$ rpki-client -vvf rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft File: XKzlv2VarPfLxicsXGl_N3oGzow.mft (raw, json) Hash identifier: WzyU2F4Y9zQyIdEm9rDlkTiBtteDhsnf4uzgujzBcKM= Subject key identifier: C6:67:E2:D5:D9:1A:08:52:F5:03:4A:3E:99:E0:D0:B4:CB:16:93:84 Authority key identifier: 5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C Certificate issuer: /CN=A917C9BF/serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Certificate serial: D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft Manifest number: D0 Signing time: Sun 19 Oct 2025 08:51:49 +0000 Manifest this update: Sun 19 Oct 2025 08:51:49 +0000 Manifest next update: Sun 26 Oct 2025 08:51:49 +0000 Files and hashes: 1: XKzlv2VarPfLxicsXGl_N3oGzow.crl (hash: 61irWOpTAK5ZpOYnlwGvbGYKkuyzCTQNoA9jWcFG2cY=) 2: 15875DC27B5E11EFAB71253BC4F9AE02.roa (hash: 0W2/njWu/4NeHHOITSUzSzI4ic/vgB1fnauNrzPM4sc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:51:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C9BF, serialNumber=5CACE5BF655AACF7CBC6272C5C697F377A06CE8C Validity Not Before: Oct 19 08:51:49 2025 GMT Not After : Oct 26 08:51:49 2025 GMT Subject: CN=68f4a6a5-06d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:84:dc:12:46:9d:e8:20:78:d1:7d:9a:b6:95: cd:a5:ed:5d:b3:32:0f:23:28:e6:06:1a:88:23:87: 5c:ea:ca:4d:b6:8f:4e:19:81:54:b7:d4:a3:28:12: 34:4e:80:91:0a:fb:05:a8:a6:cd:bb:f2:9d:13:e8: df:b5:21:22:ea:99:eb:7a:b7:91:ed:d6:28:0a:27: eb:33:f7:11:a7:5c:06:93:ac:59:ae:d3:7e:9c:5b: 3f:fa:cb:44:3d:0b:48:fc:7a:ce:c9:4f:e4:88:ca: 88:76:43:00:a4:fc:6e:51:c8:14:44:b4:9c:9f:77: 7e:13:56:e7:ce:92:b4:4b:ec:fe:d8:6c:ee:8c:d4: 18:11:7c:c6:6b:38:86:94:a5:7d:11:79:87:61:f2: 40:2b:c8:36:2d:3f:5b:72:74:53:1c:24:8b:bb:60: 9e:63:c9:dc:60:88:82:74:e0:9f:90:e6:6f:1c:4d: 4e:60:ea:42:17:a6:de:42:cd:26:f7:1a:7f:f1:d6: 4e:12:fb:1a:7c:d5:c4:7c:04:e2:d1:32:97:7a:43: f1:f2:2d:d9:f9:b7:10:c7:97:d0:09:19:07:a3:00: d7:ca:24:54:36:82:17:b3:7b:3e:3b:74:63:cd:3b: ce:e5:dd:61:a1:93:2b:00:08:08:e8:7a:58:4b:21: 18:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:67:E2:D5:D9:1A:08:52:F5:03:4A:3E:99:E0:D0:B4:CB:16:93:84 X509v3 Authority Key Identifier: keyid:5C:AC:E5:BF:65:5A:AC:F7:CB:C6:27:2C:5C:69:7F:37:7A:06:CE:8C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XKzlv2VarPfLxicsXGl_N3oGzow.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C9BF/BE1D4A347B4D11EFB0236C78C4F9AE02/XKzlv2VarPfLxicsXGl_N3oGzow.