$ rpki-client -vvf rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft File: _whTCVKXG6BlIktSH1ZWO20hJO0.mft (raw, json) Hash identifier: k5IYoA0NKpTTRBJMYYIyz3yPAtzbhJ9c9N5pL7i5OtU= Subject key identifier: 20:D4:1C:7C:38:4B:47:F4:90:4D:14:A6:2B:90:E6:96:3B:6E:BB:2A Authority key identifier: FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED Certificate issuer: /CN=A917E475/serialNumber=FF08530952971BA065224B521F56563B6D2124ED Certificate serial: 0D36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft Manifest number: 0D30 Signing time: Sat 18 Oct 2025 18:43:03 +0000 Manifest this update: Sat 18 Oct 2025 18:43:03 +0000 Manifest next update: Sat 25 Oct 2025 18:43:03 +0000 Files and hashes: 1: _whTCVKXG6BlIktSH1ZWO20hJO0.crl (hash: w2DB1NX8ajbatrwBmBV2w4mAMZSb6BOLT6oaClN2S24=) 2: 3A8AC908E41C11E9AD4A8D16C4F9AE02.roa (hash: 7Dst7szyPWooV+5WFj8vI4oANvEvXDCaESLYXfhjMk0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:43:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3382 (0xd36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E475, serialNumber=FF08530952971BA065224B521F56563B6D2124ED Validity Not Before: Oct 18 18:43:03 2025 GMT Not After : Oct 25 18:43:03 2025 GMT Subject: CN=68f3dfb7-2611 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:98:dd:08:1b:b1:40:82:e1:e6:c4:6a:6c:5e:33: 4a:aa:5c:ce:31:1a:15:14:d1:51:cf:28:b3:4e:c4: be:b6:83:69:07:1c:8f:95:5c:52:ba:1a:d5:a4:ac: 34:9e:8a:3b:24:87:8a:18:5e:05:b0:0e:21:27:c9: 14:25:f3:c1:35:46:06:1f:9b:95:c9:32:dd:4e:57: 7f:68:7a:a1:37:1a:f7:ba:7e:c0:ff:eb:91:57:61: 4c:a3:30:d0:f6:1f:7f:97:21:12:f2:d7:53:e1:cf: 33:68:52:e1:79:ed:5c:39:ba:81:57:38:f2:a1:58: bd:26:56:90:72:05:1b:4d:73:8a:c4:62:5d:47:43: 17:3b:07:59:e3:8d:2d:1a:47:2c:24:6c:5e:b3:f8: 44:ef:d6:19:5a:d6:68:9c:66:4b:6b:5d:5d:32:5d: c0:0a:10:8d:cf:71:4b:4a:16:88:05:e2:3f:79:a8: cc:b5:60:0f:60:2a:6d:76:43:00:1f:bd:62:5e:f4: 5a:d1:1f:ed:1c:07:d7:80:ab:ad:8a:39:84:94:46: 7f:65:9f:8f:1b:db:1f:c2:ef:e9:79:2b:b2:c0:d1: 30:d8:92:88:9d:00:f9:5d:a9:9e:1f:94:14:3f:8b: 05:f1:83:a8:00:98:5f:8d:96:0a:73:ac:1d:eb:7e: 33:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:D4:1C:7C:38:4B:47:F4:90:4D:14:A6:2B:90:E6:96:3B:6E:BB:2A X509v3 Authority Key Identifier: keyid:FF:08:53:09:52:97:1B:A0:65:22:4B:52:1F:56:56:3B:6D:21:24:ED X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_whTCVKXG6BlIktSH1ZWO20hJO0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E475/DBFB3EB4E41A11E9AD79B811C4F9AE02/_whTCVKXG6BlIktSH1ZWO20hJO0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:a1:4f:60:06:7a:4d:a0:f1:79:f8:23:c7:23:f3:f1:76:8d: 