$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft File: tY0p97gQfxWFtf_nDFAsbI9dMwI.mft (raw, json) Hash identifier: LE8EUg9ct48mE4so3TcL0LiL3xpli/tt1YB4UeMYcXU= Subject key identifier: E9:15:76:59:59:80:B1:BF:39:71:1A:A8:73:A9:B4:8E:42:4D:9F:8D Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02 Certificate issuer: /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302 Certificate serial: 08A7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft Manifest number: 088D Signing time: Mon 20 Oct 2025 21:29:31 +0000 Manifest this update: Mon 20 Oct 2025 21:29:30 +0000 Manifest next update: Mon 27 Oct 2025 21:29:30 +0000 Files and hashes: 1: tY0p97gQfxWFtf_nDFAsbI9dMwI.crl (hash: jvlpqH3o+Nd3hJUt+oJA8yfu5VRp1J6PeVtmhc/7yxc=) 2: C33EB0EC7C4211EB933D233EC4F9AE02.roa (hash: V3s4r52s3OPKDLcYcdmKSn/0GHVPcogcj1iQaYzRFaU=) 3: F6F5BCCE53E711F084348F87C4F9AE02.roa (hash: eEq3ZG4qI8pUpOyGlAwoIW1Iq8bp1Jor6FtXouhYCXM=) 4: 3C3F21BAD6F011EE9B38B67DC4F9AE02.roa (hash: w/43LlQIYPABEvYlfxDIIPmu3emguiTlymMjfBLzQJU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 21:29:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2215 (0x8a7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302 Validity Not Before: Oct 20 21:29:30 2025 GMT Not After : Oct 27 21:29:30 2025 GMT Subject: CN=68f6a9bb-f6c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:88:47:f8:c7:87:fe:f6:74:41:bd:14:8f:6a: f1:87:b8:d8:30:73:a3:b6:08:59:e3:40:30:cb:79: b6:6c:30:fd:90:e4:02:27:fc:cf:bf:8d:03:34:06: 9a:35:18:fc:02:12:35:1d:f9:9a:4b:1c:0e:2c:dd: cc:fb:4e:13:03:a2:25:5f:50:4a:6d:3f:a2:70:13: 3c:f1:35:08:70:4d:8c:b6:af:73:41:51:fe:d8:85: eb:76:1a:b2:7b:d1:2d:96:79:cb:d5:49:be:78:f6: 96:7c:b9:dd:1b:0f:2a:6d:12:fb:09:9d:42:aa:e9: 15:7a:51:23:9e:a7:e6:62:88:2d:25:cd:0d:4a:67: 0f:68:3d:a0:76:e0:61:20:15:74:f5:08:52:ab:2e: f1:83:98:12:11:76:0d:10:8d:30:af:2a:da:37:07: 82:32:f7:d9:3c:67:a4:7d:9c:5d:d7:c0:88:de:1c: 8b:07:52:ce:4c:74:9e:0f:b4:c4:16:16:58:a9:e8: 78:5b:6d:b3:ae:8c:c5:5c:ed:17:8b:9b:d6:8b:1d: 6d:d4:5a:c6:a1:0c:bb:39:f2:e4:ad:74:e4:46:65: c4:83:31:d2:cb:bb:dc:85:08:3e:05:98:2b:88:17: d0:57:c6:eb:6a:7f:bf:56:f2:ae:f1:0f:68:e9:1b: 3a:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:15:76:59:59:80:B1:BF:39:71:1A:A8:73:A9:B4:8E:42:4D:9F:8D X509v3 Authority Key Identifier: keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:8b:32:c9:c9:03:54:e8:a8:12:5e:31:eb:1a:96:46:ea:b1: 52:36:be:6a:31:44:33:b5:d7:cb:c3:59:5b:9d:df:dd:65:e9: f4:71:64:bc:bc:36:a1:4a:b8:89:4b:8f:d1:c9:1f:63:df:0b: c4:9c:e8:40:4a:0a:e2:dc:b7:9b:cd:2c:ee:91:27:a7:72:cc: ea:46:07:f4:12:ed:60:d3:33:6a:d6:a2:32:01:f8:c2:b6:57: 85:5a:cf:35:f0:a6:1b:96:e6:e5:22:2f:1e:b1:f3:4e:eb:7e: f5:10:63:c8:e8:cc:f9:40:8c:88:71:89:44:c1:ce:7f:e3:7d: 97:06:35:83:b0:58:72:3f:5b:82:77:d1:1b:f4:c3:4c:31:39: 3d:34:4e:cf:a7:f9:6c:cb:f5:de:77:c0:f5:71:5a:f2:95:6f: 37:47:89:53:8c:81:c6:ed:f1:2d:f7:94:2f:c0:91:a8:2f:69: ca:03:80:16:e0:8f:ac:27:60:c7:5d:cf:d0:28:8b:a4:59:35: 87:f7:01:c5:e0:be:29:2a:ec:98:c2:32:9d:21:db:2c:af:cf: 69:2f:1d:fc:0c:eb:35:cd:69:1b:06:b3:c2:06:32:4e:12:be: f4:b4:52:86:82:c7:f1:c1:f9:1a:7a:c4:18:ac:39:77:cd:63: 58:d4:88:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCKcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD OEY1RDMzMDIwHhcNMjUxMDIwMjEyOTMwWhcNMjUxMDI3MjEyOTMwWjAYMRYwFAYD VQQDEw02OGY2YTliYi1mNmM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy4hH+MeH/vZ0Qb0Uj2rxh7jYMHOjtghZ40Awy3m2bDD9kOQCJ/zPv40DNAaa NRj8AhI1HfmaSxwOLN3M+04TA6IlX1BKbT+icBM88TUIcE2Mtq9zQVH+2IXrdhqy e9EtlnnL1Um+ePaWfLndGw8qbRL7CZ1CqukVelEjnqfmYogtJc0NSmcPaD2gduBh IBV09QhSqy7xg5gSEXYNEI0wryraNweCMvfZPGekfZxd18CI3hyLB1LOTHSeD7TE FhZYqeh4W22zrozFXO0Xi5vWix1t1FrGoQy7OfLkrXTkRmXEgzHSy7vchQg+BZgr iBfQV8bran+/VvKu8Q9o6Rs6ZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOkVdllZ gLG/OXEaqHOptI5CTZ+NMB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC M0NBNC8xNUY2OEI1Q0NGMTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4 V0Z0Zl9uREZBc2JJOWRNd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4izLJyQNU6KgSXjHrGpZG6rFSNr5qMUQztdfLw1lbnd/dZen0cWS8 vDahSriJS4/RyR9j3wvEnOhASgri3LebzSzukSencszqRgf0Eu1g0zNq1qIyAfjC tleFWs818KYblublIi8esfNO6371EGPI6Mz5QIyIcYlEwc5/432XBjWDsFhyP1uC d9Eb9MNMMTk9NE7Pp/lsy/Xed8D1cVrylW83R4lTjIHG7fEt95QvwJGoL2nKA4AW 4I+sJ2DHXc/QKIukWTWH9wHF4L4pKuyYwjKdIdssr89pLx38DOs1zWkbBrPCBjJO Er70tFKGgsfxwfkaesQYrDl3zWNY1IhI -----END CERTIFICATE-----Generated at Tue Oct 21 00:29:32 2025 by rpki-client