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:71:d9:03:8e:7a:e7:a3:23:e1:b3:fd:c1:98:e5:cb:08:d3: 4a:5d:eb:05:f0:f0:e0:0a:a7:20:44:8a:bc:2b:7c:b2:51:a4: d6:e2:e1:3e:7b:3c:df:24:8f:19:5b:dc:ad:e6:1c:ea:43:4d: 52:e7:9e:63:bd:7a:71:dc:94:e6:bf:6b:97:fa:bb:13:ff:80: 07:00:0a:99:8f:4b:cf:e7:37:6d:da:d3:16:71:ce:88:ed:ff: 50:d5:30:53:c4:0f:b1:92:2f:c8:a6:dd:92:08:6e:4b:48:12: 5e:c3:c8:ab:d0:33:67:e4:0b:1f:88:92:d3:74:d8:b2:0a:24: 6f:89:e8:2b:50:61:2e:88:af:29:7c:33:66:07:c2:4a:ec:f7: 8b:d5:59:dc:a1:ea:9e:cb:90:65:8b:a8:1b:04:95:23:8e:65: c5:bd:e5:49:4c:91:0f:c2:7d:2a:62:e1:dc:66:48:34:4a:79: 71:4f:e9:e4:c7:18:e3:31:0c:6f:6f:d8:f2:26:ce:f1:f8:07: 2d:0f:5a:1c:28:4d:77:32:68:fc:99:2b:5a:d1:2a:7e:0e:33: 5d:40:42:a2:4e:7d:b8:ac:3d:dc:e8:54:55:e0:e9:7b:b8:52: ea:b8:a7:fe:24:aa:9b:42:7a:cd:61:18:48:02:fc:cd:64:bb: ac:7a:fb:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M5QkYxMTAvBgNVBAUTKDVDQUNFNUJGNjU1QUFDRjdDQkM2MjcyQzVDNjk3RjM3 N0EwNkNFOEMwHhcNMjUxMDE5MDg1MTQ5WhcNMjUxMDI2MDg1MTQ5WjAYMRYwFAYD VQQDEw02OGY0YTZhNS0wNmQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsoTcEkad6CB40X2atpXNpe1dszIPIyjmBhqII4dc6spNto9OGYFUt9SjKBI0 ToCRCvsFqKbNu/KdE+jftSEi6pnrereR7dYoCifrM/cRp1wGk6xZrtN+nFs/+stE PQtI/HrOyU/kiMqIdkMApPxuUcgURLScn3d+E1bnzpK0S+z+2GzujNQYEXzGaziG lKV9EXmHYfJAK8g2LT9bcnRTHCSLu2CeY8ncYIiCdOCfkOZvHE1OYOpCF6beQs0m 9xp/8dZOEvsafNXEfATi0TKXekPx8i3Z+bcQx5fQCRkHowDXyiRUNoIXs3s+O3Rj zTvO5d1hoZMrAAgI6HpYSyEYYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMZn4tXZ GghS9QNKPpng0LTLFpOEMB8GA1UdIwQYMBaAFFys5b9lWqz3y8YnLFxpfzd6Bs6M MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzlCRi9CRTFENEEzNDdC NEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQZkx4aWNzWEdsX04zb0d6 b3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hLemx2MlZhclBmTHhpY3NYR2xfTjNvR3pvdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzlCRi9CRTFENEEzNDdCNEQxMUVGQjAyMzZDNzhDNEY5QUUwMi9YS3psdjJWYXJQ Zkx4aWNzWEdsX04zb0d6b3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+cdkDjnrnoyPhs/3BmOXLCNNKXesF8PDgCqcgRIq8K3yyUaTW4uE+ ezzfJI8ZW9yt5hzqQ01S555jvXpx3JTmv2uX+rsT/4AHAAqZj0vP5zdt2tMWcc6I 7f9Q1TBTxA+xki/Ipt2SCG5LSBJew8ir0DNn5AsfiJLTdNiyCiRviegrUGEuiK8p fDNmB8JK7PeL1Vncoeqey5Bli6gbBJUjjmXFveVJTJEPwn0qYuHcZkg0SnlxT+nk xxjjMQxvb9jyJs7x+ActD1ocKE13Mmj8mSta0Sp+DjNdQEKiTn24rD3c6FRV4Ol7 uFLquKf+JKqbQnrNYRhIAvzNZLusevt/ -----END CERTIFICATE-----Generated at Sun Oct 19 23:33:38 2025 by rpki-client