$ rpki-client -vvf rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft File: u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft (raw, json) Hash identifier: KN7TbSUdBEIhHXm2vTcygXEsULhsoVvetxpUkVJe/UI= Subject key identifier: CE:27:BE:AC:C4:E4:D9:F8:88:0F:9F:96:B7:02:76:69:05:F6:81:29 Authority key identifier: BB:E8:03:FB:75:7E:0C:47:D3:20:45:45:21:87:B7:4A:E2:71:11:F0 Certificate issuer: /CN=A91CEE85/serialNumber=BBE803FB757E0C47D32045452187B74AE27111F0 Certificate serial: F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft Manifest number: EE Signing time: Sun 19 Oct 2025 08:19:22 +0000 Manifest this update: Sun 19 Oct 2025 08:19:21 +0000 Manifest next update: Sun 26 Oct 2025 08:19:21 +0000 Files and hashes: 1: u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl (hash: xUWDz0iXJF6Nxi5f222QzoN+XNOuv25MDKUvRCkW6HE=) 2: 4D189DD4728311EFA9CECE43C4F9AE02.roa (hash: Ge+55CQegGWCZISlkeWVyEDQbw8xhE1lFYLjXYnwl5I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:19:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 240 (0xf0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CEE85, serialNumber=BBE803FB757E0C47D32045452187B74AE27111F0 Validity Not Before: Oct 19 08:19:21 2025 GMT Not After : Oct 26 08:19:21 2025 GMT Subject: CN=68f49f0a-1baa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:b6:99:da:1f:c3:85:bc:bd:1e:2e:ee:d2:a3: 36:85:ca:d0:65:0d:1d:b6:51:3d:9e:f3:14:8b:22: 1a:c9:0f:a5:27:cd:a3:35:15:a9:84:65:06:41:98: 25:e9:bc:2f:ec:96:ae:f7:dc:04:84:d8:c2:0d:01: f8:e2:f9:50:8f:c0:96:bd:85:68:a1:27:ce:bd:1b: d0:34:9d:10:c2:8f:6a:eb:cb:ea:08:32:59:a4:dc: 05:7a:25:db:06:f9:9b:42:97:51:b6:09:3c:fb:10: 70:f4:4c:43:cf:56:c8:2f:4f:5f:31:cc:a3:a2:04: 03:79:8c:b5:74:6b:af:04:e5:b8:ed:12:7c:21:4d: 9b:99:6c:d9:92:6a:10:f9:c4:14:f3:e1:2a:b0:f3: af:11:62:e8:94:17:cb:58:cc:b0:bd:c7:26:cc:3a: 27:18:74:b7:8f:0f:7e:8f:c1:f8:a6:b4:99:36:dd: 39:e4:d8:7b:75:29:cc:a0:d8:19:c8:ed:0f:2c:d4: 22:80:d7:72:51:eb:06:b4:e3:06:e3:0c:a0:2f:07: 27:87:3a:d3:0c:6a:af:f4:53:37:d1:c2:63:df:0b: dc:28:42:59:60:f4:df:b5:b5:ec:38:ba:66:4d:72: 21:ce:81:af:ce:93:fd:34:a7:1c:86:50:07:1d:0c: 74:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:27:BE:AC:C4:E4:D9:F8:88:0F:9F:96:B7:02:76:69:05:F6:81:29 X509v3 Authority Key Identifier: keyid:BB:E8:03:FB:75:7E:0C:47:D3:20:45:45:21:87:B7:4A:E2:71:11:F0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/u-gD-3V-DEfTIEVFIYe3SuJxEfA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CEE85/05A7CE6845AE11EFB435EB6FC4F9AE02/u-gD-3V-DEfTIEVFIYe3SuJxEfA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:58:51:0f:c4:15:dc:c9:f7:f9:9d:12:16:24:da:ca:19:57: