$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft File: YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft (raw, json) Hash identifier: HkqT9p2lqLjzdrW498sE2OSMPdT1Fa9MFkTGvoAcCjc= Subject key identifier: BE:7D:A2:CA:F6:9F:AC:0A:BB:C2:0F:8B:13:A0:10:7C:10:22:AE:E6 Authority key identifier: 61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 Certificate issuer: /CN=A91A1CAA/serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Certificate serial: 013C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft Manifest number: 0139 Signing time: Sun 19 Oct 2025 07:15:54 +0000 Manifest this update: Sun 19 Oct 2025 07:15:54 +0000 Manifest next update: Sun 26 Oct 2025 07:15:54 +0000 Files and hashes: 1: YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl (hash: DsXwX91cbIRxPueUbR18a15Oc9Pvd2doPbrbllrAi2s=) 2: E75FB4F0CE4A11EE95C15E20C4F9AE02.roa (hash: utq11zi2cO+ldR8mXOv++lb25ZgD5tUSUW03iRiwBL0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 07:15:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 316 (0x13c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1CAA, serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Validity Not Before: Oct 19 07:15:54 2025 GMT Not After : Oct 26 07:15:54 2025 GMT Subject: CN=68f4902a-8c9d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:22:20:bf:a6:bd:17:c7:4d:84:a9:50:7c:f7: bb:c5:56:f2:41:cf:ec:d1:96:3e:bd:be:e6:1f:71: ce:5a:d3:2d:f4:9a:f5:37:3c:59:af:28:a8:d3:1e: 02:64:d5:63:9c:23:67:25:5a:a6:79:39:73:b3:8b: 96:a3:14:e3:13:5a:31:be:3e:9e:bc:f7:55:c4:4f: ef:59:19:ae:c3:8f:f4:7a:a8:9b:b1:3c:c2:8a:f5: bf:8f:dc:e9:8c:8e:43:bc:13:a9:a6:ee:2f:95:01: 48:2b:3b:0a:0e:d6:7c:a6:8e:cf:3d:25:52:8f:d4: 8d:c1:56:13:7b:4f:83:90:e1:11:63:3a:ec:d6:34: 6a:b5:19:61:b4:01:44:c5:1a:c7:e0:e0:16:11:b8: 32:1d:c1:27:35:06:d9:a9:88:4c:7e:7e:a2:7c:72: 6a:92:11:c0:a1:d7:1b:3d:7a:eb:c6:00:01:bc:e5: 92:47:16:cb:00:72:c7:e5:00:08:31:a0:6b:87:fd: 08:55:cc:90:8c:d1:cb:dd:5f:f1:f1:37:9c:1a:75: 87:5e:84:dd:04:cb:bc:54:7e:e1:e9:ac:0d:e8:31: 6f:88:8e:5e:f7:10:1a:ac:95:d7:35:05:5d:88:c9: 66:9d:94:48:d2:53:da:5a:e1:0d:0e:56:07:45:6c: 26:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:7D:A2:CA:F6:9F:AC:0A:BB:C2:0F:8B:13:A0:10:7C:10:22:AE:E6 X509v3 Authority Key Identifier: keyid:61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:b0:06:b2:d3:e3:5a:fc:b4:87:25:f1:89:bc:cb:07:9f:a9: 73:0f:95:fc:ba:d6:90:f4:f7:e5:92:63:75:44:a5:5f:e9:e8: f7:ae:94:eb:9c:ad:e0:30:91:bd:ba:49:e0:04:b3:8e:3d:46: 8d:cd:6f:d7:35:3e:ad:39:9d:26:2f:34:78:50:24:fc:95:4e: c8:c5:db:62:13:b7:c7:67:f1:cd:58:37:cc:9f:35:e9:ac:12: 6f:49:14:05:5b:4e:92:89:f9:b8:a1:f9:f2:96:d5:03:5e:a8: fb:e8:c5:f6:5d:69:2a:07:22:28:18:df:8c:14:96:7d:79:84: 54:da:83:52:19:dd:82:40:97:84:b2:b5:4f:ac:59:b5:44:14: 53:9c:95:61:af:0b:04:9b:5a:eb:49:f4:9e:f9:d5:8d:cf:25: b3:77:29:63:96:6f:57:aa:c8:65:d2:a2:93:5c:45:7f:b8:e7: 6c:21:1e:53:82:3a:ac:22:8d:3f:23:0f:b8:50:d9:9e:a8:a6: 76:fe:b5:cd:a8:c7:d7:98:80:9c:ea:11:75:77:fa:90:0c:74: 11:6e:1f:b0:a7:6f:c9:e3:7f:13:fb:2e:b7:4f:9a:0b:f0:c9: c0:4e:45:20:c9:e6:41:e7:0a:01:a4:2a:ef:e1:57:b5:12:9d: a8:2d:53:c1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTFDQUExMTAvBgNVBAUTKDYxN0YwNTRFM0NFNDUxRTBDM0U3RjQ0NkREMDlGNzg2 NDY1MkI2NTYwHhcNMjUxMDE5MDcxNTU0WhcNMjUxMDI2MDcxNTU0WjAYMRYwFAYD VQQDEw02OGY0OTAyYS04YzlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvyIgv6a9F8dNhKlQfPe7xVbyQc/s0ZY+vb7mH3HOWtMt9Jr1NzxZryio0x4C ZNVjnCNnJVqmeTlzs4uWoxTjE1oxvj6evPdVxE/vWRmuw4/0eqibsTzCivW/j9zp jI5DvBOppu4vlQFIKzsKDtZ8po7PPSVSj9SNwVYTe0+DkOERYzrs1jRqtRlhtAFE xRrH4OAWEbgyHcEnNQbZqYhMfn6ifHJqkhHAodcbPXrrxgABvOWSRxbLAHLH5QAI MaBrh/0IVcyQjNHL3V/x8TecGnWHXoTdBMu8VH7h6awN6DFviI5e9xAarJXXNQVd iMlmnZRI0lPaWuENDlYHRWwmvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL59osr2 n6wKu8IPixOgEHwQIq7mMB8GA1UdIwQYMBaAFGF/BU485FHgw+f0Rt0J94ZGUrZW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUNBQS84RTI3NUExRUNF NEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1VlREQ1X1JHM1FuM2hrWlN0 bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lYOEZUanprVWVERDVfUkczUW4zaGtaU3RsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MUNBQS84RTI3NUExRUNFNEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1Vl REQ1X1JHM1FuM2hrWlN0bFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBSsAay0+Na/LSHJfGJvMsHn6lzD5X8utaQ9PflkmN1RKVf6ej3rpTr nK3gMJG9ukngBLOOPUaNzW/XNT6tOZ0mLzR4UCT8lU7IxdtiE7fHZ/HNWDfMnzXp rBJvSRQFW06Sifm4ofnyltUDXqj76MX2XWkqByIoGN+MFJZ9eYRU2oNSGd2CQJeE srVPrFm1RBRTnJVhrwsEm1rrSfSe+dWNzyWzdyljlm9Xqshl0qKTXEV/uOdsIR5T gjqsIo0/Iw+4UNmeqKZ2/rXNqMfXmICc6hF1d/qQDHQRbh+wp2/J438T+y63T5oL 8MnATkUgyeZB5woBpCrv4Ve1Ep2oLVPB -----END CERTIFICATE-----Generated at Mon Oct 20 10:47:54 2025 by rpki-client