$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft File: XDlbosoKv2WIhyaHTHgktpt4mZU.mft (raw, json) Hash identifier: mhaSBw0WZVd8+7HXJ5Lo9bjOFcNUIje8insugTx+DBU= Subject key identifier: 8B:72:47:9D:61:2F:56:34:85:AA:D5:48:4D:97:9D:0C:AB:C6:BE:3E Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 Certificate issuer: /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Certificate serial: 0E97 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft Manifest number: 0E8A Signing time: Sun 02 Nov 2025 17:43:26 +0000 Manifest this update: Sun 02 Nov 2025 17:43:25 +0000 Manifest next update: Sun 09 Nov 2025 17:43:25 +0000 Files and hashes: 1: XDlbosoKv2WIhyaHTHgktpt4mZU.crl (hash: j5yv1l8fvI1mkWLQJiig/ZFk18U9HEGGCV802l7bRJw=) 2: AECDA1B0448F11EDACC30815C4F9AE02.roa (hash: xirIMjuaHIPZj6jpdJVKaFKfHlsVW3gI4qvEhU2Je88=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:43:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3735 (0xe97) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E66E5, serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Validity Not Before: Nov 2 17:43:25 2025 GMT Not After : Nov 9 17:43:25 2025 GMT Subject: CN=6907983d-8f25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f0:a6:0c:f9:36:ad:ef:ec:83:02:9b:67:bc:96: a2:78:e9:33:92:dc:b5:fd:84:5c:ef:b4:0a:55:74: 10:e0:97:18:c6:77:31:4f:20:e2:91:be:83:63:b3: a2:9c:25:bf:de:f5:e4:61:73:95:d8:a5:95:9c:57: 89:eb:36:d3:d8:b9:fb:88:e3:89:2e:52:8b:ce:b9: 87:62:76:07:6f:83:fd:e7:a3:c8:1b:a0:a3:b6:d2: b6:16:f9:58:df:8c:75:e1:6b:b4:a3:02:4d:c1:9a: f5:ca:51:be:47:8c:4e:cf:24:16:e4:94:61:2b:b3: 15:79:08:e0:0e:77:cc:bf:43:2f:ca:b6:50:d8:cf: 3d:59:0c:f4:f0:60:59:ad:a8:57:74:9d:20:b4:88: 45:ee:fe:1f:ad:63:5a:da:4f:e3:5a:8f:b3:de:4f: de:56:e5:e3:cb:24:34:99:c3:7c:87:e0:5d:28:01: 36:0a:39:33:84:06:be:1d:05:7f:de:bb:20:21:1d: 02:70:9d:d6:b9:d7:43:39:af:b1:af:0e:ef:90:4d: bc:56:ea:e1:19:a0:96:41:6e:62:f7:ec:29:14:e8: 54:00:7e:4a:ef:86:b8:ce:7a:82:a2:f7:44:49:2f: c7:8a:bb:90:88:12:fb:5b:72:7a:da:e1:49:c8:11: 29:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:72:47:9D:61:2F:56:34:85:AA:D5:48:4D:97:9D:0C:AB:C6:BE:3E X509v3 Authority Key Identifier: keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:ce:b5:ec:46:d4:60:76:66:ea:be:7e:da:f7:87:1f:98:ac: 3f:c0:d4:32:4f:74:f7:d7:0e:13:3b:f3:0c:c9:77:36:86:66: 84:53:74:7f:c7:bf:62:87:a8:dd:65:11:47:8c:c0:34:54:a7: 54:27:b5:25:d1:d7:98:6e:77:93:b2:e7:24:4f:d1:5f:03:41: 8d:61:54:7b:c2:95:cb:84:4d:18:76:b5:1c:33:f6:a5:37:4a: d5:7a:b8:22:3c:bf:dc:56:86:a4:5f:52:59:85:97:40:b5:59: ee:ee:62:7c:a9:ab:fc:e9:10:48:1d:7a:b4:9a:40:ce:dd:9e: a3:80:2e:6b:29:73:d4:5e:75:2f:43:f8:54:54:05:f4:52:ba: 5d:b4:61:24:87:97:c4:90:67:6e:e4:f1:73:d5:cf:24:88:33: 46:a1:d4:ae:be:82:42:2e:4d:0c:0e:41:7b:d0:60:b2:20:30: 76:6f:33:2c:47:d9:17:47:3f:a5:29:46:b2:e5:db:bd:b4:10: f8:1a:77:c2:ea:6f:6b:43:4d:d1:21:24:1d:b6:b7:0a:0b:28: e4:7c:a5:dd:28:25:bc:63:ee:5a:41:53:a7:0b:af:0f:2b:94: 74:25:3d:22:c5:04:aa:40:95:6e:60:01:b0:15:58:d3:9f:dd: ce:bd:5d:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDpcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2 OUI3ODk5OTUwHhcNMjUxMTAyMTc0MzI1WhcNMjUxMTA5MTc0MzI1WjAYMRYwFAYD VQQDEw02OTA3OTgzZC04ZjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8KYM+Tat7+yDAptnvJaieOkzkty1/YRc77QKVXQQ4JcYxncxTyDikb6DY7Oi nCW/3vXkYXOV2KWVnFeJ6zbT2Ln7iOOJLlKLzrmHYnYHb4P956PIG6CjttK2FvlY 34x14Wu0owJNwZr1ylG+R4xOzyQW5JRhK7MVeQjgDnfMv0MvyrZQ2M89WQz08GBZ rahXdJ0gtIhF7v4frWNa2k/jWo+z3k/eVuXjyyQ0mcN8h+BdKAE2CjkzhAa+HQV/ 3rsgIR0CcJ3WuddDOa+xrw7vkE28VurhGaCWQW5i9+wpFOhUAH5K74a4znqCovdE SS/HiruQiBL7W3J62uFJyBEpWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFItyR51h L1Y0harVSE2XnQyrxr4+MB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NjZFNS81NjQzMDU4NkEyNzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3Yy V0loeWFIVEhna3RwdDRtWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/zrXsRtRgdmbqvn7a94cfmKw/wNQyT3T31w4TO/MMyXc2hmaEU3R/ x79ih6jdZRFHjMA0VKdUJ7Ul0deYbneTsuckT9FfA0GNYVR7wpXLhE0YdrUcM/al N0rVergiPL/cVoakX1JZhZdAtVnu7mJ8qav86RBIHXq0mkDO3Z6jgC5rKXPUXnUv Q/hUVAX0UrpdtGEkh5fEkGdu5PFz1c8kiDNGodSuvoJCLk0MDkF70GCyIDB2bzMs R9kXRz+lKUay5du9tBD4GnfC6m9rQ03RISQdtrcKCyjkfKXdKCW8Y+5aQVOnC68P K5R0JT0ixQSqQJVuYAGwFVjTn93OvV2R -----END CERTIFICATE-----Generated at Tue Nov 4 12:44:32 2025 by rpki-client