$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft File: i0hqzK8SpnqVaI6NEb1ljAQcElo.mft (raw, json) Hash identifier: zZXXUl5lh767MQBhxbcosomZbLv5nR1MtFEi2ms1MFs= Subject key identifier: A3:68:CD:B7:C7:D2:57:45:7A:75:65:BD:EB:4E:4B:E1:C2:AD:5F:6D Authority key identifier: 8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A Certificate issuer: /CN=A91DBA5B/serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Certificate serial: CF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft Manifest number: CE Signing time: Sun 19 Oct 2025 08:47:19 +0000 Manifest this update: Sun 19 Oct 2025 08:47:18 +0000 Manifest next update: Sun 26 Oct 2025 08:47:18 +0000 Files and hashes: 1: i0hqzK8SpnqVaI6NEb1ljAQcElo.crl (hash: hrMLg4KshzGheJBcdom8BaopiwyXXYm3SMBO2iLI7sE=) 2: F305F43270E711EF8573CF71C4F9AE02.roa (hash: aci5Spv/e6z609EwzRrCe3VebaHTH23V/kyd6t5TMtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:47:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 207 (0xcf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Validity Not Before: Oct 19 08:47:18 2025 GMT Not After : Oct 26 08:47:18 2025 GMT Subject: CN=68f4a596-fbb5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:70:e2:11:39:2d:34:13:97:87:bc:9f:ef:76: a3:12:2d:a9:99:f3:db:58:c9:19:df:64:f6:fd:05: 69:b2:86:f7:ea:a0:70:f5:cc:ed:9f:32:02:e7:d0: 09:7f:4a:f7:c0:1f:a2:b6:82:3a:56:7a:59:8e:19: 51:51:41:40:8f:18:31:1b:17:39:4c:6b:e4:39:fb: 9a:95:5a:b4:1e:ae:ed:16:93:88:93:f9:f1:f1:3e: 2b:9c:6d:89:3d:3d:5f:9b:a5:85:f7:db:a7:b1:f2: 8d:bd:d0:03:fd:dc:d8:cf:3e:e1:54:a0:24:74:b4: 4f:b0:83:e4:a5:34:f3:3d:eb:56:4d:62:ae:3b:03: be:24:bd:a8:52:71:a1:50:d6:97:12:cd:38:cd:6e: a6:b9:76:11:96:7a:33:70:b6:26:11:d4:f5:42:55: 5e:54:cd:55:6d:53:da:b9:45:b4:3c:d3:da:37:84: 83:5d:61:e1:66:1d:58:90:bc:38:61:86:e2:43:4f: 11:54:7b:14:7b:ad:e1:68:c1:ed:f7:35:01:cc:dd: 8a:64:54:a5:0f:48:f1:31:d0:b1:2f:40:9c:ce:f2: 4e:27:bb:04:e6:88:a8:d8:c2:3f:d5:93:94:43:2d: 57:39:0e:8b:4c:a2:40:b5:17:83:0d:cb:1d:53:35: 84:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:68:CD:B7:C7:D2:57:45:7A:75:65:BD:EB:4E:4B:E1:C2:AD:5F:6D X509v3 Authority Key Identifier: keyid:8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:43:00:20:cb:c8:e7:f3:23:fb:58:ab:14:92:00:9c:b9:0d: 11:a3:e5:22:f9:01:3b:f8:66:ae:09:ce:54:89:b3:35:bf:35: ea:bb:e2:2b:73:f7:80:df:33:56:c6:f9:d4:7e:e2:dd:95:02: 2e:a3:2a:71:00:17:34:27:45:49:01:a8:61:6b:a0:6a:d2:4f: 99:5d:99:48:da:d0:50:4f:62:56:12:c7:1b:c0:01:35:1e:19: 36:f7:73:32:73:97:b3:fb:02:22:d7:01:7a:32:8d:15:02:d6: df:97:73:dc:5a:15:9d:c1:4f:e7:13:17:88:8f:e6:0e:04:ca: d4:81:4d:30:a5:14:8a:ff:b0:ba:57:52:f7:a6:68:d9:39:48: e8:19:b1:93:ad:f3:03:4d:2f:cd:ce:fb:7a:fe:70:43:5d:bf: 70:99:35:de:f4:04:98:dd:f4:27:7d:f5:5a:c9:1c:ab:0f:06: 9d:86:2e:5a:a5:e9:0f:f6:2f:45:3d:ff:c0:f9:a7:0d:da:97: b6:8a:c4:bc:18:12:8e:f7:0f:2f:5a:d2:21:d3:36:ae:74:52: fb:bb:e9:38:56:16:f9:3d:a4:0b:21:b0:82:dc:a7:7f:24:34: c4:38:47:02:ef:c1:1d:f2:70:7e:b3:27:41:91:09:32:1b:2a: a9:cc:b9:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKDhCNDg2QUNDQUYxMkE2N0E5NTY4OEU4RDExQkQ2NThD MDQxQzEyNUEwHhcNMjUxMDE5MDg0NzE4WhcNMjUxMDI2MDg0NzE4WjAYMRYwFAYD VQQDEw02OGY0YTU5Ni1mYmI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq3DiETktNBOXh7yf73ajEi2pmfPbWMkZ32T2/QVpsob36qBw9cztnzIC59AJ f0r3wB+itoI6VnpZjhlRUUFAjxgxGxc5TGvkOfualVq0Hq7tFpOIk/nx8T4rnG2J PT1fm6WF99unsfKNvdAD/dzYzz7hVKAkdLRPsIPkpTTzPetWTWKuOwO+JL2oUnGh UNaXEs04zW6muXYRlnozcLYmEdT1QlVeVM1VbVPauUW0PNPaN4SDXWHhZh1YkLw4 YYbiQ08RVHsUe63haMHt9zUBzN2KZFSlD0jxMdCxL0CczvJOJ7sE5oio2MI/1ZOU Qy1XOQ6LTKJAtReDDcsdUzWEswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKNozbfH 0ldFenVlvetOS+HCrV9tMB8GA1UdIwQYMBaAFItIasyvEqZ6lWiOjRG9ZYwEHBJa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi80RDdDRTY2QTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3BucVZhSTZORWIxbGpBUWNF bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2kwaHF6SzhTcG5xVmFJNk5FYjFsakFRY0Vsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi80RDdDRTY2QTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3Bu cVZhSTZORWIxbGpBUWNFbG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaQwAgy8jn8yP7WKsUkgCcuQ0Ro+Ui+QE7+GauCc5UibM1vzXqu+Ir c/eA3zNWxvnUfuLdlQIuoypxABc0J0VJAahha6Bq0k+ZXZlI2tBQT2JWEscbwAE1 Hhk293Myc5ez+wIi1wF6Mo0VAtbfl3PcWhWdwU/nExeIj+YOBMrUgU0wpRSK/7C6 V1L3pmjZOUjoGbGTrfMDTS/Nzvt6/nBDXb9wmTXe9ASY3fQnffVayRyrDwadhi5a pekP9i9FPf/A+acN2pe2isS8GBKO9w8vWtIh0zaudFL7u+k4Vhb5PaQLIbCC3Kd/ JDTEOEcC78Ed8nB+sydBkQkyGyqpzLnZ -----END CERTIFICATE-----Generated at Tue Oct 21 08:15:14 2025 by rpki-client