$ rpki-client -vvf rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft File: D0a9vHSQTl34KfAVlbUcqqIBuds.mft (raw, json) Hash identifier: LDuTEAwNl5QcJCpZxZOpMbaI+B7NwScBSwVgPnHoeYw= Subject key identifier: 89:D2:C6:CA:10:96:E6:86:DB:F9:C5:CB:82:EF:B3:2C:0A:40:22:35 Authority key identifier: 0F:46:BD:BC:74:90:4E:5D:F8:29:F0:15:95:B5:1C:AA:A2:01:B9:DB Certificate issuer: /CN=A91449E2/serialNumber=0F46BDBC74904E5DF829F01595B51CAAA201B9DB Certificate serial: 01CD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D0a9vHSQTl34KfAVlbUcqqIBuds.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft Manifest number: 01CA Signing time: Sun 19 Oct 2025 05:20:50 +0000 Manifest this update: Sun 19 Oct 2025 05:20:49 +0000 Manifest next update: Sun 26 Oct 2025 05:20:49 +0000 Files and hashes: 1: D0a9vHSQTl34KfAVlbUcqqIBuds.crl (hash: dRe+UV1PRzRD+7HDbnCwHZk5Oep4TkRONzOS2NTCErk=) 2: 568D8AACF00511ED9239BC6EC4F9AE02.roa (hash: INPCDc0DcqgC408Ka6XEyt5LGDqlBDYRzaUMMyrzKIM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.crl rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D0a9vHSQTl34KfAVlbUcqqIBuds.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:20:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 461 (0x1cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91449E2, serialNumber=0F46BDBC74904E5DF829F01595B51CAAA201B9DB Validity Not Before: Oct 19 05:20:49 2025 GMT Not After : Oct 26 05:20:49 2025 GMT Subject: CN=68f47531-ba85 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:99:03:72:1d:68:dc:83:f0:31:7d:d9:f9:51: c1:df:61:43:f6:fa:7f:e1:d1:81:f7:01:0d:3b:14: f6:e9:37:7a:32:f6:e3:37:00:c5:52:f5:d3:a0:d3: ca:c7:55:96:df:b1:a1:63:b2:b9:16:ca:f7:09:ea: 8a:f5:1a:5c:07:37:ef:a2:97:fb:25:b8:3e:e7:8e: b4:53:fc:73:ba:cc:2f:46:74:64:0a:1a:8c:6d:9f: 4e:d8:b0:9d:fa:fc:eb:de:38:20:41:05:21:ef:35: c0:8e:d2:aa:4e:23:93:76:29:16:56:d7:34:1f:23: 8e:cd:72:a0:b6:d9:5c:b3:70:bb:56:14:b9:b3:4e: fa:2a:81:06:66:a3:ef:5d:bc:84:80:65:f6:66:1a: 9a:6b:7f:5a:66:a2:52:f8:a7:95:07:a8:09:49:e2: 7e:23:c6:c3:93:ec:31:49:a3:72:d6:9c:fa:4a:fe: a1:0c:17:15:a8:7d:4d:73:32:aa:a9:c1:5e:c4:8c: 2e:09:e4:10:98:d3:ff:4c:99:b9:a1:9f:75:93:ff: 25:e8:d9:6d:f0:66:80:41:58:5e:63:50:34:e3:4a: 1b:39:ff:33:ea:b2:e7:f8:13:55:95:21:5e:45:8f: 0d:f4:ec:50:9a:ba:d8:46:e0:e7:ef:34:ae:d3:a5: 4d:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:D2:C6:CA:10:96:E6:86:DB:F9:C5:CB:82:EF:B3:2C:0A:40:22:35 X509v3 Authority Key Identifier: keyid:0F:46:BD:BC:74:90:4E:5D:F8:29:F0:15:95:B5:1C:AA:A2:01:B9:DB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D0a9vHSQTl34KfAVlbUcqqIBuds.