$ rpki-client -vvf rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft File: lfCdXluLzW9LTWm1yTbJEvd9LP0.mft (raw, json) Hash identifier: c6Jg7cKajDF9wCICqVUt+ULe7aWZZ7wEebs7GSOCiwM= Subject key identifier: CF:FC:8F:9C:38:7D:39:E2:D7:72:E1:09:E1:AC:7C:59:E9:6C:31:CE Authority key identifier: 95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD Certificate issuer: /CN=A91D44BE/serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Certificate serial: E2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft Manifest number: DD Signing time: Sun 19 Oct 2025 08:41:43 +0000 Manifest this update: Sun 19 Oct 2025 08:41:43 +0000 Manifest next update: Sun 26 Oct 2025 08:41:43 +0000 Files and hashes: 1: lfCdXluLzW9LTWm1yTbJEvd9LP0.crl (hash: 2c+HhaACFIJ5FjGjBXTcGxg32Zy17+jbDOMS7tYIC+w=) 2: B23569E2756511EFB018F20DC4F9AE02.roa (hash: 5VNZ8rNXbQQKdKelf/v7rMupqWLx2zXfYFtsUljtzac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:41:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 226 (0xe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D44BE, serialNumber=95F09D5E5B8BCD6F4B4D69B5C936C912F77D2CFD Validity Not Before: Oct 19 08:41:43 2025 GMT Not After : Oct 26 08:41:43 2025 GMT Subject: CN=68f4a447-8cad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:cb:e8:c5:68:f4:10:71:64:d4:bb:71:c6:06: 6a:d3:88:3c:9e:13:13:fe:f0:be:35:9f:48:3a:1f: 9c:fd:f1:50:1d:75:04:48:b5:b7:1b:b2:66:5a:cb: 18:ce:eb:0a:4f:ac:05:10:76:b7:bb:3e:a1:ff:91: c4:08:c3:12:f7:09:87:ca:5b:0e:cd:cf:34:dd:8e: b1:32:07:d5:b3:32:92:01:41:56:b5:bd:04:2c:38: 30:8e:26:fa:eb:69:76:66:1e:ca:13:69:5a:9c:93: 82:94:ab:f5:8c:f8:d3:69:7e:9c:c3:50:79:93:bf: 43:5f:34:58:2c:10:cc:2d:8f:7a:4c:d6:bf:c7:6a: 68:c0:ec:a1:27:10:a0:ff:e2:27:d0:bf:92:a4:27: bb:d6:2f:18:d7:21:36:c2:34:5f:76:1e:f5:fa:72: f3:34:de:74:02:b5:3b:31:17:dd:76:aa:aa:3d:99: 61:4a:26:aa:e3:82:dd:b6:eb:16:39:4a:3e:0e:74: 4b:6f:49:38:cb:47:f6:89:65:1a:bd:3e:4b:9c:09: 83:93:de:38:06:de:b2:e6:55:55:21:b5:76:0a:80: 47:a9:b2:d3:58:b8:98:23:c6:79:b7:80:38:f8:96: ce:22:3d:2d:41:9c:8b:c4:a0:dc:5c:98:21:26:46: 62:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:FC:8F:9C:38:7D:39:E2:D7:72:E1:09:E1:AC:7C:59:E9:6C:31:CE X509v3 Authority Key Identifier: keyid:95:F0:9D:5E:5B:8B:CD:6F:4B:4D:69:B5:C9:36:C9:12:F7:7D:2C:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lfCdXluLzW9LTWm1yTbJEvd9LP0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D44BE/028ABE42692211EFBF87BB0EC4F9AE02/lfCdXluLzW9LTWm1yTbJEvd9LP0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 