$ rpki-client -vvf rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft File: PgzfiCrujHIh1YijxSYBjh1kyWg.mft (raw, json) Hash identifier: 6YeKlA9ToP2FDiDFgZNTPz2xtMbG1wlEAH/g02bXwfg= Subject key identifier: F1:27:DA:91:2D:D2:7F:49:4A:18:C6:77:00:DA:2E:61:3F:07:5E:93 Authority key identifier: 3E:0C:DF:88:2A:EE:8C:72:21:D5:88:A3:C5:26:01:8E:1D:64:C9:68 Certificate issuer: /CN=A91CED30/serialNumber=3E0CDF882AEE8C7221D588A3C526018E1D64C968 Certificate serial: 0152 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PgzfiCrujHIh1YijxSYBjh1kyWg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft Manifest number: 014F Signing time: Sun 19 Oct 2025 06:56:17 +0000 Manifest this update: Sun 19 Oct 2025 06:56:16 +0000 Manifest next update: Sun 26 Oct 2025 06:56:16 +0000 Files and hashes: 1: PgzfiCrujHIh1YijxSYBjh1kyWg.crl (hash: dLcaffZxtmw6bVJwqgfmVRvOsG5oYK+PL2ag1aE8CTA=) 2: 41E0B402AE1F11EE96A5C977C4F9AE02.roa (hash: 92n4boJHjJIj9KtZ2gabfQc0rIkNAgV+GGdiupr7NM8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.crl rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PgzfiCrujHIh1YijxSYBjh1kyWg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:56:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 338 (0x152) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CED30, serialNumber=3E0CDF882AEE8C7221D588A3C526018E1D64C968 Validity Not Before: Oct 19 06:56:16 2025 GMT Not After : Oct 26 06:56:16 2025 GMT Subject: CN=68f48b91-3807 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:5a:36:89:0e:59:c6:af:d4:e2:d0:05:6e:2d: 5d:1f:21:05:8d:d1:74:da:27:fc:c2:47:67:bb:1c: b3:c4:87:34:b2:eb:97:6e:52:ce:c5:03:a4:f3:58: 54:51:93:79:8b:81:84:5e:97:f7:2f:c2:47:84:7e: d9:25:8e:5d:fd:36:f7:fc:d3:47:02:d6:ba:88:40: ac:d4:bb:b7:7a:59:a2:27:1f:07:11:72:eb:ce:9d: 40:60:01:3a:95:5c:2a:c9:a8:74:1c:19:b2:da:41: 73:34:83:37:99:4d:7c:6c:cb:dd:1a:de:78:e5:fc: c3:cd:09:d7:d2:df:c5:2e:16:a8:57:e5:fd:12:4e: df:49:cc:a0:46:57:1a:a5:36:a6:7d:56:2b:96:22: 6f:1f:8a:61:51:c1:75:df:00:03:1d:77:dc:a2:ce: 32:8d:c3:f1:94:2e:14:af:74:89:d9:19:62:53:73: 18:bd:c3:98:68:c0:2d:25:5f:0c:52:c9:66:eb:57: 4c:ed:72:a0:b9:a3:15:6c:28:74:c9:3e:a3:d1:53: 89:27:65:cd:24:f8:0a:d3:b2:98:da:a7:e7:0e:e2: 62:80:71:cc:30:12:92:27:77:4e:cd:10:83:05:27: 18:1d:2f:0d:18:67:82:31:e7:59:04:f1:6e:17:54: a0:bd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F1:27:DA:91:2D:D2:7F:49:4A:18:C6:77:00:DA:2E:61:3F:07:5E:93 X509v3 Authority Key Identifier: