$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft File: R-lr-DG7PMQ7TweEJj5ylYddVRY.mft (raw, json) Hash identifier: f0tFvjz49UyQCZPUOCMxy1LznPsKD5cPgOwssAugQBM= Subject key identifier: 97:8E:9E:CB:45:4C:84:F0:3B:0A:C2:61:8F:05:99:03:22:E3:09:EA Authority key identifier: 47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 Certificate issuer: /CN=A91C4204/serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Certificate serial: 55 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft Manifest number: 53 Signing time: Sun 19 Oct 2025 10:38:11 +0000 Manifest this update: Sun 19 Oct 2025 10:38:11 +0000 Manifest next update: Sun 26 Oct 2025 10:38:10 +0000 Files and hashes: 1: R-lr-DG7PMQ7TweEJj5ylYddVRY.crl (hash: 8kexmDmpZIxckRJ9dPOgeNpBzGFyBazO3oP/KaKRHhM=) 2: CA2D4952300911F0AB675D3EC4F9AE02.roa (hash: wSACUp5c4PrWddzrJcvj1KCwEmCFzuB6DHldOTgXN4E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:38:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 85 (0x55) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4204, serialNumber=47E96BF831BB3CC43B4F0784263E7295875D5516 Validity Not Before: Oct 19 10:38:11 2025 GMT Not After : Oct 26 10:38:10 2025 GMT Subject: CN=68f4bf93-fd5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:43:4a:46:9d:f1:fd:2d:32:c6:96:c3:dc:81: af:18:3e:93:1b:6a:53:2a:18:c2:f4:0b:60:fd:b1: 86:c4:74:c1:f3:65:40:d7:aa:07:5d:a9:3a:50:d7: 2a:c7:56:8c:65:f3:99:56:86:f8:2f:79:b6:f6:a4: ef:58:3f:de:60:bb:80:87:81:61:2b:27:84:14:85: 17:a4:9a:86:d9:53:c4:47:40:da:e5:47:f2:a7:79: 4f:9d:9e:f2:e2:29:fd:3b:13:27:3d:70:c4:6e:68: b2:7f:91:92:f5:80:89:a6:3f:91:6a:3c:2c:78:a6: b8:5b:b1:82:9c:d9:0d:77:a6:37:89:0e:0b:8c:b6: 28:88:03:7d:a2:cf:76:eb:fb:52:1f:07:c0:01:81: b1:22:d0:3b:c3:3b:22:cc:c3:8a:52:83:79:3f:0b: 65:89:c3:eb:b5:28:8d:46:b2:85:77:e7:e3:29:08: 20:af:26:83:54:42:43:7e:ee:a0:b1:09:1e:e5:1e: e7:d8:ba:fe:47:62:10:6c:04:7a:71:a5:47:9e:f5: 65:c4:f8:97:28:1f:e6:d9:36:c7:b2:69:8b:48:99: 87:4b:f5:55:50:a6:19:67:79:ad:0c:e2:87:a9:8a: 63:a7:73:ec:9f:1c:d0:be:f9:8f:37:a5:52:f3:42: 80:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 97:8E:9E:CB:45:4C:84:F0:3B:0A:C2:61:8F:05:99:03:22:E3:09:EA X509v3 Authority Key Identifier: keyid:47:E9:6B:F8:31:BB:3C:C4:3B:4F:07:84:26:3E:72:95:87:5D:55:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/R-lr-DG7PMQ7TweEJj5ylYddVRY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4204/441B5052300911F0A0AA7D3DC4F9AE02/R-lr-DG7PMQ7TweEJj5ylYddVRY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:e4:55:a8:24:9c:c9:8d:2d:76:b5:d3:69:7d:a9:3d:96:7c: 