$ rpki-client -vvf rpki.apnic.net/member_repository/A91B391F/58DB87F2457011EF9C8B8E71C4F9AE02/Zva4RKn4Ca4wexuc7kv9R8PHdxs.mft File: Zva4RKn4Ca4wexuc7kv9R8PHdxs.mft (raw, json) Hash identifier: PhCjNqbFCzBK2RAj6AiJHKLmlquLknaRMOQAnZtFRbQ= Subject key identifier: CC:7E:EA:5F:D0:E9:1A:0B:9C:DD:9B:5A:44:0A:BC:4B:A4:DD:8A:CA Authority key identifier: 66:F6:B8:44:A9:F8:09:AE:30:7B:1B:9C:EE:4B:FD:47:C3:C7:77:1B Certificate issuer: /CN=A91B391F/serialNumber=66F6B844A9F809AE307B1B9CEE4BFD47C3C7771B Certificate serial: EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zva4RKn4Ca4wexuc7kv9R8PHdxs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B391F/58DB87F2457011EF9C8B8E71C4F9AE02/Zva4RKn4Ca4wexuc7kv9R8PHdxs.mft Manifest number: EC Signing time: Sun 19 Oct 2025 08:18:57 +0000 Manifest this update: Sun 19 Oct 2025 08:18:56 +0000 Manifest next update: Sun 26 Oct 2025 08:18:56 +0000 Files and hashes: 1: Zva4RKn4Ca4wexuc7kv9R8PHdxs.crl (hash: VQz2qPfUJTKyR7wfpSs+b9QGUJXpkYP6BqdO90vj5Yk=) 2: 5069A4E034B311F0B93A6228C4F9AE02.roa (hash: Ds5OYRTGE1+nmc/fXAPDPY24vX1TYbGT7zDa8IDd+kc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B391F/58DB87F2457011EF9C8B8E71C4F9AE02/Zva4RKn4Ca4wexuc7kv9R8PHdxs.crl rsync://rpki.apnic.net/member_repository/A91B391F/58DB87F2457011EF9C8B8E71C4F9AE02/Zva4RKn4Ca4wexuc7kv9R8PHdxs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zva4RKn4Ca4wexuc7kv9R8PHdxs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:18:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 238 (0xee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B391F, serialNumber=66F6B844A9F809AE307B1B9CEE4BFD47C3C7771B Validity Not Before: Oct 19 08:18:56 2025 GMT Not After : Oct 26 08:18:56 2025 GMT Subject: CN=68f49ef1-bc5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:1a:d4:6f:3e:80:62:4a:0f:ef:9e:ac:a4:48: d3:fc:79:d5:1e:66:45:ba:c9:10:30:dc:e9:36:c1: 2c:0c:07:e8:a9:f1:cd:62:52:23:b7:0f:21:f1:06: 5e:5e:21:e5:91:5a:6d:40:0b:63:b5:67:cb:a1:a5: f7:bd:32:1e:12:ad:ac:d9:3b:eb:81:ca:cb:27:40: 72:0c:29:a4:2d:8d:f7:9e:84:b2:b1:09:dd:79:45: 84:7a:8d:c6:9c:08:e8:8c:80:11:28:50:b0:a3:de: 34:98:a9:a1:3f:d2:cf:15:8a:42:7d:0f:f1:9c:b8: de:a3:09:f5:0c:92:3b:7c:ab:b0:19:fb:f4:26:29: b0:ef:47:74:ed:b4:74:09:30:a7:6d:55:27:83:26: 01:68:a4:d1:f4:2a:d7:20:53:e0:66:1f:ae:82:6f: f2:e9:7e:3f:3a:8c:a2:c9:b4:6f:77:e2:c6:98:3d: 4d:87:82:a4:cd:cb:1b:21:d6:cb:f4:82:0a:99:3c: c6:e2:48:9a:33:23:43:b5:78:79:fb:b5:d5:13:b9: f1:5f:84:de:c7:3f:2d:ee:c0:73:f6:29:66:29:33: 86:d9:cf:f1:af:28:a5:b4:c6:55:34:f5:c0:72:75: fe:02:38:74:f8:3f:86:96:dc:e9:87:ab:ed:93:5c: 96:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:7E:EA:5F:D0:E9:1A:0B:9C:DD:9B:5A:44:0A:BC:4B:A4:DD:8A:CA X509v3 Authority Key Identifier: keyid:66:F6:B8:44:A9:F8:09:AE:30:7B:1B:9C:EE:4B:FD:47:C3:C7:77:1B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B391F/58DB87F2457011EF9C8B8E71C4F9AE02/Zva4RKn4Ca4wexuc7kv9R8PHdxs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Zva4RKn4Ca4wexuc7kv9R8PHdxs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B391F/58DB87F2457011EF9C8B8E71C4F9AE02/Zva4RKn4Ca4wexuc7kv9R8PHdxs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:f8:f7:ff:d8:9e:29:53:5a:1e:eb:cf:60:d6:f2:6b:bc:13: 5d:59:52:31:e3:67:ea:48:85:61:8b:48:d5:14:69:fb:cd:2b: 00:e2:ca:1a:1e:8b:d1:39:74:d5:e0:83:06:6a:45:d7:07:04: ca:d7:ff:bc:ed:24:96:d1:f5:f1:21:28:6a:c8:21:59:b7:31: 13:34:4d:ca:19:99:f2:52:0d:16:7a:4c:65:10:0b:8f:ff:c6: 59:7a:99:84:c5:99:bf:02:26:f6:aa:78:47:66:4b:21:18:c3: 45:79:ac:49:de:58:ba:a3:29:3e:c3:e1:72:4d:c3:95:69:58: 5f:61:e2:0c:8d:33:46:33:fe:15:2b:5e:2b:75:57:b5:26:66: 50:5b:38:95:e1:f5:77:1a:f2:a7:9b:08:ef:dd:3f:79:a5:a4: 9e:c1:77:fa:6d:36:56:25:ef:36:82:db:d3:c5:cc:f5:5f:0d: cc:86:f8:da:a0:ad:2b:0b:93:99:f9:58:01:97:d1:8f:f4:65: 04:07:4d:c1:79:6d:98:d2:5d:30:93:e1:e4:85:46:5c:ba:21: 3d:13:72:75:35:3a:c5:d9:4b:57:96:70:36:22:f5:43:2c:66: 6c:28:b8:da:29:fc:dd:eb:70:f3:1d:d8:de:2c:b7:67:4f:34: 0c:22:e4:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAO4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjM5MUYxMTAvBgNVBAUTKDY2RjZCODQ0QTlGODA5QUUzMDdCMUI5Q0VFNEJGRDQ3 QzNDNzc3MUIwHhcNMjUxMDE5MDgxODU2WhcNMjUxMDI2MDgxODU2WjAYMRYwFAYD VQQDEw02OGY0OWVmMS1iYzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwxrUbz6AYkoP756spEjT/HnVHmZFuskQMNzpNsEsDAfoqfHNYlIjtw8h8QZe XiHlkVptQAtjtWfLoaX3vTIeEq2s2TvrgcrLJ0ByDCmkLY33noSysQndeUWEeo3G nAjojIARKFCwo940mKmhP9LPFYpCfQ/xnLjeown1DJI7fKuwGfv0Jimw70d07bR0 CTCnbVUngyYBaKTR9CrXIFPgZh+ugm/y6X4/OoyiybRvd+LGmD1Nh4KkzcsbIdbL 9IIKmTzG4kiaMyNDtXh5+7XVE7nxX4Texz8t7sBz9ilmKTOG2c/xryiltMZVNPXA cnX+Ajh0+D+Gltzph6vtk1yWvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMx+6l/Q 6RoLnN2bWkQKvEuk3YrKMB8GA1UdIwQYMBaAFGb2uESp+AmuMHsbnO5L/UfDx3cb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMzkxRi81OERCODdGMjQ1 NzAxMUVGOUM4QjhFNzFDNEY5QUUwMi9admE0UktuNENhNHdleHVjN2t2OVI4UEhk eHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p2YTRSS240Q2E0d2V4dWM3a3Y5UjhQSGR4cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MzkxRi81OERCODdGMjQ1NzAxMUVGOUM4QjhFNzFDNEY5QUUwMi9admE0UktuNENh NHdleHVjN2t2OVI4UEhkeHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBO+Pf/2J4pU1oe689g1vJrvBNdWVIx42fqSIVhi0jVFGn7zSsA4soa HovROXTV4IMGakXXBwTK1/+87SSW0fXxIShqyCFZtzETNE3KGZnyUg0WekxlEAuP /8ZZepmExZm/Aib2qnhHZkshGMNFeaxJ3li6oyk+w+FyTcOVaVhfYeIMjTNGM/4V K14rdVe1JmZQWziV4fV3GvKnmwjv3T95paSewXf6bTZWJe82gtvTxcz1Xw3Mhvja oK0rC5OZ+VgBl9GP9GUEB03BeW2Y0l0wk+HkhUZcuiE9E3J1NTrF2UtXlnA2IvVD LGZsKLjaKfzd63DzHdjeLLdnTzQMIuQY -----END CERTIFICATE-----Generated at Mon Oct 20 19:26:00 2025 by rpki-client