$ rpki-client -vvf rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft File: I3Q0S3Gynw44NSDK_GyINQw1YWg.mft (raw, json) Hash identifier: GuSTlSV6gJLM6RH3Hl2x+saI3fzutw/Tqp9LRpY0V8s= Subject key identifier: F4:DD:D9:68:45:98:F2:19:8A:A9:17:ED:5A:1E:D7:05:C5:29:B8:9C Authority key identifier: 23:74:34:4B:71:B2:9F:0E:38:35:20:CA:FC:6C:88:35:0C:35:61:68 Certificate issuer: /CN=A91A58AA/serialNumber=2374344B71B29F0E383520CAFC6C88350C356168 Certificate serial: 5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft Manifest number: 5A Signing time: Sun 19 Oct 2025 10:32:10 +0000 Manifest this update: Sun 19 Oct 2025 10:32:09 +0000 Manifest next update: Sun 26 Oct 2025 10:32:09 +0000 Files and hashes: 1: I3Q0S3Gynw44NSDK_GyINQw1YWg.crl (hash: 4fEn9Bvd2uL+wPzLAuKbOci43HytYYt20Tg7+QVDPu0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.crl rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 90 (0x5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A58AA, serialNumber=2374344B71B29F0E383520CAFC6C88350C356168 Validity Not Before: Oct 19 10:32:09 2025 GMT Not After : Oct 26 10:32:09 2025 GMT Subject: CN=68f4be29-4b4d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:60:b2:77:d9:c4:27:d1:4c:be:c1:9a:4d:d6: bb:36:c4:44:93:de:6f:9f:97:a5:ee:43:b2:76:b5: 86:85:15:e9:fb:c5:35:cb:65:1e:1e:5c:32:c2:57: 46:9d:29:fc:86:2c:de:94:e2:5d:2e:6d:8c:df:77: 16:be:56:81:01:90:69:93:2b:68:92:3d:2b:3f:01: 53:a6:6a:e7:0e:c1:27:4d:c9:56:54:3a:84:3d:ff: 7b:6f:e6:16:ad:e8:68:cf:34:12:07:f3:14:67:14: 82:e2:44:4b:07:cb:e5:cb:2a:12:1d:51:3f:56:11: d8:21:89:eb:a4:a1:15:37:30:55:13:b4:76:cf:d4: 80:82:14:5e:29:4e:2f:06:ea:b8:4a:6c:be:14:4e: bf:29:bb:42:54:c5:60:4c:38:17:33:a9:72:63:d7: bc:78:b6:3d:51:cd:85:6f:36:5d:9f:dd:79:19:69: 61:66:3b:1f:d4:4f:3a:6e:6e:ec:00:c0:5b:d0:3e: 87:0b:41:e3:63:b4:1a:45:7e:26:76:39:5b:38:ac: 90:42:1e:90:ad:35:d9:22:85:2f:07:bb:6d:4c:67: da:68:5f:48:06:46:5f:53:3c:f6:3f:e0:d0:e9:61: 91:99:c3:b3:98:ee:90:30:29:2b:0c:a1:b3:d8:87: a0:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:DD:D9:68:45:98:F2:19:8A:A9:17:ED:5A:1E:D7:05:C5:29:B8:9C X509v3 Authority Key Identifier: keyid:23:74:34:4B:71:B2:9F:0E:38:35:20:CA:FC:6C:88:35:0C:35:61:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/I3Q0S3Gynw44NSDK_GyINQw1YWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A58AA/CA50C926240211F0961B646DC4F9AE02/I3Q0S3Gynw44NSDK_GyINQw1YWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6c:93:e7:57:e6:73:36:a4:4a:94:b1:b7:c0:8d:ab:1f:17:65: 