$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft File: 4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft (raw, json) Hash identifier: 8LuGO1Klmk0sFHRHvZ4B8q3x3jr7tcwaWtYuzcU6at8= Subject key identifier: AF:FD:38:85:AC:56:D2:AA:4C:67:16:66:F8:8A:BC:12:5D:DA:7A:75 Authority key identifier: E2:1F:24:E0:C5:4D:BB:93:F6:67:81:44:02:D6:6A:D4:08:07:11:14 Certificate issuer: /CN=A91C4060/serialNumber=E21F24E0C54DBB93F667814402D66AD408071114 Certificate serial: 0768 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft Manifest number: 0761 Signing time: Sat 18 Oct 2025 23:00:10 +0000 Manifest this update: Sat 18 Oct 2025 23:00:09 +0000 Manifest next update: Sat 25 Oct 2025 23:00:09 +0000 Files and hashes: 1: 4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl (hash: ST+lN/zkWNVpi8vVeN+D3ywR6LDEBUNCS5yDGkog/zI=) 2: 71C26BD039D211EB84B9FD6BC4F9AE02.roa (hash: 1uZF2QAxlIwO0QnFgrG3CrAusMfAKjQaAjjZhLnhprI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 23:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1896 (0x768) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4060, serialNumber=E21F24E0C54DBB93F667814402D66AD408071114 Validity Not Before: Oct 18 23:00:09 2025 GMT Not After : Oct 25 23:00:09 2025 GMT Subject: CN=68f41bf9-39ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:75:85:ae:3d:df:aa:20:bb:e9:d6:72:38:d9: 30:92:e0:d2:61:24:87:79:d6:a9:99:47:6f:1c:9f: bc:32:01:a2:f0:f4:59:d2:32:bb:38:42:e9:18:c3: 07:ad:65:4a:6f:4f:a7:31:94:d3:eb:70:05:41:ee: 46:12:c3:a2:3d:15:9f:22:43:e8:06:aa:d6:09:0f: 2e:8b:ce:a8:6a:fc:8e:78:ff:83:6e:4a:c4:11:93: 24:58:f4:35:fa:5f:db:39:bf:17:65:5e:df:d3:33: 3b:4d:50:f9:92:7d:50:b2:0c:60:2b:98:e0:67:f8: 32:3a:e3:b9:72:84:4b:14:1a:04:c4:50:4e:e8:65: 4a:d4:bb:0f:35:75:ce:95:9a:b1:49:69:6b:5f:cb: 67:eb:93:ec:83:80:26:d6:fa:31:1d:0e:a3:e6:e8: d1:de:b1:7a:dd:96:e0:93:70:c0:bb:61:08:da:cc: 8a:7e:b5:87:b6:f8:4a:51:69:c3:e0:a3:db:5a:8d: 05:f1:23:c2:5b:bf:c9:c7:a6:b0:5c:54:97:d3:fe: 2d:14:d1:d4:30:9e:0e:97:39:0a:90:4c:0d:05:66: 8b:e7:ee:04:13:27:d4:65:22:18:f7:3c:76:82:6d: e4:59:96:cc:99:4e:fc:ee:a5:ea:c3:bc:c0:1b:b1: 65:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:FD:38:85:AC:56:D2:AA:4C:67:16:66:F8:8A:BC:12:5D:DA:7A:75 X509v3 Authority Key Identifier: keyid:E2:1F:24:E0:C5:4D:BB:93:F6:67:81:44:02:D6:6A:D4:08:07:11:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4060/569389FE39D011EB8F471569C4F9AE02/4h8k4MVNu5P2Z4FEAtZq1AgHERQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9b:c9:fc:78:a9:cd:19:be:95:f8:44:1b:31:33:d1:7e:59:6c: 