$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft File: IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft (raw, json) Hash identifier: 56I4ELgpxKEDDZkbjTESfkkQblGeWxjntBMfvckiVA0= Subject key identifier: 36:E6:C1:7C:6D:7E:CE:78:1F:5D:62:0A:98:D1:26:1F:89:50:2C:5A Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 49 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft Manifest number: 48 Signing time: Sun 19 Oct 2025 10:48:52 +0000 Manifest this update: Sun 19 Oct 2025 10:48:51 +0000 Manifest next update: Sun 26 Oct 2025 10:48:51 +0000 Files and hashes: 1: IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl (hash: 7VUhnZs3q1QJsaKoInwfyDDUwfuiqIuWyxMfcIV38Ts=) 2: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (hash: NGudT5ffYxQaLDuPITb3DSyOtSWSbubIZoe2i4vUMeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:48:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73 (0x49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Oct 19 10:48:51 2025 GMT Not After : Oct 26 10:48:51 2025 GMT Subject: CN=68f4c214-5986 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:48:a6:2e:8b:b4:c9:bc:c0:80:0a:66:0f:e5: 8a:87:9a:93:03:6c:67:bd:dd:5e:04:13:50:7d:e4: 7b:2d:50:00:85:90:dc:f4:ec:5a:7c:56:e5:f0:c8: 60:b3:d2:1b:99:23:65:84:28:e7:be:70:c1:8a:1d: c4:4b:fd:48:9f:1c:32:e4:4c:c5:de:46:cd:17:c4: b6:be:e1:96:44:6a:c7:b2:25:8f:a8:d1:7b:37:dc: 11:19:80:f1:19:e4:16:cb:82:00:b4:4e:69:7f:6c: 78:c5:40:dc:f2:9a:79:af:82:a5:82:8d:b4:8b:c5: ff:bf:83:31:99:ea:84:66:17:5b:6e:ea:83:48:48: eb:3b:26:b0:5d:51:84:ec:50:96:df:cd:58:0f:ed: 02:ef:8e:60:c6:7e:11:40:54:f8:cb:83:ae:d3:59: 57:93:40:27:d8:72:d0:f0:6d:48:b8:bf:7d:2f:55: bc:9f:33:94:16:8a:3e:98:ed:53:be:e7:65:92:b0: ce:ef:04:d1:97:bb:39:ec:43:6c:41:ec:ec:81:d3: 07:c2:57:b0:2c:11:f5:c5:4c:62:a1:e3:68:6f:e8: 97:c9:d0:f6:47:78:c8:26:d9:be:00:7c:51:71:b2: 9b:9a:95:63:c3:4f:84:00:97:a4:98:7d:ce:75:fa: ee:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:E6:C1:7C:6D:7E:CE:78:1F:5D:62:0A:98:D1:26:1F:89:50:2C:5A X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:53:fb:6f:d3:29:7a:9e:21:96:32:15:fb:61:96:b6:e2:9a: b4:4d:40:9a:65:c0:14:54:0e:93:a9:54:4e:5e:59:80:e8:b5: d5:48:2b:26:c0:0c:25:7a:dd:08:a1:d0:9d:e4:d3:ab:ae:e8: 76:60:f0:03:19:94:5b:2c:13:f0:41:a4:17:f1:78:1e:fc:ab: c4:ec:25:17:91:79:1a:46:67:c7:c3:7a:23:02:09:ae:b2:c4: 9b:ae:5b:3d:8e:d4:6f:dd:e7:cc:10:e0:c9:59:d1:b8:e4:96: b7:2e:68:4b:16:24:7c:34:84:0c:e7:9c:f2:8a:2f:ff:e1:46: ed:82:24:73:40:2c:84:e9:bb:8d:c7:75:c5:b8:18:27:29:86: 9e:ed:30:a7:b8:29:53:95:b2:9d:ce:79:fa:ec:69:00:96:c9: 09:d8:52:89:eb:32:47:fd:3b:a5:75:80:4c:6b:dd:c5:3a:0d: bc:14:b5:67:46:16:63:52:46:ca:26:87:a7:7a:79:13:ab:1c: 8e:36:62:58:43:43:b7:94:f2:7e:c1:83:a3:33:7b:97:6f:c3: 05:eb:a0:ff:ce:9c:1f:e2:ec:52:1c:d3:77:e5:6e:fb:c1:1b: 92:da:65:d0:52:c1:53:df:fc:ca:26:9d:21:f5:0f:2d:a5:5b: 1a:56:b9:11 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoMjIyNDI5NDQxNkI4NDY1NzA2NTU0QjUyQ0JDNTZGNDQ5 QkM0NkM4OTAeFw0yNTEwMTkxMDQ4NTFaFw0yNTEwMjYxMDQ4NTFaMBgxFjAUBgNV BAMTDTY4ZjRjMjE0LTU5ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC7SKYui7TJvMCACmYP5YqHmpMDbGe93V4EE1B95HstUACFkNz07Fp8VuXwyGCz 0huZI2WEKOe+cMGKHcRL/UifHDLkTMXeRs0XxLa+4ZZEaseyJY+o0Xs33BEZgPEZ 5BbLggC0Tml/bHjFQNzymnmvgqWCjbSLxf+/gzGZ6oRmF1tu6oNISOs7JrBdUYTs UJbfzVgP7QLvjmDGfhFAVPjLg67TWVeTQCfYctDwbUi4v30vVbyfM5QWij6Y7VO+ 52WSsM7vBNGXuznsQ2xB7OyB0wfCV7AsEfXFTGKh42hv6JfJ0PZHeMgm2b4AfFFx spualWPDT4QAl6SYfc51+u4zAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUNubBfG1+ zngfXWIKmNEmH4lQLFowHwYDVR0jBBgwFoAUIiQpRBa4RlcGVUtSy8VvRJvEbIkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0VEMEYxMUY0NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJ ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWlRcFJCYTRSbGNHVlV0U3k4VnZSSnZFYklrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0VEMEYxMUY0NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0Umxj R1ZVdFN5OFZ2Ukp2RWJJay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAlT+2/TKXqeIZYyFfthlrbimrRNQJplwBRUDpOpVE5eWYDotdVIKybA DCV63Qih0J3k06uu6HZg8AMZlFssE/BBpBfxeB78q8TsJReReRpGZ8fDeiMCCa6y xJuuWz2O1G/d58wQ4MlZ0bjklrcuaEsWJHw0hAznnPKKL//hRu2CJHNALITpu43H dcW4GCcphp7tMKe4KVOVsp3OefrsaQCWyQnYUonrMkf9O6V1gExr3cU6DbwUtWdG FmNSRsomh6d6eROrHI42YlhDQ7eU8n7Bg6Mze5dvwwXroP/OnB/i7FIc03flbvvB G5LaZdBSwVPf/MomnSH1Dy2lWxpWuRE= -----END CERTIFICATE-----Generated at Mon Oct 20 23:34:57 2025 by rpki-client