$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: 2h0+OUCoI/26sNPxYaBDG0JNGqN68qffbhF+I1FFK38= Subject key identifier: C1:0B:8F:02:A2:86:E5:12:F3:6A:82:8A:85:49:D6:60:4B:FB:60:CC Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: 013E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: 0133 Signing time: Sun 19 Oct 2025 07:30:20 +0000 Manifest this update: Sun 19 Oct 2025 07:30:19 +0000 Manifest next update: Sun 26 Oct 2025 07:30:19 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: X0mBe+lF9w8goRxOKt7gjzewg+hpRhOpvMbDtK7b/Wo=) 2: 10771E5497C211F0A9D40817C4F9AE02.roa (hash: saXUgFYFE88ebAmrp0hfBEAM07HUjSBQgX0rZpCJXb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 07:30:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 318 (0x13e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D, serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: Oct 19 07:30:19 2025 GMT Not After : Oct 26 07:30:19 2025 GMT Subject: CN=68f4938c-aca8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:dd:03:29:b6:cf:85:85:43:49:ca:83:46:3d: 96:46:bc:bc:b0:97:44:ca:d6:83:bd:9c:ec:95:25: 52:73:77:e6:58:33:ba:2f:ce:a3:e2:cc:c2:1c:cb: d0:d9:3e:bb:32:86:3e:ed:27:50:4e:1b:c4:68:d2: 87:e6:e4:8a:1b:82:73:81:8e:c3:23:66:5c:92:a9: fb:fb:19:91:36:d0:23:3a:e6:c2:dc:33:6a:28:64: 4f:b7:0f:17:1e:18:68:30:3e:30:11:67:17:30:9c: 32:d4:7a:c9:3b:92:3f:eb:43:0f:1c:7d:6d:79:33: 8b:77:05:d2:b1:73:d8:39:c5:54:54:c1:2b:34:1c: a2:ae:d6:83:21:16:0e:6f:df:1a:7f:2c:f9:a0:e7: d7:bc:00:bf:ea:dc:b1:b1:2b:03:68:eb:37:97:20: e3:69:16:7f:62:c8:63:4b:6a:fb:81:74:d8:5d:c6: 0b:60:ff:6f:6a:e8:5a:f9:65:b4:c0:40:ae:25:b5: fe:8b:2f:f9:ea:36:fc:a2:67:bf:b2:18:c9:4c:46: 03:f8:9f:8a:28:6b:5b:80:b0:5c:c7:3c:54:32:b0: 45:13:9e:be:42:eb:50:3a:07:fc:0b:62:81:be:16: 9e:55:73:7f:47:04:9e:75:a1:bb:97:fd:e5:91:16: 26:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C1:0B:8F:02:A2:86:E5:12:F3:6A:82:8A:85:49:D6:60:4B:FB:60:CC X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:a5:c2:11:0f:32:21:3a:20:0a:ed:db:b4:b6:7e:30:f2:09: 5e:28:55:3e:65:21:87:18:a5:af:7d:ac:aa:49:3f:e4:ac:0f: 08:b9:3a:3c:03:97:d1:ce:ba:88:f7:2d:8e:21:fd:2e:f6:8e: 47:d8:ca:50:48:5f:7a:89:1a:c7:5e:be:8f:56:9d:66:9a:1c: 19:a5:e2:ea:4d:d5:fa:6a:71:d8:83:25:3b:74:8c:ae:54:d3: ba:be:bd:eb:2f:85:73:95:76:80:3e:4a:e2:e1:ba:21:cf:87: f8:ef:d7:85:92:82:22:58:5e:b7:d2:b6:e5:06:ff:ab:9d:81: 07:5d:e6:cc:59:65:a3:10:c1:25:71:1c:aa:f5:aa:ba:7f:c1: da:7d:bf:c2:c9:59:10:17:dc:a3:3e:bd:0c:c5:09:e1:8b:18: 4e:af:d6:04:85:b0:19:2e:aa:56:06:7c:a9:c1:fd:87:54:b6: 25:37:80:51:e9:a9:e2:5f:24:32:2d:c2:18:b8:dc:f1:30:c5: 3e:dd:de:55:c4:8c:f1:99:32:24:92:fe:21:66:95:16:7c:0c: 80:91:35:73:17:bc:e2:ef:35:6b:10:16:b1:80:ce:54:d1:a1: 31:07:1a:14:28:47:8e:e9:30:0c:7f:c8:ca:0b:b3:f0:72:02: 76:22:4a:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFEMkQxMTAvBgNVBAUTKDk0QTk1MEIzMDNCNDY5MDBERDVBMzA2MTAzMEM4OUE0 ODk2ODAzQUYwHhcNMjUxMDE5MDczMDE5WhcNMjUxMDI2MDczMDE5WjAYMRYwFAYD VQQDEw02OGY0OTM4Yy1hY2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu90DKbbPhYVDScqDRj2WRry8sJdEytaDvZzslSVSc3fmWDO6L86j4szCHMvQ 2T67MoY+7SdQThvEaNKH5uSKG4JzgY7DI2Zckqn7+xmRNtAjOubC3DNqKGRPtw8X HhhoMD4wEWcXMJwy1HrJO5I/60MPHH1teTOLdwXSsXPYOcVUVMErNByirtaDIRYO b98afyz5oOfXvAC/6tyxsSsDaOs3lyDjaRZ/YshjS2r7gXTYXcYLYP9vauha+WW0 wECuJbX+iy/56jb8ome/shjJTEYD+J+KKGtbgLBcxzxUMrBFE56+QutQOgf8C2KB vhaeVXN/RwSedaG7l/3lkRYmvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMELjwKi huUS82qCioVJ1mBL+2DMMB8GA1UdIwQYMBaAFJSpULMDtGkA3VowYQMMiaSJaAOv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQyRC85MDg4RUU1QUU4 MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFRRGRXakJoQXd5SnBJbG9B NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUQyRC85MDg4RUU1QUU4MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFR RGRXakJoQXd5SnBJbG9BNjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1pcIRDzIhOiAK7du0tn4w8gleKFU+ZSGHGKWvfayqST/krA8IuTo8 A5fRzrqI9y2OIf0u9o5H2MpQSF96iRrHXr6PVp1mmhwZpeLqTdX6anHYgyU7dIyu VNO6vr3rL4VzlXaAPkri4bohz4f479eFkoIiWF630rblBv+rnYEHXebMWWWjEMEl cRyq9aq6f8Hafb/CyVkQF9yjPr0MxQnhixhOr9YEhbAZLqpWBnypwf2HVLYlN4BR 6aniXyQyLcIYuNzxMMU+3d5VxIzxmTIkkv4hZpUWfAyAkTVzF7zi7zVrEBaxgM5U 0aExBxoUKEeO6TAMf8jKC7PwcgJ2Ikpj -----END CERTIFICATE-----Generated at Mon Oct 20 00:20:38 2025 by rpki-client