$ rpki-client -vvf rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft File: aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft (raw, json) Hash identifier: lXj2EX74usNASQSZW997j1gRhhOXO5Xs5NN60gKZhl4= Subject key identifier: 3F:C8:3F:5E:A9:8A:A8:03:41:79:6A:E8:92:00:FC:19:EB:D2:F7:48 Authority key identifier: 68:76:3E:92:A2:C1:78:53:16:75:76:65:11:03:F8:1F:59:AC:DC:1A Certificate issuer: /CN=A91C4750/serialNumber=68763E92A2C17853167576651103F81F59ACDC1A Certificate serial: 085D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft Manifest number: 0856 Signing time: Sat 18 Oct 2025 21:49:09 +0000 Manifest this update: Sat 18 Oct 2025 21:49:08 +0000 Manifest next update: Sat 25 Oct 2025 21:49:08 +0000 Files and hashes: 1: aHY-kqLBeFMWdXZlEQP4H1ms3Bo.crl (hash: 2r+ZcgIx1khIcZpViFoev/52fxTPvOsxyi6oxm789+c=) 2: DA1A98C4DABE11EAB12A5209C4F9AE02.roa (hash: Uilk1jJBfDMGY2sckuokao9InqlSOEodf+Dfn/tc4QA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.crl rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:49:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2141 (0x85d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C4750, serialNumber=68763E92A2C17853167576651103F81F59ACDC1A Validity Not Before: Oct 18 21:49:08 2025 GMT Not After : Oct 25 21:49:08 2025 GMT Subject: CN=68f40b55-29ab Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:61:a6:7a:35:4a:55:e6:69:45:c0:a7:33:fe: 02:fc:c9:56:43:ac:ac:e8:01:c2:0e:a1:45:8f:4b: 3a:05:b5:22:49:3a:7d:60:62:1e:a6:20:90:6c:89: f6:14:29:bf:16:bd:e1:07:43:a4:64:dd:08:d1:c8: 2e:97:45:06:1e:96:c9:62:59:21:a4:14:76:3f:53: 59:cd:0b:0d:d7:09:3a:c0:98:27:11:b6:37:d2:40: 9d:83:fb:c8:6a:fe:9f:64:40:a7:c7:66:ff:9d:43: 60:74:d7:8c:51:45:83:dc:5a:b5:cd:b1:40:b9:ad: 3a:d6:96:91:5e:d6:d5:53:0a:02:5f:78:85:8c:c7: 9e:0f:f5:5f:87:56:1b:4a:64:7d:5f:ac:81:7d:09: 46:df:4f:c7:5a:9c:3b:57:98:dc:b3:de:6d:51:b5: 4c:69:a2:1e:3c:d3:1b:e5:30:f4:53:99:b9:8a:14: 0a:a4:38:8c:f5:09:0d:60:c3:0d:81:96:f6:17:9a: da:56:f0:a2:31:36:42:23:17:89:6f:fb:fc:f1:fc: 92:9f:c1:2c:6f:f6:ee:bf:c2:70:3a:73:82:52:54: e9:83:fd:22:ac:ff:45:9f:f9:c2:6e:09:f3:53:d1: 73:58:db:08:b2:21:28:98:dd:24:77:81:73:4d:68: dc:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:C8:3F:5E:A9:8A:A8:03:41:79:6A:E8:92:00:FC:19:EB:D2:F7:48 X509v3 Authority Key Identifier: keyid:68:76:3E:92:A2:C1:78:53:16:75:76:65:11:03:F8:1F:59:AC:DC:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C4750/90D5EC5ADABD11EA8FC62387C4F9AE02/aHY-kqLBeFMWdXZlEQP4H1ms3Bo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 