$ rpki-client -vvf rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft File: lVqjNNYHfBfALW18rdIVmRIeTvo.mft (raw, json) Hash identifier: nS8CuPjAhEwc4+UBsiIkmoW8vz3IJTeIA8r+iwOMiWw= Subject key identifier: 2A:50:FC:39:04:60:EB:A6:F8:4F:C1:06:A4:78:BE:C0:49:85:AA:19 Authority key identifier: 95:5A:A3:34:D6:07:7C:17:C0:2D:6D:7C:AD:D2:15:99:12:1E:4E:FA Certificate issuer: /CN=A91D01AF/serialNumber=955AA334D6077C17C02D6D7CADD21599121E4EFA Certificate serial: 0825 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lVqjNNYHfBfALW18rdIVmRIeTvo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft Manifest number: 081D Signing time: Sat 18 Oct 2025 22:02:34 +0000 Manifest this update: Sat 18 Oct 2025 22:02:33 +0000 Manifest next update: Sat 25 Oct 2025 22:02:33 +0000 Files and hashes: 1: lVqjNNYHfBfALW18rdIVmRIeTvo.crl (hash: ZGtmFefhaGoX0MQPO7OEocizZJQx/MSpjr9zhqB63Mg=) 2: AD797FA2F17E11EAA3CC597BC4F9AE02.roa (hash: FrUF8k+q0iQX/Bos2myD8zLROjp2eOpyug9lyw9AGzE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.crl rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lVqjNNYHfBfALW18rdIVmRIeTvo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 22:02:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2085 (0x825) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D01AF, serialNumber=955AA334D6077C17C02D6D7CADD21599121E4EFA Validity Not Before: Oct 18 22:02:33 2025 GMT Not After : Oct 25 22:02:33 2025 GMT Subject: CN=68f40e79-ba71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:f4:a9:92:0b:cc:8d:0d:02:cd:a7:04:55:00: 21:f8:43:68:83:14:20:2a:1e:d3:51:29:1c:3a:40: 26:21:db:13:44:4d:65:62:9c:82:00:cf:19:a2:dc: 8a:ca:71:dd:ab:8d:1d:30:1d:8a:d8:8e:3b:57:46: 8a:78:f1:0c:79:24:1d:a7:84:9d:d9:f9:51:1d:80: e7:32:84:9f:9b:27:7e:c8:d7:18:18:03:56:fc:fb: 78:f0:03:42:26:45:67:94:38:81:ae:90:41:9f:ce: 78:66:f3:a5:22:fa:44:69:71:d7:6c:a1:8d:08:7c: c3:da:dc:45:10:18:36:31:52:c4:4f:ac:a0:1f:c3: 62:36:31:bf:80:d9:fd:c0:45:d4:4a:be:de:12:d5: d4:09:4c:76:0c:11:bf:f4:70:70:ad:8a:0c:a9:ab: cf:a4:14:23:28:02:83:1f:c8:de:0b:be:ba:0d:83: a8:a5:bb:37:40:86:00:cb:17:67:67:d6:39:c1:98: 82:3a:5e:1f:e9:dc:62:b0:a5:fd:9e:e2:48:f9:0f: 64:8d:82:e5:1b:a6:a0:18:ea:3f:01:21:09:70:dc: 7d:ae:ad:42:c6:33:e0:df:19:c9:27:d8:43:30:70: 2b:03:dd:10:99:ab:f9:5c:0c:f2:b9:b0:fb:f3:56: 9b:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:50:FC:39:04:60:EB:A6:F8:4F:C1:06:A4:78:BE:C0:49:85:AA:19 X509v3 Authority Key Identifier: keyid:95:5A:A3:34:D6:07:7C:17:C0:2D:6D:7C:AD:D2:15:99:12:1E:4E:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lVqjNNYHfBfALW18rdIVmRIeTvo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D01AF/CD7E70D8F17D11EAAB392578C4F9AE02/lVqjNNYHfBfALW18rdIVmRIeTvo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:cf:8b:e4:60:d3:c5:54:40:67:a3:dd:92:ea:2f:ed:b7:44: 72:21:40:40:55:3e:83:a2:2a:35:86:28:4e:f0:1b:e4:8b:d9: 16:f6:5a:7a:91:93:de:77:32:4a:af:f5:8e:ba:25:ad:98:1a: fc:c9:12:f9:1d:ea:a8:c1:6d:01:e4:0d:59:11:12:80:87:f9: f2:eb:37:7b:1a:7e:2a:f5:10:03:b3:18:73:62:6d:e1:a2:c7: c1:4b:e5:6d:a7:df:43:79:9b:be:b8:97:a0:e7:a0:fa:c4:23: 42:1e:c6:64:e8:48:30:0e:3e:37:f5:2e:91:ae:43:f3:3b:6b: 92:b2:68:9d:17:89:b0:89:e5:40:e1:75:90:fb:cc:b8:b3:d1: b1:48:ce:eb:db:76:57:ac:de:79:30:48:6e:5c:2c:b7:5f:5a: d7:2d:48:5e:2b:7f:f9:62:45:83:45:eb:3e:2a:dd:6b:82:68: 4e:9e:21:7d:c9:80:95:b5:a5:16:ed:ba:5e:65:a2:38:c6:c6: e3:df:bf:38:2f:ed:5f:90:7c:2a:da:7b:06:9b:ef:bc:ef:bf: e7:ab:59:4f:12:4b:0a:72:2b:24:88:ad:cd:db:d7:d0:46:6b: 55:a3:92:18:77:af:3f:c9:c4:10:52:b2:4d:f2:ae:80:98:7e: c5:e7:6e:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCCUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDAxQUYxMTAvBgNVBAUTKDk1NUFBMzM0RDYwNzdDMTdDMDJENkQ3Q0FERDIxNTk5 MTIxRTRFRkEwHhcNMjUxMDE4MjIwMjMzWhcNMjUxMDI1MjIwMjMzWjAYMRYwFAYD VQQDEw02OGY0MGU3OS1iYTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo/SpkgvMjQ0CzacEVQAh+ENogxQgKh7TUSkcOkAmIdsTRE1lYpyCAM8ZotyK ynHdq40dMB2K2I47V0aKePEMeSQdp4Sd2flRHYDnMoSfmyd+yNcYGANW/Pt48ANC JkVnlDiBrpBBn854ZvOlIvpEaXHXbKGNCHzD2txFEBg2MVLET6ygH8NiNjG/gNn9 wEXUSr7eEtXUCUx2DBG/9HBwrYoMqavPpBQjKAKDH8jeC766DYOopbs3QIYAyxdn Z9Y5wZiCOl4f6dxisKX9nuJI+Q9kjYLlG6agGOo/ASEJcNx9rq1CxjPg3xnJJ9hD MHArA90Qmav5XAzyubD781ab3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCpQ/DkE YOum+E/BBqR4vsBJhaoZMB8GA1UdIwQYMBaAFJVaozTWB3wXwC1tfK3SFZkSHk76 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMDFBRi9DRDdFNzBEOEYx N0QxMUVBQUIzOTI1NzhDNEY5QUUwMi9sVnFqTk5ZSGZCZkFMVzE4cmRJVm1SSWVU dm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xWcWpOTllIZkJmQUxXMThyZElWbVJJZVR2by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MDFBRi9DRDdFNzBEOEYxN0QxMUVBQUIzOTI1NzhDNEY5QUUwMi9sVnFqTk5ZSGZC ZkFMVzE4cmRJVm1SSWVUdm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBoz4vkYNPFVEBno92S6i/tt0RyIUBAVT6Doio1hihO8Bvki9kW9lp6 kZPedzJKr/WOuiWtmBr8yRL5HeqowW0B5A1ZERKAh/ny6zd7Gn4q9RADsxhzYm3h osfBS+Vtp99DeZu+uJeg56D6xCNCHsZk6EgwDj439S6RrkPzO2uSsmidF4mwieVA 4XWQ+8y4s9GxSM7r23ZXrN55MEhuXCy3X1rXLUheK3/5YkWDRes+Kt1rgmhOniF9 yYCVtaUW7bpeZaI4xsbj3784L+1fkHwq2nsGm++877/nq1lPEksKciskiK3N29fQ RmtVo5IYd68/ycQQUrJN8q6AmH7F527s -----END CERTIFICATE-----Generated at Mon Oct 20 09:21:54 2025 by rpki-client