73:cf:d9:53:af:fe:9d:e8:3c:cc:1b:1a:74:7b:61:3b:e3:20: be:0d:82:d7:6b:a4:e8:b5:b4:05:8c:b0:3a:0f:c5:75:3a:72: d0:7f:25:d9:f1:37:84:7b:d9:8a:43:b3:96:85:a1:3f:3a:39: 67:87:1b:fc:0d:4d:2c:4b:c0:6e:86:a2:45:c1:96:77:9e:b9: 3c:6e:8c:82:72:35:03:29:4e:cd:7d:b9:0e:af:81:b4:08:25: 33:bc:7a:8b:6e:2b:bc:a3:c3:b8:7c:f8:2a:64:f4:1d:80:5d: d1:3d:53:49:9d:25:2c:d9:d9:78:21:cd:43:11:e6:27:09:78: e4:20:4f:4c:74:cc:a4:17:0b:f4:9b:11:5a:cc:62:7f:38:da: 97:59:e1:02:00:f0:fb:08:88:25:b5:28:5e:47:f7:a8:d2:77: 13:bb:0f:f9:7f:ac:d3:c2:7e:d5:19:de:a6:92:df:cc:ed:26: 17:af:b0:14:4b:c5:ce:4d:f2:a7:d3:0c:aa:ba:5f:5f:95:c5: 1b:61:68:5e:b6:af:d3:d1:27:e2:ff:1d:fd:c0:88:1d:2f:74: 07:0a:bd:54:0e:41:7b:a0:e6:ac:0e:5e:a2:44:f0:39:2c:d0: 15:e2:6d:89 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB2gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQwNjAxMTAvBgNVBAUTKEUyMUYyNEUwQzU0REJCOTNGNjY3ODE0NDAyRDY2QUQ0 MDgwNzExMTQwHhcNMjUxMDE4MjMwMDA5WhcNMjUxMDI1MjMwMDA5WjAYMRYwFAYD VQQDEw02OGY0MWJmOS0zOWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuHWFrj3fqiC76dZyONkwkuDSYSSHedapmUdvHJ+8MgGi8PRZ0jK7OELpGMMH rWVKb0+nMZTT63AFQe5GEsOiPRWfIkPoBqrWCQ8ui86oavyOeP+DbkrEEZMkWPQ1 +l/bOb8XZV7f0zM7TVD5kn1QsgxgK5jgZ/gyOuO5coRLFBoExFBO6GVK1LsPNXXO lZqxSWlrX8tn65Psg4Am1voxHQ6j5ujR3rF63Zbgk3DAu2EI2syKfrWHtvhKUWnD 4KPbWo0F8SPCW7/Jx6awXFSX0/4tFNHUMJ4OlzkKkEwNBWaL5+4EEyfUZSIY9zx2 gm3kWZbMmU787qXqw7zAG7FlmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK/9OIWs VtKqTGcWZviKvBJd2np1MB8GA1UdIwQYMBaAFOIfJODFTbuT9meBRALWatQIBxEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDA2MC81NjkzODlGRTM5 RDAxMUVCOEY0NzE1NjlDNEY5QUUwMi80aDhrNE1WTnU1UDJaNEZFQXRacTFBZ0hF UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoOGs0TVZOdTVQMlo0RkVBdFpxMUFnSEVSUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDA2MC81NjkzODlGRTM5RDAxMUVCOEY0NzE1NjlDNEY5QUUwMi80aDhrNE1WTnU1 UDJaNEZFQXRacTFBZ0hFUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCbyfx4qc0ZvpX4RBsxM9F+WWxzz9lTr/6d6DzMGxp0e2E74yC+DYLX a6TotbQFjLA6D8V1OnLQfyXZ8TeEe9mKQ7OWhaE/Ojlnhxv8DU0sS8BuhqJFwZZ3 nrk8boyCcjUDKU7NfbkOr4G0CCUzvHqLbiu8o8O4fPgqZPQdgF3RPVNJnSUs2dl4 Ic1DEeYnCXjkIE9MdMykFwv0mxFazGJ/ONqXWeECAPD7CIgltSheR/eo0ncTuw/5 f6zTwn7VGd6mkt/M7SYXr7AUS8XOTfKn0wyqul9flcUbYWhetq/T0Sfi/x39wIgd L3QHCr1UDkF7oOasDl6iRPA5LNAV4m2J -----END CERTIFICATE-----Generated at Mon Oct 20 04:18:25 2025 by rpki-client