$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: aUpfwPCbTItGYT/tozOut6Kt3C4VBzuyuQzRQThwyiI= Subject key identifier: 0F:BD:31:56:12:2F:3B:47:94:C8:39:42:59:83:AD:AC:90:EB:00:86 Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 08B8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 08B2 Signing time: Mon 20 Oct 2025 21:22:40 +0000 Manifest this update: Mon 20 Oct 2025 21:22:39 +0000 Manifest next update: Mon 27 Oct 2025 21:22:39 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: Y3jUguHAs1D/x9uI6iJGeCimwDPUBiBHXd6PVNq7l3E=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: iVH3rhTgtUSo/JF63FQElE1NqUIp2qYoI3iOuK+LB04=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 21:22:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2232 (0x8b8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: Oct 20 21:22:39 2025 GMT Not After : Oct 27 21:22:39 2025 GMT Subject: CN=68f6a81f-81e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:e0:58:d9:97:da:ad:4d:b3:33:b7:b4:c6:3b: ae:0b:11:be:2e:42:63:e0:dc:11:c8:2d:0a:22:ea: 44:60:1f:28:26:9c:92:96:5e:99:90:48:f9:ca:c4: ff:3a:91:2c:7e:82:69:e8:be:2d:50:63:9e:68:90: a1:61:fc:93:29:b9:fd:d7:15:25:f8:a1:43:68:5e: 87:e7:ec:08:81:e1:77:8c:61:9b:14:66:b8:23:0f: f4:12:a4:ca:55:f5:fc:64:39:f5:57:68:97:eb:74: e9:9b:b9:0f:97:1b:45:0b:52:22:04:5f:41:05:b1: 2d:f1:81:58:d3:41:16:6a:83:1d:4d:09:d8:b6:d2: b9:dd:8e:5d:c5:6c:77:0a:94:00:eb:9f:6b:59:cb: 65:2d:ee:c8:7d:09:7e:c0:56:11:e1:ef:d4:9d:32: 99:32:f6:4c:3e:60:8b:a1:19:44:4b:70:32:1a:6b: 6b:2b:51:f8:2d:dc:26:c9:e1:3c:bc:51:7c:81:8f: fe:2d:1d:c8:0c:e0:7b:ff:aa:45:af:c7:f3:94:51: 6f:11:d1:76:09:7a:38:9e:f8:6a:c6:e9:0b:db:d8: da:4e:f8:b3:45:47:9d:54:a6:2c:80:39:60:12:d5: 64:20:b6:ad:4f:db:98:bb:28:03:55:dc:d7:e9:64: a3:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0F:BD:31:56:12:2F:3B:47:94:C8:39:42:59:83:AD:AC:90:EB:00:86 X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0b:f7:c7:98:61:6b:fc:d1:57:b2:98:96:58:fe:5f:f8:3a:14: 65:1e:e2:79:40:b1:d4:75:24:3c:4e:30:a9:07:22:7b:ea:cd: b5:49:44:ba:c3:32:ef:cb:c1:77:05:5b:b3:46:6c:a2:b6:8f: 13:06:bf:fb:8a:a9:4e:ec:e2:9a:f0:7d:ef:7e:f8:6c:56:c0: 58:de:0c:11:66:e9:15:6f:78:de:85:7b:e9:e7:60:be:ca:bf: 06:dc:80:02:5c:6d:dd:8c:93:4d:30:ee:84:23:e0:35:c0:1d: 3f:86:55:41:c5:87:21:8a:f7:a9:89:5d:41:e8:f2:c1:3a:a1: 4c:5d:bc:eb:69:f8:c1:1c:4b:a2:a6:6b:80:30:1f:da:8e:9d: ad:cb:14:fc:a9:15:43:08:37:3e:2e:f7:7d:02:c2:60:b5:0b: 7b:9f:4c:0b:f2:e1:d4:46:dd:60:52:4b:88:d0:d5:52:ad:84: 6a:29:36:e0:7d:16:8c:56:9b:5b:06:c4:9e:2b:fb:40:79:7a: 53:5b:4e:4f:15:68:25:e8:13:52:8c:f3:b0:68:77:3a:62:e8: b9:8b:05:85:29:45:f8:38:72:fb:2f:1e:a4:07:1a:09:a4:dd: a4:a0:d5:b2:69:6d:28:54:5d:00:8f:67:f8:7c:e7:f6:c4:2b: 01:91:c0:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUxMDIwMjEyMjM5WhcNMjUxMDI3MjEyMjM5WjAYMRYwFAYD VQQDEw02OGY2YTgxZi04MWU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAweBY2ZfarU2zM7e0xjuuCxG+LkJj4NwRyC0KIupEYB8oJpySll6ZkEj5ysT/ OpEsfoJp6L4tUGOeaJChYfyTKbn91xUl+KFDaF6H5+wIgeF3jGGbFGa4Iw/0EqTK VfX8ZDn1V2iX63Tpm7kPlxtFC1IiBF9BBbEt8YFY00EWaoMdTQnYttK53Y5dxWx3 CpQA659rWctlLe7IfQl+wFYR4e/UnTKZMvZMPmCLoRlES3AyGmtrK1H4LdwmyeE8 vFF8gY/+LR3IDOB7/6pFr8fzlFFvEdF2CXo4nvhqxukL29jaTvizRUedVKYsgDlg EtVkILatT9uYuygDVdzX6WSjnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA+9MVYS LztHlMg5QlmDrayQ6wCGMB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAL98eYYWv80VeymJZY/l/4OhRlHuJ5QLHUdSQ8TjCpByJ76s21SUS6 wzLvy8F3BVuzRmyito8TBr/7iqlO7OKa8H3vfvhsVsBY3gwRZukVb3jehXvp52C+ yr8G3IACXG3djJNNMO6EI+A1wB0/hlVBxYchivepiV1B6PLBOqFMXbzrafjBHEui pmuAMB/ajp2tyxT8qRVDCDc+Lvd9AsJgtQt7n0wL8uHURt1gUkuI0NVSrYRqKTbg fRaMVptbBsSeK/tAeXpTW05PFWgl6BNSjPOwaHc6Yui5iwWFKUX4OHL7Lx6kBxoJ pN2koNWyaW0oVF0Aj2f4fOf2xCsBkcCd -----END CERTIFICATE-----Generated at Tue Oct 21 15:14:07 2025 by rpki-client