$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: z/yedO8cdhdt2BEtpO8UmWMDV31k3FFY89+E4vcvrbE= Subject key identifier: 50:50:00:AC:90:9E:3F:8D:E7:25:FA:61:A0:E2:15:38:1B:DE:2E:AD Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0834 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07F7 Signing time: Sat 18 Oct 2025 22:30:53 +0000 Manifest this update: Sat 18 Oct 2025 22:30:52 +0000 Manifest next update: Sat 25 Oct 2025 22:30:52 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: QbM7KYKrY0/xWikNSn5Rx2D1h7nhBVzVI44IP2tFtQY=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:30:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2100 (0x834) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Oct 18 22:30:52 2025 GMT Not After : Oct 25 22:30:52 2025 GMT Subject: CN=68f4151d-9222 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:cb:72:af:b0:7f:53:ce:78:b2:54:4f:db:df: aa:5e:fd:17:85:5b:91:36:9c:15:bd:8f:ed:98:03: 05:0f:cf:56:a7:19:c3:7c:03:f1:d5:8b:61:2a:4a: a3:89:4d:7a:b6:44:13:98:ac:d3:9a:34:f4:d5:16: 72:10:bc:70:2e:dc:68:0d:92:86:f7:cd:20:4d:3d: 2d:b1:db:4b:d9:c9:3f:51:4f:c0:e5:ed:5a:74:1b: ad:fc:28:dd:e5:66:63:fb:81:4d:ae:a7:38:00:28: fe:bf:51:68:07:15:bf:01:c1:6d:d1:c7:05:0e:9b: ec:d2:b6:d6:8e:4d:13:19:4d:4c:57:c7:e7:a7:e8: fe:08:b6:4a:39:c7:75:cc:a7:52:61:21:78:fa:a0: aa:56:27:98:8e:1a:d1:e6:50:9a:d6:fb:05:8c:55: 7e:ba:20:75:19:c5:09:3e:b2:2e:1d:fe:a9:09:89: 01:16:06:4b:b0:ba:0a:bb:e9:f8:8a:fd:d7:dd:9e: b3:fa:df:a3:0c:99:69:10:33:ae:94:47:ef:ff:27: dc:ed:e2:44:3d:50:e1:c7:03:60:f0:53:d6:dc:0c: b9:03:08:1e:f9:64:8d:4d:8a:08:16:99:cd:c5:36: cc:2f:ca:c4:a0:9c:d4:51:05:a4:10:33:4b:cf:c0: cd:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 50:50:00:AC:90:9E:3F:8D:E7:25:FA:61:A0:E2:15:38:1B:DE:2E:AD X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:68:df:72:e4:bc:16:7c:e2:46:71:bc:ae:52:b2:18:06:e4: ce:58:8c:64:17:70:ca:34:bc:8c:77:55:9a:b1:dd:aa:82:2f: 82:cd:da:e5:4d:6f:59:73:fe:d2:cd:76:9c:9c:d4:46:43:81: e1:99:37:c8:74:5e:b2:9b:a6:91:62:ce:bb:30:99:82:dc:49: 8e:a0:ba:95:9a:91:5b:9c:ea:74:9f:f2:42:61:a7:c5:c5:47: 99:f3:e0:d2:e1:ff:03:da:ce:d9:dc:94:62:96:2f:1c:a0:26: e0:60:4f:b0:8c:03:99:94:cd:8e:02:98:1c:78:d7:78:22:89: fd:55:08:38:7d:b2:2c:1b:96:4c:ab:c8:09:36:ef:9d:67:b9: 6e:6b:df:3c:de:09:4f:08:d0:7c:6e:8a:ea:72:89:31:fe:57: 3e:16:60:f6:d1:b3:2e:8c:e0:d5:7f:44:e1:65:5c:de:67:59: aa:57:1c:96:29:fa:cd:f9:b9:dc:47:f0:db:8a:73:01:4e:ad: d2:11:10:f3:56:d8:bc:51:38:e8:9d:26:6e:c7:1b:c4:58:e7: 3b:a2:ef:bc:b3:e9:f5:49:b5:7d:7e:64:47:00:24:c9:7d:12: 30:42:53:45:3b:52:f5:dc:50:2d:d9:9d:16:63:74:13:6d:f1: 5e:54:23:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUxMDE4MjIzMDUyWhcNMjUxMDI1MjIzMDUyWjAYMRYwFAYD VQQDEw02OGY0MTUxZC05MjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsctyr7B/U854slRP29+qXv0XhVuRNpwVvY/tmAMFD89WpxnDfAPx1YthKkqj iU16tkQTmKzTmjT01RZyELxwLtxoDZKG980gTT0tsdtL2ck/UU/A5e1adBut/Cjd 5WZj+4FNrqc4ACj+v1FoBxW/AcFt0ccFDpvs0rbWjk0TGU1MV8fnp+j+CLZKOcd1 zKdSYSF4+qCqVieYjhrR5lCa1vsFjFV+uiB1GcUJPrIuHf6pCYkBFgZLsLoKu+n4 iv3X3Z6z+t+jDJlpEDOulEfv/yfc7eJEPVDhxwNg8FPW3Ay5Awge+WSNTYoIFpnN xTbML8rEoJzUUQWkEDNLz8DNcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFBQAKyQ nj+N5yX6YaDiFTgb3i6tMB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaaN9y5LwWfOJGcbyuUrIYBuTOWIxkF3DKNLyMd1Wasd2qgi+Czdrl TW9Zc/7SzXacnNRGQ4HhmTfIdF6ym6aRYs67MJmC3EmOoLqVmpFbnOp0n/JCYafF xUeZ8+DS4f8D2s7Z3JRili8coCbgYE+wjAOZlM2OApgceNd4Ion9VQg4fbIsG5ZM q8gJNu+dZ7lua9883glPCNB8borqcokx/lc+FmD20bMujODVf0ThZVzeZ1mqVxyW KfrN+bncR/DbinMBTq3SERDzVti8UTjonSZuxxvEWOc7ou+8s+n1SbV9fmRHACTJ fRIwQlNFO1L13FAt2Z0WY3QTbfFeVCMw -----END CERTIFICATE-----Generated at Mon Oct 20 09:37:16 2025 by rpki-client