$ rpki-client -vvf rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft File: XctT6r5qkI7KhlLekkgHxQnFLTA.mft (raw, json) Hash identifier: 6lQbrv4A9+BukLlyEmCo5GHUlJxa9tFcnwf2ANO8SCI= Subject key identifier: 3A:0D:9D:93:C0:5E:CC:74:C1:FB:E7:95:7D:21:E6:42:19:0E:41:4B Authority key identifier: 5D:CB:53:EA:BE:6A:90:8E:CA:86:52:DE:92:48:07:C5:09:C5:2D:30 Certificate issuer: /CN=A918560D/serialNumber=5DCB53EABE6A908ECA8652DE924807C509C52D30 Certificate serial: 0D36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft Manifest number: 0D2C Signing time: Sat 18 Oct 2025 18:43:44 +0000 Manifest this update: Sat 18 Oct 2025 18:43:44 +0000 Manifest next update: Sat 25 Oct 2025 18:43:44 +0000 Files and hashes: 1: XctT6r5qkI7KhlLekkgHxQnFLTA.crl (hash: Rz9o/JCKvUl529yYP9CzZ0NvndBgHl40NgYHtJpov+E=) 2: 41A8E738045111EA9C7DF516C4F9AE02.roa (hash: t9j99ouqyAO1DSlTWOraKVE9DSXzBdaScfcUdlzhboc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.crl rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:43:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3382 (0xd36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918560D, serialNumber=5DCB53EABE6A908ECA8652DE924807C509C52D30 Validity Not Before: Oct 18 18:43:44 2025 GMT Not After : Oct 25 18:43:44 2025 GMT Subject: CN=68f3dfe0-d2df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1f:1e:a3:ff:c8:ba:e1:cf:01:7b:3f:50:9f: 33:37:9c:f2:23:65:54:9f:85:94:9f:71:eb:bb:6c: 9e:d9:95:e9:49:4a:66:87:35:bb:a8:68:d4:3c:59: 7c:0d:f9:af:0a:06:df:7d:c0:72:38:4a:4a:01:08: 16:a4:40:24:63:c9:a7:b1:e9:a8:1d:76:c6:3b:79: f2:b8:69:1b:1a:69:bb:53:3e:bd:b4:1e:4c:a0:6e: 9a:ba:b2:e2:77:d6:ce:61:4e:3b:57:7b:c5:32:a0: 02:39:33:5d:d2:cb:b8:fe:e6:b2:91:22:43:a6:26: 2c:aa:96:e3:48:eb:50:41:e2:4e:40:95:81:a0:3e: bc:01:fb:b5:a1:44:c2:25:a6:8c:8a:37:fe:f1:48: bf:fb:ad:a7:91:ac:15:d6:33:0a:77:5a:07:70:32: 90:fa:98:ec:06:d0:2d:6d:54:be:cb:a1:48:3f:88: d7:e0:ab:c4:b2:dd:d7:d2:13:4d:05:21:7f:b8:97: be:b7:d3:c2:51:d6:39:11:49:fb:20:d9:b3:f5:21: ba:33:ec:03:50:51:e5:57:93:85:cd:86:cb:aa:87: 17:f8:0d:5b:5d:57:43:06:83:11:6a:95:bd:46:46: d5:d2:11:5d:de:43:f9:e7:f9:4d:af:df:69:9b:90: 85:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:0D:9D:93:C0:5E:CC:74:C1:FB:E7:95:7D:21:E6:42:19:0E:41:4B X509v3 Authority Key Identifier: keyid:5D:CB:53:EA:BE:6A:90:8E:CA:86:52:DE:92:48:07:C5:09:C5:2D:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XctT6r5qkI7KhlLekkgHxQnFLTA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918560D/F5DCA6D4E5B811E98A76120EC4F9AE02/XctT6r5qkI7KhlLekkgHxQnFLTA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:b6:93:32:f6:84:56:11:6a:de:5c:2f:ae:7e:ea:e7:27:61: cf:47:c2:d7:3d:cc:c1:a9:25:c5:14:43:cb:b3:38:a3:64:ca: af:47:e3:de:b4:52:8d:6b:41:83:d3:a6:87:40:a2:32:1f:0f: 26:0a:16:55:4b:d1:05:69:82:ff:83:4a:9e:2c:4d:73:d2:b8: 8e:a5:31:35:ca:42:be:5d:cb:75:c1:83:f0:32:f2:a8:c0:30: fb:55:67:54:84:8f:cc:a1:40:5b:11:fc:4b:e9:29:86:3e:bb: 8c:3e:8c:7c:21:45:92:36:e8:ba:b3:38:e9:11:56:00:d0:1f: 77:3c:44:b5:a8:59:3e:42:c7:19:8a:98:ee:b9:c9:c3:5c:8b: b0:7b:87:66:6c:00:64:54:a5:bd:3c:62:0b:81:f7:60:c5:bc: fc:41:53:ba:1b:ef:f3:a2:59:a2:08:12:5d:a9:e5:d1:d7:c9: 88:e8:d3:91:3f:ce:ef:ed:16:3b:56:21:7f:0f:94:4b:18:45: 80:b5:69:16:4c:24:c2:fc:a3:63:1c:1f:61:a7:5b:b9:05:4f: ac:ba:ea:c5:df:c2:8d:06:0b:e6:50:3d:fd:17:e6:79:11:f8: 18:c0:a8:2f:32:13:9f:53:77:97:73:88:f2:29:dc:20:54:d9: bd:ba:7d:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDTYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODU2MEQxMTAvBgNVBAUTKDVEQ0I1M0VBQkU2QTkwOEVDQTg2NTJERTkyNDgwN0M1 MDlDNTJEMzAwHhcNMjUxMDE4MTg0MzQ0WhcNMjUxMDI1MTg0MzQ0WjAYMRYwFAYD VQQDEw02OGYzZGZlMC1kMmRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwh8eo//IuuHPAXs/UJ8zN5zyI2VUn4WUn3Hru2ye2ZXpSUpmhzW7qGjUPFl8 DfmvCgbffcByOEpKAQgWpEAkY8mnsemoHXbGO3nyuGkbGmm7Uz69tB5MoG6aurLi d9bOYU47V3vFMqACOTNd0su4/uaykSJDpiYsqpbjSOtQQeJOQJWBoD68Afu1oUTC JaaMijf+8Ui/+62nkawV1jMKd1oHcDKQ+pjsBtAtbVS+y6FIP4jX4KvEst3X0hNN BSF/uJe+t9PCUdY5EUn7INmz9SG6M+wDUFHlV5OFzYbLqocX+A1bXVdDBoMRapW9 RkbV0hFd3kP55/lNr99pm5CFLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDoNnZPA Xsx0wfvnlX0h5kIZDkFLMB8GA1UdIwQYMBaAFF3LU+q+apCOyoZS3pJIB8UJxS0w MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTYwRC9GNURDQTZENEU1 QjgxMUU5OEE3NjEyMEVDNEY5QUUwMi9YY3RUNnI1cWtJN0tobExla2tnSHhRbkZM VEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hjdFQ2cjVxa0k3S2hsTGVra2dIeFFuRkxUQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NTYwRC9GNURDQTZENEU1QjgxMUU5OEE3NjEyMEVDNEY5QUUwMi9YY3RUNnI1cWtJ N0tobExla2tnSHhRbkZMVEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2tpMy9oRWEWreXC+ufurnJ2HPR8LXPczBqSXFFEPLszijZMqvR+Pe tFKNa0GD06aHQKIyHw8mChZVS9EFaYL/g0qeLE1z0riOpTE1ykK+Xct1wYPwMvKo wDD7VWdUhI/MoUBbEfxL6SmGPruMPox8IUWSNui6szjpEVYA0B93PES1qFk+QscZ ipjuucnDXIuwe4dmbABkVKW9PGILgfdgxbz8QVO6G+/zolmiCBJdqeXR18mI6NOR P87v7RY7ViF/D5RLGEWAtWkWTCTC/KNjHB9hp1u5BU+suurF38KNBgvmUD39F+Z5 EfgYwKgvMhOfU3eXc4jyKdwgVNm9un2J -----END CERTIFICATE-----Generated at Mon Oct 20 13:49:16 2025 by rpki-client