$ rpki-client -vvf rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft File: dmXig10WAIXjHsJFIi1LL35IRAk.mft (raw, json) Hash identifier: WxV6a7SLCeRRgKwq3UxVXqOhPKawU6ckhiu8HnM8Yxk= Subject key identifier: 64:DB:78:D0:79:23:D1:1F:BC:EC:3A:DA:6E:B6:B6:E3:63:36:89:46 Authority key identifier: 76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 Certificate issuer: /CN=A911DFC9/serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Certificate serial: 61 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft Manifest number: 55 Signing time: Sun 19 Oct 2025 10:38:23 +0000 Manifest this update: Sun 19 Oct 2025 10:38:22 +0000 Manifest next update: Sun 26 Oct 2025 10:38:22 +0000 Files and hashes: 1: dmXig10WAIXjHsJFIi1LL35IRAk.crl (hash: GJYCk6IW1uqYqKyTJyq94sieJPqhflmXlPKWtqcL/AQ=) 2: CAE10F4030E111F09B76D311C4F9AE02.roa (hash: 4EnYQ2VSNQD0o3dL265fkKkyLcx5j9mcOc/dYLCsIwo=) 3: 570B12E0562611F09F085F44C4F9AE02.roa (hash: CaHNy+5XgMUOPof5CFjhIu8D1eRPSffz8Arg3q0Y77U=) 4: CA5B991430E111F09B76D311C4F9AE02.roa (hash: KDnCMQ2nRjU0Va+lifX6vSdvj7g5AOqm8qx3ZCAL398=) 5: CB4E186A30E111F09B76D311C4F9AE02.roa (hash: xPkqxoVSxyXeKSaq5jtn4/m5jr8BJckiAgNe5WWb60U=) 6: CC3E7A3A30E111F09B76D311C4F9AE02.roa (hash: qvmxAIblo8LoVtJQCEVB0mOCUBhb2PQ/53hCphSqwWE=) 7: E73A5E40A28C11F0A6491A72C4F9AE02.roa (hash: tcOXOuYgGu+RB0bUc2Sne4w/DApsR3iV2dNestsnCuc=) 8: CBDD09E430E111F09B76D311C4F9AE02.roa (hash: fV/0Vo51myrGthfe3wjSyvx/kYCAyZZZpPfFqvBV/w4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:38:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 97 (0x61) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911DFC9, serialNumber=7665E2835D160085E31EC245222D4B2F7E484409 Validity Not Before: Oct 19 10:38:22 2025 GMT Not After : Oct 26 10:38:22 2025 GMT Subject: CN=68f4bf9f-941c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:8a:21:9d:1e:b0:b5:bd:99:4c:c1:5b:f2:b0: de:3a:c4:6a:f0:be:75:8b:71:aa:d2:56:1e:4e:13: de:cf:f5:33:4e:95:90:30:e7:6d:5f:32:af:5c:4f: b8:a2:c7:3e:41:29:4f:fa:99:6e:1d:63:cd:c5:32: e1:ca:93:14:09:6b:a2:82:8d:68:44:4d:54:6d:fe: b6:49:0c:0b:56:fd:e1:01:99:fe:c8:02:69:60:05: 9d:5a:c3:30:35:79:58:78:db:37:79:cc:b2:d6:ff: 09:4c:e6:05:1d:fc:54:48:ec:41:2d:3c:65:6e:5b: 10:b6:b8:9c:f1:f4:43:c4:f1:1b:f0:e5:34:a5:d8: 34:e0:d6:43:9c:d4:32:fc:55:91:a1:5b:83:cd:55: 07:4e:3b:42:f9:e4:c8:89:01:09:12:ed:1f:69:86: 5e:d9:6e:3e:df:d5:5b:2c:d4:92:80:2b:fc:4f:45: e7:1a:21:7a:bb:78:11:76:f4:b7:e8:ef:69:09:5d: f4:b6:68:47:33:e7:7c:ad:ed:31:fa:80:56:c7:1b: a7:d9:d3:ac:74:69:d9:c6:ef:4a:5f:b2:93:d8:58: 8b:c7:14:02:5c:37:e1:94:dc:b0:ce:ad:47:1e:3e: 81:30:1c:47:32:07:d6:a3:82:63:cc:36:34:7a:41: 2e:8d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:DB:78:D0:79:23:D1:1F:BC:EC:3A:DA:6E:B6:B6:E3:63:36:89:46 X509v3 Authority Key