keyid:3E:0C:DF:88:2A:EE:8C:72:21:D5:88:A3:C5:26:01:8E:1D:64:C9:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/PgzfiCrujHIh1YijxSYBjh1kyWg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CED30/BE80C6A6AE1E11EEA7EA0A77C4F9AE02/PgzfiCrujHIh1YijxSYBjh1kyWg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c2:34:6d:ec:ce:0e:b2:d2:dc:d0:de:d7:11:e1:5f:c6:63:5e: 7c:1e:9d:91:c0:e6:0e:c5:2c:16:0e:53:58:a1:33:12:3f:35: a6:90:b0:df:c7:93:a1:f2:98:86:75:b2:d7:99:8a:4a:39:fa: 0d:4c:65:7b:51:a2:fa:91:a7:5f:28:7e:50:c3:db:36:57:df: af:c0:22:a3:cd:3c:96:c0:0c:b9:aa:5b:ce:fc:26:c4:51:a8: 91:d4:3c:59:d5:b3:e4:90:81:01:2d:e7:39:72:11:a1:18:16: 87:67:4d:1b:f8:b1:c2:1b:5d:6b:c5:fb:a5:7f:b3:9b:25:a5: db:6d:76:cc:fd:47:cc:79:9d:06:dc:62:ec:a3:99:70:1f:82: df:ff:f1:51:23:1f:30:27:62:9f:60:6e:f5:fa:0a:14:80:88: 69:9a:67:18:da:52:7f:db:c6:ea:db:b3:c5:09:11:03:27:9b: c8:9d:20:40:3f:3c:9d:c1:29:a9:0d:85:2b:b1:42:d1:63:e3: b9:42:63:c5:5d:5a:df:23:b5:ed:a8:58:50:36:a0:62:82:2a: 71:f9:b6:2a:40:14:fe:e2:e1:e9:5d:82:d7:3d:a6:3a:df:f6: 51:ef:8a:01:dd:09:bc:c4:6c:50:a7:ae:73:6e:ae:c3:07:91: 78:92:10:79 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VEMzAxMTAvBgNVBAUTKDNFMENERjg4MkFFRThDNzIyMUQ1ODhBM0M1MjYwMThF MUQ2NEM5NjgwHhcNMjUxMDE5MDY1NjE2WhcNMjUxMDI2MDY1NjE2WjAYMRYwFAYD VQQDEw02OGY0OGI5MS0zODA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqlo2iQ5Zxq/U4tAFbi1dHyEFjdF02if8wkdnuxyzxIc0suuXblLOxQOk81hU UZN5i4GEXpf3L8JHhH7ZJY5d/Tb3/NNHAta6iECs1Lu3elmiJx8HEXLrzp1AYAE6 lVwqyah0HBmy2kFzNIM3mU18bMvdGt545fzDzQnX0t/FLhaoV+X9Ek7fScygRlca pTamfVYrliJvH4phUcF13wADHXfcos4yjcPxlC4Ur3SJ2RliU3MYvcOYaMAtJV8M Uslm61dM7XKguaMVbCh0yT6j0VOJJ2XNJPgK07KY2qfnDuJigHHMMBKSJ3dOzRCD BScYHS8NGGeCMedZBPFuF1SgvQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPEn2pEt 0n9JShjGdwDaLmE/B16TMB8GA1UdIwQYMBaAFD4M34gq7oxyIdWIo8UmAY4dZMlo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUQzMC9CRTgwQzZBNkFF MUUxMUVFQTdFQTBBNzdDNEY5QUUwMi9QZ3pmaUNydWpISWgxWWlqeFNZQmpoMWt5 V2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1BnemZpQ3J1akhJaDFZaWp4U1lCamgxa3lXZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUQzMC9CRTgwQzZBNkFFMUUxMUVFQTdFQTBBNzdDNEY5QUUwMi9QZ3pmaUNydWpI SWgxWWlqeFNZQmpoMWt5V2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDCNG3szg6y0tzQ3tcR4V/GY158Hp2RwOYOxSwWDlNYoTMSPzWmkLDf x5Oh8piGdbLXmYpKOfoNTGV7UaL6kadfKH5Qw9s2V9+vwCKjzTyWwAy5qlvO/CbE UaiR1DxZ1bPkkIEBLec5chGhGBaHZ00b+LHCG11rxfulf7ObJaXbbXbM/UfMeZ0G 3GLso5lwH4Lf//FRIx8wJ2KfYG71+goUgIhpmmcY2lJ/28bq27PFCREDJ5vInSBA PzydwSmpDYUrsULRY+O5QmPFXVrfI7XtqFhQNqBigipx+bYqQBT+4uHpXYLXPaY6 3/ZR74oB3Qm8xGxQp65zbq7DB5F4khB5 -----END CERTIFICATE-----Generated at Tue Oct 21 06:58:16 2025 by rpki-client