$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: DEpW6o+yYzbEtZdMsWdKtUciudFZdn63D4FNY7lvRTo= Subject key identifier: 31:0B:D4:CA:5C:60:60:5B:1C:76:90:38:BC:BD:B9:9E:65:37:1B:16 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 02AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 02A2 Signing time: Sun 19 Oct 2025 03:46:47 +0000 Manifest this update: Sun 19 Oct 2025 03:46:47 +0000 Manifest next update: Sun 26 Oct 2025 03:46:47 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: vE9hQM3J0Ueb9kSEz9qoWQAWe/+85IsyAiF3UU/Clkw=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: wYfrxBgpnREsPiR0qsIaHokVToTMzCIKH0+74g0LVvA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 03:46:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 687 (0x2af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Oct 19 03:46:47 2025 GMT Not After : Oct 26 03:46:47 2025 GMT Subject: CN=68f45f27-33cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:60:e4:09:6b:17:ba:77:31:19:f3:8a:d6:82: 1f:9d:87:67:53:25:2d:24:c1:5f:05:2b:67:bd:c6: 14:d6:ac:ad:ba:15:16:0e:f3:12:c5:83:66:73:65: db:73:81:1e:ae:30:b1:82:ac:03:e6:aa:da:53:93: bd:fa:55:03:2a:13:05:59:aa:25:6c:42:2e:08:98: 43:da:de:1d:55:62:9b:a5:bf:c9:3f:91:45:43:eb: 93:5a:25:dc:ea:b9:3c:61:19:3b:ee:22:ba:5c:a8: 44:83:7b:73:c4:fc:39:a9:ce:da:f8:aa:62:fd:81: 14:8a:6d:a9:31:6b:76:b8:e7:f3:48:13:72:71:83: 9a:a9:8f:05:25:17:23:fa:2d:be:9f:c5:dc:13:8a: d9:3c:79:c6:d3:5c:3f:6b:cb:92:f4:66:78:11:32: 89:0b:b7:e1:56:65:14:2b:90:81:e6:42:e0:90:70: f0:cf:bb:a8:50:2c:0d:d8:1b:bc:ad:59:10:43:63: d7:c3:f7:31:cf:48:3c:b2:15:eb:20:d0:ed:84:0b: e4:1b:53:aa:46:42:fc:51:b2:86:4e:97:fb:a1:d8: 57:3a:72:60:b8:cd:c1:ab:a1:97:5b:e2:a9:54:41: 77:e9:b5:b2:68:48:60:62:34:f0:4a:31:20:4d:c9: 17:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:0B:D4:CA:5C:60:60:5B:1C:76:90:38:BC:BD:B9:9E:65:37:1B:16 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:ac:98:0f:3e:01:44:10:31:db:bb:82:d2:70:3f:bb:0a:5a: 0b:18:84:9d:a7:a3:7f:36:eb:15:4e:c3:9b:82:25:b4:d8:93: 68:72:e1:6a:44:05:48:5a:8f:27:d7:38:4a:a5:1a:82:97:e3: b5:64:c1:f8:13:08:a8:bf:4a:61:83:97:7a:14:0d:bf:c8:8f: 17:c3:69:ed:79:87:ba:28:2e:fd:ad:19:d2:59:b1:24:33:e9: 95:e5:00:df:58:77:be:e5:b0:57:f0:73:c8:04:c1:37:3a:ca: e3:d6:9e:a7:ab:d9:21:40:3a:c3:11:d3:44:dd:8c:ee:7c:8b: 07:c0:e0:1f:07:43:5f:bf:50:5e:6c:36:11:8e:bd:be:22:eb: 69:38:61:d9:d1:c8:da:07:91:a7:7b:1b:21:d0:ba:c4:d8:3a: 81:60:ad:52:87:03:c7:bd:1a:c2:a2:1e:cb:fb:02:90:29:50: b8:6d:15:d0:7a:41:91:b5:87:83:a0:a9:9f:1e:63:92:e9:2e: d6:3d:4d:de:2a:18:e2:25:47:d7:d3:06:e8:c0:48:41:d5:6a: cf:f8:07:34:e8:8f:cf:34:d3:52:ee:29:a8:01:6f:58:bd:44: 5f:d1:60:5b:d3:c5:54:30:a9:4e:ff:70:a1:97:6f:23:96:12: 02:38:be:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAq8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUxMDE5MDM0NjQ3WhcNMjUxMDI2MDM0NjQ3WjAYMRYwFAYD VQQDEw02OGY0NWYyNy0zM2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArGDkCWsXuncxGfOK1oIfnYdnUyUtJMFfBStnvcYU1qytuhUWDvMSxYNmc2Xb c4EerjCxgqwD5qraU5O9+lUDKhMFWaolbEIuCJhD2t4dVWKbpb/JP5FFQ+uTWiXc 6rk8YRk77iK6XKhEg3tzxPw5qc7a+Kpi/YEUim2pMWt2uOfzSBNycYOaqY8FJRcj +i2+n8XcE4rZPHnG01w/a8uS9GZ4ETKJC7fhVmUUK5CB5kLgkHDwz7uoUCwN2Bu8 rVkQQ2PXw/cxz0g8shXrINDthAvkG1OqRkL8UbKGTpf7odhXOnJguM3Bq6GXW+Kp VEF36bWyaEhgYjTwSjEgTckX5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDEL1Mpc YGBbHHaQOLy9uZ5lNxsWMB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGrJgPPgFEEDHbu4LScD+7CloLGISdp6N/NusVTsObgiW02JNocuFq RAVIWo8n1zhKpRqCl+O1ZMH4Ewiov0phg5d6FA2/yI8Xw2nteYe6KC79rRnSWbEk M+mV5QDfWHe+5bBX8HPIBME3Osrj1p6nq9khQDrDEdNE3YzufIsHwOAfB0Nfv1Be bDYRjr2+IutpOGHZ0cjaB5Gnexsh0LrE2DqBYK1ShwPHvRrCoh7L+wKQKVC4bRXQ ekGRtYeDoKmfHmOS6S7WPU3eKhjiJUfX0wbowEhB1WrP+Ac06I/PNNNS7imoAW9Y vURf0WBb08VUMKlO/3Chl28jlhICOL6K -----END CERTIFICATE-----Generated at Mon Oct 20 05:21:09 2025 by rpki-client