$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft File: b8Lt8MURUqO-wRSaG9su2yk8nZU.mft (raw, json) Hash identifier: 9LXHrljvlY3WNpXAeTJFp5ghs0uz381afeOS2DValvU= Subject key identifier: 1F:FF:6A:E4:78:4C:C1:CC:89:16:90:45:4F:84:07:A8:11:22:22:11 Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0DA5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft Manifest number: 0D7A Signing time: Sat 18 Oct 2025 18:40:16 +0000 Manifest this update: Sat 18 Oct 2025 18:40:15 +0000 Manifest next update: Sat 25 Oct 2025 18:40:15 +0000 Files and hashes: 1: b8Lt8MURUqO-wRSaG9su2yk8nZU.crl (hash: NArHVmEDWyTRAiQ4hjPMg6kXpeQjrOGB2vJeaVRm5U8=) 2: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (hash: 8r7MWVk5x8o1qlWsJdhw0htq1GLcuT7GZDff98YKUWg=) 3: 11815E36135311EE94A8A114C4F9AE02.roa (hash: 4RiRLEUaqFnMyzAxg+jhTtVSLZnRrw+D1OLV5ZjDtiE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:40:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3493 (0xda5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Validity Not Before: Oct 18 18:40:15 2025 GMT Not After : Oct 25 18:40:15 2025 GMT Subject: CN=68f3df10-3b44 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:fc:c1:ae:0e:35:f2:cf:09:1c:ef:dc:f7:f3: bc:78:30:b1:46:4d:89:db:74:ce:e0:e7:75:69:aa: b9:77:74:03:f2:72:bc:79:cb:37:36:e6:d4:5d:4a: 13:67:28:1a:ae:21:6d:f7:3c:5d:98:e3:1e:ad:89: b2:37:6e:c1:34:40:52:86:67:e5:d1:48:99:f1:9d: a0:53:83:0f:55:0c:c4:fc:78:79:9c:82:5e:bc:13: 18:6d:7e:3f:4d:13:50:68:b5:6f:4a:a4:d9:d6:31: 26:a9:2a:86:8e:aa:f6:65:94:93:53:fc:5e:16:30: 84:22:2e:11:6a:00:cc:4b:2b:eb:0f:30:d5:5c:80: 53:bc:f6:7a:d7:89:db:be:3c:1a:e7:8a:ca:71:78: 5a:d5:44:83:3d:27:d4:4d:ff:90:5e:1d:fe:a5:f5: c2:84:37:21:a8:9a:e5:91:11:a3:f0:ac:39:a9:c1: 68:00:3c:f6:35:4f:1e:5f:31:98:58:f8:c5:ed:e3: 60:b1:4f:b8:10:ec:ac:5b:a9:57:c3:83:ec:2e:6f: 21:4d:f8:da:98:21:2e:52:ff:c8:f1:a0:7a:79:c2: 79:59:21:58:43:91:60:9f:b5:27:44:e1:f2:7d:14: 8e:17:55:08:5b:e4:6e:a8:9f:57:66:80:73:c0:74: b7:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:FF:6A:E4:78:4C:C1:CC:89:16:90:45:4F:84:07:A8:11:22:22:11 X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:18:82:24:ea:00:77:b3:8a:95:16:53:9a:11:4b:84:83:86: 5d:01:ac:97:6b:be:d1:ed:1b:60:f5:a2:11:18:f5:1c:4e:aa: 5f:e2:78:a7:0a:e7:d4:9a:19:c0:d5:fb:60:5e:c7:7e:d4:e1: 9c:c3:70:de:3f:c8:bc:5d:2d:b1:78:2a:e6:fa:85:42:9c:b5: 14:28:70:45:c3:5a:26:64:12:8b:b1:fe:14:d3:64:20:0f:61: 20:98:82:9e:33:20:6a:23:6c:ee:5a:f2:ee:51:eb:55:eb:a5: 11:c3:9c:06:c5:09:80:1a:d2:77:68:36:48:d7:c4:19:01:ca: 0e:48:c9:48:7a:79:47:8d:b7:73:58:61:8c:7f:36:83:1d:d4: f8:37:e0:06:ab:32:7a:ed:0d:95:b5:3a:2a:1d:69:c2:0c:ef: 1a:49:4c:7b:bb:7c:3e:07:bf:48:a2:9c:2a:37:37:e1:91:9f: c0:8e:6d:b9:08:02:1c:7d:ea:81:c3:f5:22:05:19:74:5b:e1: 27:d2:b6:23:31:a4:cb:14:24:75:c6:1f:18:79:49:a1:6b:f0: fd:74:af:f3:36:60:c0:e5:f5:ec:1d:c8:f0:26:33:54:4f:12: cc:9f:86:d3:ca:f7:b4:7f:8c:79:9c:e1:c4:d2:a5:b9:e3:f2: a3:a2:bd:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDaUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjUxMDE4MTg0MDE1WhcNMjUxMDI1MTg0MDE1WjAYMRYwFAYD VQQDEw02OGYzZGYxMC0zYjQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtvzBrg418s8JHO/c9/O8eDCxRk2J23TO4Od1aaq5d3QD8nK8ecs3NubUXUoT ZygariFt9zxdmOMerYmyN27BNEBShmfl0UiZ8Z2gU4MPVQzE/Hh5nIJevBMYbX4/ TRNQaLVvSqTZ1jEmqSqGjqr2ZZSTU/xeFjCEIi4RagDMSyvrDzDVXIBTvPZ614nb vjwa54rKcXha1USDPSfUTf+QXh3+pfXChDchqJrlkRGj8Kw5qcFoADz2NU8eXzGY WPjF7eNgsU+4EOysW6lXw4PsLm8hTfjamCEuUv/I8aB6ecJ5WSFYQ5Fgn7UnROHy fRSOF1UIW+RuqJ9XZoBzwHS3ZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB//auR4 TMHMiRaQRU+EB6gRIiIRMB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTI4Qi8xRTAyNjRBQURCQzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVx Ty13UlNhRzlzdTJ5azhuWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHGIIk6gB3s4qVFlOaEUuEg4ZdAayXa77R7Rtg9aIRGPUcTqpf4nin CufUmhnA1ftgXsd+1OGcw3DeP8i8XS2xeCrm+oVCnLUUKHBFw1omZBKLsf4U02Qg D2EgmIKeMyBqI2zuWvLuUetV66URw5wGxQmAGtJ3aDZI18QZAcoOSMlIenlHjbdz WGGMfzaDHdT4N+AGqzJ67Q2VtToqHWnCDO8aSUx7u3w+B79IopwqNzfhkZ/Ajm25 CAIcfeqBw/UiBRl0W+En0rYjMaTLFCR1xh8YeUmha/D9dK/zNmDA5fXsHcjwJjNU TxLMn4bTyve0f4x5nOHE0qW54/Kjor2w -----END CERTIFICATE-----Generated at Mon Oct 20 09:35:46 2025 by rpki-client