$ rpki-client -vvf rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft File: ZH5crcsfv367iZpyGcOg8D0_ew0.mft (raw, json) Hash identifier: knJ9j0wUH88XeAd1N50TLVL3mKwJ9KYnLLS2R2R41jc= Subject key identifier: E2:10:B6:FB:D6:04:79:A9:EA:D2:42:02:1A:CC:4B:CA:A7:FE:67:A6 Authority key identifier: 64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D Certificate issuer: /CN=A91951DE/serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Certificate serial: 35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft Manifest number: 34 Signing time: Sun 19 Oct 2025 11:05:53 +0000 Manifest this update: Sun 19 Oct 2025 11:05:53 +0000 Manifest next update: Sun 26 Oct 2025 11:05:53 +0000 Files and hashes: 1: ZH5crcsfv367iZpyGcOg8D0_ew0.crl (hash: ruDvxvDtzK2ZE3CPoPyKUAQxsZ65oO3x492yLD27u5o=) 2: 533DC25E60B511F0AB567568C4F9AE02.roa (hash: 9UZrURL/5cYm+3q79UbhWbJw8l3P1ZGycupb15ORpsw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:05:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 53 (0x35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91951DE, serialNumber=647E5CADCB1FBF7EBB899A7219C3A0F03D3F7B0D Validity Not Before: Oct 19 11:05:53 2025 GMT Not After : Oct 26 11:05:53 2025 GMT Subject: CN=68f4c611-ffae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:95:d6:f0:fc:44:28:e9:2a:6d:1b:6c:70:5a: cc:69:f5:72:10:fd:b0:97:d2:48:9e:6b:9e:8b:fb: 7e:18:9b:96:d2:97:c0:94:e9:c1:be:63:2e:5a:cf: 24:a3:d0:47:4f:17:b1:c9:81:87:2e:63:a3:bb:a4: 30:62:ff:4e:5d:4f:8d:a0:25:1e:f4:d0:5c:74:dc: b8:ee:cd:cc:80:39:ef:31:8e:b2:e0:d2:31:58:05: 21:80:cb:37:71:7e:38:35:26:c7:1d:4c:04:19:b6: 8f:ea:e1:52:77:0d:c9:15:f9:04:81:6b:45:1b:f1: 2b:bf:c6:76:86:a3:9b:50:e5:aa:84:b5:06:2a:fd: 95:37:7b:5f:65:12:48:87:f6:19:c0:5f:8c:ca:5f: 30:39:44:40:5e:b3:3a:ab:74:6f:d0:ec:28:a5:b2: 4c:a0:80:1a:9a:d4:75:f2:08:f9:bf:a5:2d:59:e3: 99:c5:56:7c:a6:b1:81:56:12:50:3b:f7:8f:f0:3e: 56:d6:92:af:49:bd:77:4b:5b:19:d6:0c:f7:b7:8c: ec:f8:d9:0c:d9:a9:db:43:7f:d4:db:ee:24:4c:68: 6b:82:31:4e:4e:7d:de:b0:1f:78:dc:ba:ef:3f:0d: d8:89:00:e8:e4:71:8d:58:81:87:c0:e6:48:74:ff: 35:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E2:10:B6:FB:D6:04:79:A9:EA:D2:42:02:1A:CC:4B:CA:A7:FE:67:A6 X509v3 Authority Key Identifier: keyid:64:7E:5C:AD:CB:1F:BF:7E:BB:89:9A:72:19:C3:A0:F0:3D:3F:7B:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZH5crcsfv367iZpyGcOg8D0_ew0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91951DE/904F870A60B411F08ED7AE63C4F9AE02/ZH5crcsfv367iZpyGcOg8D0_ew0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:66:49:68:93:e5:f8:9e:53:eb:44:9f:9e:6c:19:97:28:ce: 