$ rpki-client -vvf rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft File: Xtho2ocq-NaWpcGp-ngp9lJzynk.mft (raw, json) Hash identifier: jBUIQGyArWTwibiH+FdRMBPNgqPTHlB4fhYXxa2+9oE= Subject key identifier: F6:A5:D4:09:C6:6C:EF:AE:B2:79:34:25:FD:8A:C4:60:42:40:23:45 Authority key identifier: 5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79 Certificate issuer: /CN=A9119B43/serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79 Certificate serial: 04BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft Manifest number: 04B4 Signing time: Sun 19 Oct 2025 01:43:47 +0000 Manifest this update: Sun 19 Oct 2025 01:43:46 +0000 Manifest next update: Sun 26 Oct 2025 01:43:46 +0000 Files and hashes: 1: Xtho2ocq-NaWpcGp-ngp9lJzynk.crl (hash: Vigs2seoR0oO6SfRirB8XenX5YBY5cNbljiyOUu7T9k=) 2: 6C27C19E4BFA11ECA6797F6DC4F9AE02.roa (hash: 9zlcNMp71CcrKhJ6RcgbQ3pW8nUmE/ShM6R3qPGEpIM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 01:43:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1212 (0x4bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9119B43, serialNumber=5ED868DA872AF8D696A5C1A9FA7829F65273CA79 Validity Not Before: Oct 19 01:43:46 2025 GMT Not After : Oct 26 01:43:46 2025 GMT Subject: CN=68f44252-fe3d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:cf:2e:60:07:65:6e:ec:7a:d8:3d:40:80:bb: dc:e9:ba:2b:df:b0:22:13:80:7e:14:3a:6a:31:ea: e6:fe:1b:67:0d:be:82:5e:8c:3b:ac:aa:42:dd:8f: 17:a3:23:a4:46:86:af:a3:c9:aa:c7:b3:3b:f2:e3: ce:d0:0b:b0:22:5e:d0:c6:3c:f0:08:e3:7f:03:bf: ed:11:6b:b0:d9:cc:5d:b6:f0:80:d2:ec:60:64:33: 19:99:b3:eb:db:3c:ee:98:e6:a0:c5:9f:77:1d:bc: 8b:ed:c5:96:00:fb:79:a3:87:e7:c5:cc:d3:07:5d: 2e:98:a6:6b:d0:3e:50:cb:d2:f3:c7:d9:e0:63:e0: 27:b3:1e:01:c5:e3:eb:2a:17:c9:51:4f:df:2c:ba: e6:53:60:95:29:83:6d:d5:f4:ce:d7:ea:4a:dd:db: 68:9c:4e:bd:d5:18:92:b2:de:85:89:1a:cf:3e:b1: a6:56:5d:60:c4:08:23:b3:df:d8:b3:c7:94:71:0d: 5a:63:bc:f9:73:1f:4f:4e:d9:a4:92:ec:ee:56:a3: eb:10:d2:96:08:c7:bf:3f:32:7c:da:9e:92:bf:94: c2:6e:9d:1b:86:40:c2:ca:92:df:ec:8c:cb:54:f6: 76:5d:a6:e1:9b:19:f2:ed:be:61:63:5d:eb:19:d1: 08:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:A5:D4:09:C6:6C:EF:AE:B2:79:34:25:FD:8A:C4:60:42:40:23:45 X509v3 Authority Key Identifier: keyid:5E:D8:68:DA:87:2A:F8:D6:96:A5:C1:A9:FA:78:29:F6:52:73:CA:79 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Xtho2ocq-NaWpcGp-ngp9lJzynk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9119B43/E5B839824B3A11EC992E8150C4F9AE02/Xtho2ocq-NaWpcGp-ngp9lJzynk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:5e:b6:e7:af:fc:64:95:98:15:fa:02:28:c6:44:98:cc:44: a8:12:b2:bc:ea:8f:81:ad:65:60:da:3f:d6:60:a9:c0:79:33: 00:04:d8:37:f1:3a:cb:01:b5:ce:5d:cb:e8:1c:fd:c9:cb:5f: 11:fe:40:ed:bf:8d:3c:8c:e7:ed:91:83:1f:c8:d1:2d:35:3c: 36:36:2b:56:36:d8:f7:47:12:84:f1:7b:6d:29:dd:c1:1a:27: 35:69:33:33:81:5e:4e:24:ba:54:2a:97:b5:a5:a2:65:64:c5: 8e:7e:1c:de:b5:5f:bc:32:1b:59:ba:15:3c:6f:63:9b:26:92: 01:f0:75:86:31:1f:a4:98:e4:95:66:73:93:5e:6f:14:8c:00: f9:8a:6c:27:34:34:36:49:ec:d9:04:88:fd:4f:6c:c8:08:2f: 53:47:99:66:e4:6b:0e:82:01:05:eb:00:d3:c7:18:b9:49:7d: bf:ba:1b:88:28:98:6c:1d:54:11:d2:4f:1c:3f:5e:b9:5c:d6: 5e:c4:05:89:c0:78:aa:f0:f6:35:ac:8d:23:a2:0c:8a:2f:86: db:f4:ed:41:2c:8a:53:8e:1f:3f:75:3c:b1:90:f5:1f:c3:c8: af:b3:8f:05:77:db:1e:d7:ec:1a:d2:89:ff:65:92:13:d7:69: c2:36:11:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTlCNDMxMTAvBgNVBAUTKDVFRDg2OERBODcyQUY4RDY5NkE1QzFBOUZBNzgyOUY2 NTI3M0NBNzkwHhcNMjUxMDE5MDE0MzQ2WhcNMjUxMDI2MDE0MzQ2WjAYMRYwFAYD VQQDEw02OGY0NDI1Mi1mZTNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyM8uYAdlbux62D1AgLvc6bor37AiE4B+FDpqMerm/htnDb6CXow7rKpC3Y8X oyOkRoavo8mqx7M78uPO0AuwIl7QxjzwCON/A7/tEWuw2cxdtvCA0uxgZDMZmbPr 2zzumOagxZ93HbyL7cWWAPt5o4fnxczTB10umKZr0D5Qy9Lzx9ngY+Ansx4BxePr KhfJUU/fLLrmU2CVKYNt1fTO1+pK3dtonE691RiSst6FiRrPPrGmVl1gxAgjs9/Y s8eUcQ1aY7z5cx9PTtmkkuzuVqPrENKWCMe/PzJ82p6Sv5TCbp0bhkDCypLf7IzL VPZ2Xabhmxny7b5hY13rGdEIyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPal1AnG bO+usnk0Jf2KxGBCQCNFMB8GA1UdIwQYMBaAFF7YaNqHKvjWlqXBqfp4KfZSc8p5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOUI0My9FNUI4Mzk4MjRC M0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1OYVdwY0dwLW5ncDlsSnp5 bmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1h0aG8yb2NxLU5hV3BjR3AtbmdwOWxKenluay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OUI0My9FNUI4Mzk4MjRCM0ExMUVDOTkyRTgxNTBDNEY5QUUwMi9YdGhvMm9jcS1O YVdwY0dwLW5ncDlsSnp5bmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADXrbnr/xklZgV+gIoxkSYzESoErK86o+BrWVg2j/WYKnAeTMABNg3 8TrLAbXOXcvoHP3Jy18R/kDtv408jOftkYMfyNEtNTw2NitWNtj3RxKE8XttKd3B Gic1aTMzgV5OJLpUKpe1paJlZMWOfhzetV+8MhtZuhU8b2ObJpIB8HWGMR+kmOSV ZnOTXm8UjAD5imwnNDQ2SezZBIj9T2zICC9TR5lm5GsOggEF6wDTxxi5SX2/uhuI KJhsHVQR0k8cP165XNZexAWJwHiq8PY1rI0jogyKL4bb9O1BLIpTjh8/dTyxkPUf w8ivs48Fd9se1+wa0on/ZZIT12nCNhGW -----END CERTIFICATE-----Generated at Mon Oct 20 10:44:29 2025 by rpki-client