$ rpki-client -vvf rpki.apnic.net/member_repository/A918EF87/3400802238B311F091418086C4F9AE02/XsX7M07lK5AJy5I8aTvSDwR4oUQ.mft File: XsX7M07lK5AJy5I8aTvSDwR4oUQ.mft (raw, json) Hash identifier: uhHM/oMO0X8Y6qcwT4rHBauqNk/i0FY2qacn+xI9Hvo= Subject key identifier: DC:AA:7B:C3:40:4F:94:E1:B4:9E:48:4B:FD:E1:9B:9A:23:6E:22:63 Authority key identifier: 5E:C5:FB:33:4E:E5:2B:90:09:CB:92:3C:69:3B:D2:0F:04:78:A1:44 Certificate issuer: /CN=A918EF87/serialNumber=5EC5FB334EE52B9009CB923C693BD20F0478A144 Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XsX7M07lK5AJy5I8aTvSDwR4oUQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918EF87/3400802238B311F091418086C4F9AE02/XsX7M07lK5AJy5I8aTvSDwR4oUQ.mft Manifest number: 4C Signing time: Sun 19 Oct 2025 10:43:42 +0000 Manifest this update: Sun 19 Oct 2025 10:43:41 +0000 Manifest next update: Sun 26 Oct 2025 10:43:41 +0000 Files and hashes: 1: XsX7M07lK5AJy5I8aTvSDwR4oUQ.crl (hash: vbl7EctTh0ArARSU5asKkc0gfcY1Hu+YbkGFnN2Xwo4=) 2: C053613E38B311F08DB63209C4F9AE02.roa (hash: uKfaLXcOCNJdE2XGkLLuO2/nisMUjVXsuFOacDhWkTw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918EF87/3400802238B311F091418086C4F9AE02/XsX7M07lK5AJy5I8aTvSDwR4oUQ.crl rsync://rpki.apnic.net/member_repository/A918EF87/3400802238B311F091418086C4F9AE02/XsX7M07lK5AJy5I8aTvSDwR4oUQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XsX7M07lK5AJy5I8aTvSDwR4oUQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:43:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918EF87, serialNumber=5EC5FB334EE52B9009CB923C693BD20F0478A144 Validity Not Before: Oct 19 10:43:41 2025 GMT Not After : Oct 26 10:43:41 2025 GMT Subject: CN=68f4c0dd-1453 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:93:5b:53:d2:e0:74:24:4d:de:f2:de:79:c8: 9d:1f:9b:6b:07:85:01:bc:8f:2c:2c:3a:d1:c8:ee: bb:e7:bc:90:d0:20:71:91:13:e8:83:95:b3:cc:4e: 0b:2a:28:a1:ca:ed:7f:d0:17:de:05:fc:a1:7e:e8: ea:f6:31:47:38:0c:3a:24:12:11:0f:8b:f9:63:41: b6:7d:4e:b9:cd:5e:56:55:4b:e0:ab:c6:dd:1e:87: 3e:1a:e9:dd:e4:03:1a:b7:36:49:99:ec:e5:66:6c: fd:a6:18:92:fd:66:cd:ef:6f:9a:2d:af:d4:1f:4c: ae:43:ee:84:fa:fb:a4:f7:f6:24:84:d9:1e:57:41: 1b:3d:6c:67:9f:b5:35:ae:13:1b:97:09:6a:0f:7c: a5:dd:c7:6a:d1:3f:ca:1a:4e:c5:65:05:d7:47:e4: 7d:6a:af:3b:fe:df:33:8f:e0:7e:df:9b:71:d1:7a: b9:2a:1b:98:58:09:02:29:3d:f1:8f:bf:71:31:f1: b8:e3:7d:b1:83:39:89:26:02:46:6a:85:02:d0:1a: c6:cc:e1:5a:a8:ef:0e:2e:25:eb:b7:d6:f3:f4:9e: bd:00:65:98:08:b3:0d:7a:80:bb:7e:3f:65:8b:57: 25:8b:9a:55:f8:7f:7c:2e:b1:7e:7f:5c:a5:11:26: b4:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:AA:7B:C3:40:4F:94:E1:B4:9E:48:4B:FD:E1:9B:9A:23:6E:22:63 X509v3 Authority Key Identifier: keyid:5E:C5:FB:33:4E:E5:2B:90:09:CB:92:3C:69:3B:D2:0F:04:78:A1:44 