Identifier: keyid:76:65:E2:83:5D:16:00:85:E3:1E:C2:45:22:2D:4B:2F:7E:48:44:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dmXig10WAIXjHsJFIi1LL35IRAk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911DFC9/8D35E82E302C11F087764A2BC4F9AE02/dmXig10WAIXjHsJFIi1LL35IRAk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:11:10:e7:43:91:59:82:fa:a5:6f:7b:7f:01:d1:90:f5:4b: 8e:d2:e0:88:f2:53:b0:01:e8:46:2a:5b:6e:f4:af:b9:ff:2e: 55:41:10:8b:d5:b0:24:2f:47:6e:57:c0:b4:78:ca:ef:91:ae: fc:a8:0a:b5:89:a9:7a:c8:d0:ab:53:93:79:b0:f9:ae:81:30: 79:b6:96:5d:53:30:4d:ef:0e:13:b5:8b:9e:01:cb:c2:6c:3e: 4b:6d:54:05:65:c6:38:82:b3:17:74:95:6c:bb:ff:df:3d:a6: b0:b5:ec:a1:e2:00:2f:56:77:25:40:d3:e4:74:3f:00:d4:1c: a1:e6:cd:0e:74:9a:ff:55:16:16:60:6d:82:44:2e:f1:ab:1e: 0f:97:67:04:f8:9c:db:05:fa:db:ce:b0:38:5c:e0:88:6d:00: 76:b5:a8:7a:6c:39:fc:bd:28:20:3b:ee:ea:61:59:e3:53:d5: e8:9e:7e:bc:e9:7f:7b:92:61:91:6e:2d:ab:7f:31:5a:7b:e1: df:73:b1:8b:71:bb:e6:93:fd:7f:26:99:5a:17:2c:9f:7a:66: 46:67:eb:81:90:c6:e8:16:e0:e6:c6:cf:66:f2:04:29:fb:3e: 88:ab:89:d2:5d:f3:0f:9d:14:e8:b9:f5:0a:ff:24:b0:6d:7c: 3a:5e:83:91 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBYTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx REZDOTExMC8GA1UEBRMoNzY2NUUyODM1RDE2MDA4NUUzMUVDMjQ1MjIyRDRCMkY3 RTQ4NDQwOTAeFw0yNTEwMTkxMDM4MjJaFw0yNTEwMjYxMDM4MjJaMBgxFjAUBgNV BAMTDTY4ZjRiZjlmLTk0MWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCkiiGdHrC1vZlMwVvysN46xGrwvnWLcarSVh5OE97P9TNOlZAw521fMq9cT7ii xz5BKU/6mW4dY83FMuHKkxQJa6KCjWhETVRt/rZJDAtW/eEBmf7IAmlgBZ1awzA1 eVh42zd5zLLW/wlM5gUd/FRI7EEtPGVuWxC2uJzx9EPE8Rvw5TSl2DTg1kOc1DL8 VZGhW4PNVQdOO0L55MiJAQkS7R9phl7Zbj7f1Vss1JKAK/xPRecaIXq7eBF29Lfo 72kJXfS2aEcz53yt7TH6gFbHG6fZ06x0adnG70pfspPYWIvHFAJcN+GU3LDOrUce PoEwHEcyB9ajgmPMNjR6QS6NAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZNt40Hkj 0R+87Drabra242M2iUYwHwYDVR0jBBgwFoAUdmXig10WAIXjHsJFIi1LL35IRAkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFERkM5LzhEMzVFODJFMzAy QzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlYakhzSkZJaTFMTDM1SVJB ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvZG1YaWcxMFdBSVhqSHNKRklpMUxMMzVJUkFrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTFE RkM5LzhEMzVFODJFMzAyQzExRjA4Nzc2NEEyQkM0RjlBRTAyL2RtWGlnMTBXQUlY akhzSkZJaTFMTDM1SVJBay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHkREOdDkVmC+qVve38B0ZD1S47S4IjyU7AB6EYqW270r7n/LlVBEIvV sCQvR25XwLR4yu+RrvyoCrWJqXrI0KtTk3mw+a6BMHm2ll1TME3vDhO1i54By8Js PkttVAVlxjiCsxd0lWy7/989prC17KHiAC9WdyVA0+R0PwDUHKHmzQ50mv9VFhZg bYJELvGrHg+XZwT4nNsF+tvOsDhc4IhtAHa1qHpsOfy9KCA77uphWeNT1eiefrzp f3uSYZFuLat/MVp74d9zsYtxu+aT/X8mmVoXLJ96ZkZn64GQxugW4ObGz2byBCn7 PoiridJd8w+dFOi59Qr/JLBtfDpeg5E= -----END CERTIFICATE-----Generated at Mon Oct 20 10:43:17 2025 by rpki-client