fb:78:2d:f9:36:26:3f:86:0c:79:cd:6a:b7:75:0f:05:9c: 01:64:d0:44:5a:a8:d4:bb:71:f6:2d:30:90:d3:d6:9d:1d:fe: 4b:ab:55:5c:0f:3e:dc:72:c8:a2:03:12:c0:94:4a:6b:32:ff: c1:0a:ad:7a:e0:f9:38:bb:f9:a8:2d:1b:d2:d1:94:cb:3a:23: 7b:e4:ef:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBS0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzBFNTcxMTAvBgNVBAUTKDBCN0RFQzk4N0M2MTc1MUQzRURBMURCRjNFN0MyMkE3 M0ExNURFRUQwHhcNMjUxMTA0MjM0NDIzWhcNMjUxMTExMjM0NDIzWjAYMRYwFAYD VQQDEw02OTBhOGZkNy1hNzk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq6DM7yEwWMdsGMv/mu1hVhoLnLBHLb0YIR6JKrmzOpmUKeQaPzW+pfar3ioj G54nL3LKjOnOXeDvfYt52W0WDxchpEn8eBUELgBMMOSwrdjqd/ieNSUPQJ+1FPff CcipoT/j5vjqibudCb3aaKqYHuvmLQIvlpEFpN1H7VaaipxJKJgnCq+uoJeK6wFj +ThYIPjN7SiYMiZW/8gT5umfLn9vRb3h7aZB24OxXdvtiOYp/aVAIN5vBcyg9ntE kl+M+GdL02nrmwaHEy6zdxftUkbFP9QIEz7R+rj2yoFa7HwzTxiJuHklYAtm/slM eb/v7DBgxGNH9ZPX6EdvHNAIKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFXeWZoJ GLDUoMbWzHfGUgcxNMC4MB8GA1UdIwQYMBaAFAt97Jh8YXUdPtodvz58Iqc6Fd7t MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMEU1Ny9GQ0MxOEExNDIw NEUxMUVDQjEzRUUxN0FDNEY5QUUwMi9DMzNzbUh4aGRSMC0yaDJfUG53aXB6b1Yz dTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MzM3NtSHhoZFIwLTJoMl9QbndpcHpvVjN1MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MEU1Ny9GQ0MxOEExNDIwNEUxMUVDQjEzRUUxN0FDNEY5QUUwMi9DMzNzbUh4aGRS MC0yaDJfUG53aXB6b1YzdTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAI1j587JD0LgWnKdGs/TsthGZRc5X5x2TrvU6aSi/GMnEhupuIO+lj Rmws17Cxge95CXbDZTo1V4BaGV08h8HnzW9gyUVfcXL/IE5FO08KG70PuoI7R1VU +R0gaPoETOsC07kekFEssfTQNjeLsnLw1DxQO7A90pb0oAJKc+fjQ0b6lO6rwPzD Ssn8xaw32lieCvnQcdLBhrGXSzdNoszWJqXEfCHD5MqPCS/QEbYswKYKg9LQ+3gt +TYmP4YMec1qt3UPBZwBZNBEWqjUu3H2LTCQ09adHf5Lq1VcDz7ccsiiAxLAlEpr Mv/BCq164Pk4u/moLRvS0ZTLOiN75O8K -----END CERTIFICATE-----Generated at Wed Nov 5 17:55:57 2025 by rpki-client