$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft File: 3aSfQfYYpV-cp8_FW66nthbZV2I.mft (raw, json) Hash identifier: qPQoyiJlb0H1TR4YbECmPn4xia2QVMnywcbrwKX/5b0= Subject key identifier: C4:00:F6:CB:4A:E5:27:25:FA:E1:A8:7A:6E:3E:92:D5:D6:63:47:61 Authority key identifier: DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 Certificate issuer: /CN=A91A7273/serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Certificate serial: 85 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft Manifest number: 84 Signing time: Sun 19 Oct 2025 09:57:09 +0000 Manifest this update: Sun 19 Oct 2025 09:57:09 +0000 Manifest next update: Sun 26 Oct 2025 09:57:09 +0000 Files and hashes: 1: 3aSfQfYYpV-cp8_FW66nthbZV2I.crl (hash: idylJ7tLWkoFGIwOZp1K45xTWZ4KFY0xCnWPBk3EKiI=) 2: 3958EEC642BB11F0B449BB81C4F9AE02.roa (hash: SygYrtM3v/MPPC9qe7TYDUy1/kulSQDEnXRN8vMuKwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:57:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 133 (0x85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7273, serialNumber=DDA49F41F618A55F9CA7CFC55BAEA7B616D95762 Validity Not Before: Oct 19 09:57:09 2025 GMT Not After : Oct 26 09:57:09 2025 GMT Subject: CN=68f4b5f5-8157 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e6:49:e3:72:4a:ed:94:58:69:03:26:a6:b0:2f: 63:f7:4d:9c:8e:1e:2c:f0:d2:c1:fa:f7:40:f7:87: 6d:61:61:26:c5:0a:2e:88:b9:62:b5:2d:b6:be:42: 71:4e:dc:e0:a7:10:1a:8e:d2:f1:57:6d:67:55:76: dc:cc:d4:4a:7f:b8:17:50:99:86:38:46:16:91:65: d0:75:86:7a:16:d0:62:75:fd:d0:d2:de:d0:b7:0f: df:8a:5c:06:85:b8:b0:8a:45:09:57:e0:5a:ab:66: a9:23:8e:ae:8b:b0:49:c3:2d:08:6c:35:cc:d2:07: 33:a8:99:f8:85:20:47:26:31:d7:a8:2e:93:6c:b3: 66:90:d9:18:83:01:7a:1e:6a:3c:4f:ea:a8:70:53: 7a:59:b5:f4:00:ec:ec:f1:55:a8:37:c3:bd:b4:20: c5:9a:94:cb:c4:bc:d5:a3:78:d9:48:11:b3:ee:ea: 79:89:05:42:22:92:5c:fb:c2:59:fe:6d:7d:e8:f5: b9:74:a7:88:cd:06:60:18:db:82:3b:65:68:cc:41: 54:8d:7e:59:11:27:1c:a0:1b:ba:89:3a:5e:27:c1: 79:e2:ed:c8:70:7f:77:f0:6a:96:dd:f2:0b:4b:fc: 86:65:6d:7f:17:a3:65:59:76:f0:e4:9d:01:7d:51: 21:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C4:00:F6:CB:4A:E5:27:25:FA:E1:A8:7A:6E:3E:92:D5:D6:63:47:61 X509v3 Authority Key Identifier: keyid:DD:A4:9F:41:F6:18:A5:5F:9C:A7:CF:C5:5B:AE:A7:B6:16:D9:57:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3aSfQfYYpV-cp8_FW66nthbZV2I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7273/FC50500EE77111EF9DFBDD50C4F9AE02/3aSfQfYYpV-cp8_FW66nthbZV2I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:30:c7:ea:f5:43:0f:ac:68:2a:62:41:4a:09:96:ff:4f:8d: 