$ rpki-client -vvf rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft File: XZRtT0edN7zhcAywut1RosPfYg8.mft (raw, json) Hash identifier: wrt7p8gU2COHPfmdgvhQ+ra5jV28oc+Nq8i+DcJJCiI= Subject key identifier: 15:AB:D9:4E:9D:C8:F1:02:FC:E0:88:90:93:E5:21:DD:0F:58:8F:86 Authority key identifier: 5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F Certificate issuer: /CN=A9152787/serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F Certificate serial: C1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft Manifest number: BE Signing time: Sun 19 Oct 2025 09:05:28 +0000 Manifest this update: Sun 19 Oct 2025 09:05:28 +0000 Manifest next update: Sun 26 Oct 2025 09:05:28 +0000 Files and hashes: 1: XZRtT0edN7zhcAywut1RosPfYg8.crl (hash: QyaxPzUFIihYSfF4PRu7qHxeprNrioFVaF82CxTsb98=) 2: CB24F37C033711F0B76A8520C4F9AE02.roa (hash: 98s3ds+kGQSvl0ncwBjphBprg+/d5JhkpC63UpEc2Nk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.crl rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:05:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 193 (0xc1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152787, serialNumber=5D946D4F479D37BCE1700CB0BADD51A2C3DF620F Validity Not Before: Oct 19 09:05:28 2025 GMT Not After : Oct 26 09:05:28 2025 GMT Subject: CN=68f4a9d8-6ab8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:fb:49:c7:c6:b1:ba:ef:96:9f:c1:d7:ca:20: d9:e4:fa:1c:b9:b9:29:c5:e7:6c:22:76:61:c7:13: fc:32:ad:eb:0d:42:06:0c:ef:e9:58:13:32:bb:45: d9:07:fe:96:7e:0a:d0:19:2b:03:97:38:3e:04:64: e8:24:82:f0:13:4f:f7:f1:ca:eb:e6:51:01:d1:15: a6:d1:d9:e3:1f:64:d6:96:f0:e3:40:c2:ed:5e:08: cb:db:9a:65:f0:c5:11:3f:46:14:3a:13:e4:cd:ef: 50:e1:ad:a8:aa:cd:3b:5e:90:77:24:53:bb:57:79: 12:00:59:b2:34:0e:34:13:05:4d:f1:b9:c6:14:0c: 5b:5f:74:87:3b:e8:62:78:93:b0:64:a5:7b:78:d2: 88:49:c8:65:5d:ee:70:cb:b0:28:06:4e:fa:39:32: e0:80:73:12:66:cd:9c:ef:5a:aa:34:19:12:bc:48: 43:49:68:39:6e:72:8a:b0:31:3f:96:0c:57:13:03: 02:61:83:55:51:28:42:51:ff:66:21:1a:63:6e:77: 66:27:45:ca:4e:c3:5e:66:aa:cd:7e:17:11:2e:38: 6a:dc:68:5d:24:89:c9:ed:90:49:df:3a:9a:8e:a1: 34:5f:1e:57:b1:8c:ec:fb:c0:1c:e7:5d:72:e2:09: 17:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 15:AB:D9:4E:9D:C8:F1:02:FC:E0:88:90:93:E5:21:DD:0F:58:8F:86 X509v3 Authority Key Identifier: keyid:5D:94:6D:4F:47:9D:37:BC:E1:70:0C:B0:BA:DD:51:A2:C3:DF:62:0F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XZRtT0edN7zhcAywut1RosPfYg8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152787/2286562A8F7911EF92AC781EC4F9AE02/XZRtT0edN7zhcAywut1RosPfYg8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 