$ rpki-client -vvf rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft File: 09Fa7ppPiuXCgRCKfS062B1Oec0.mft (raw, json) Hash identifier: rKOXnDQ8yeY4slB7rKdoZAZXngJxrMTrQDI0e/2FBTY= Subject key identifier: 91:BE:53:1E:B9:44:00:03:89:FA:86:B3:8D:E0:6B:A8:FD:9E:96:54 Authority key identifier: D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD Certificate issuer: /CN=A91397C2/serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Certificate serial: 084C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft Manifest number: 0823 Signing time: Sat 18 Oct 2025 22:11:29 +0000 Manifest this update: Sat 18 Oct 2025 22:11:28 +0000 Manifest next update: Sat 25 Oct 2025 22:11:28 +0000 Files and hashes: 1: 09Fa7ppPiuXCgRCKfS062B1Oec0.crl (hash: pIv/+nPAekCGYtZiaGFCMl7qDd5nv9ArdLUUW7h8uzo=) 2: 0C64C6B2821011F0B329B866C4F9AE02.roa (hash: D2PIDDhjMLrJzP//kuZEMaof293KC1FejYs4Z1FlT9g=) 3: 29BC840E002711EB8FA6A142C4F9AE02.roa (hash: RVujGjgRtNml2s4B1MbyglZHc1wuuQ8z+GSwbNfvR2o=) 4: C3738F60A78511F0B1D3342CC4F9AE02.roa (hash: doeraFCMJ4YY06qP/CyZ7CStviCw2H65v541coUCoQs=) 5: BE79CDCE16AF11F08B8C4061C4F9AE02.roa (hash: AjNKnPWs+wQxA57p7oeqhPGR6IMIStHtSJ7A+NHTTwU=) 6: 7F9EB0A28CF111F09EC8727CC4F9AE02.roa (hash: BxPajmDdLGfIydsWc2EIPgDs9jrVdPhKlvGIPc4xwYE=) 7: 3AA556009A8411EFB791ED77C4F9AE02.roa (hash: vJqvl3p3GZGjPo1+bFOu/lz3UGNmQtiNtsOQmfP7QoU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:11:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2124 (0x84c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91397C2, serialNumber=D3D15AEE9A4F8AE5C281108A7D2D3AD81D4E79CD Validity Not Before: Oct 18 22:11:28 2025 GMT Not After : Oct 25 22:11:28 2025 GMT Subject: CN=68f41090-4498 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:88:9a:35:32:1b:de:c0:37:24:f2:aa:d6:c0: 06:a0:7f:aa:20:31:f5:ab:6a:b4:c3:4a:1d:a9:08: 1e:b3:0b:d9:4f:dc:b6:59:e5:d9:e5:7e:f0:d2:5d: 79:cf:04:66:69:64:9d:20:79:28:3d:cb:d7:f3:3f: 77:c3:5c:bc:38:f1:e9:75:cf:ed:4b:11:8e:c4:1b: fc:2b:76:36:ab:66:93:98:6d:eb:33:5e:67:89:f1: 13:a6:8b:54:dd:df:bc:3b:a2:94:de:1c:e1:c9:06: 3c:cb:f3:01:5f:bb:14:bb:81:52:d4:b8:78:ba:b3: 92:b6:e7:88:7f:41:7d:6e:4d:c2:67:12:c4:ae:2a: ac:0a:90:e8:de:1e:d0:50:7c:76:83:19:2d:8d:12: 5e:74:99:73:73:35:94:77:df:6c:94:5e:61:e1:64: 85:1e:5f:bd:d3:ef:38:ce:24:62:c4:c2:37:7e:0f: a4:e3:ea:e1:5d:a0:e1:9c:19:74:da:a5:62:56:ec: 7b:c2:1d:8c:ef:03:cb:fc:07:00:53:8e:71:81:3e: 41:1e:33:b5:25:ae:63:78:1b:c7:8c:d9:a4:8b:88: ac:1b:88:3f:5c:6c:c5:d5:c0:6d:e8:3f:9b:96:0f: 7b:c7:42:c8:99:fd:b9:63:19:bf:b6:e1:a2:e0:9b: 5e:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:BE:53:1E:B9:44:00:03:89:FA:86:B3:8D:E0:6B:A8:FD:9E:96:54 X509v3 Authority Key Identifier: keyid:D3:D1:5A:EE:9A:4F:8A:E5:C2:81:10:8A:7D:2D:3A:D8:1D:4E:79:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/09Fa7ppPiuXCgRCKfS062B1Oec0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91397C2/4E426DE8FBEA11EA940A1D19C4F9AE02/09Fa7ppPiuXCgRCKfS062B1Oec0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:6b:dd:a7:ab:7d:e9:47:10:51:4a:cd:ca:7a:ef:09:76:be: 1c:db:9e:cd:b7:b6:d3:df:31:01:d3:76:8d:d9:b7:25:89:3f: 9d:a7:61:d2:58:c4:99:bf:ed:86:40:c0:5a:5a:34:b4:43:b3: 3f:bb:4e:b8:21:cc:10:6c:9e:56:a0:fd:bd:6b:a1:c0:14:33: 54:38:bf:20:c0:96:72:12:2a:0c:e7:22:53:1a:42:d1:5c:6e: 74:80:92:c3:3d:3f:f2:7c:6e:9a:76:03:6c:51:9e:f9:aa:f1: f5:ff:aa:14:55:11:61:60:5f:3d:92:05:ab:d2:1d:1e:7b:48: 97:65:43:64:4c:72:8f:b4:57:31:d8:55:6d:67:92:01:48:91: 68:bc:4a:0a:7e:e5:05:dd:1b:f0:ed:af:f7:45:10:87:fd:87: 17:ec:53:99:4a:bb:f0:df:d7:22:60:cc:5b:2e:57:3e:c3:a1: c5:0a:3a:fe:13:4b:2e:4f:17:91:74:f8:77:c8:25:ac:66:b7: f9:78:55:3e:29:e8:13:07:a2:0e:a5:a4:9d:71:46:96:e6:71: 27:0f:19:ed:99:d6:38:e0:21:67:64:f7:b5:d7:2c:0e:b9:99: db:19:9b:a0:1f:4f:a1:31:e4:2c:26:d2:4f:b3:dc:71:ca:38: 7b:39:91:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCEwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mzk3QzIxMTAvBgNVBAUTKEQzRDE1QUVFOUE0RjhBRTVDMjgxMTA4QTdEMkQzQUQ4 MUQ0RTc5Q0QwHhcNMjUxMDE4MjIxMTI4WhcNMjUxMDI1MjIxMTI4WjAYMRYwFAYD VQQDEw02OGY0MTA5MC00NDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtYiaNTIb3sA3JPKq1sAGoH+qIDH1q2q0w0odqQgeswvZT9y2WeXZ5X7w0l15 zwRmaWSdIHkoPcvX8z93w1y8OPHpdc/tSxGOxBv8K3Y2q2aTmG3rM15nifETpotU 3d+8O6KU3hzhyQY8y/MBX7sUu4FS1Lh4urOStueIf0F9bk3CZxLEriqsCpDo3h7Q UHx2gxktjRJedJlzczWUd99slF5h4WSFHl+90+84ziRixMI3fg+k4+rhXaDhnBl0 2qViVux7wh2M7wPL/AcAU45xgT5BHjO1Ja5jeBvHjNmki4isG4g/XGzF1cBt6D+b lg97x0LImf25Yxm/tuGi4JteuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJG+Ux65 RAADifqGs43ga6j9npZUMB8GA1UdIwQYMBaAFNPRWu6aT4rlwoEQin0tOtgdTnnN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTdDMi80RTQyNkRFOEZC RUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1WENnUkNLZlMwNjJCMU9l YzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzA5RmE3cHBQaXVYQ2dSQ0tmUzA2MkIxT2VjMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OTdDMi80RTQyNkRFOEZCRUExMUVBOTQwQTFEMTlDNEY5QUUwMi8wOUZhN3BwUGl1 WENnUkNLZlMwNjJCMU9lYzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCa92nq33pRxBRSs3Keu8Jdr4c257Nt7bT3zEB03aN2bcliT+dp2HS WMSZv+2GQMBaWjS0Q7M/u064IcwQbJ5WoP29a6HAFDNUOL8gwJZyEioM5yJTGkLR XG50gJLDPT/yfG6adgNsUZ75qvH1/6oUVRFhYF89kgWr0h0ee0iXZUNkTHKPtFcx 2FVtZ5IBSJFovEoKfuUF3Rvw7a/3RRCH/YcX7FOZSrvw39ciYMxbLlc+w6HFCjr+ E0suTxeRdPh3yCWsZrf5eFU+KegTB6IOpaSdcUaW5nEnDxntmdY44CFnZPe11ywO uZnbGZugH0+hMeQsJtJPs9xxyjh7OZGW -----END CERTIFICATE-----Generated at Mon Oct 20 04:20:51 2025 by rpki-client