$ rpki-client -vvf rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft File: du8ZOVeobWTTw83rngdGdG70KQo.mft (raw, json) Hash identifier: 5Z1fP0mE6sbVXFT4GJEkoGrpj7dsPJfPzoFldiRaXhk= Subject key identifier: 73:AA:33:0C:B6:1F:70:64:95:89:F6:69:03:BC:09:06:43:62:D7:8F Authority key identifier: 76:EF:19:39:57:A8:6D:64:D3:C3:CD:EB:9E:07:46:74:6E:F4:29:0A Certificate issuer: /CN=A91C40D6/serialNumber=76EF193957A86D64D3C3CDEB9E0746746EF4290A Certificate serial: 0145 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft Manifest number: 0142 Signing time: Mon 20 Oct 2025 20:59:45 +0000 Manifest this update: Mon 20 Oct 2025 20:59:44 +0000 Manifest next update: Mon 27 Oct 2025 20:59:44 +0000 Files and hashes: 1: du8ZOVeobWTTw83rngdGdG70KQo.crl (hash: rpZ7jl7vQErI8DgP3TGL8CW2uTL61EQIQhKBlQijE7w=) 2: DF4EFA76CA7811EE838E0A73C4F9AE02.roa (hash: /FORfGBg9zOxItBO8An19jk30uxSaavKCQfEXQzUIIw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.crl rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:59:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 325 (0x145) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C40D6, serialNumber=76EF193957A86D64D3C3CDEB9E0746746EF4290A Validity Not Before: Oct 20 20:59:44 2025 GMT Not After : Oct 27 20:59:44 2025 GMT Subject: CN=68f6a2c1-f4e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:95:4c:04:cf:b0:b8:8d:75:c9:b0:ea:a1:85: b8:ba:a8:c0:f4:f9:30:0b:5c:66:73:f6:22:76:18: ca:44:f4:80:6d:ac:fa:c3:8c:a7:b6:69:94:60:ac: 25:f5:09:bc:c6:2b:a5:4b:f1:df:fc:7e:99:85:d1: 53:8c:40:d2:49:86:5a:55:f8:f8:ac:68:4b:d7:92: 04:80:8e:d8:2a:d5:59:78:17:6a:05:62:57:30:c9: 90:b9:d5:56:a1:26:56:92:1f:bd:47:fb:d2:80:15: 27:9d:ec:1f:23:51:ea:1d:e3:aa:d8:c4:d6:65:38: 54:f1:72:b6:85:9f:5d:af:6f:01:73:bf:eb:4f:2a: 6f:4c:1b:9e:6d:a5:0a:57:9e:e9:b3:02:36:a3:f2: ce:b9:2f:1d:df:8e:e9:c1:4f:e9:20:d4:03:13:59: 48:37:14:6a:7b:85:2d:66:4d:7a:a1:4a:9d:f8:62: c9:cf:05:e2:04:88:98:85:66:9c:ae:4b:f7:63:b1: 0d:42:af:7a:0e:47:dc:fa:82:cb:91:01:6b:e7:bf: 81:2d:4a:c6:72:cf:49:ca:21:a1:47:4c:dc:e4:02: 3c:0a:04:14:77:98:59:ad:94:98:f9:0a:f8:92:6a: 51:3e:af:1c:49:f6:b8:85:f6:3c:23:33:0a:92:e2: 9c:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:AA:33:0C:B6:1F:70:64:95:89:F6:69:03:BC:09:06:43:62:D7:8F X509v3 Authority Key Identifier: keyid:76:EF:19:39:57:A8:6D:64:D3:C3:CD:EB:9E:07:46:74:6E:F4:29:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/du8ZOVeobWTTw83rngdGdG70KQo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C40D6/05F86014C53711EEB67AEB79C4F9AE02/du8ZOVeobWTTw83rngdGdG70KQo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:61:55:14:0e:d9:fd:f4:5b:7b:00:d2:3a:93:8b:74:ea:c1: 