$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft File: XdRoWi6WsUFvfNM1zetK0YIvfes.mft (raw, json) Hash identifier: pgdQQdOgMp+u2Nomgx7gruf60FRFJcO7W0Vn2QAFDxM= Subject key identifier: F4:83:C1:10:5B:E6:8A:20:13:41:F3:A8:48:06:78:19:70:BF:FA:1C Authority key identifier: 5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB Certificate issuer: /CN=A91AF01C/serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Certificate serial: 01D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft Manifest number: 01CA Signing time: Sun 19 Oct 2025 05:26:02 +0000 Manifest this update: Sun 19 Oct 2025 05:26:01 +0000 Manifest next update: Sun 26 Oct 2025 05:26:01 +0000 Files and hashes: 1: XdRoWi6WsUFvfNM1zetK0YIvfes.crl (hash: 8AHJIXQGYb3/hauDcsEdDKZCxRUCPj6ToEvOAkMRHTM=) 2: 3474AD64FAD311ED9CEE0E29C4F9AE02.roa (hash: bZ3DvcSU67WmMaGW0gpbOJ7oihqEunDO2oztcjKXnww=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:26:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 466 (0x1d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF01C, serialNumber=5DD4685A2E96B1416F7CD335CDEB4AD1822F7DEB Validity Not Before: Oct 19 05:26:01 2025 GMT Not After : Oct 26 05:26:01 2025 GMT Subject: CN=68f4766a-8800 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:36:d9:69:b7:50:a5:42:3c:c0:7a:46:be:ca: e6:9e:c9:ab:de:09:75:12:59:f3:23:bc:c6:01:91: 19:2d:0f:5b:92:27:d2:bb:a5:a8:99:05:79:f1:18: db:c5:4a:d8:64:4d:7d:f3:1e:e7:d2:ba:5e:0c:9e: d8:77:1a:4a:5a:4f:83:86:9b:37:4e:49:44:b7:1d: 4d:89:24:27:82:24:45:76:9a:67:f2:1a:db:51:fa: 1c:d6:ca:83:84:90:c6:8d:f9:bc:f4:19:07:d6:ad: a1:75:8a:a2:4e:43:c9:af:eb:50:6b:e4:c2:df:37: 9f:fa:20:14:71:19:1e:85:53:d8:28:ea:99:c7:e5: 54:87:50:54:91:15:1c:04:02:1d:2d:de:c2:a3:c2: 82:fc:5e:12:17:f0:2e:c0:76:29:c7:ae:2c:25:3c: d2:c0:a1:99:33:c6:79:6f:f7:ab:bc:d7:0e:e3:8e: 6e:7a:3f:4e:bd:bc:20:44:9a:94:1a:e2:77:f6:0c: b3:b3:25:7d:1e:10:17:9e:e0:11:dd:07:09:e6:d0: 7c:fa:0e:94:b6:41:2f:1d:87:56:07:f3:48:4a:90: 32:4b:2f:ea:6f:c3:f6:d6:b6:4e:df:b6:76:ca:92: 16:a5:a1:99:23:98:b1:99:dc:2b:9a:38:06:51:3e: 70:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F4:83:C1:10:5B:E6:8A:20:13:41:F3:A8:48:06:78:19:70:BF:FA:1C X509v3 Authority Key Identifier: keyid:5D:D4:68:5A:2E:96:B1:41:6F:7C:D3:35:CD:EB:4A:D1:82:2F:7D:EB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XdRoWi6WsUFvfNM1zetK0YIvfes.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF01C/E5D9E734FACB11EDB8F97D85C4F9AE02/XdRoWi6WsUFvfNM1zetK0YIvfes.