94:c6:bb:fd:77:e9:ca:4e:1e:4b:91:13:dc:cf:e9:f9:7b:e7: 0a:d7:3b:f2:56:e6:23:37:1b:0a:5e:ec:3a:0e:85:b1:ed:12: 85:fa:56:8f:8b:1e:23:3c:6b:a1:5c:45:58:4a:9a:84:57:82: db:7e:22:ac:e5:1d:0d:02:0d:7a:2d:37:20:35:95:b7:bc:39: 91:fa:60:a2:20:ba:76:c4:60:b7:39:3d:02:c3:22:62:62:22: 6a:ed:41:b9:93:8a:cb:bb:c4:93:dc:10:4b:3b:40:25:35:68: a7:a9:d3:cc:f1:3e:8c:f7:42:9c:16:1d:df:c8:e3:6c:32:6b: 4c:77:fa:cb:61:9e:96:97:18:d3:18:22:7f:92:2e:9c:70:ce: af:9b:c6:cb:7c:f2:c4:f3:1b:18:d5:13:c3:6d:e6:54:d2:c8: a0:cb:c8:18:0e:f0:5d:ac:5e:04:9b:58:9c:8c:17:78:c0:d6: 5a:ed:e5:e0:d5:38:cb:e2:e2:ee:eb:cf:a8:6f:c0:1c:5c:c3: a6:1e:6f:9f:2e:7e:22:3b:aa:e1:64:6b:89:ae:32:a6:ce:c0: 6e:13:5e:14:bd:50:a9:07:05:12:02:9d:09:06:e1:75:09:47: a2:5d:80:78:9c:0e:61:7f:3e:0f:32:fe:0a:bf:63:36:48:92: 0e:71:7b:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTI3ODcxMTAvBgNVBAUTKDVEOTQ2RDRGNDc5RDM3QkNFMTcwMENCMEJBREQ1MUEy QzNERjYyMEYwHhcNMjUxMDE5MDkwNTI4WhcNMjUxMDI2MDkwNTI4WjAYMRYwFAYD VQQDEw02OGY0YTlkOC02YWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxPtJx8axuu+Wn8HXyiDZ5PocubkpxedsInZhxxP8Mq3rDUIGDO/pWBMyu0XZ B/6WfgrQGSsDlzg+BGToJILwE0/38crr5lEB0RWm0dnjH2TWlvDjQMLtXgjL25pl 8MURP0YUOhPkze9Q4a2oqs07XpB3JFO7V3kSAFmyNA40EwVN8bnGFAxbX3SHO+hi eJOwZKV7eNKISchlXe5wy7AoBk76OTLggHMSZs2c71qqNBkSvEhDSWg5bnKKsDE/ lgxXEwMCYYNVUShCUf9mIRpjbndmJ0XKTsNeZqrNfhcRLjhq3GhdJInJ7ZBJ3zqa jqE0Xx5XsYzs+8Ac511y4gkXkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBWr2U6d yPEC/OCIkJPlId0PWI+GMB8GA1UdIwQYMBaAFF2UbU9HnTe84XAMsLrdUaLD32IP MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Mjc4Ny8yMjg2NTYyQThG NzkxMUVGOTJBQzc4MUVDNEY5QUUwMi9YWlJ0VDBlZE43emhjQXl3dXQxUm9zUGZZ ZzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1haUnRUMGVkTjd6aGNBeXd1dDFSb3NQZllnOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Mjc4Ny8yMjg2NTYyQThGNzkxMUVGOTJBQzc4MUVDNEY5QUUwMi9YWlJ0VDBlZE43 emhjQXl3dXQxUm9zUGZZZzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCUxrv9d+nKTh5LkRPcz+n5e+cK1zvyVuYjNxsKXuw6DoWx7RKF+laP ix4jPGuhXEVYSpqEV4LbfiKs5R0NAg16LTcgNZW3vDmR+mCiILp2xGC3OT0CwyJi YiJq7UG5k4rLu8ST3BBLO0AlNWinqdPM8T6M90KcFh3fyONsMmtMd/rLYZ6WlxjT GCJ/ki6ccM6vm8bLfPLE8xsY1RPDbeZU0sigy8gYDvBdrF4Em1icjBd4wNZa7eXg 1TjL4uLu68+ob8AcXMOmHm+fLn4iO6rhZGuJrjKmzsBuE14UvVCpBwUSAp0JBuF1 CUeiXYB4nA5hfz4PMv4Kv2M2SJIOcXvg -----END CERTIFICATE-----Generated at Tue Oct 21 08:07:00 2025 by rpki-client