$ rpki-client -vvf rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft File: 3xhzEfoJx3m4sV2UekbU9O3MUFM.mft (raw, json) Hash identifier: GgCkuk8ue8Z4HUpzCkBe7CEyws2mEDBQ2Df1r2kuqq0= Subject key identifier: 89:73:4B:81:EB:FC:C3:58:30:F2:1C:57:88:66:4E:02:1F:2E:FF:0F Authority key identifier: DF:18:73:11:FA:09:C7:79:B8:B1:5D:94:7A:46:D4:F4:ED:CC:50:53 Certificate issuer: /CN=A911AA05/serialNumber=DF187311FA09C779B8B15D947A46D4F4EDCC5053 Certificate serial: 5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xhzEfoJx3m4sV2UekbU9O3MUFM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft Manifest number: 5A Signing time: Sun 19 Oct 2025 10:31:36 +0000 Manifest this update: Sun 19 Oct 2025 10:31:35 +0000 Manifest next update: Sun 26 Oct 2025 10:31:35 +0000 Files and hashes: 1: 3xhzEfoJx3m4sV2UekbU9O3MUFM.crl (hash: l7MVj6cF8PyY7e1lWFYYq5wBLsEpHNqULlAAJJHkFww=) 2: F1940290212911F087425013C4F9AE02.roa (hash: MnHNxat0n45sPIepd+2k7Aeq3t/02+1KvIJP8MEpuv8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.crl rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xhzEfoJx3m4sV2UekbU9O3MUFM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:31:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 91 (0x5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911AA05, serialNumber=DF187311FA09C779B8B15D947A46D4F4EDCC5053 Validity Not Before: Oct 19 10:31:35 2025 GMT Not After : Oct 26 10:31:35 2025 GMT Subject: CN=68f4be08-fce5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:76:7f:6d:18:80:c0:21:14:68:11:27:cf:d3: d0:aa:59:cd:0d:a1:b4:14:a6:76:ee:db:f4:d9:72: 59:19:01:e3:c2:c5:1a:98:0d:e8:99:0a:c1:fd:b5: 87:ff:8f:42:fc:d2:93:89:69:db:f2:79:55:03:73: 99:51:05:dd:79:45:b5:0e:2e:42:cc:b9:52:dc:a2: dd:2a:91:f7:f6:4a:e5:f9:45:00:57:80:be:47:40: e0:d5:b8:55:b0:8d:41:cd:02:bd:f8:29:53:fa:a4: 61:6b:e3:57:cb:c9:0c:2b:4b:87:90:5e:8a:1f:8e: 06:5f:cd:ff:fc:d5:94:aa:08:7b:45:fd:f7:a8:6e: 6f:09:7f:37:84:dd:6c:46:48:33:3b:af:fd:98:69: 85:43:72:04:5a:7c:03:ef:15:d1:31:f4:a4:7a:04: 3d:53:5e:8c:2b:d7:97:8b:36:96:34:32:af:6f:c5: 08:a4:e0:e0:79:9b:ed:b5:22:80:cd:46:1d:16:70: 2c:cb:4c:aa:18:a2:1c:8f:17:b7:1c:c4:40:30:1b: 6d:4e:0e:f6:d4:9e:71:a1:2c:a9:bf:d6:c8:b1:64: 83:b4:58:8c:e5:d8:0c:32:c5:49:bb:d1:53:09:8c: dd:44:00:c0:95:a2:d8:50:72:ae:11:f6:3d:45:56: 69:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:73:4B:81:EB:FC:C3:58:30:F2:1C:57:88:66:4E:02:1F:2E:FF:0F X509v3 Authority Key Identifier: keyid:DF:18:73:11:FA:09:C7:79:B8:B1:5D:94:7A:46:D4:F4:ED:CC:50:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3xhzEfoJx3m4sV2UekbU9O3MUFM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911AA05/4DC1D926212911F0A66A4972C4F9AE02/3xhzEfoJx3m4sV2UekbU9O3MUFM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cb:79:c8:a6:9d:04:c6:a2:32:f8:f9:af:a3:f3:06:97:da:54: 54:30:6f:29:82:1a:76:49:9a:e4:5e:42:c5:ba:f6:88:5a:7b: 68:0f:ec:30:c9:70:ca:5d:5e:90:d1:4e:c8:5c:0a:29:b5:4d: fa:94:8e:3a:0a:a5:38:c4:29:51:e1:45:af:cd:7f:65:8f:78: c8:8f:15:5f:b5:d9:c6:c0:9d:f2:af:13:51:ac:88:5f:62:42: 9b:e6:94:c4:ce:81:78:b2:14:3f:ad:4e:e1:7e:4b:f2:00:b9: 3f:df:2d:23:96:8f:25:8b:b1:4b:a9:1f:f9:d0:32:29:ee:ad: cd:b9:2c:c6:d5:e9:0c:4e:81:c4:40:28:c5:39:f9:eb:db:3e: 16:68:66:6a:61:31:b9:bc:01:a2:21:7d:75:bc:95:34:6c:c4: a2:ad:f8:96:7c:97:48:bc:8a:8e:9b:cc:62:9f:36:9f:be:3f: 09:53:26:7c:fa:12:2a:3d:1c:f2:a9:90:ea:f8:a3:13:9a:eb: ae:80:b4:9d:9f:cb:2d:d7:d1:f0:0e:b7:4c:81:28:2f:01:e4: 59:f4:9f:1f:7e:b3:21:e0:b7:b8:fb:69:16:2e:78:c1:fa:41: bb:35:0b:c8:aa:df:76:26:84:93:10:ba:64:1f:90:e2:97:cd: 3f:28:48:3a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx QUEwNTExMC8GA1UEBRMoREYxODczMTFGQTA5Qzc3OUI4QjE1RDk0N0E0NkQ0RjRF RENDNTA1MzAeFw0yNTEwMTkxMDMxMzVaFw0yNTEwMjYxMDMxMzVaMBgxFjAUBgNV BAMTDTY4ZjRiZTA4LWZjZTUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBdn9tGIDAIRRoESfP09CqWc0NobQUpnbu2/TZclkZAePCxRqYDeiZCsH9tYf/ j0L80pOJadvyeVUDc5lRBd15RbUOLkLMuVLcot0qkff2SuX5RQBXgL5HQODVuFWw jUHNAr34KVP6pGFr41fLyQwrS4eQXoofjgZfzf/81ZSqCHtF/feobm8JfzeE3WxG SDM7r/2YaYVDcgRafAPvFdEx9KR6BD1TXowr15eLNpY0Mq9vxQik4OB5m+21IoDN Rh0WcCzLTKoYohyPF7ccxEAwG21ODvbUnnGhLKm/1sixZIO0WIzl2AwyxUm70VMJ jN1EAMCVothQcq4R9j1FVmlHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUiXNLgev8 w1gw8hxXiGZOAh8u/w8wHwYDVR0jBBgwFoAU3xhzEfoJx3m4sV2UekbU9O3MUFMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFBQTA1LzREQzFEOTI2MjEy OTExRjBBNjZBNDk3MkM0RjlBRTAyLzN4aHpFZm9KeDNtNHNWMlVla2JVOU8zTVVG TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM3hoekVmb0p4M200c1YyVWVrYlU5TzNNVUZNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFB QTA1LzREQzFEOTI2MjEyOTExRjBBNjZBNDk3MkM0RjlBRTAyLzN4aHpFZm9KeDNt NHNWMlVla2JVOU8zTVVGTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMt5yKadBMaiMvj5r6PzBpfaVFQwbymCGnZJmuReQsW69ohae2gP7DDJ cMpdXpDRTshcCim1TfqUjjoKpTjEKVHhRa/Nf2WPeMiPFV+12cbAnfKvE1GsiF9i QpvmlMTOgXiyFD+tTuF+S/IAuT/fLSOWjyWLsUupH/nQMinurc25LMbV6QxOgcRA KMU5+evbPhZoZmphMbm8AaIhfXW8lTRsxKKt+JZ8l0i8io6bzGKfNp++PwlTJnz6 Eio9HPKpkOr4oxOa666AtJ2fyy3X0fAOt0yBKC8B5Fn0nx9+syHgt7j7aRYueMH6 Qbs1C8iq33YmhJMQumQfkOKXzT8oSDo= -----END CERTIFICATE-----Generated at Mon Oct 20 17:49:34 2025 by rpki-client