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:39:bd:1d:d6:43:6f:b3:78:fc:14:36:34:74:38:ed:8e:9d: 9a:7f:00:5b:e0:71:ed:37:6a:0b:5d:7b:1d:50:71:de:49:48: 3b:7d:27:05:06:0d:eb:75:f1:db:06:cf:52:4f:77:44:e8:f5: 17:8b:8f:29:1f:74:9b:00:25:89:af:4d:48:1e:50:fc:90:a0: 50:c5:ab:1c:28:69:e4:80:2e:6b:cc:f4:41:5e:2b:63:9f:e4: 0b:ec:20:84:9b:24:51:1a:01:7f:6b:ee:17:dd:d7:4e:c8:14: c1:77:1e:10:dc:83:67:fc:ea:fa:d6:fe:03:73:91:c7:61:4e: 61:7d:26:d6:b4:49:8d:9f:c9:9b:ca:a5:9b:ab:7e:a0:05:9d: 8c:c9:7e:18:46:46:08:06:0d:40:01:fc:d7:9d:20:3d:9a:fc: c7:db:0e:2c:40:71:75:6a:0c:32:81:10:13:f8:36:a1:34:04: c6:ed:fc:fd:d9:b2:fd:38:f7:b9:9a:c2:6f:ed:54:44:81:bb: 5e:6f:3e:13:6b:bf:34:0b:48:df:4b:9f:a2:79:ef:29:45:0a: 22:b2:7c:80:7a:39:b9:8c:ca:33:94:99:62:ec:f6:2c:04:bb: 3e:67:16:9f:a2:7c:3e:16:e6:f8:6d:ea:ab:23:eb:bb:97:33: 4f:38:34:01 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwMUMxMTAvBgNVBAUTKDVERDQ2ODVBMkU5NkIxNDE2RjdDRDMzNUNERUI0QUQx ODIyRjdERUIwHhcNMjUxMDE5MDUyNjAxWhcNMjUxMDI2MDUyNjAxWjAYMRYwFAYD VQQDEw02OGY0NzY2YS04ODAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmzbZabdQpUI8wHpGvsrmnsmr3gl1ElnzI7zGAZEZLQ9bkifSu6WomQV58Rjb xUrYZE198x7n0rpeDJ7YdxpKWk+Dhps3TklEtx1NiSQngiRFdppn8hrbUfoc1sqD hJDGjfm89BkH1q2hdYqiTkPJr+tQa+TC3zef+iAUcRkehVPYKOqZx+VUh1BUkRUc BAIdLd7Co8KC/F4SF/AuwHYpx64sJTzSwKGZM8Z5b/ervNcO445uej9OvbwgRJqU GuJ39gyzsyV9HhAXnuAR3QcJ5tB8+g6UtkEvHYdWB/NISpAySy/qb8P21rZO37Z2 ypIWpaGZI5ixmdwrmjgGUT5wiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPSDwRBb 5oogE0HzqEgGeBlwv/ocMB8GA1UdIwQYMBaAFF3UaFoulrFBb3zTNc3rStGCL33r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjAxQy9FNUQ5RTczNEZB Q0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NVRnZmTk0xemV0SzBZSXZm ZXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hkUm9XaTZXc1VGdmZOTTF6ZXRLMFlJdmZlcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjAxQy9FNUQ5RTczNEZBQ0IxMUVEQjhGOTdEODVDNEY5QUUwMi9YZFJvV2k2V3NV RnZmTk0xemV0SzBZSXZmZXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTOb0d1kNvs3j8FDY0dDjtjp2afwBb4HHtN2oLXXsdUHHeSUg7fScF Bg3rdfHbBs9ST3dE6PUXi48pH3SbACWJr01IHlD8kKBQxascKGnkgC5rzPRBXitj n+QL7CCEmyRRGgF/a+4X3ddOyBTBdx4Q3INn/Or61v4Dc5HHYU5hfSbWtEmNn8mb yqWbq36gBZ2MyX4YRkYIBg1AAfzXnSA9mvzH2w4sQHF1agwygRAT+DahNATG7fz9 2bL9OPe5msJv7VREgbtebz4Ta780C0jfS5+iee8pRQoisnyAejm5jMozlJli7PYs BLs+Zxafonw+Fub4beqrI+u7lzNPODQB -----END CERTIFICATE-----Generated at Mon Oct 20 04:16:32 2025 by rpki-client