$ rpki-client -vvf rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft File: DfoUcOPJ6yHxewN7BM9O1UJO88k.mft (raw, json) Hash identifier: M4x87W0/4iPXTa1SsMioLlE3hh23QXALCzTYd3XHwSM= Subject key identifier: 3E:CA:6C:45:07:C8:8C:D6:34:E0:32:CE:37:44:67:B7:DD:8C:F5:BF Authority key identifier: 0D:FA:14:70:E3:C9:EB:21:F1:7B:03:7B:04:CF:4E:D5:42:4E:F3:C9 Certificate issuer: /CN=A91B588F/serialNumber=0DFA1470E3C9EB21F17B037B04CF4ED5424EF3C9 Certificate serial: 1D75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfoUcOPJ6yHxewN7BM9O1UJO88k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft Manifest number: 1D66 Signing time: Sat 18 Oct 2025 16:26:14 +0000 Manifest this update: Sat 18 Oct 2025 16:26:14 +0000 Manifest next update: Sat 25 Oct 2025 16:26:14 +0000 Files and hashes: 1: DfoUcOPJ6yHxewN7BM9O1UJO88k.crl (hash: AGihB45dXVmj38reiR3RmCk9F4Wy3W2iaI4WWl0H830=) 2: 234A77E28D2111ECB33BB01AC4F9AE02.roa (hash: k8TIUAQe/uhiGTZr6cgQAthXD90vdh6WA7DCNugyFL0=) 3: 09DBF798B76311E6AF11523EC4F9AE02.roa (hash: KJtFM/La7mL3fu5dlcMqDcraRcAtERap2FuVwdqAgkc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.crl rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfoUcOPJ6yHxewN7BM9O1UJO88k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:26:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7541 (0x1d75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B588F, serialNumber=0DFA1470E3C9EB21F17B037B04CF4ED5424EF3C9 Validity Not Before: Oct 18 16:26:14 2025 GMT Not After : Oct 25 16:26:14 2025 GMT Subject: CN=68f3bfa6-33ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:96:2f:81:e7:b7:29:6f:e2:fa:87:e2:d1:a9: 1c:8e:82:9c:79:58:16:11:d8:db:a8:db:49:60:e0: 42:6e:e7:b6:46:f9:da:61:e7:8a:ef:e4:74:4a:bc: 4a:61:c5:50:fb:c7:07:e6:5e:31:47:8b:40:72:d5: a1:54:34:ac:e0:3b:07:6b:e2:ea:d0:1d:36:00:7f: 4c:bd:38:68:2f:9f:ab:d8:98:fb:be:90:1a:9b:66: 28:8f:b0:4a:f2:da:e7:5f:3a:de:76:7b:a2:5a:68: 8b:2b:52:e9:ec:d3:7d:e2:eb:db:35:3a:82:b5:f1: 31:24:e9:84:a4:c5:fa:cd:8f:25:16:2a:dc:3c:16: fb:62:c9:e5:c3:0b:49:13:7b:25:d1:2a:c4:24:c5: 7b:7f:51:a6:45:4b:86:80:5d:3e:94:ba:84:89:67: b6:0e:0a:17:b8:cd:9b:77:34:08:3d:37:8e:aa:ef: 86:f0:7f:08:c3:ce:3c:a8:13:09:94:b4:89:3b:b9: 03:0a:a0:1a:ed:0d:18:1d:31:7c:c5:55:0f:0e:d7: fe:ac:6c:dc:40:6a:96:0c:3d:19:b2:d3:22:b0:45: 69:b4:2d:85:19:7e:c7:00:f1:4f:4a:9e:10:7f:41: de:66:ad:bb:fe:65:33:bf:ec:e7:61:5f:f2:9e:b4: d9:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:CA:6C:45:07:C8:8C:D6:34:E0:32:CE:37:44:67:B7:DD:8C:F5:BF X509v3 Authority Key Identifier: keyid:0D:FA:14:70:E3:C9:EB:21:F1:7B:03:7B:04:CF:4E:D5:42:4E:F3:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DfoUcOPJ6yHxewN7BM9O1UJO88k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B588F/784D94B8B76111E6B1175A3CC4F9AE02/DfoUcOPJ6yHxewN7BM9O1UJO88k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:02:ab:7b:0b:45:a1:89:20:77:cf:21:81:1c:72:f5:e0:28: c3:7e:ca:48:38:21:07:44:ff:bc:d2:f9:51:0a:4f:b7:99:02: 83:c3:a9:07:c5:3f:42:92:c2:6a:e6:e9:fb:0e:05:28:35:4f: 9c:09:76:6d:b3:02:16:e6:82:e3:13:2c:c2:18:f1:30:be:5b: 2d:62:d2:93:a1:25:d3:2f:70:cb:60:f2:88:f0:6c:f1:d0:06: 8b:19:de:c4:1f:a6:0f:5e:4c:09:89:36:42:2f:ed:96:f6:2e: e7:37:e4:c1:4f:db:f2:b1:f3:cb:d9:2b:de:2f:83:09:28:04: 2a:02:28:c1:be:22:00:aa:77:06:47:c6:9a:ae:a0:b8:43:41: 29:42:c9:58:5a:a4:27:61:58:9e:9f:ce:41:a0:85:d9:68:94: 3e:b3:9c:47:11:7e:77:75:9b:f0:df:cc:c3:c7:0c:08:98:75: 83:97:e1:06:22:88:f0:5f:a8:c2:41:da:b5:2e:09:60:31:59: 5b:19:09:b0:8f:2f:f3:a6:f1:6d:61:02:5a:bc:f6:a6:f9:6d: 5c:bd:08:70:72:17:f0:41:da:9d:39:df:01:87:8b:3b:04:a1: 62:a8:cb:e3:9a:8c:6b:72:e5:5f:a5:1a:41:bb:47:fc:15:79: b0:dc:ea:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHXUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjU4OEYxMTAvBgNVBAUTKDBERkExNDcwRTNDOUVCMjFGMTdCMDM3QjA0Q0Y0RUQ1 NDI0RUYzQzkwHhcNMjUxMDE4MTYyNjE0WhcNMjUxMDI1MTYyNjE0WjAYMRYwFAYD VQQDEw02OGYzYmZhNi0zM2FlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwpYvgee3KW/i+ofi0akcjoKceVgWEdjbqNtJYOBCbue2RvnaYeeK7+R0SrxK YcVQ+8cH5l4xR4tActWhVDSs4DsHa+Lq0B02AH9MvThoL5+r2Jj7vpAam2Yoj7BK 8trnXzrednuiWmiLK1Lp7NN94uvbNTqCtfExJOmEpMX6zY8lFircPBb7YsnlwwtJ E3sl0SrEJMV7f1GmRUuGgF0+lLqEiWe2DgoXuM2bdzQIPTeOqu+G8H8Iw848qBMJ lLSJO7kDCqAa7Q0YHTF8xVUPDtf+rGzcQGqWDD0ZstMisEVptC2FGX7HAPFPSp4Q f0HeZq27/mUzv+znYV/ynrTZawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD7KbEUH yIzWNOAyzjdEZ7fdjPW/MB8GA1UdIwQYMBaAFA36FHDjyesh8XsDewTPTtVCTvPJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNTg4Ri83ODREOTRCOEI3 NjExMUU2QjExNzVBM0NDNEY5QUUwMi9EZm9VY09QSjZ5SHhld043Qk05TzFVSk84 OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0Rmb1VjT1BKNnlIeGV3TjdCTTlPMVVKTzg4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NTg4Ri83ODREOTRCOEI3NjExMUU2QjExNzVBM0NDNEY5QUUwMi9EZm9VY09QSjZ5 SHhld043Qk05TzFVSk84OGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnAqt7C0WhiSB3zyGBHHL14CjDfspIOCEHRP+80vlRCk+3mQKDw6kH xT9CksJq5un7DgUoNU+cCXZtswIW5oLjEyzCGPEwvlstYtKToSXTL3DLYPKI8Gzx 0AaLGd7EH6YPXkwJiTZCL+2W9i7nN+TBT9vysfPL2SveL4MJKAQqAijBviIAqncG R8aarqC4Q0EpQslYWqQnYVien85BoIXZaJQ+s5xHEX53dZvw38zDxwwImHWDl+EG IojwX6jCQdq1LglgMVlbGQmwjy/zpvFtYQJavPam+W1cvQhwchfwQdqdOd8Bh4s7 BKFiqMvjmoxrcuVfpRpBu0f8FXmw3OqT -----END CERTIFICATE-----Generated at Mon Oct 20 01:48:00 2025 by rpki-client