0f:a0:39:a6:ac:a3:37:09:4c:47:a4:83:b2:48:02:19:5a:16: 2d:63:7a:5f:ec:5c:2e:56:fa:fc:80:b6:7d:a9:30:38:5b:99: d8:b5:22:51:b0:34:23:af:d9:71:fd:b4:34:80:17:20:47:2a: 9f:8b:b3:ef:75:95:86:a5:6e:58:27:6f:56:30:8e:ab:a2:e8: fc:44:cc:ff:e1:bb:bf:91:15:eb:9f:55:ce:ad:ac:b4:0d:b4: 76:5c:2e:f9:e5:f2:c0:f6:e9:27:b2:3c:33:0b:7a:f4:58:a9: 33:60:58:46:0e:71:a0:72:ec:8c:05:75:1a:25:79:12:7e:b5: 09:fa:5d:f1:85:d8:9a:34:e3:59:2b:c2:a5:92:65:29:d4:14: 7e:6d:ad:ee:70:b3:ff:18:b6:f0:12:b1:71:a3:b5:cb:27:ad: 47:1a:b8:50:76:80:12:d4:ac:aa:8e:c9:03:88:a9:a3:e2:1f: 89:6d:02:54:a3:d1:74:f0:7b:52:47:c3:e7:61:93:dc:72:18: 73:1a:74:f0:66:8b:f4:a2:54:ed:72:0e:11:9b:1e:d7:90:eb: ef:4c:5a:8c:f9:07:0e:f9:0b:e6:39:a0:b1:9a:a4:f1:d6:a5: 63:06:5a:45 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE5 NTFERTExMC8GA1UEBRMoNjQ3RTVDQURDQjFGQkY3RUJCODk5QTcyMTlDM0EwRjAz RDNGN0IwRDAeFw0yNTEwMTkxMTA1NTNaFw0yNTEwMjYxMTA1NTNaMBgxFjAUBgNV BAMTDTY4ZjRjNjExLWZmYWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCxldbw/EQo6SptG2xwWsxp9XIQ/bCX0kiea56L+34Ym5bSl8CU6cG+Yy5azySj 0EdPF7HJgYcuY6O7pDBi/05dT42gJR700Fx03LjuzcyAOe8xjrLg0jFYBSGAyzdx fjg1JscdTAQZto/q4VJ3DckV+QSBa0Ub8Su/xnaGo5tQ5aqEtQYq/ZU3e19lEkiH 9hnAX4zKXzA5REBeszqrdG/Q7CilskyggBqa1HXyCPm/pS1Z45nFVnymsYFWElA7 94/wPlbWkq9JvXdLWxnWDPe3jOz42QzZqdtDf9Tb7iRMaGuCMU5Ofd6wH3jcuu8/ DdiJAOjkcY1YgYfA5kh0/zULAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU4hC2+9YE eanq0kICGsxLyqf+Z6YwHwYDVR0jBBgwFoAUZH5crcsfv367iZpyGcOg8D0/ew0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1MURFLzkwNEY4NzBBNjBC NDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2N2lacHlHY09nOEQwX2V3 MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWkg1Y3Jjc2Z2MzY3aVpweUdjT2c4RDBfZXcwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTk1 MURFLzkwNEY4NzBBNjBCNDExRjA4RUQ3QUU2M0M0RjlBRTAyL1pINWNyY3NmdjM2 N2lacHlHY09nOEQwX2V3MC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABZmSWiT5fieU+tEn55sGZcozg+gOaasozcJTEekg7JIAhlaFi1jel/s XC5W+vyAtn2pMDhbmdi1IlGwNCOv2XH9tDSAFyBHKp+Ls+91lYalblgnb1Ywjqui 6PxEzP/hu7+RFeufVc6trLQNtHZcLvnl8sD26SeyPDMLevRYqTNgWEYOcaBy7IwF dRoleRJ+tQn6XfGF2Jo041krwqWSZSnUFH5tre5ws/8YtvASsXGjtcsnrUcauFB2 gBLUrKqOyQOIqaPiH4ltAlSj0XTwe1JHw+dhk9xyGHMadPBmi/SiVO1yDhGbHteQ 6+9MWoz5Bw75C+Y5oLGapPHWpWMGWkU= -----END CERTIFICATE-----Generated at Sun Oct 19 23:32:21 2025 by rpki-client