$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft File: httX5pD30wkpOii6fFX7ivN9Xb0.mft (raw, json) Hash identifier: MX5gvIbIHBEVFh0vIX+N1ZfHOjL68ubi+J2QuOQG5wo= Subject key identifier: E7:65:D3:5E:49:DA:15:B0:8E:27:F5:06:5C:1F:51:0A:4C:48:43:22 Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 36C5 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft Manifest number: 36C3 Signing time: Mon 20 Oct 2025 14:35:43 +0000 Manifest this update: Mon 20 Oct 2025 14:35:42 +0000 Manifest next update: Mon 27 Oct 2025 14:35:42 +0000 Files and hashes: 1: httX5pD30wkpOii6fFX7ivN9Xb0.crl (hash: bzWR76J0i3RSkR2d0Y3jZtPTIETh5kEZ4bimEg9KreE=) 2: 3B8DEC18F67C11EFA12FD55AC4F9AE02.roa (hash: N2bskfxMFTrCp2qSWTYeMDSrONrPAtxZB594KPwftq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:35:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14021 (0x36c5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Validity Not Before: Oct 20 14:35:42 2025 GMT Not After : Oct 27 14:35:42 2025 GMT Subject: CN=68f648be-e25a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:fe:68:26:31:07:43:98:6d:0f:4c:5f:5e:d5: 07:b3:3f:0d:c0:be:7c:6c:a1:a0:61:22:56:fd:8a: 03:96:ef:5b:a2:8f:b9:37:5c:68:e6:2d:bf:e4:9b: 84:e2:97:45:15:e4:97:aa:c2:03:c5:c7:81:2c:b9: 75:6c:47:0e:80:10:c4:4a:13:16:00:1d:51:0f:2d: ae:7a:3b:e6:45:7a:79:77:17:25:da:56:df:a3:98: c0:1a:f0:f8:20:fb:74:8f:d0:52:18:e4:59:06:e3: 78:2b:ae:c6:2c:46:20:91:41:cd:60:30:a7:ae:72: 37:2b:2a:f4:e9:8a:97:a3:a8:ca:b7:4b:63:b3:63: 36:47:fb:c7:3d:30:c5:62:71:4d:5e:ef:f6:ce:61: 98:e9:a1:79:e6:53:fc:3b:ce:48:18:9c:cf:cc:8a: 6a:18:8d:6f:b9:5e:b6:1a:ad:3e:6b:be:24:c9:e2: c9:69:63:71:9f:5f:24:d6:e2:21:a2:b9:02:01:f9: 25:dd:e3:61:47:77:6d:dd:81:1e:a1:1e:9d:17:3c: d3:db:ce:de:a4:f7:7e:3a:d4:f9:df:7d:a6:e3:d5: a6:c7:f8:2b:24:32:ab:e9:e5:41:06:6c:16:4c:64: 12:ef:44:1a:62:d4:a3:a2:34:9f:7f:ff:8a:f1:24: cc:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:65:D3:5E:49:DA:15:B0:8E:27:F5:06:5C:1F:51:0A:4C:48:43:22 X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:60:ba:44:d5:c0:10:f2:ed:fc:47:f4:ca:cd:5e:4c:28:3a: 11:c0:a2:17:13:b6:dc:07:fb:c0:da:3c:91:27:7b:7c:f0:75: cc:f9:23:fb:c5:5d:4d:9a:27:2e:13:95:6a:90:3a:82:59:94: 14:be:fc:cb:da:c5:f5:56:ad:c1:1e:2f:78:7d:dc:a3:83:ad: 40:d7:2c:02:8d:8f:a4:0e:64:ae:1e:1d:06:3f:82:f9:39:e6: 37:06:6a:ec:5d:37:00:34:e7:fc:95:21:f0:fd:a4:20:25:09: 8c:c9:28:b4:60:6c:a9:1b:4b:19:52:7c:9b:bc:97:e2:78:d7: 0e:cd:a7:ba:aa:89:79:7e:e2:15:61:f7:97:4a:54:8b:a5:9a: c0:01:c5:80:51:09:1d:7a:c1:e7:54:7d:30:2d:80:10:7e:71: cf:20:e1:18:cd:b2:6f:8e:d2:17:9d:41:c5:10:ce:b6:24:78: d4:26:c7:98:ef:bd:f4:ca:9b:0c:66:89:26:f6:83:a7:e2:8f: 94:7b:e6:2a:54:d7:81:47:49:7c:59:50:c4:f2:e3:6b:2d:1a: 4c:cb:de:97:97:3b:8a:db:8d:10:53:bc:d2:dd:60:a0:01:61: 41:ae:f9:c9:c5:4f:9d:52:ac:05:2a:2f:cb:05:64:3a:39:bd: 50:ea:f3:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNsUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjUxMDIwMTQzNTQyWhcNMjUxMDI3MTQzNTQyWjAYMRYwFAYD VQQDEw02OGY2NDhiZS1lMjVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw/5oJjEHQ5htD0xfXtUHsz8NwL58bKGgYSJW/YoDlu9boo+5N1xo5i2/5JuE 4pdFFeSXqsIDxceBLLl1bEcOgBDEShMWAB1RDy2uejvmRXp5dxcl2lbfo5jAGvD4 IPt0j9BSGORZBuN4K67GLEYgkUHNYDCnrnI3Kyr06YqXo6jKt0tjs2M2R/vHPTDF YnFNXu/2zmGY6aF55lP8O85IGJzPzIpqGI1vuV62Gq0+a74kyeLJaWNxn18k1uIh orkCAfkl3eNhR3dt3YEeoR6dFzzT287epPd+OtT5332m49Wmx/grJDKr6eVBBmwW TGQS70QaYtSjojSff/+K8STMRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOdl015J 2hWwjif1BlwfUQpMSEMiMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTYwQS9COTk1M0RCQTFEOEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3 a3BPaWk2ZkZYN2l2TjlYYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7YLpE1cAQ8u38R/TKzV5MKDoRwKIXE7bcB/vA2jyRJ3t88HXM+SP7 xV1NmicuE5VqkDqCWZQUvvzL2sX1Vq3BHi94fdyjg61A1ywCjY+kDmSuHh0GP4L5 OeY3BmrsXTcANOf8lSHw/aQgJQmMySi0YGypG0sZUnybvJfieNcOzae6qol5fuIV YfeXSlSLpZrAAcWAUQkdesHnVH0wLYAQfnHPIOEYzbJvjtIXnUHFEM62JHjUJseY 7730ypsMZokm9oOn4o+Ue+YqVNeBR0l8WVDE8uNrLRpMy96XlzuK240QU7zS3WCg AWFBrvnJxU+dUqwFKi/LBWQ6Ob1Q6vOX -----END CERTIFICATE-----Generated at Mon Oct 20 18:46:01 2025 by rpki-client