15:24:e7:3a:b0:36:e1:30:64:d6:13:3a:fa:c6:5c:43:c4:ba: a3:48:93:06:ff:f7:62:f2:43:da:24:bf:00:57:0c:21:fd:c6: 92:a4:c9:92:54:1e:38:49:db:f7:3e:c1:3c:1d:ab:dc:aa:3c: 9f:ca:b7:dc:bd:28:6f:39:d6:11:da:31:2f:2e:a7:d7:fc:9d: 99:62:b8:04:0a:bd:4d:f4:d0:05:77:f4:2f:3d:19:25:50:c8: 98:59:f3:3b:e3:b7:61:45:4f:c7:e1:96:da:b6:bf:50:6e:67: 7f:80:85:0d:bd:30:67:32:d1:f0:6e:69:b0:bd:ce:f8:ba:ab: 14:3d:6a:c2:b0:80:b6:c2:a1:c6:4a:d7:0c:7c:56:e0:6a:4f: ca:c9:fa:92:ab:c1:a8:24:8c:ef:c5:56:06:b7:25:75:65:dd: b6:23:99:e4:57:5f:8f:f9:e5:52:00:e4:ec:52:9a:db:71:88: e0:38:a1:72:9f:4e:f3:ef:ce:84:42:42:64:c2:00:c7:af:ad: 1c:15:f4:e3:ab:d7:9f:f4:78:b7:e5:fe:92:37:91:a8:4f:c4: 2d:f3:43:6e:1e:a4:aa:00:36:06:d7:bd:1e:12:8b:7f:ed:e2: c6:a4:56:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTcyNzMxMTAvBgNVBAUTKEREQTQ5RjQxRjYxOEE1NUY5Q0E3Q0ZDNTVCQUVBN0I2 MTZEOTU3NjIwHhcNMjUxMDE5MDk1NzA5WhcNMjUxMDI2MDk1NzA5WjAYMRYwFAYD VQQDEw02OGY0YjVmNS04MTU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5knjckrtlFhpAyamsC9j902cjh4s8NLB+vdA94dtYWEmxQouiLlitS22vkJx TtzgpxAajtLxV21nVXbczNRKf7gXUJmGOEYWkWXQdYZ6FtBidf3Q0t7Qtw/filwG hbiwikUJV+Baq2apI46ui7BJwy0IbDXM0gczqJn4hSBHJjHXqC6TbLNmkNkYgwF6 Hmo8T+qocFN6WbX0AOzs8VWoN8O9tCDFmpTLxLzVo3jZSBGz7up5iQVCIpJc+8JZ /m196PW5dKeIzQZgGNuCO2VozEFUjX5ZESccoBu6iTpeJ8F54u3IcH938GqW3fIL S/yGZW1/F6NlWXbw5J0BfVEh6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMQA9stK 5Scl+uGoem4+ktXWY0dhMB8GA1UdIwQYMBaAFN2kn0H2GKVfnKfPxVuup7YW2Vdi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNzI3My9GQzUwNTAwRUU3 NzExMUVGOURGQkRENTBDNEY5QUUwMi8zYVNmUWZZWXBWLWNwOF9GVzY2bnRoYlpW MkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhU2ZRZllZcFYtY3A4X0ZXNjZudGhiWlYySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NzI3My9GQzUwNTAwRUU3NzExMUVGOURGQkRENTBDNEY5QUUwMi8zYVNmUWZZWXBW LWNwOF9GVzY2bnRoYlpWMkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoMMfq9UMPrGgqYkFKCZb/T40VJOc6sDbhMGTWEzr6xlxDxLqjSJMG //di8kPaJL8AVwwh/caSpMmSVB44Sdv3PsE8HavcqjyfyrfcvShvOdYR2jEvLqfX /J2ZYrgECr1N9NAFd/QvPRklUMiYWfM747dhRU/H4Zbatr9Qbmd/gIUNvTBnMtHw bmmwvc74uqsUPWrCsIC2wqHGStcMfFbgak/KyfqSq8GoJIzvxVYGtyV1Zd22I5nk V1+P+eVSAOTsUprbcYjgOKFyn07z786EQkJkwgDHr60cFfTjq9ef9Hi35f6SN5Go T8Qt80NuHqSqADYG170eEot/7eLGpFYH -----END CERTIFICATE-----Generated at Mon Oct 20 08:01:48 2025 by rpki-client