$ rpki-client -vvf rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft File: 3SNdNwiQmzPViUtMzckQXGH9Fq4.mft (raw, json) Hash identifier: 3xOxsDtDz6ycUyatcPoYO8d3lWmk3A8Vy91wpHZ0PW0= Subject key identifier: A6:EA:B1:DD:4E:11:A8:7A:7E:21:49:E9:67:27:E6:B9:87:5D:89:13 Authority key identifier: DD:23:5D:37:08:90:9B:33:D5:89:4B:4C:CD:C9:10:5C:61:FD:16:AE Certificate issuer: /CN=A91B8C13/serialNumber=DD235D3708909B33D5894B4CCDC9105C61FD16AE Certificate serial: 01BF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3SNdNwiQmzPViUtMzckQXGH9Fq4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft Manifest number: 01BE Signing time: Mon 20 Oct 2025 15:25:41 +0000 Manifest this update: Mon 20 Oct 2025 15:25:40 +0000 Manifest next update: Mon 27 Oct 2025 15:25:40 +0000 Files and hashes: 1: 3SNdNwiQmzPViUtMzckQXGH9Fq4.crl (hash: 8kFVlt2FgRIzhxzO5zB1wcrmjHlG8nQyHi96jUHrfl0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.crl rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3SNdNwiQmzPViUtMzckQXGH9Fq4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 15:25:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 447 (0x1bf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B8C13, serialNumber=DD235D3708909B33D5894B4CCDC9105C61FD16AE Validity Not Before: Oct 20 15:25:40 2025 GMT Not After : Oct 27 15:25:40 2025 GMT Subject: CN=68f65474-9b82 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:cf:67:a7:33:a9:93:33:2e:d8:8d:6c:c4:de: 92:cf:bf:e8:66:f2:4f:c3:d1:e0:48:05:71:7d:7d: d6:ae:da:36:31:fe:0a:cb:f7:7a:55:d9:b8:ab:15: 56:d3:ab:b7:d7:e2:dc:72:64:f1:c1:7b:0d:ac:b8: 88:f3:53:d7:35:5e:e8:2c:5b:b3:35:7f:f7:3e:b6: 63:55:c2:74:5a:44:46:00:b8:2d:a9:79:0c:be:2d: b1:fa:af:39:0f:3b:f7:71:74:c0:da:c7:7e:b7:3b: f0:74:87:14:4c:42:a6:c9:42:ae:8b:5c:23:12:16: 5b:d8:cf:52:49:10:a7:da:25:5d:1c:8e:69:ee:19: 5b:b0:5e:9e:f6:f1:1f:38:f8:08:97:ab:c0:02:51: 36:81:a2:00:b6:a3:14:8e:ca:a3:62:e0:3a:4b:80: 21:86:e5:f0:7d:51:65:d8:2f:b8:d4:23:6d:f1:70: cd:c5:84:48:7d:d3:ba:53:d4:f1:20:1f:fe:cb:cb: 4d:30:24:08:ca:7b:97:7a:8e:53:5e:22:10:9c:f4: a2:62:62:ef:17:94:df:a4:c4:c2:48:d2:f6:85:e6: 2a:c8:ed:a2:6c:61:43:c5:34:9f:d7:57:71:15:43: f1:68:6b:c4:04:b3:78:8c:b9:53:3d:20:1a:9f:19: 54:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:EA:B1:DD:4E:11:A8:7A:7E:21:49:E9:67:27:E6:B9:87:5D:89:13 X509v3 Authority Key Identifier: keyid:DD:23:5D:37:08:90:9B:33:D5:89:4B:4C:CD:C9:10:5C:61:FD:16:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3SNdNwiQmzPViUtMzckQXGH9Fq4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B8C13/D06117160B2D11EE867E6A17C4F9AE02/3SNdNwiQmzPViUtMzckQXGH9Fq4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:95:cc:04:e9:60:13:31:df:57:76:7a:0c:48:a9:34:c2:ca: a2:66:ca:2a:da:01:4e:39:9d:5e:f1:e6:dc:0a:a0:d6:2d:66: 84:cf:e7:dd:a2:8d:86:72:59:c8:e7:4c:92:ed:15:e8:90:01: 7f:79:49:5b:4e:c8:5d:4b:26:25:b1:c0:57:0a:6d:5f:b1:bd: 8a:c5:fd:55:dc:46:37:48:a5:c8:a4:37:7a:ed:a6:04:cc:b3: 59:93:89:07:d1:56:cf:ed:64:69:81:9b:48:ec:26:1c:ad:44: be:fb:72:8f:6f:65:ab:2c:73:50:44:ed:0f:5f:40:73:7b:75: f2:ce:7e:c7:46:cf:58:2f:18:a8:9d:57:73:24:6c:9d:f9:08: 85:2e:0b:42:10:62:6f:aa:e3:7d:79:29:1d:ed:aa:f4:b6:e8: e0:8b:b5:69:d5:6f:80:8b:00:6e:e9:d5:80:59:77:d7:fa:e1: f1:ed:75:00:2c:05:d9:e2:dd:c3:7b:9c:5a:67:b9:47:c4:3d: 31:cb:34:9f:62:00:a7:fe:2e:68:d4:ce:dd:e0:8e:84:11:de: 84:34:de:81:62:34:32:11:fa:7c:29:4d:42:a7:ff:4f:9f:11: bb:e3:4f:1b:9f:6e:bd:d5:e4:99:78:ae:00:2b:2b:d9:97:33: e4:d3:6f:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAb8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjhDMTMxMTAvBgNVBAUTKEREMjM1RDM3MDg5MDlCMzNENTg5NEI0Q0NEQzkxMDVD NjFGRDE2QUUwHhcNMjUxMDIwMTUyNTQwWhcNMjUxMDI3MTUyNTQwWjAYMRYwFAYD VQQDEw02OGY2NTQ3NC05YjgyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn89npzOpkzMu2I1sxN6Sz7/oZvJPw9HgSAVxfX3Wrto2Mf4Ky/d6Vdm4qxVW 06u31+LccmTxwXsNrLiI81PXNV7oLFuzNX/3PrZjVcJ0WkRGALgtqXkMvi2x+q85 Dzv3cXTA2sd+tzvwdIcUTEKmyUKui1wjEhZb2M9SSRCn2iVdHI5p7hlbsF6e9vEf OPgIl6vAAlE2gaIAtqMUjsqjYuA6S4AhhuXwfVFl2C+41CNt8XDNxYRIfdO6U9Tx IB/+y8tNMCQIynuXeo5TXiIQnPSiYmLvF5TfpMTCSNL2heYqyO2ibGFDxTSf11dx FUPxaGvEBLN4jLlTPSAanxlUwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKbqsd1O Eah6fiFJ6Wcn5rmHXYkTMB8GA1UdIwQYMBaAFN0jXTcIkJsz1YlLTM3JEFxh/Rau MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOEMxMy9EMDYxMTcxNjBC MkQxMUVFODY3RTZBMTdDNEY5QUUwMi8zU05kTndpUW16UFZpVXRNemNrUVhHSDlG cTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNTTmROd2lRbXpQVmlVdE16Y2tRWEdIOUZxNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OEMxMy9EMDYxMTcxNjBCMkQxMUVFODY3RTZBMTdDNEY5QUUwMi8zU05kTndpUW16 UFZpVXRNemNrUVhHSDlGcTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCPlcwE6WATMd9XdnoMSKk0wsqiZsoq2gFOOZ1e8ebcCqDWLWaEz+fd oo2GclnI50yS7RXokAF/eUlbTshdSyYlscBXCm1fsb2Kxf1V3EY3SKXIpDd67aYE zLNZk4kH0VbP7WRpgZtI7CYcrUS++3KPb2WrLHNQRO0PX0Bze3Xyzn7HRs9YLxio nVdzJGyd+QiFLgtCEGJvquN9eSkd7ar0tujgi7Vp1W+AiwBu6dWAWXfX+uHx7XUA LAXZ4t3De5xaZ7lHxD0xyzSfYgCn/i5o1M7d4I6EEd6ENN6BYjQyEfp8KU1Cp/9P nxG7408bn2691eSZeK4AKyvZlzPk02/5 -----END CERTIFICATE-----Generated at Mon Oct 20 20:41:47 2025 by rpki-client