$ rpki-client -vvf rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft File: 433E2CR2A-hIwAZsRFuc2NpzUNY.mft (raw, json) Hash identifier: 7kGdgY+UcjLJS1gKBREfZcCvehk8TFpkWqoI3IAyk7A= Subject key identifier: E2:1A:53:BD:40:2A:67:EC:18:17:97:D8:77:50:29:35:FE:2B:67:F5 Authority key identifier: E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 Certificate issuer: /CN=A916C8F2/serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Certificate serial: 3B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft Manifest number: 3A Signing time: Sun 19 Oct 2025 10:58:22 +0000 Manifest this update: Sun 19 Oct 2025 10:58:22 +0000 Manifest next update: Sun 26 Oct 2025 10:58:22 +0000 Files and hashes: 1: 433E2CR2A-hIwAZsRFuc2NpzUNY.crl (hash: o/rWvU/dvwtWPk9xQPfPrf9GRJv3xujzcvRN8nEmkV8=) 2: 730C503A56C611F096620043C4F9AE02.roa (hash: m+BAyP5CIYN6CIS7MvKKiKoAky/65ZLjF2ZjJHqu8U0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:58:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 59 (0x3b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C8F2, serialNumber=E37DC4D8247603E848C0066C445B9CD8DA7350D6 Validity Not Before: Oct 19 10:58:22 2025 GMT Not After : Oct 26 10:58:22 2025 GMT Subject: CN=68f4c44e-2c2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:c6:42:83:ca:6d:06:0e:32:ac:06:d6:49:e0: 9f:18:bc:c0:0b:1f:35:d7:b6:f4:a4:d2:5c:6f:55: 07:a5:9a:32:4e:ff:ef:f4:ec:26:a7:07:23:82:bf: 0a:ef:e1:71:7c:03:71:94:35:ec:55:00:e9:6a:c1: 00:24:41:4a:5a:ac:5b:dd:b3:94:80:ca:18:79:1f: 05:20:ec:2c:8f:e6:45:a3:79:5a:cf:dd:d2:d7:05: 9a:f5:0d:3b:17:7f:f4:51:b6:be:9b:ae:81:a6:08: 65:4e:e7:68:cd:0f:ec:5d:d4:e9:13:fc:7f:1e:5d: 7c:78:e5:8a:83:75:4b:b4:7d:d8:eb:00:75:5f:18: c7:bc:88:19:d5:42:65:3f:93:d1:a0:a9:8a:24:bf: c2:65:fa:d8:74:63:37:da:56:29:36:99:5a:84:26: d0:57:6e:c5:7d:cd:18:33:bd:1b:a3:6e:69:61:d7: 4b:b4:ed:32:43:52:a1:87:46:df:33:3c:64:33:f7: d0:49:62:83:02:da:ef:2e:9b:f0:e1:9b:7f:d8:32: 81:43:53:6f:7b:ce:e1:5e:12:7a:33:e1:55:3f:bb: d9:72:ad:d9:57:b8:24:20:9e:5a:d8:db:d5:61:a3: c8:ee:bf:b6:22:ee:1e:96:fb:04:04:92:0f:d8:54: 56:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:1A:53:BD:40:2A:67:EC:18:17:97:D8:77:50:29:35:FE:2B:67:F5 X509v3 Authority Key Identifier: keyid:E3:7D:C4:D8:24:76:03:E8:48:C0:06:6C:44:5B:9C:D8:DA:73:50:D6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/433E2CR2A-hIwAZsRFuc2NpzUNY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C8F2/287DE73656C611F092BDA042C4F9AE02/433E2CR2A-hIwAZsRFuc2NpzUNY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:b8:a6:59:f2:05:30:cf:4a:fc:c6:97:4f:76:3b:2b:ea:ed: db:6b:2b:03:41:ac:44:a1:23:8f:7a:20:aa:4e:c6:36:f4:c6: 97:46:b4:c5:13:a4:0b:d0:4e:b0:60:cd:82:77:4c:dd:39:69: 28:25:fc:69:f3:63:e1:30:dc:4d:52:63:61:17:3e:f0:5e:ca: 7f:be:7c:3d:ac:ac:39:77:e2:4c:8e:4c:5d:15:06:71:00:1b: d9:36:fb:58:44:18:2d:c6:d2:8b:ee:e0:5c:86:3b:30:d8:f0: 2f:b5:35:2b:dd:63:c3:9f:2f:a6:28:9a:3f:e5:6f:77:cd:d9: 99:fe:08:48:48:85:0b:78:6d:07:68:58:7d:06:cc:88:47:4f: ca:1c:bf:55:52:e9:ca:e9:38:7c:3d:a5:0f:89:32:42:23:a1: 78:8f:0e:4f:b1:89:83:a7:5b:08:98:a3:cd:9f:52:07:9d:1d: 95:5c:68:48:28:d7:b4:86:ba:3d:13:a2:0e:68:a2:e6:4f:9f: 78:e7:3d:79:29:4a:00:12:13:8c:39:13:97:6e:d5:d8:e8:92: b0:48:d1:3d:00:01:dc:a5:14:ae:20:bd:58:28:c0:8e:f7:91: c3:c5:13:6e:31:bc:7e:1e:b5:76:2e:23:c5:33:35:e1:53:3e: e0:38:6f:ef -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBOzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 QzhGMjExMC8GA1UEBRMoRTM3REM0RDgyNDc2MDNFODQ4QzAwNjZDNDQ1QjlDRDhE QTczNTBENjAeFw0yNTEwMTkxMDU4MjJaFw0yNTEwMjYxMDU4MjJaMBgxFjAUBgNV BAMTDTY4ZjRjNDRlLTJjMmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAxkKDym0GDjKsBtZJ4J8YvMALHzXXtvSk0lxvVQelmjJO/+/07CanByOCvwrv 4XF8A3GUNexVAOlqwQAkQUparFvds5SAyhh5HwUg7CyP5kWjeVrP3dLXBZr1DTsX f/RRtr6broGmCGVO52jND+xd1OkT/H8eXXx45YqDdUu0fdjrAHVfGMe8iBnVQmU/ k9GgqYokv8Jl+th0YzfaVik2mVqEJtBXbsV9zRgzvRujbmlh10u07TJDUqGHRt8z PGQz99BJYoMC2u8um/Dhm3/YMoFDU297zuFeEnoz4VU/u9lyrdlXuCQgnlrY29Vh o8juv7Yi7h6W+wQEkg/YVFbFAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU4hpTvUAq Z+wYF5fYd1ApNf4rZ/UwHwYDVR0jBBgwFoAU433E2CR2A+hIwAZsRFuc2NpzUNYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZDOEYyLzI4N0RFNzM2NTZD NjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1oSXdBWnNSRnVjMk5welVO WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNDMzRTJDUjJBLWhJd0Fac1JGdWMyTnB6VU5ZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTZD OEYyLzI4N0RFNzM2NTZDNjExRjA5MkJEQTA0MkM0RjlBRTAyLzQzM0UyQ1IyQS1o SXdBWnNSRnVjMk5welVOWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACW4plnyBTDPSvzGl092Oyvq7dtrKwNBrEShI496IKpOxjb0xpdGtMUT pAvQTrBgzYJ3TN05aSgl/GnzY+Ew3E1SY2EXPvBeyn++fD2srDl34kyOTF0VBnEA G9k2+1hEGC3G0ovu4FyGOzDY8C+1NSvdY8OfL6Yomj/lb3fN2Zn+CEhIhQt4bQdo WH0GzIhHT8ocv1VS6crpOHw9pQ+JMkIjoXiPDk+xiYOnWwiYo82fUgedHZVcaEgo 17SGuj0Tog5oouZPn3jnPXkpSgASE4w5E5du1djokrBI0T0AAdylFK4gvVgowI73 kcPFE24xvH4etXYuI8UzNeFTPuA4b+8= -----END CERTIFICATE-----Generated at Sun Oct 19 23:30:58 2025 by rpki-client