$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft File: 3COmnqHvwaN5SSwT6awUfEn1rQQ.mft (raw, json) Hash identifier: kDaCaucmQTaQdPmComDDVZY/ff4NMbf+/p6is+Pc4TM= Subject key identifier: F9:59:55:ED:7C:9B:C2:8F:76:3B:51:7F:90:1E:14:10:5B:A8:1C:D9 Authority key identifier: DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 Certificate issuer: /CN=A91BB4C2/serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Certificate serial: 0222 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft Manifest number: 01F3 Signing time: Sun 19 Oct 2025 05:29:31 +0000 Manifest this update: Sun 19 Oct 2025 05:29:30 +0000 Manifest next update: Sun 26 Oct 2025 05:29:30 +0000 Files and hashes: 1: 3COmnqHvwaN5SSwT6awUfEn1rQQ.crl (hash: /w7ilZUgo72tBCnPB9bxRkSgXko49R8gPRBt9DVNmSA=) 2: CBF7E2CE2D3611EEA81A490BC4F9AE02.roa (hash: 4yj8sZR6Z/FxcvXrPscntmMUZkXTFX7XG+1HhFVkn+I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:29:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 546 (0x222) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB4C2, serialNumber=DC23A69EA1EFC1A379492C13E9AC147C49F5AD04 Validity Not Before: Oct 19 05:29:30 2025 GMT Not After : Oct 26 05:29:30 2025 GMT Subject: CN=68f4773a-04e5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:d5:b3:a7:1a:66:37:cb:61:89:7a:ca:f8:30: f4:ae:5f:e3:46:db:48:c8:fa:56:e1:c5:1e:40:8b: 21:44:5a:05:c1:e4:78:d6:a9:14:bb:2b:91:c7:df: 44:6a:37:e8:18:d3:f3:88:22:0a:24:42:97:86:74: 82:5c:ee:ae:42:f8:6e:88:3d:27:6d:bc:37:53:4c: 17:b3:dd:e4:6a:95:e5:0d:c3:24:8d:fe:97:5e:f5: cd:96:7e:b2:1c:ce:46:66:5d:18:78:2e:b8:ec:b9: b0:dc:bb:7a:81:c0:0a:72:4b:8f:16:5f:2f:d6:0c: 0b:0a:7c:f1:cb:66:d8:95:67:06:cc:0d:e8:50:37: 91:08:41:d2:71:cc:e2:27:8b:4d:59:d7:0f:64:b2: 09:98:be:27:94:b6:d1:a3:31:cc:4d:ef:89:b1:59: 1f:95:c3:64:31:78:f7:c5:69:da:b8:00:0c:67:93: a5:98:8c:e4:29:fd:87:00:70:cd:2c:d6:3f:7d:79: 71:d4:62:f9:e9:58:b3:89:29:89:72:50:3e:c0:f9: 39:a4:fd:5b:51:c6:a4:fd:21:40:d7:08:31:13:ca: 38:59:9f:33:98:79:aa:02:60:85:c7:8a:7e:fe:70: 68:74:88:b0:f5:a5:0f:13:bb:b2:2d:80:39:db:4f: d1:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F9:59:55:ED:7C:9B:C2:8F:76:3B:51:7F:90:1E:14:10:5B:A8:1C:D9 X509v3 Authority Key Identifier: keyid:DC:23:A6:9E:A1:EF:C1:A3:79:49:2C:13:E9:AC:14:7C:49:F5:AD:04 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3COmnqHvwaN5SSwT6awUfEn1rQQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB4C2/B17E95D6037011EE9BB62C2FC4F9AE02/3COmnqHvwaN5SSwT6awUfEn1rQQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:ba:d8:fe:94:30:a0:9c:ef:45:11:d5:d2:5f:9f:4f:ca:82: 