37:e3:aa:31:e0:00:3a:61:8c:df:db:db:d9:e3:56:e0:15:52: 9b:4f:27:d7:15:19:73:c0:e0:bb:b0:cf:71:48:e5:27:48:b3: 97:6e:99:b2:ce:8c:00:bf:ad:96:a8:e7:49:c2:97:94:2d:0b: ff:27:18:93:6c:19:64:ff:14:11:4d:9e:ce:a1:fd:34:5d:6f: e0:26:a1:5b:99:9f:f4:5a:6d:91:c4:50:ae:df:3d:bf:e2:b3: cf:4e:14:1f:e5:b7:29:f0:5b:e5:44:a0:f1:27:fd:9c:25:12: cb:0d:5b:35:cb:72:0e:bd:b9:0b:80:36:af:07:af:a4:85:cd: 45:36:b4:04:d1:9e:05:b7:29:53:28:06:c9:38:10:ce:4a:c5: 1d:97:82:a4:23:00:f0:9f:ec:70:08:c8:f4:58:a5:ae:ef:d1: 12:1e:77:5a:8d:4f:2c:12:94:75:53:7b:8b:e5:fa:7e:1c:2b: c8:13:45:2b:e7:8e:bd:26:ee:b1:1d:65:d7:8b:bf:57:22:25: 8c:f1:b3:bb:16:c5:65:93:78:9e:7b:7e:3d:09:05:dc:a4:c9: 3a:3c:cb:d7:85:fb:13:7c:03:bf:29:d7:ce:29:00:c9:c4:4e: bd:9a:dd:da -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQwRDYxMTAvBgNVBAUTKDc2RUYxOTM5NTdBODZENjREM0MzQ0RFQjlFMDc0Njc0 NkVGNDI5MEEwHhcNMjUxMDIwMjA1OTQ0WhcNMjUxMDI3MjA1OTQ0WjAYMRYwFAYD VQQDEw02OGY2YTJjMS1mNGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtJVMBM+wuI11ybDqoYW4uqjA9PkwC1xmc/YidhjKRPSAbaz6w4yntmmUYKwl 9Qm8xiulS/Hf/H6ZhdFTjEDSSYZaVfj4rGhL15IEgI7YKtVZeBdqBWJXMMmQudVW oSZWkh+9R/vSgBUnnewfI1HqHeOq2MTWZThU8XK2hZ9dr28Bc7/rTypvTBuebaUK V57pswI2o/LOuS8d347pwU/pINQDE1lINxRqe4UtZk16oUqd+GLJzwXiBIiYhWac rkv3Y7ENQq96Dkfc+oLLkQFr57+BLUrGcs9JyiGhR0zc5AI8CgQUd5hZrZSY+Qr4 kmpRPq8cSfa4hfY8IzMKkuKckQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHOqMwy2 H3BklYn2aQO8CQZDYtePMB8GA1UdIwQYMBaAFHbvGTlXqG1k08PN654HRnRu9CkK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDBENi8wNUY4NjAxNEM1 MzcxMUVFQjY3QUVCNzlDNEY5QUUwMi9kdThaT1Zlb2JXVFR3ODNybmdkR2RHNzBL UW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2R1OFpPVmVvYldUVHc4M3JuZ2RHZEc3MEtRby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDBENi8wNUY4NjAxNEM1MzcxMUVFQjY3QUVCNzlDNEY5QUUwMi9kdThaT1Zlb2JX VFR3ODNybmdkR2RHNzBLUW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpYVUUDtn99Ft7ANI6k4t06sE346ox4AA6YYzf29vZ41bgFVKbTyfX FRlzwOC7sM9xSOUnSLOXbpmyzowAv62WqOdJwpeULQv/JxiTbBlk/xQRTZ7Oof00 XW/gJqFbmZ/0Wm2RxFCu3z2/4rPPThQf5bcp8FvlRKDxJ/2cJRLLDVs1y3IOvbkL gDavB6+khc1FNrQE0Z4FtylTKAbJOBDOSsUdl4KkIwDwn+xwCMj0WKWu79ESHnda jU8sEpR1U3uL5fp+HCvIE0Ur5469Ju6xHWXXi79XIiWM8bO7FsVlk3iee349CQXc pMk6PMvXhfsTfAO/KdfOKQDJxE69mt3a -----END CERTIFICATE-----Generated at Tue Oct 21 11:40:37 2025 by rpki-client