34:d5:45:7d:fd:c3:a0:cf:91:8d:97:2c:9f:71:48:97:1f:9e: d7:28:ec:aa:2e:6d:de:fe:e1:93:df:e8:1a:9f:1b:19:00:80: ae:b0:1a:ff:09:bb:5d:6f:3d:e5:fe:a6:ab:d1:ce:1a:10:20: bc:69:c2:ba:08:7b:a5:5d:d2:f0:be:a6:14:94:de:b0:f5:aa: 91:13:fe:f9:b1:c4:e3:10:8b:be:07:41:b3:2f:54:05:8a:76: 97:a8:2d:29:6d:07:b6:14:4d:4d:17:87:6f:83:12:34:17:a7: 45:cd:e0:d5:2b:7f:23:62:84:11:ea:6c:21:ac:e5:f6:7b:83: a5:e5:a1:2c:ad:71:a0:49:54:18:df:6a:73:83:df:08:bc:56: d7:10:e0:a7:2d:04:7f:4f:8a:36:14:9e:bb:55:69:dd:54:97: b3:c4:7e:1e:5f:e6:04:a6:43:73:0d:04:90:06:ab:a3:f6:3c: 7a:1f:a7:f1:fa:ca:2a:4c:3f:b0:66:68:9e:c4:ec:1b:22:dc: d9:b7:8c:a1:1a:ba:37:07:ac:4e:63:72:a1:de:42:7c:9a:72: 08:13:a8:49:db:27:43:00:3b:f2:4f:9a:a8:4e:b9:f6:4b:6c: 95:a3:81:7e:26:13:18:dd:2d:fa:67:b7:93:20:81:8b:d8:9d: 76:fa:78:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0QkUxMTAvBgNVBAUTKDk1RjA5RDVFNUI4QkNENkY0QjRENjlCNUM5MzZDOTEy Rjc3RDJDRkQwHhcNMjUxMDE5MDg0MTQzWhcNMjUxMDI2MDg0MTQzWjAYMRYwFAYD VQQDEw02OGY0YTQ0Ny04Y2FkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2svoxWj0EHFk1LtxxgZq04g8nhMT/vC+NZ9IOh+c/fFQHXUESLW3G7JmWssY zusKT6wFEHa3uz6h/5HECMMS9wmHylsOzc803Y6xMgfVszKSAUFWtb0ELDgwjib6 62l2Zh7KE2lanJOClKv1jPjTaX6cw1B5k79DXzRYLBDMLY96TNa/x2powOyhJxCg /+In0L+SpCe71i8Y1yE2wjRfdh71+nLzNN50ArU7MRfddqqqPZlhSiaq44LdtusW OUo+DnRLb0k4y0f2iWUavT5LnAmDk944Bt6y5lVVIbV2CoBHqbLTWLiYI8Z5t4A4 +JbOIj0tQZyLxKDcXJghJkZiJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM/8j5w4 fTni13LhCeGsfFnpbDHOMB8GA1UdIwQYMBaAFJXwnV5bi81vS01ptck2yRL3fSz9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDRCRS8wMjhBQkU0MjY5 MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpXOUxUV20xeVRiSkV2ZDlM UDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2xmQ2RYbHVMelc5TFRXbTF5VGJKRXZkOUxQMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDRCRS8wMjhBQkU0MjY5MjIxMUVGQkY4N0JCMEVDNEY5QUUwMi9sZkNkWGx1THpX OUxUV20xeVRiSkV2ZDlMUDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA01UV9/cOgz5GNlyyfcUiXH57XKOyqLm3e/uGT3+ganxsZAICusBr/ Cbtdbz3l/qar0c4aECC8acK6CHulXdLwvqYUlN6w9aqRE/75scTjEIu+B0GzL1QF inaXqC0pbQe2FE1NF4dvgxI0F6dFzeDVK38jYoQR6mwhrOX2e4Ol5aEsrXGgSVQY 32pzg98IvFbXEOCnLQR/T4o2FJ67VWndVJezxH4eX+YEpkNzDQSQBquj9jx6H6fx +soqTD+wZmiexOwbItzZt4yhGro3B6xOY3Kh3kJ8mnIIE6hJ2ydDADvyT5qoTrn2 S2yVo4F+JhMY3S36Z7eTIIGL2J12+ni5 -----END CERTIFICATE-----Generated at Tue Oct 21 12:45:59 2025 by rpki-client