96:a1:22:c7:1e:c8:51:49:ed:45:f7:71:2c:a4:af:97:f5:b1: 56:65:30:9e:7b:20:5a:ad:70:9e:0e:24:55:25:af:c6:aa:d9: e0:76:65:3a:ea:7a:c0:bb:37:34:12:a6:08:25:48:a2:d1:0e: ea:93:db:b5:01:3a:7d:8c:84:aa:fc:2a:71:cd:08:98:3e:b2: 66:50:b8:54:f7:3f:3d:0e:d2:28:47:6c:cd:9a:4f:77:85:7c: 8e:1a:b0:b3:a9:bb:7d:d5:4b:b2:4d:ac:19:e1:9b:b2:9a:6d: d6:fc:75:8f:f7:00:5c:d7:73:9a:a6:f7:20:50:41:08:4b:1c: ce:2f:37:2d:92:91:fd:f0:aa:a5:cd:5b:a8:44:ab:93:66:39: 9b:62:2a:d9:d4:57:33:6f:15:14:57:c4:f5:5f:c2:3c:cb:1d: df:27:78:02:9f:cb:fd:b1:01:c5:bc:be:95:fc:07:19:d8:0c: 3d:d3:d2:84:16:27:74:d5:df:db:64:02:72:c5:d6:78:73:fd: 5d:f4:e4:d6:0e:e2:2a:d6:64:1c:59:de:7a:7b:fe:da:16:79: 90:86:06:88:b5:d9:a8:12:34:3f:fb:84:bb:64:9c:6a:b5:cf: db:dd:e7:66 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI0QzIxMTAvBgNVBAUTKERDMjNBNjlFQTFFRkMxQTM3OTQ5MkMxM0U5QUMxNDdD NDlGNUFEMDQwHhcNMjUxMDE5MDUyOTMwWhcNMjUxMDI2MDUyOTMwWjAYMRYwFAYD VQQDEw02OGY0NzczYS0wNGU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA19WzpxpmN8thiXrK+DD0rl/jRttIyPpW4cUeQIshRFoFweR41qkUuyuRx99E ajfoGNPziCIKJEKXhnSCXO6uQvhuiD0nbbw3U0wXs93kapXlDcMkjf6XXvXNln6y HM5GZl0YeC647Lmw3Lt6gcAKckuPFl8v1gwLCnzxy2bYlWcGzA3oUDeRCEHScczi J4tNWdcPZLIJmL4nlLbRozHMTe+JsVkflcNkMXj3xWnauAAMZ5OlmIzkKf2HAHDN LNY/fXlx1GL56ViziSmJclA+wPk5pP1bUcak/SFA1wgxE8o4WZ8zmHmqAmCFx4p+ /nBodIiw9aUPE7uyLYA520/REQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPlZVe18 m8KPdjtRf5AeFBBbqBzZMB8GA1UdIwQYMBaAFNwjpp6h78GjeUksE+msFHxJ9a0E MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjRDMi9CMTdFOTVENjAz NzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndhTjVTU3dUNmF3VWZFbjFy UVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNDT21ucUh2d2FONVNTd1Q2YXdVZkVuMXJRUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjRDMi9CMTdFOTVENjAzNzAxMUVFOUJCNjJDMkZDNEY5QUUwMi8zQ09tbnFIdndh TjVTU3dUNmF3VWZFbjFyUVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnutj+lDCgnO9FEdXSX59PyoKWoSLHHshRSe1F93EspK+X9bFWZTCe eyBarXCeDiRVJa/GqtngdmU66nrAuzc0EqYIJUii0Q7qk9u1ATp9jISq/CpxzQiY PrJmULhU9z89DtIoR2zNmk93hXyOGrCzqbt91UuyTawZ4Zuymm3W/HWP9wBc13Oa pvcgUEEISxzOLzctkpH98KqlzVuoRKuTZjmbYirZ1FczbxUUV8T1X8I8yx3fJ3gC n8v9sQHFvL6V/AcZ2Aw909KEFid01d/bZAJyxdZ4c/1d9OTWDuIq1mQcWd56e/7a FnmQhgaItdmoEjQ/+4S7ZJxqtc/b3edm -----END CERTIFICATE-----Generated at Mon Oct 20 09:30:25 2025 by rpki-client