$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft File: 089k1dsXYfy2pVLwaAkTMMW19Ts.mft (raw, json) Hash identifier: gRYgIbV6QeDKCR9rItBZ0N6qKLgliPnxqjvFJ9UgL4M= Subject key identifier: F2:97:19:FF:89:D9:D7:FF:31:9B:C9:37:74:0D:27:6B:C9:68:63:AB Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 37 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft Manifest number: 36 Signing time: Sun 19 Oct 2025 11:04:26 +0000 Manifest this update: Sun 19 Oct 2025 11:04:25 +0000 Manifest next update: Sun 26 Oct 2025 11:04:25 +0000 Files and hashes: 1: 089k1dsXYfy2pVLwaAkTMMW19Ts.crl (hash: GK/tGGknsvRhrWQMMOr8rC7sThTe4tIDQtx8xpYO+iA=) 2: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (hash: yvTiS/oFSBojbCtB284WFEZBM+3n1uqQBo+L9aW7vLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:04:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 55 (0x37) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Oct 19 11:04:25 2025 GMT Not After : Oct 26 11:04:25 2025 GMT Subject: CN=68f4c5ba-1877 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:76:1c:d9:1b:c6:73:de:38:57:0b:15:47:3c: c3:c8:2f:63:0c:46:b3:70:fa:74:2a:22:4e:17:d5: 74:bb:ce:1d:7c:2a:c4:cf:5a:54:d0:3d:4d:00:75: 27:c9:fd:32:ad:28:6c:ad:4b:1c:25:a0:92:f2:0f: bb:6d:68:7d:8c:27:73:2a:30:df:43:80:34:1c:90: 8c:ad:91:89:28:d9:a4:14:0a:9f:1b:bf:2e:fc:dc: f8:83:c2:e8:4c:3b:1d:3e:d0:e3:9e:76:32:56:5c: ab:4c:90:a6:d8:36:2b:59:c0:73:83:dc:fe:5a:d7: 8c:da:57:8e:8b:78:79:83:75:38:24:73:90:07:32: 1c:b9:f0:3a:21:df:b0:d0:6d:08:62:65:09:e5:80: fa:d8:48:17:af:46:83:f3:eb:5c:85:0c:21:03:c1: e3:4b:90:80:93:77:a2:46:0c:a9:23:70:87:ad:76: d9:0c:58:9f:3a:19:b8:a6:13:4d:93:65:6f:c1:1a: 87:92:66:d7:67:a8:44:3f:f3:34:1c:ec:83:b3:e7: 1a:63:3f:3a:6b:8d:66:5b:15:ae:16:2f:49:31:b9: 00:97:c5:2e:c4:27:5b:08:6a:7b:98:28:41:8b:7a: 95:f1:03:15:88:24:1e:28:d2:45:2a:a7:13:0a:85: e7:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:97:19:FF:89:D9:D7:FF:31:9B:C9:37:74:0D:27:6B:C9:68:63:AB X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:1a:87:ab:9b:fa:97:24:a8:93:bd:e0:38:2a:8f:6d:b4:14: 58:72:e6:46:e7:6f:42:a2:24:6e:b3:b9:db:3a:5b:63:39:97: 15:1d:41:3e:28:49:28:cf:1c:48:eb:3a:d9:5f:a4:59:d3:3b: 0e:a1:78:91:9d:37:8b:ec:9b:f1:9d:38:26:99:dc:5c:b8:71: 6d:cb:72:44:4f:ce:31:5e:42:a3:bd:9b:46:c2:d5:79:ab:da: 7f:be:db:07:d4:b5:16:b7:bb:17:7e:d0:52:fe:3a:62:4b:76: 22:c1:c8:64:0d:7d:97:f2:5d:07:04:4c:f4:2f:c5:2c:d2:76: 19:9f:1a:17:f6:d2:9a:cf:c7:b0:2c:c8:bc:61:d7:2b:c5:e7: 05:1e:90:a3:b7:c4:1a:64:2d:5c:2e:71:9a:03:ef:7f:8b:c0: 87:b8:6c:dc:91:5d:b2:4e:cf:49:b3:e0:d2:9d:08:60:a2:f1: db:3c:a1:f2:d0:42:bd:7e:df:81:ed:2a:df:37:ad:47:03:01: 7c:6c:41:29:21:21:06:3f:0e:d3:20:46:26:f5:61:a4:4d:c5: 7f:9f:1a:15:90:c0:01:dd:56:6c:49:47:0b:e8:e5:73:9f:a5: 44:4a:38:22:27:ab:18:4a:0f:1a:49:5f:fd:fd:9b:f8:af:d2: 8b:09:3c:9d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBNzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjVERjExMC8GA1UEBRMoRDNDRjY0RDVEQjE3NjFGQ0I2QTU1MkYwNjgwOTEzMzBD NUI1RjUzQjAeFw0yNTEwMTkxMTA0MjVaFw0yNTEwMjYxMTA0MjVaMBgxFjAUBgNV BAMTDTY4ZjRjNWJhLTE4NzcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDbdhzZG8Zz3jhXCxVHPMPIL2MMRrNw+nQqIk4X1XS7zh18KsTPWlTQPU0AdSfJ /TKtKGytSxwloJLyD7ttaH2MJ3MqMN9DgDQckIytkYko2aQUCp8bvy783PiDwuhM Ox0+0OOedjJWXKtMkKbYNitZwHOD3P5a14zaV46LeHmDdTgkc5AHMhy58Doh37DQ bQhiZQnlgPrYSBevRoPz61yFDCEDweNLkICTd6JGDKkjcIetdtkMWJ86GbimE02T ZW/BGoeSZtdnqEQ/8zQc7IOz5xpjPzprjWZbFa4WL0kxuQCXxS7EJ1sIanuYKEGL epXxAxWIJB4o0kUqpxMKhedPAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU8pcZ/4nZ 1/8xm8k3dA0na8loY6swHwYDVR0jBBgwFoAU089k1dsXYfy2pVLwaAkTMMW19Tsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyNURGL0U2MTI0MDgyNUVE NTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlU cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDg5azFkc1hZZnkycFZMd2FBa1RNTVcxOVRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy NURGL0U2MTI0MDgyNUVENTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5 MnBWTHdhQWtUTU1XMTlUcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAIgah6ub+pckqJO94Dgqj220FFhy5kbnb0KiJG6zuds6W2M5lxUdQT4o SSjPHEjrOtlfpFnTOw6heJGdN4vsm/GdOCaZ3Fy4cW3LckRPzjFeQqO9m0bC1Xmr 2n++2wfUtRa3uxd+0FL+OmJLdiLByGQNfZfyXQcETPQvxSzSdhmfGhf20prPx7As yLxh1yvF5wUekKO3xBpkLVwucZoD73+LwIe4bNyRXbJOz0mz4NKdCGCi8ds8ofLQ Qr1+34HtKt83rUcDAXxsQSkhIQY/DtMgRib1YaRNxX+fGhWQwAHdVmxJRwvo5XOf pURKOCInqxhKDxpJX/39m/iv0osJPJ0= -----END CERTIFICATE-----Generated at Tue Oct 21 02:04:42 2025 by rpki-client