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918EF87/3400802238B311F091418086C4F9AE02/XsX7M07lK5AJy5I8aTvSDwR4oUQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/XsX7M07lK5AJy5I8aTvSDwR4oUQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918EF87/3400802238B311F091418086C4F9AE02/XsX7M07lK5AJy5I8aTvSDwR4oUQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:f6:33:66:88:ad:cf:fb:39:cf:bb:f4:76:7d:4e:61:f4:cb: 49:3a:66:f2:ca:ba:98:5a:1b:db:a9:59:23:39:c3:ac:28:53: 88:30:b9:d8:94:c4:74:c3:93:6f:f8:26:d2:bc:f3:15:38:07: 5c:7b:a2:a1:51:d7:56:e1:91:e8:94:3b:37:ee:18:7b:a8:a1: 7f:5d:95:e7:19:92:ed:b8:2b:c5:41:97:91:bd:1e:cd:d5:2f: ca:8d:be:65:9b:85:2f:11:9d:56:71:4d:4d:3c:62:1b:ed:ba: 5e:6f:cf:03:d7:13:a1:21:09:7e:28:e8:41:83:15:58:eb:83: 7c:9c:75:1e:35:7c:25:52:9f:ea:44:09:dc:39:57:1b:05:04: 24:d7:cf:19:27:12:0a:61:17:12:5e:45:92:9f:15:38:1e:b2: 3b:04:5a:95:7f:e3:73:d7:f7:df:1f:50:c6:62:0d:0c:3f:7f: 50:eb:9b:7d:44:57:3f:84:28:e9:e0:26:57:a1:73:29:9b:46: 97:7b:e1:60:8a:37:3d:be:f5:ad:5a:49:1b:61:75:37:a5:26: 21:3b:16:99:e0:1e:a6:59:b6:ad:44:a3:c0:d3:ee:0f:cc:fc: 4f:55:03:19:4c:c3:29:90:5c:4e:01:78:5e:da:59:13:bb:35: 73:a4:f1:32 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 RUY4NzExMC8GA1UEBRMoNUVDNUZCMzM0RUU1MkI5MDA5Q0I5MjNDNjkzQkQyMEYw NDc4QTE0NDAeFw0yNTEwMTkxMDQzNDFaFw0yNTEwMjYxMDQzNDFaMBgxFjAUBgNV BAMTDTY4ZjRjMGRkLTE0NTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDDk1tT0uB0JE3e8t55yJ0fm2sHhQG8jywsOtHI7rvnvJDQIHGRE+iDlbPMTgsq KKHK7X/QF94F/KF+6Or2MUc4DDokEhEPi/ljQbZ9TrnNXlZVS+Crxt0ehz4a6d3k Axq3NkmZ7OVmbP2mGJL9Zs3vb5otr9QfTK5D7oT6+6T39iSE2R5XQRs9bGeftTWu ExuXCWoPfKXdx2rRP8oaTsVlBddH5H1qrzv+3zOP4H7fm3HRerkqG5hYCQIpPfGP v3Ex8bjjfbGDOYkmAkZqhQLQGsbM4Vqo7w4uJeu31vP0nr0AZZgIsw16gLt+P2WL VyWLmlX4f3wusX5/XKURJrR1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU3Kp7w0BP lOG0nkhL/eGbmiNuImMwHwYDVR0jBBgwFoAUXsX7M07lK5AJy5I8aTvSDwR4oUQw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThFRjg3LzM0MDA4MDIyMzhC MzExRjA5MTQxODA4NkM0RjlBRTAyL1hzWDdNMDdsSzVBSnk1SThhVHZTRHdSNG9V US5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWHNYN00wN2xLNUFKeTVJOGFUdlNEd1I0b1VRLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThF Rjg3LzM0MDA4MDIyMzhCMzExRjA5MTQxODA4NkM0RjlBRTAyL1hzWDdNMDdsSzVB Snk1SThhVHZTRHdSNG9VUS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAE/2M2aIrc/7Oc+79HZ9TmH0y0k6ZvLKuphaG9upWSM5w6woU4gwudiU xHTDk2/4JtK88xU4B1x7oqFR11bhkeiUOzfuGHuooX9dlecZku24K8VBl5G9Hs3V L8qNvmWbhS8RnVZxTU08Yhvtul5vzwPXE6EhCX4o6EGDFVjrg3ycdR41fCVSn+pE Cdw5VxsFBCTXzxknEgphFxJeRZKfFTgesjsEWpV/43PX998fUMZiDQw/f1Drm31E Vz+EKOngJlehcymbRpd74WCKNz2+9a1aSRthdTelJiE7FpngHqZZtq1Eo8DT7g/M /E9VAxlMwymQXE4BeF7aWRO7NXOk8TI= -----END CERTIFICATE-----Generated at Tue Oct 21 02:15:27 2025 by rpki-client