$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft File: lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft (raw, json) Hash identifier: y+4SYDWpwKtosVbNF5hXI1yV2Jd8Ups1sPlv0wViK6U= Subject key identifier: 6D:C7:70:26:9A:C2:0C:69:00:BC:1E:89:42:20:47:77:C7:3B:8C:9F Authority key identifier: 96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 Certificate issuer: /CN=A91A58AA/serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Certificate serial: 5A Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft Manifest number: 5A Signing time: Sun 19 Oct 2025 10:32:06 +0000 Manifest this update: Sun 19 Oct 2025 10:32:06 +0000 Manifest next update: Sun 26 Oct 2025 10:32:05 +0000 Files and hashes: 1: lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl (hash: rPSeUA/mF0PmzhfNp5SfyU6dE52vn2xYJwNI1vxyrbE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:32:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=9673B5CCF0A8EA5CE41A2E476311F375CD83C0D2 Validity Not Before: Oct 19 10:32:06 2025 GMT Not After : Oct 26 10:32:05 2025 GMT Subject: CN=68f4be26-fa8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:53:77:98:ac:a9:39:90:e5:4e:80:8e:f9:ee: e5:c1:16:3e:c0:ed:df:fe:94:c0:4b:30:15:98:1f: 1e:6f:61:7e:3d:6a:17:6a:80:10:13:bc:27:6b:7c: 65:68:ea:31:36:dc:16:55:49:36:35:01:88:b4:46: dd:3b:88:fe:81:01:b5:7d:6b:19:bc:a9:09:e6:93: 84:cc:9b:27:78:40:89:7b:ed:25:c7:07:a7:9a:d5: 1b:01:08:ce:f4:da:de:32:b1:c9:10:e6:74:28:b9: 1e:d2:37:52:ea:5b:eb:50:1b:da:2f:90:3b:c1:5e: cd:c2:68:a6:5f:b6:26:92:d4:b8:24:77:1c:0a:67: 2d:85:12:b0:56:6a:fa:c8:13:11:04:09:99:dc:aa: 08:8d:36:13:14:d8:d6:62:10:c1:06:27:02:fa:06: 43:4e:07:7b:70:d8:de:7f:a3:25:a0:65:b3:0f:5c: b0:10:d3:13:9a:2b:e0:50:db:87:95:17:df:a0:38: 1a:ac:73:1e:dc:be:48:b0:a2:f8:f4:97:b5:aa:54: bc:57:56:9f:65:5a:38:3c:d5:18:9b:ac:c0:4b:c7: 7d:e4:b1:ec:fa:d1:bc:c4:59:40:2d:ad:76:66:bb: 79:b9:91:08:b2:0a:3e:a9:c1:d2:c4:c4:c0:e4:86: c1:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6D:C7:70:26:9A:C2:0C:69:00:BC:1E:89:42:20:47:77:C7:3B:8C:9F X509v3 Authority Key Identifier: keyid:96:73:B5:CC:F0:A8:EA:5C:E4:1A:2E:47:63:11:F3:75:CD:83:C0:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lnO1zPCo6lzkGi5HYxHzdc2DwNI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/C1939CE6240211F0961B646DC4F9AE02/lnO1zPCo6lzkGi5HYxHzdc2DwNI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:2f:28:12:f9:7e:b8:4b:d2:c6:3a:c2:da:0f:d4:56:d0:ad: 27:cc:cc:83:c7:01:1c:d3:22:c5:23:ce:dd:b8:3e:a6:10:5b: 6e:3e:ef:a6:38:f9:12:8d:14:fc:d2:82:dd:15:a8:35:9a:d4: f2:85:da:32:8c:50:8d:6c:17:bb:80:1f:65:eb:6e:c9:0b:2d: 31:bd:50:df:61:e4:b6:83:39:0b:e3:d1:a1:40:30:03:e4:a2: d8:cf:ff:95:de:50:1a:f0:d4:61:49:99:e0:87:69:2e:c3:96: 33:db:06:ab:35:4f:8f:f6:a4:07:92:80:89:98:b5:38:b3:5a: 37:7f:a1:d1:23:fd:b8:04:5d:62:ef:01:5c:c3:4e:91:12:88: 46:65:e8:e0:6a:ff:12:d7:44:4c:8a:ba:10:2b:f0:13:25:d9: 25:34:72:fd:53:96:bf:7e:be:93:09:ec:3f:34:4b:3c:2d:83: 33:3d:97:85:c8:97:1f:f0:6a:98:95:c0:8d:a9:aa:09:45:36: d2:90:48:e8:38:28:1f:ac:56:31:7c:a3:b9:62:e7:7a:67:99: 56:23:53:6e:44:f7:0b:83:72:3c:29:31:ba:ad:0b:bc:8f:d1: e8:61:f9:d7:b0:75:04:3b:06:83:15:ea:3f:3c:bc:e6:08:dd: ae:30:54:1c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoOTY3M0I1Q0NGMEE4RUE1Q0U0MUEyRTQ3NjMxMUYzNzVD RDgzQzBEMjAeFw0yNTEwMTkxMDMyMDZaFw0yNTEwMjYxMDMyMDVaMBgxFjAUBgNV BAMTDTY4ZjRiZTI2LWZhOGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFU3eYrKk5kOVOgI757uXBFj7A7d/+lMBLMBWYHx5vYX49ahdqgBATvCdrfGVo 6jE23BZVSTY1AYi0Rt07iP6BAbV9axm8qQnmk4TMmyd4QIl77SXHB6ea1RsBCM70 2t4ysckQ5nQouR7SN1LqW+tQG9ovkDvBXs3CaKZftiaS1LgkdxwKZy2FErBWavrI ExEECZncqgiNNhMU2NZiEMEGJwL6BkNOB3tw2N5/oyWgZbMPXLAQ0xOaK+BQ24eV F9+gOBqscx7cvkiwovj0l7WqVLxXVp9lWjg81RibrMBLx33ksez60bzEWUAtrXZm u3m5kQiyCj6pwdLExMDkhsG9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUbcdwJprC DGkAvB6JQiBHd8c7jJ8wHwYDVR0jBBgwFoAUlnO1zPCo6lzkGi5HYxHzdc2DwNIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0MxOTM5Q0U2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6a0dpNUhZeEh6ZGMyRHdO SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbG5PMXpQQ282bHprR2k1SFl4SHpkYzJEd05JLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0MxOTM5Q0U2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL2xuTzF6UENvNmx6 a0dpNUhZeEh6ZGMyRHdOSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEgvKBL5frhL0sY6wtoP1FbQrSfMzIPHARzTIsUjzt24PqYQW24+76Y4 +RKNFPzSgt0VqDWa1PKF2jKMUI1sF7uAH2XrbskLLTG9UN9h5LaDOQvj0aFAMAPk otjP/5XeUBrw1GFJmeCHaS7DljPbBqs1T4/2pAeSgImYtTizWjd/odEj/bgEXWLv AVzDTpESiEZl6OBq/xLXREyKuhAr8BMl2SU0cv1Tlr9+vpMJ7D80SzwtgzM9l4XI lx/wapiVwI2pqglFNtKQSOg4KB+sVjF8o7li53pnmVYjU25E9wuDcjwpMbqtC7yP 0ehh+dewdQQ7BoMV6j88vOYI3a4wVBw= -----END CERTIFICATE-----Generated at Tue Oct 21 04:49:31 2025 by rpki-client