63:88:18:99:06:e6:73:bd:90:af:c2:a9:15:d4:3c:99:b3:70: 74:33:e5:b3:3b:0b:51:37:7a:65:11:0e:6e:20:c4:d1:8c:fc: 20:67:3f:e3:59:cf:06:bb:e1:23:1b:33:be:4a:eb:77:fb:f7: 4c:0e:6e:e2:e2:f8:43:8c:44:e3:56:a0:db:2a:1a:8f:10:40: 18:69:26:e1:45:67:63:3f:6a:fe:4a:65:7b:e2:be:08:da:32: 28:93:a4:ff:f1:1b:78:7c:e1:19:83:d1:06:f9:6b:8f:35:0c: 23:c5:ce:00:73:c2:0f:11:90:bc:2c:be:ae:07:51:4e:26:f8: 94:e1:7e:0a:73:c0:ad:d1:03:d2:74:80:67:a7:98:b9:0b:d7: a5:df:69:c0:d4:ef:16:49:df:ab:1f:24:f9:f8:97:b6:00:c7: 3f:56:99:27:41:66:42:17:06:4c:e4:25:32:73:3f:85:57:5d: 95:8b:d0:da:9a:59:ad:22:cf:80:92:a1:37:65:7f:ea:d6:a4: f2:7a:d8:f9:ea:bc:ea:28:a4:16:04:88:a6:2e:3b:57:c8:b6: bf:6c:c9:9e:c7:40:e0:e6:db:60:ad:3c:42:ad:48:b3:b0:fa: 09:2d:63:75 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U0NzUxMTAvBgNVBAUTKEZGMDg1MzA5NTI5NzFCQTA2NTIyNEI1MjFGNTY1NjNC NkQyMTI0RUQwHhcNMjUxMDE4MTg0MzAzWhcNMjUxMDI1MTg0MzAzWjAYMRYwFAYD VQQDEw02OGYzZGZiNy0yNjExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmN0IG7FAguHmxGpsXjNKqlzOMRoVFNFRzyizTsS+toNpBxyPlVxSuhrVpKw0 noo7JIeKGF4FsA4hJ8kUJfPBNUYGH5uVyTLdTld/aHqhNxr3un7A/+uRV2FMozDQ 9h9/lyES8tdT4c8zaFLhee1cObqBVzjyoVi9JlaQcgUbTXOKxGJdR0MXOwdZ440t GkcsJGxes/hE79YZWtZonGZLa11dMl3AChCNz3FLShaIBeI/eajMtWAPYCptdkMA H71iXvRa0R/tHAfXgKutijmElEZ/ZZ+PG9sfwu/peSuywNEw2JKInQD5XameH5QU P4sF8YOoAJhfjZYKc6wd634zmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCDUHHw4 S0f0kE0UpiuQ5pY7brsqMB8GA1UdIwQYMBaAFP8IUwlSlxugZSJLUh9WVjttISTt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTQ3NS9EQkZCM0VCNEU0 MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2QmxJa3RTSDFaV08yMGhK TzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL193aFRDVktYRzZCbElrdFNIMVpXTzIwaEpPMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTQ3NS9EQkZCM0VCNEU0MUExMUU5QUQ3OUI4MTFDNEY5QUUwMi9fd2hUQ1ZLWEc2 QmxJa3RTSDFaV08yMGhKTzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtoU9gBnpNoPF5+CPHI/Pxdo1jiBiZBuZzvZCvwqkV1DyZs3B0M+Wz OwtRN3plEQ5uIMTRjPwgZz/jWc8Gu+EjGzO+Sut3+/dMDm7i4vhDjETjVqDbKhqP EEAYaSbhRWdjP2r+SmV74r4I2jIok6T/8Rt4fOEZg9EG+WuPNQwjxc4Ac8IPEZC8 LL6uB1FOJviU4X4Kc8Ct0QPSdIBnp5i5C9el32nA1O8WSd+rHyT5+Je2AMc/Vpkn QWZCFwZM5CUycz+FV12Vi9DamlmtIs+AkqE3ZX/q1qTyetj56rzqKKQWBIimLjtX yLa/bMmex0Dg5ttgrTxCrUizsPoJLWN1 -----END CERTIFICATE-----Generated at Mon Oct 20 10:34:50 2025 by rpki-client