$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft File: cJdlx9TTMfTDasa-NH-mah8CNJA.mft (raw, json) Hash identifier: Umm7evIp4Rdj0Dvly4jFoB0dgiUAUvvk5VPr9Z7C5Ik= Subject key identifier: F5:95:E5:E9:DB:D4:D9:68:69:9D:75:3C:B0:CB:D5:C3:65:75:55:A7 Authority key identifier: 70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 Certificate issuer: /CN=A91AE85E/serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Certificate serial: 352F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft Manifest number: 34FC Signing time: Mon 20 Oct 2025 14:18:44 +0000 Manifest this update: Mon 20 Oct 2025 14:18:43 +0000 Manifest next update: Mon 27 Oct 2025 14:18:43 +0000 Files and hashes: 1: cJdlx9TTMfTDasa-NH-mah8CNJA.crl (hash: bZgnPHNRA1mATm5riKEfvV8fMTix8Ns/jhXFr+JQki0=) 2: 392987D254F611E79DF7E643C4F9AE02.roa (hash: E8L7EMY++G+/jL4fto/6X8FIxPH0nU/qyOAGKr50fbg=) 3: 09E2DC32B12B11E59337F35AC4F9AE02.roa (hash: cZP7pPe4Y/msfUjF/3Xl+aRlpqp1LPFsqoN3iYA504I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:18:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13615 (0x352f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE85E, serialNumber=709765C7D4D331F4C36AC6BE347FA66A1F023490 Validity Not Before: Oct 20 14:18:43 2025 GMT Not After : Oct 27 14:18:43 2025 GMT Subject: CN=68f644c4-323b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f5:90:60:d9:b9:40:6c:6d:f7:e5:eb:a5:08:a0: 54:3b:3f:06:92:54:9c:6e:33:d4:60:95:ac:47:00: 60:a4:25:6e:30:19:f7:4c:3f:7e:32:21:90:22:2f: 6f:2b:3f:cc:3a:d7:2f:d2:2f:51:3f:7a:2d:4f:9e: bb:87:3e:81:8c:5d:f9:be:a9:38:ea:9a:be:33:57: e0:93:9c:56:e1:aa:ec:e2:a3:4e:c3:51:f6:ba:ae: 77:62:18:11:b3:38:f8:5f:24:3d:01:bf:bf:c0:aa: 15:81:9b:12:9f:13:54:33:ce:70:93:d4:d2:a7:4b: 5e:f6:67:5d:4c:dd:e1:2f:39:b1:e6:f0:6f:69:32: e9:2e:08:93:6d:79:99:de:a5:6e:4b:31:27:1a:c4: 7b:79:1e:3a:75:cb:78:dd:db:b4:33:d9:e0:9b:99: 70:05:f3:ea:7d:a3:bd:19:fd:41:6e:ca:88:b7:30: 48:55:40:a7:b0:d3:1a:37:87:41:ba:05:7c:eb:e7: 7b:da:50:0b:99:6f:c6:fa:2c:8e:b7:a9:e1:ab:5c: 14:65:50:45:12:35:be:9a:1b:8a:1f:0d:6a:e2:9c: 27:1e:a7:96:0f:50:6b:9d:23:20:32:90:57:92:b8: ed:2d:9b:b1:f9:65:22:af:8b:4a:45:8c:d0:e2:c0: b5:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:95:E5:E9:DB:D4:D9:68:69:9D:75:3C:B0:CB:D5:C3:65:75:55:A7 X509v3 Authority Key Identifier: keyid:70:97:65:C7:D4:D3:31:F4:C3:6A:C6:BE:34:7F:A6:6A:1F:02:34:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cJdlx9TTMfTDasa-NH-mah8CNJA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE85E/0BED35261D6E11E2B04A61AF08B02CD2/cJdlx9TTMfTDasa-NH-mah8CNJA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3c:77:69:f3:1c:ad:9b:82:53:47:06:76:a6:6b:4f:0b:c6:1d: 