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91449E2/B6443384EFFF11ED8556EE54C4F9AE02/D0a9vHSQTl34KfAVlbUcqqIBuds.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:03:0d:72:44:ad:11:b3:38:0c:e6:0d:6b:f6:a1:d2:71:a8: e2:df:b6:30:b3:80:3e:29:a2:3f:2c:41:c7:a3:e9:25:6d:40: 40:ab:a4:75:02:af:c5:45:cb:a3:c3:16:2b:b6:3f:b7:b3:65: 19:4b:c8:7f:0a:cc:d0:18:e5:b3:69:60:06:f2:87:4a:72:f7: 57:10:35:51:8c:76:b0:17:e8:fa:d8:15:1f:37:db:6b:f7:ab: d5:a5:4f:8c:f0:0d:25:57:7c:e4:41:e0:2f:21:3e:51:72:8a: 17:fa:34:a3:46:16:21:dd:ef:e2:d8:f8:ad:ce:e2:cb:d6:c2: 6d:c6:fe:9c:57:b2:f6:d2:55:81:b7:df:28:a5:92:a2:67:88: a5:90:53:c3:5c:ac:5f:e8:9a:b0:54:55:8a:8c:0f:bc:2c:89: 0f:b9:ce:ca:3e:41:80:98:fa:be:8d:a4:8f:d5:0d:fa:70:01: e3:a2:c4:9d:f6:22:5b:51:62:df:40:37:be:ee:6f:1f:60:30: be:f1:84:c6:f4:d3:48:9b:70:33:c5:86:26:f3:f4:20:13:54: b2:55:f7:06:20:f2:d6:dd:dd:ef:01:ba:17:9d:85:f1:51:de: 23:64:1e:7e:a2:39:5f:7d:9f:b4:86:63:bf:ad:6f:44:85:08: 6f:4a:92:ae -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDQ5RTIxMTAvBgNVBAUTKDBGNDZCREJDNzQ5MDRFNURGODI5RjAxNTk1QjUxQ0FB QTIwMUI5REIwHhcNMjUxMDE5MDUyMDQ5WhcNMjUxMDI2MDUyMDQ5WjAYMRYwFAYD VQQDEw02OGY0NzUzMS1iYTg1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvZkDch1o3IPwMX3Z+VHB32FD9vp/4dGB9wENOxT26Td6MvbjNwDFUvXToNPK x1WW37GhY7K5Fsr3CeqK9RpcBzfvopf7Jbg+5460U/xzuswvRnRkChqMbZ9O2LCd +vzr3jggQQUh7zXAjtKqTiOTdikWVtc0HyOOzXKgttlcs3C7VhS5s076KoEGZqPv XbyEgGX2Zhqaa39aZqJS+KeVB6gJSeJ+I8bDk+wxSaNy1pz6Sv6hDBcVqH1NczKq qcFexIwuCeQQmNP/TJm5oZ91k/8l6Nlt8GaAQVheY1A040obOf8z6rLn+BNVlSFe RY8N9OxQmrrYRuDn7zSu06VN9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFInSxsoQ luaG2/nFy4LvsywKQCI1MB8GA1UdIwQYMBaAFA9Gvbx0kE5d+CnwFZW1HKqiAbnb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NDlFMi9CNjQ0MzM4NEVG RkYxMUVEODU1NkVFNTRDNEY5QUUwMi9EMGE5dkhTUVRsMzRLZkFWbGJVY3FxSUJ1 ZHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QwYTl2SFNRVGwzNEtmQVZsYlVjcXFJQnVkcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NDlFMi9CNjQ0MzM4NEVGRkYxMUVEODU1NkVFNTRDNEY5QUUwMi9EMGE5dkhTUVRs MzRLZkFWbGJVY3FxSUJ1ZHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBWAw1yRK0RszgM5g1r9qHScaji37Yws4A+KaI/LEHHo+klbUBAq6R1 Aq/FRcujwxYrtj+3s2UZS8h/CszQGOWzaWAG8odKcvdXEDVRjHawF+j62BUfN9tr 96vVpU+M8A0lV3zkQeAvIT5RcooX+jSjRhYh3e/i2PitzuLL1sJtxv6cV7L20lWB t98opZKiZ4ilkFPDXKxf6JqwVFWKjA+8LIkPuc7KPkGAmPq+jaSP1Q36cAHjosSd 9iJbUWLfQDe+7m8fYDC+8YTG9NNIm3AzxYYm8/QgE1SyVfcGIPLW3d3vAboXnYXx Ud4jZB5+ojlffZ+0hmO/rW9EhQhvSpKu -----END CERTIFICATE-----Generated at Mon Oct 20 11:17:58 2025 by rpki-client