20:45:33:8a:28:25:0f:00:78:aa:48:f1:43:1b:a2:97:b1:4d: 30:ca:a6:1f:dd:d3:dd:08:41:0f:25:28:e8:f6:1f:92:5c:2e: 72:93:cd:95:90:be:27:e2:0e:8f:63:85:3a:36:c7:27:13:b5: 1e:2a:9b:12:3e:18:23:ea:00:33:e7:3e:c8:1a:99:c0:dc:69: cc:e3:01:8c:75:29:5f:fa:07:8c:5b:91:96:23:35:81:9e:fb: 4c:ea:44:51:6c:f8:81:b1:85:b4:b5:e1:37:e7:02:58:d7:17: f8:29:1d:0b:4a:9c:2b:fe:57:c3:96:b3:38:23:23:b6:b5:4c: 60:f4:84:81:a2:7e:70:a6:de:bc:e6:71:6c:61:0f:52:ab:dd: ba:f1:59:1f:9b:7f:99:50:40:ad:69:60:e4:8c:1b:27:8f:e9: 2e:a5:bc:a5:19:91:c3:7b:b4:db:16:97:95:08:dd:cf:72:60: bb:42:e9:47:3c:8c:b6:09:49:2b:ec:36:d9:99:3a:96:d5:25: 82:f5:2a:45:29:50:3a:c5:7c:00:84:34:96:cb:47:ed:c3:38: 46:f2:b9:47:63:61:41:23:4e:0a:a9:9f:fd:e0:b7:07:2e:a2: 17:e9:6b:85 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBWjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NThBQTExMC8GA1UEBRMoMjM3NDM0NEI3MUIyOUYwRTM4MzUyMENBRkM2Qzg4MzUw QzM1NjE2ODAeFw0yNTEwMTkxMDMyMDlaFw0yNTEwMjYxMDMyMDlaMBgxFjAUBgNV BAMTDTY4ZjRiZTI5LTRiNGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCrYLJ32cQn0Uy+wZpN1rs2xEST3m+fl6XuQ7J2tYaFFen7xTXLZR4eXDLCV0ad KfyGLN6U4l0ubYzfdxa+VoEBkGmTK2iSPSs/AVOmaucOwSdNyVZUOoQ9/3tv5hat 6GjPNBIH8xRnFILiREsHy+XLKhIdUT9WEdghieukoRU3MFUTtHbP1ICCFF4pTi8G 6rhKbL4UTr8pu0JUxWBMOBczqXJj17x4tj1RzYVvNl2f3XkZaWFmOx/UTzpubuwA wFvQPocLQeNjtBpFfiZ2OVs4rJBCHpCtNdkihS8Hu21MZ9poX0gGRl9TPPY/4NDp YZGZw7OY7pAwKSsMobPYh6DlAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU9N3ZaEWY 8hmKqRftWh7XBcUpuJwwHwYDVR0jBBgwFoAUI3Q0S3Gynw44NSDK/GyINQw1YWgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1OEFBL0NBNTBDOTI2MjQw MjExRjA5NjFCNjQ2REM0RjlBRTAyL0kzUTBTM0d5bnc0NE5TREtfR3lJTlF3MVlX Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSTNRMFMzR3ludzQ0TlNES19HeUlOUXcxWVdnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE1 OEFBL0NBNTBDOTI2MjQwMjExRjA5NjFCNjQ2REM0RjlBRTAyL0kzUTBTM0d5bnc0 NE5TREtfR3lJTlF3MVlXZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGyT51fmczakSpSxt8CNqx8XZSBFM4ooJQ8AeKpI8UMbopexTTDKph/d 090IQQ8lKOj2H5JcLnKTzZWQvifiDo9jhTo2xycTtR4qmxI+GCPqADPnPsgamcDc aczjAYx1KV/6B4xbkZYjNYGe+0zqRFFs+IGxhbS14TfnAljXF/gpHQtKnCv+V8OW szgjI7a1TGD0hIGifnCm3rzmcWxhD1Kr3brxWR+bf5lQQK1pYOSMGyeP6S6lvKUZ kcN7tNsWl5UI3c9yYLtC6Uc8jLYJSSvsNtmZOpbVJYL1KkUpUDrFfACENJbLR+3D OEbyuUdjYUEjTgqpn/3gtwcuohfpa4U= -----END CERTIFICATE-----Generated at Sun Oct 19 23:33:50 2025 by rpki-client