5c:f4:cf:cb:25:d1:9a:7b:a4:91:7d:1d:fb:bf:92:6a:75:a2: a3:b1:9c:57:a1:86:4c:cd:84:be:a4:b5:97:6e:67:9e:74:99: 22:53:f1:55:47:f3:05:85:eb:71:35:4b:8f:c1:cc:13:32:9a: 7c:2f:51:45:ee:f8:ae:46:b5:2e:32:e9:05:34:ea:10:3a:1b: 5c:da:b8:57:b0:9e:29:ea:09:eb:92:6b:7a:85:cb:af:6b:fe: fe:46:6a:8a:78:72:77:15:5e:93:c0:b3:1b:ea:45:19:c0:d0: 70:a8:32:d2:9e:3d:d5:da:28:37:39:63:03:b7:d0:b0:00:1f: 71:56:09:45:f4:aa:18:71:be:98:55:f9:02:ab:59:25:7b:d4: ff:c3:b2:3c:86:cc:ed:61:d4:4f:7a:34:7b:d4:7b:6e:d7:bb: 0f:0f:7f:f3:dc:3d:ae:d6:4b:09:62:f1:1e:7e:06:31:63:89: 38:5c:5d:47:48:68:f2:4c:ee:01:e7:1c:58:9a:cb:9c:fc:f0: a2:8e:db:af:1f:24:2e:ee:ea:44:a5:9b:07:9a:d6:a2:2d:e6: 22:f0:17:ae:0e:2d:df:a1:92:3d:f0:fb:6b:b0:41:30:8c:50: 71:ec:ec:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNS8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUU4NUUxMTAvBgNVBAUTKDcwOTc2NUM3RDREMzMxRjRDMzZBQzZCRTM0N0ZBNjZB MUYwMjM0OTAwHhcNMjUxMDIwMTQxODQzWhcNMjUxMDI3MTQxODQzWjAYMRYwFAYD VQQDEw02OGY2NDRjNC0zMjNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9ZBg2blAbG335eulCKBUOz8GklScbjPUYJWsRwBgpCVuMBn3TD9+MiGQIi9v Kz/MOtcv0i9RP3otT567hz6BjF35vqk46pq+M1fgk5xW4ars4qNOw1H2uq53YhgR szj4XyQ9Ab+/wKoVgZsSnxNUM85wk9TSp0te9mddTN3hLzmx5vBvaTLpLgiTbXmZ 3qVuSzEnGsR7eR46dct43du0M9ngm5lwBfPqfaO9Gf1BbsqItzBIVUCnsNMaN4dB ugV86+d72lALmW/G+iyOt6nhq1wUZVBFEjW+mhuKHw1q4pwnHqeWD1BrnSMgMpBX krjtLZux+WUir4tKRYzQ4sC1vwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPWV5enb 1NloaZ11PLDL1cNldVWnMB8GA1UdIwQYMBaAFHCXZcfU0zH0w2rGvjR/pmofAjSQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTg1RS8wQkVEMzUyNjFE NkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1mVERhc2EtTkgtbWFoOENO SkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NKZGx4OVRUTWZURGFzYS1OSC1tYWg4Q05KQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTg1RS8wQkVEMzUyNjFENkUxMUUyQjA0QTYxQUYwOEIwMkNEMi9jSmRseDlUVE1m VERhc2EtTkgtbWFoOENOSkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA8d2nzHK2bglNHBnama08Lxh1c9M/LJdGae6SRfR37v5JqdaKjsZxX oYZMzYS+pLWXbmeedJkiU/FVR/MFhetxNUuPwcwTMpp8L1FF7viuRrUuMukFNOoQ Ohtc2rhXsJ4p6gnrkmt6hcuva/7+RmqKeHJ3FV6TwLMb6kUZwNBwqDLSnj3V2ig3 OWMDt9CwAB9xVglF9KoYcb6YVfkCq1kle9T/w7I8hsztYdRPejR71Htu17sPD3/z 3D2u1ksJYvEefgYxY4k4XF1HSGjyTO4B5xxYmsuc/PCijtuvHyQu7upEpZsHmtai LeYi8BeuDi3foZI98PtrsEEwjFBx7OyX -----END CERTIFICATE-----Generated at Tue Oct 21 00:04:14 2025 by rpki-client