8c:ff:c7:a5:a2:7e:27:f5:1a:4d:92:3e:d7:5c:31:12:26:aa: a1:81:11:d2:ac:cd:87:e7:df:26:fa:de:b0:c7:fa:19:34:ed: 81:59:28:c5:5c:76:37:4e:c5:22:a3:4d:8e:f2:5e:64:66:76: 77:68:db:c0:4f:c5:e8:4b:d4:98:2b:e4:c8:86:b0:42:71:ce: e5:0b:4d:94:94:90:de:c0:47:c7:89:96:1b:f9:99:27:87:f1: 8e:00:dd:fc:1f:fa:31:aa:d1:ad:55:5f:3a:e5:eb:eb:bb:1f: 36:d1:a2:a0:d8:a4:1c:88:12:5e:91:e1:cf:e2:0d:a0:b5:60: 12:3f:f2:e9:7a:58:bb:17:ff:2b:07:92:ac:6d:ce:7b:49:b3: f7:fd:62:dc:82:2d:e5:e9:8e:1c:d2:c4:d8:09:ee:c3:19:61: 77:ba:25:1c:45:11:de:1c:a1:c8:dd:75:cc:bc:6a:dc:b4:30: 88:90:2c:b5:9f:83:bc:6d:9f:fc:1b:02:f7:e7:6c:bf:0b:77: 1e:aa:02:80:af:a8:48:3f:f7:49:20:d5:8c:0b:d0:6f:af:c7: b4:2b:80:38:cb:9d:08:82:ba:28:4b:1e:47:a9:43:d7:41:ff: 68:24:7d:8d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBVTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD NDIwNDExMC8GA1UEBRMoNDdFOTZCRjgzMUJCM0NDNDNCNEYwNzg0MjYzRTcyOTU4 NzVENTUxNjAeFw0yNTEwMTkxMDM4MTFaFw0yNTEwMjYxMDM4MTBaMBgxFjAUBgNV BAMTDTY4ZjRiZjkzLWZkNWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnQ0pGnfH9LTLGlsPcga8YPpMbalMqGML0C2D9sYbEdMHzZUDXqgddqTpQ1yrH Voxl85lWhvgvebb2pO9YP95gu4CHgWErJ4QUhRekmobZU8RHQNrlR/KneU+dnvLi Kf07Eyc9cMRuaLJ/kZL1gImmP5FqPCx4prhbsYKc2Q13pjeJDguMtiiIA32iz3br +1IfB8ABgbEi0DvDOyLMw4pSg3k/C2WJw+u1KI1GsoV35+MpCCCvJoNUQkN+7qCx CR7lHufYuv5HYhBsBHpxpUee9WXE+JcoH+bZNseyaYtImYdL9VVQphlnea0M4oep imOnc+yfHNC++Y83pVLzQoBjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUl46ey0VM hPA7CsJhjwWZAyLjCeowHwYDVR0jBBgwFoAUR+lr+DG7PMQ7TweEJj5ylYddVRYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0MjA0LzQ0MUI1MDUyMzAw OTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1RN1R3ZUVKajV5bFlkZFZS WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvUi1sci1ERzdQTVE3VHdlRUpqNXlsWWRkVlJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUM0 MjA0LzQ0MUI1MDUyMzAwOTExRjBBMEFBN0QzREM0RjlBRTAyL1ItbHItREc3UE1R N1R3ZUVKajV5bFlkZFZSWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKfkVagknMmNLXa102l9qT2WfIz/x6Wifif1Gk2SPtdcMRImqqGBEdKs zYfn3yb63rDH+hk07YFZKMVcdjdOxSKjTY7yXmRmdndo28BPxehL1Jgr5MiGsEJx zuULTZSUkN7AR8eJlhv5mSeH8Y4A3fwf+jGq0a1VXzrl6+u7HzbRoqDYpByIEl6R 4c/iDaC1YBI/8ul6WLsX/ysHkqxtzntJs/f9YtyCLeXpjhzSxNgJ7sMZYXe6JRxF Ed4cocjddcy8aty0MIiQLLWfg7xtn/wbAvfnbL8Ldx6qAoCvqEg/90kg1YwL0G+v x7QrgDjLnQiCuihLHkepQ9dB/2gkfY0= -----END CERTIFICATE-----Generated at Tue Oct 21 15:12:55 2025 by rpki-client