17:ce:8d:1b:56:0a:27:20:b2:69:73:ca:81:d4:78:2b:fb:49: 73:49:8e:4b:77:fa:58:9e:a2:7f:44:70:90:02:78:77:cf:7e: 59:37:a3:57:1d:29:66:19:d8:2c:89:4d:b8:5a:4d:65:94:75: 6d:9f:95:f8:d9:6f:db:65:ab:0b:e3:73:4a:0a:0c:f4:81:4a: 5b:0d:84:c0:8c:84:93:82:c6:32:dc:74:0a:ec:4b:55:a7:49: d9:71:da:2c:46:0d:28:40:e9:d8:b5:03:47:cf:69:52:f7:8b: 8a:6d:55:f2:dd:20:23:4b:a3:6b:87:dd:06:30:bc:f0:df:22: fc:88:01:87:da:00:79:6b:a0:07:4f:e3:d7:4b:22:ed:0c:19: 9f:dc:7c:4d:db:17:64:b0:ee:78:42:56:25:3c:ad:fc:d7:70: 4d:fc:40:89:1d:a3:04:1e:aa:e7:24:cf:2d:e8:d8:a5:66:82: ac:03:a5:2f:32:04:58:5b:04:de:f7:39:29:f5:a8:a5:8a:8a: ef:cf:e5:79:09:0c:58:9a:c5:aa:b7:19:40:fb:96:05:fd:cb: eb:c8:ff:73:48:ff:bd:e9:d6:73:e3:ff:73:fb:e3:7a:f0:60: 8a:26:ab:24:9d:2e:5a:73:7b:66:85:6b:b2:0d:a8:b2:e4:9c: ed:0c:28:1a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCF0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzQ3NTAxMTAvBgNVBAUTKDY4NzYzRTkyQTJDMTc4NTMxNjc1NzY2NTExMDNGODFG NTlBQ0RDMUEwHhcNMjUxMDE4MjE0OTA4WhcNMjUxMDI1MjE0OTA4WjAYMRYwFAYD VQQDEw02OGY0MGI1NS0yOWFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq2GmejVKVeZpRcCnM/4C/MlWQ6ys6AHCDqFFj0s6BbUiSTp9YGIepiCQbIn2 FCm/Fr3hB0OkZN0I0cgul0UGHpbJYlkhpBR2P1NZzQsN1wk6wJgnEbY30kCdg/vI av6fZECnx2b/nUNgdNeMUUWD3Fq1zbFAua061paRXtbVUwoCX3iFjMeeD/Vfh1Yb SmR9X6yBfQlG30/HWpw7V5jcs95tUbVMaaIePNMb5TD0U5m5ihQKpDiM9QkNYMMN gZb2F5raVvCiMTZCIxeJb/v88fySn8Esb/buv8JwOnOCUlTpg/0irP9Fn/nCbgnz U9FzWNsIsiEomN0kd4FzTWjcYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD/IP16p iqgDQXlq6JIA/Bnr0vdIMB8GA1UdIwQYMBaAFGh2PpKiwXhTFnV2ZRED+B9ZrNwa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNDc1MC85MEQ1RUM1QURB QkQxMUVBOEZDNjIzODdDNEY5QUUwMi9hSFkta3FMQmVGTVdkWFpsRVFQNEgxbXMz Qm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2FIWS1rcUxCZUZNV2RYWmxFUVA0SDFtczNCby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NDc1MC85MEQ1RUM1QURBQkQxMUVBOEZDNjIzODdDNEY5QUUwMi9hSFkta3FMQmVG TVdkWFpsRVFQNEgxbXMzQm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAXzo0bVgonILJpc8qB1Hgr+0lzSY5Ld/pYnqJ/RHCQAnh3z35ZN6NX HSlmGdgsiU24Wk1llHVtn5X42W/bZasL43NKCgz0gUpbDYTAjISTgsYy3HQK7EtV p0nZcdosRg0oQOnYtQNHz2lS94uKbVXy3SAjS6Nrh90GMLzw3yL8iAGH2gB5a6AH T+PXSyLtDBmf3HxN2xdksO54QlYlPK3813BN/ECJHaMEHqrnJM8t6NilZoKsA6Uv MgRYWwTe9zkp9ailiorvz+V5CQxYmsWqtxlA+5YF/cvryP9zSP+96dZz4/9z++N6 8GCKJqsknS5ac3tmhWuyDaiy5JztDCga -----END CERTIFICATE-----Generated at Mon Oct 20 14:01:24 2025 by rpki-client