$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: aKNtPEk9r8/uEdJxxt7AsNQwHojel8DALoOrYfghysU= Subject key identifier: 3B:F2:10:3D:33:1A:15:58:FF:EE:02:7E:53:0E:58:D8:2C:F7:9C:B3 Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 34E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 34D7 Signing time: Mon 20 Oct 2025 15:14:27 +0000 Manifest this update: Mon 20 Oct 2025 15:14:26 +0000 Manifest next update: Mon 27 Oct 2025 15:14:26 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: jTuleuD9C8JhEKrLcjAzx7NQ25awtha1G1GzpLNQw9A=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 15:14:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13538 (0x34e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: Oct 20 15:14:26 2025 GMT Not After : Oct 27 15:14:26 2025 GMT Subject: CN=68f651d3-6079 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:c1:34:e4:f2:84:04:90:86:8a:45:77:6c:16: da:eb:8c:d4:2a:ee:3b:6e:66:cc:1e:34:68:39:46: da:e4:fa:b5:ba:d1:52:18:0a:2d:06:0f:71:c0:88: 60:7b:08:33:8f:04:00:0d:28:bf:b9:5f:a8:d0:fe: 59:db:9b:8b:42:e6:18:53:a4:23:70:5b:19:f5:e5: 3a:0f:9e:ca:9b:a3:0e:f3:aa:78:96:3b:aa:eb:50: 01:cd:55:91:47:10:f4:8c:ef:33:72:93:a5:1d:e5: b9:18:05:f0:18:9e:ad:27:8d:f6:e7:74:17:64:f9: 65:64:a4:aa:41:08:80:ce:e6:b0:27:ad:ae:4e:15: 11:df:e2:ed:0f:c4:4d:52:66:4a:20:67:3e:00:5d: e7:90:04:fc:db:1f:53:ce:df:c1:ba:88:b5:92:40: f0:48:5e:2d:01:81:b5:74:93:e8:88:3b:8c:fe:2d: 98:ea:40:38:db:c1:51:ef:29:c5:66:45:d5:7c:bd: 35:bf:d1:87:b0:9e:72:5e:fd:ac:6a:2a:16:7e:89: be:57:d3:c7:fa:e0:c7:90:64:86:1e:8b:13:79:f9: ce:56:a3:e0:44:a9:15:a9:64:a0:64:a0:d5:01:59: 7a:2c:6f:ae:ee:60:7f:f2:dc:ee:2f:f2:25:4c:33: 6f:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:F2:10:3D:33:1A:15:58:FF:EE:02:7E:53:0E:58:D8:2C:F7:9C:B3 X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:cb:c3:1d:40:9e:69:3a:40:09:3b:23:09:a0:8e:71:9b:22: 16:d3:cf:e3:02:0c:21:92:ad:a6:80:ad:f8:13:d0:9e:11:14: b2:5d:17:5f:35:95:5a:c6:d7:2d:4b:10:ae:0c:ef:2d:d0:51: c9:66:55:18:c7:d6:35:0e:27:3f:a8:6e:77:b3:3b:aa:67:44: 30:8e:52:d6:9a:f3:46:7e:f5:e9:28:d0:c0:8c:32:0b:41:49: f0:34:84:27:4d:3b:df:18:51:68:c7:c5:f8:6f:b2:bb:80:3e: ec:a3:2b:83:b2:b8:19:e5:9f:20:d8:03:58:29:38:17:71:ea: 5d:d4:2e:f7:01:02:8c:54:e5:ab:4b:50:8f:f2:e2:c2:a0:2a: 8c:dd:6b:7d:89:2f:1d:59:5a:77:0f:92:a5:bb:05:45:75:b9: 8b:ab:6c:76:c7:c8:c9:c6:de:20:0f:9a:78:01:c1:41:83:3d: cf:be:a8:e1:73:d4:57:49:e7:18:fc:8b:a6:44:78:71:d5:26: 85:37:05:6f:fc:72:25:97:d6:24:e4:09:36:3a:fb:2b:44:88: 10:4a:04:89:a1:0b:fa:1a:f4:3f:cc:4b:dd:4d:f8:61:42:2e: 1e:c9:7e:81:b7:18:3c:60:e2:b6:e6:d8:36:b4:96:d8:ea:8b: c0:c4:ee:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUxMDIwMTUxNDI2WhcNMjUxMDI3MTUxNDI2WjAYMRYwFAYD VQQDEw02OGY2NTFkMy02MDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv8E05PKEBJCGikV3bBba64zUKu47bmbMHjRoOUba5Pq1utFSGAotBg9xwIhg ewgzjwQADSi/uV+o0P5Z25uLQuYYU6QjcFsZ9eU6D57Km6MO86p4ljuq61ABzVWR RxD0jO8zcpOlHeW5GAXwGJ6tJ43253QXZPllZKSqQQiAzuawJ62uThUR3+LtD8RN UmZKIGc+AF3nkAT82x9Tzt/Buoi1kkDwSF4tAYG1dJPoiDuM/i2Y6kA428FR7ynF ZkXVfL01v9GHsJ5yXv2saioWfom+V9PH+uDHkGSGHosTefnOVqPgRKkVqWSgZKDV AVl6LG+u7mB/8tzuL/IlTDNvJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDvyED0z GhVY/+4CflMOWNgs95yzMB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHy8MdQJ5pOkAJOyMJoI5xmyIW08/jAgwhkq2mgK34E9CeERSyXRdf NZVaxtctSxCuDO8t0FHJZlUYx9Y1Dic/qG53szuqZ0QwjlLWmvNGfvXpKNDAjDIL QUnwNIQnTTvfGFFox8X4b7K7gD7soyuDsrgZ5Z8g2ANYKTgXcepd1C73AQKMVOWr S1CP8uLCoCqM3Wt9iS8dWVp3D5KluwVFdbmLq2x2x8jJxt4gD5p4AcFBgz3Pvqjh c9RXSecY/IumRHhx1SaFNwVv/HIll9Yk5Ak2OvsrRIgQSgSJoQv6GvQ/zEvdTfhh Qi4eyX6Btxg8YOK25tg2tJbY6ovAxO4N -----END CERTIFICATE-----Generated at Tue Oct 21 02:09:24 2025 by rpki-client