$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft File: 3dzECt5nfyP4p5ukFo729r7wZcc.mft (raw, json) Hash identifier: V1eoa/+UcQWFIqqYYLd7Bj6PyGXFFi87r5Vs5UDYqY0= Subject key identifier: 64:8B:CC:29:63:59:19:AF:30:A1:D7:C4:E7:CA:36:74:B4:33:BC:22 Authority key identifier: DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7 Certificate issuer: /CN=A91CB2E2/serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7 Certificate serial: 19 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft Manifest number: 18 Signing time: Sun 19 Oct 2025 11:25:23 +0000 Manifest this update: Sun 19 Oct 2025 11:25:23 +0000 Manifest next update: Sun 26 Oct 2025 11:25:23 +0000 Files and hashes: 1: 3dzECt5nfyP4p5ukFo729r7wZcc.crl (hash: /J34BwXbGbcg2WaEOGKN94CNHWot53uudg9IEeuPBqc=) 2: 240EF95E896311F0B911053BC4F9AE02.roa (hash: l/wARrq1lISnaNIca31Ucy5U5vcCEK4kZC3D4iFHaJ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:25:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 25 (0x19) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB2E2, serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7 Validity Not Before: Oct 19 11:25:23 2025 GMT Not After : Oct 26 11:25:23 2025 GMT Subject: CN=68f4caa3-3844 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:a9:d9:a4:60:67:d2:9f:4c:4f:3a:28:d4:0b: c7:6a:ec:e7:fe:12:80:dc:0d:e1:08:46:92:30:cc: 2b:31:87:17:3d:b2:c6:42:89:46:56:6f:30:02:04: 13:80:ae:49:8d:27:ca:dc:43:cc:df:05:12:f8:9a: 80:96:7b:c4:9a:01:aa:9a:c4:e1:10:fa:e4:cf:ec: a2:c1:13:1e:6d:66:95:52:11:76:60:e9:9a:51:31: e6:8a:97:d0:59:24:a2:f3:9d:f9:46:f0:81:ed:3b: 87:ef:f1:8d:b8:6d:e9:83:4e:29:e6:ee:83:17:b3: 1a:67:0a:c4:9b:8a:d7:d6:73:ae:c1:ef:3c:56:67: 3e:5c:f3:25:f8:41:2e:ef:31:b2:b4:2b:92:88:3b: 4c:ea:eb:62:4d:a9:50:bc:da:f8:bb:da:d4:ed:14: 45:79:94:da:7b:6f:a4:5a:6e:e5:b6:76:2d:94:a9: d0:48:e3:1c:93:28:04:0b:05:5d:e4:80:1e:59:f0: 56:10:d4:3f:88:49:ca:24:6f:77:10:fb:6f:ca:ee: e9:8e:de:ad:92:5c:74:5b:26:bd:e0:c9:c8:d5:00: 43:e9:3e:3f:86:ee:68:14:d3:a3:ef:53:91:86:2a: 44:2e:1b:56:c5:2c:6e:a3:69:40:45:03:f9:d4:6f: 00:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 64:8B:CC:29:63:59:19:AF:30:A1:D7:C4:E7:CA:36:74:B4:33:BC:22 X509v3 Authority Key Identifier: keyid:DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:d7:42:d9:f6:aa:5b:2a:36:30:d1:e5:0e:b3:45:4d:cf:0f: 46:61:a1:bf:bc:1a:10:46:af:2a:c6:94:4c:68:13:12:13:a5: 3b:36:57:37:e7:7b:f6:86:fe:b0:a6:97:d7:5c:b6:ac:a5:30: 6c:72:da:4c:70:38:ae:a0:a5:84:dc:d6:27:5f:84:f8:41:04: e0:c9:46:1f:b9:42:0b:fd:e2:42:1a:fe:62:c0:47:da:07:7f: 07:a5:77:9f:1d:1c:b6:e8:0d:af:83:be:60:bf:8c:95:32:c9: f1:85:3f:73:d3:c8:96:95:88:bf:90:87:99:22:96:cc:a5:80: 36:82:4b:2e:cc:95:f8:3c:a4:a1:81:cb:5c:80:ba:43:1e:79: 33:d2:3a:df:df:46:95:7c:7b:91:59:0c:67:8c:97:58:fe:eb: 67:17:02:a2:c6:bd:f4:4a:01:41:7c:16:a1:b4:ee:82:27:39: dd:f8:f2:56:c8:fd:4d:3c:f3:21:74:96:3b:0d:37:a2:e6:ad: 2b:52:b2:7e:5b:df:21:9e:83:35:f3:b6:3c:c4:c9:cd:13:49: ca:75:f1:ec:39:cd:7a:89:29:1b:1a:be:7c:9d:cc:35:e6:df: 7a:df:23:e2:66:e4:af:a4:37:c9:cb:a2:88:1a:45:2c:25:d9: 76:2b:ce:47 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBGTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjJFMjExMC8GA1UEBRMoREREQ0M0MEFERTY3N0YyM0Y4QTc5QkE0MTY4RUY2RjZC RUYwNjVDNzAeFw0yNTEwMTkxMTI1MjNaFw0yNTEwMjYxMTI1MjNaMBgxFjAUBgNV BAMTDTY4ZjRjYWEzLTM4NDQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDlqdmkYGfSn0xPOijUC8dq7Of+EoDcDeEIRpIwzCsxhxc9ssZCiUZWbzACBBOA rkmNJ8rcQ8zfBRL4moCWe8SaAaqaxOEQ+uTP7KLBEx5tZpVSEXZg6ZpRMeaKl9BZ JKLznflG8IHtO4fv8Y24bemDTinm7oMXsxpnCsSbitfWc67B7zxWZz5c8yX4QS7v MbK0K5KIO0zq62JNqVC82vi72tTtFEV5lNp7b6RabuW2di2UqdBI4xyTKAQLBV3k gB5Z8FYQ1D+IScokb3cQ+2/K7umO3q2SXHRbJr3gycjVAEPpPj+G7mgU06PvU5GG KkQuG1bFLG6jaUBFA/nUbwB7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZIvMKWNZ Ga8wodfE58o2dLQzvCIwHwYDVR0jBBgwFoAU3dzECt5nfyP4p5ukFo729r7wZccw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCMkUyLzQxMUM2M0IwODk1 OTExRjBCQTY1MzQ1REM0RjlBRTAyLzNkekVDdDVuZnlQNHA1dWtGbzcyOXI3d1pj Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2R6RUN0NW5meVA0cDV1a0ZvNzI5cjd3WmNjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC MkUyLzQxMUM2M0IwODk1OTExRjBCQTY1MzQ1REM0RjlBRTAyLzNkekVDdDVuZnlQ NHA1dWtGbzcyOXI3d1pjYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAB7XQtn2qlsqNjDR5Q6zRU3PD0Zhob+8GhBGryrGlExoExITpTs2Vzfn e/aG/rCml9dctqylMGxy2kxwOK6gpYTc1idfhPhBBODJRh+5Qgv94kIa/mLAR9oH fweld58dHLboDa+DvmC/jJUyyfGFP3PTyJaViL+Qh5kilsylgDaCSy7Mlfg8pKGB y1yAukMeeTPSOt/fRpV8e5FZDGeMl1j+62cXAqLGvfRKAUF8FqG07oInOd348lbI /U088yF0ljsNN6LmrStSsn5b3yGegzXztjzEyc0TScp18ew5zXqJKRsavnydzDXm 33rfI+Jm5K+kN8nLoogaRSwl2XYrzkc= -----END CERTIFICATE-----Generated at Mon Oct 20 09:09:03 2025 by rpki-client