$ rpki-client -vvf rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft File: ZfzR8nTT59WOTQyihVjTS2sVLWc.mft (raw, json) Hash identifier: dIZ6GxZARipMVO6LKiYXBwkMdvRfJ4NlaCi6ogtkeBY= Subject key identifier: 5F:7C:C2:CB:E3:AE:9F:5B:78:E9:A3:7C:02:B3:F4:67:11:17:A9:AB Authority key identifier: 65:FC:D1:F2:74:D3:E7:D5:8E:4D:0C:A2:85:58:D3:4B:6B:15:2D:67 Certificate issuer: /CN=A911F7D0/serialNumber=65FCD1F274D3E7D58E4D0CA28558D34B6B152D67 Certificate serial: 1162 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft Manifest number: 115A Signing time: Sat 18 Oct 2025 17:46:40 +0000 Manifest this update: Sat 18 Oct 2025 17:46:40 +0000 Manifest next update: Sat 25 Oct 2025 17:46:40 +0000 Files and hashes: 1: ZfzR8nTT59WOTQyihVjTS2sVLWc.crl (hash: 4/3+WlNBnzLKzUib0O34JtUBzrgatPkCAeqCNnRYQNM=) 2: 1BFF84B0131611E991379440C4F9AE02.roa (hash: 9v5xAom6t8Cg5dPY2+UVNWnLY+IwQ2L6vmEfACxJwlI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.crl rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 17:46:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4450 (0x1162) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911F7D0, serialNumber=65FCD1F274D3E7D58E4D0CA28558D34B6B152D67 Validity Not Before: Oct 18 17:46:40 2025 GMT Not After : Oct 25 17:46:40 2025 GMT Subject: CN=68f3d280-970d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:6d:0d:03:a5:2f:ea:6d:09:71:5a:a3:a5:51: 57:72:48:c3:cb:90:4d:3c:ed:f5:2d:70:4d:a6:cd: d3:c0:0d:00:2f:52:b5:b2:ce:1c:64:6b:6b:32:b4: 69:78:b0:07:bb:3f:24:7d:7f:9b:95:51:d3:84:bc: 95:71:04:c6:1d:df:fa:91:49:a9:e3:6a:2e:bb:a8: 5c:f0:73:78:22:98:2b:9a:d2:62:c1:9c:b6:45:65: 38:06:d1:d5:ac:6e:da:35:62:a0:eb:ef:a6:2b:38: e8:cf:bf:33:a2:bc:1c:12:50:3f:dc:2b:c5:9e:29: a3:7f:b3:40:78:c3:ad:ed:5f:f6:fe:65:7c:44:b3: 54:c2:5f:14:79:d4:a2:31:cd:fd:38:70:32:b9:bd: 00:cc:36:f5:5c:57:20:5a:17:e9:11:9e:4a:3a:35: 8d:9f:a5:74:7a:36:29:aa:93:84:af:c2:a7:85:e3: 5c:08:d1:8d:10:43:11:76:44:94:06:1d:39:5a:f0: 86:a3:7a:a4:71:ec:c0:b0:b2:43:6d:95:8b:b2:12: 8e:88:eb:cb:8b:a4:e0:30:d0:80:c3:33:b7:bf:8c: c2:4c:98:95:dd:ef:4c:93:8e:27:28:8d:2c:04:ff: 05:bb:ed:03:cf:bc:22:e0:68:37:ff:fd:19:b3:59: 06:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:7C:C2:CB:E3:AE:9F:5B:78:E9:A3:7C:02:B3:F4:67:11:17:A9:AB X509v3 Authority Key Identifier: keyid:65:FC:D1:F2:74:D3:E7:D5:8E:4D:0C:A2:85:58:D3:4B:6B:15:2D:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZfzR8nTT59WOTQyihVjTS2sVLWc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911F7D0/66A29982131411E9834F773BC4F9AE02/ZfzR8nTT59WOTQyihVjTS2sVLWc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:25:23:64:51:95:b8:3b:b8:11:6a:03:84:2d:51:f4:02:00: dc:b4:94:ea:15:37:a2:86:bb:1d:44:57:8e:45:97:9b:ba:65: 01:b3:8a:59:b4:e8:09:50:d3:19:6c:31:c5:2d:1b:8e:4e:c6: 0a:fb:93:68:57:30:1b:86:91:56:fe:33:a2:bd:ea:be:47:42: d2:c4:3b:33:e2:35:06:df:b4:ac:41:7d:64:d6:e7:87:91:55: 76:4d:74:06:4e:14:01:3a:f9:10:d7:bf:83:a2:d5:94:04:82: 25:f5:5f:55:94:84:52:9a:77:df:7c:f9:2b:b8:1b:36:aa:5b: 49:2f:af:56:ed:6c:77:84:04:11:82:df:20:c6:84:cd:16:e3: 98:a8:e6:d6:d6:0c:46:12:87:46:1b:eb:46:47:eb:9c:5f:ac: 73:83:af:4d:0a:05:6c:6b:55:91:86:3f:04:7a:cf:0f:c0:8d: 30:85:5a:75:ca:55:c7:b9:f9:07:0c:f8:3f:c7:36:74:4a:35: ff:b2:56:55:f5:24:f4:be:19:55:8b:06:57:a0:01:2b:74:df: 64:52:f2:60:ce:70:01:be:50:9e:4d:14:c5:e4:67:d1:04:fa: fb:77:8b:08:ea:3d:77:43:19:84:9d:e9:11:b5:5d:11:ca:87: c9:26:e6:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEWIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUY3RDAxMTAvBgNVBAUTKDY1RkNEMUYyNzREM0U3RDU4RTREMENBMjg1NThEMzRC NkIxNTJENjcwHhcNMjUxMDE4MTc0NjQwWhcNMjUxMDI1MTc0NjQwWjAYMRYwFAYD VQQDEw02OGYzZDI4MC05NzBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz20NA6Uv6m0JcVqjpVFXckjDy5BNPO31LXBNps3TwA0AL1K1ss4cZGtrMrRp eLAHuz8kfX+blVHThLyVcQTGHd/6kUmp42ouu6hc8HN4IpgrmtJiwZy2RWU4BtHV rG7aNWKg6++mKzjoz78zorwcElA/3CvFnimjf7NAeMOt7V/2/mV8RLNUwl8UedSi Mc39OHAyub0AzDb1XFcgWhfpEZ5KOjWNn6V0ejYpqpOEr8KnheNcCNGNEEMRdkSU Bh05WvCGo3qkcezAsLJDbZWLshKOiOvLi6TgMNCAwzO3v4zCTJiV3e9Mk44nKI0s BP8Fu+0Dz7wi4Gg3//0Zs1kGLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF98wsvj rp9beOmjfAKz9GcRF6mrMB8GA1UdIwQYMBaAFGX80fJ00+fVjk0MooVY00trFS1n MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExRjdEMC82NkEyOTk4MjEz MTQxMUU5ODM0Rjc3M0JDNEY5QUUwMi9aZnpSOG5UVDU5V09UUXlpaFZqVFMyc1ZM V2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pmelI4blRUNTlXT1RReWloVmpUUzJzVkxXYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx RjdEMC82NkEyOTk4MjEzMTQxMUU5ODM0Rjc3M0JDNEY5QUUwMi9aZnpSOG5UVDU5 V09UUXlpaFZqVFMyc1ZMV2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARJSNkUZW4O7gRagOELVH0AgDctJTqFTeihrsdRFeORZebumUBs4pZ tOgJUNMZbDHFLRuOTsYK+5NoVzAbhpFW/jOiveq+R0LSxDsz4jUG37SsQX1k1ueH kVV2TXQGThQBOvkQ17+DotWUBIIl9V9VlIRSmnfffPkruBs2qltJL69W7Wx3hAQR gt8gxoTNFuOYqObW1gxGEodGG+tGR+ucX6xzg69NCgVsa1WRhj8Ees8PwI0whVp1 ylXHufkHDPg/xzZ0SjX/slZV9ST0vhlViwZXoAErdN9kUvJgznABvlCeTRTF5GfR BPr7d4sI6j13QxmEnekRtV0RyofJJubb -----END CERTIFICATE-----Generated at Mon Oct 20 04:06:07 2025 by rpki-client