d9:e7:57:b9:b3:ff:3c:d1:32:a5:97:72:9b:8f:88:a9:ad:77: e4:eb:3e:5e:c0:53:34:8a:4f:54:c7:a9:52:9d:46:37:1c:59: cc:b9:f2:ca:0e:4b:79:7a:0a:9f:4d:c0:1a:a4:3d:56:30:ff: 6a:2d:49:1f:d8:11:16:d6:fe:ce:13:90:49:ac:ef:d2:7a:50: 2f:00:21:4d:18:dd:81:18:4d:97:4e:3c:77:55:61:16:9a:71: 8f:55:2d:3b:62:52:b6:5a:80:f2:ec:ad:32:f3:97:a3:0e:70: 8a:10:8d:a2:a0:c5:f7:44:07:36:6b:b1:c4:8e:97:ad:2c:b7: 85:d6:55:7d:42:8e:77:56:4f:05:95:81:9a:c8:fd:c0:9f:b8: c4:0e:68:8f:72:0c:f9:03:8c:3c:01:c1:65:cc:fb:91:e3:89: b3:ae:4a:91:c5:9d:3e:52:5f:ba:73:0c:5c:43:07:24:51:9a: 82:4d:7e:26:35:bd:bc:d0:61:bd:3c:db:32:0b:e1:6c:d4:94: 34:66:0a:6b:ca:5e:6e:84:53:3e:2f:d3:05:34:47:e2:c7:1d: 70:a9:9d:f1:c6:82:68:43:b6:4f:0e:2e:f0:79:6a:82:20:d9: c5:f8:cd:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0VFODUxMTAvBgNVBAUTKEJCRTgwM0ZCNzU3RTBDNDdEMzIwNDU0NTIxODdCNzRB RTI3MTExRjAwHhcNMjUxMDE5MDgxOTIxWhcNMjUxMDI2MDgxOTIxWjAYMRYwFAYD VQQDEw02OGY0OWYwYS0xYmFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy7aZ2h/Dhby9Hi7u0qM2hcrQZQ0dtlE9nvMUiyIayQ+lJ82jNRWphGUGQZgl 6bwv7Jau99wEhNjCDQH44vlQj8CWvYVooSfOvRvQNJ0Qwo9q68vqCDJZpNwFeiXb BvmbQpdRtgk8+xBw9ExDz1bIL09fMcyjogQDeYy1dGuvBOW47RJ8IU2bmWzZkmoQ +cQU8+EqsPOvEWLolBfLWMywvccmzDonGHS3jw9+j8H4prSZNt055Nh7dSnMoNgZ yO0PLNQigNdyUesGtOMG4wygLwcnhzrTDGqv9FM30cJj3wvcKEJZYPTftbXsOLpm TXIhzoGvzpP9NKcchlAHHQx0JQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM4nvqzE 5Nn4iA+flrcCdmkF9oEpMB8GA1UdIwQYMBaAFLvoA/t1fgxH0yBFRSGHt0ricRHw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRUU4NS8wNUE3Q0U2ODQ1 QUUxMUVGQjQzNUVCNkZDNEY5QUUwMi91LWdELTNWLURFZlRJRVZGSVllM1N1SnhF ZkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3UtZ0QtM1YtREVmVElFVkZJWWUzU3VKeEVmQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RUU4NS8wNUE3Q0U2ODQ1QUUxMUVGQjQzNUVCNkZDNEY5QUUwMi91LWdELTNWLURF ZlRJRVZGSVllM1N1SnhFZkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApWFEPxBXcyff5nRIWJNrKGVfZ51e5s/880TKll3Kbj4iprXfk6z5e wFM0ik9Ux6lSnUY3HFnMufLKDkt5egqfTcAapD1WMP9qLUkf2BEW1v7OE5BJrO/S elAvACFNGN2BGE2XTjx3VWEWmnGPVS07YlK2WoDy7K0y85ejDnCKEI2ioMX3RAc2 a7HEjpetLLeF1lV9Qo53Vk8FlYGayP3An7jEDmiPcgz5A4w8AcFlzPuR44mzrkqR xZ0+Ul+6cwxcQwckUZqCTX4mNb280GG9PNsyC+Fs1JQ0Zgpryl5uhFM+L9MFNEfi xx1wqZ3xxoJoQ7ZPDi7weWqCINnF+M1b -----END CERTIFICATE-----Generated at Mon Oct 20 08:36:38 2025 by rpki-client