$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft File: 3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft (raw, json) Hash identifier: fup39fLLpkOG/cTiQZ53PDi1gTaXFZW5VUhn+5Qd3CY= Subject key identifier: 5C:CC:58:97:D3:62:D6:29:CF:24:A1:49:37:99:EC:0C:DC:49:30:76 Authority key identifier: DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E Certificate issuer: /CN=A91DC4E1/serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Certificate serial: 1BB1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft Manifest number: 1B88 Signing time: Mon 20 Oct 2025 16:34:09 +0000 Manifest this update: Mon 20 Oct 2025 16:34:09 +0000 Manifest next update: Mon 27 Oct 2025 16:34:09 +0000 Files and hashes: 1: 3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl (hash: DRjsEY+66Vn3b0ttiaTMLy2GfXvqplNT2jieDFMHvsg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 16:34:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7089 (0x1bb1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC4E1, serialNumber=DC1B39B54F60891AC778A9316D71B0BE8006396E Validity Not Before: Oct 20 16:34:09 2025 GMT Not After : Oct 27 16:34:09 2025 GMT Subject: CN=68f66481-2a16 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:bf:85:0f:92:7f:e9:cf:96:b6:14:c7:c0:08: b2:fa:78:a4:36:2c:e8:3d:47:23:d8:92:2b:33:b6: 6b:54:28:53:11:fc:11:4f:c9:31:1e:df:6f:3b:93: 18:dc:0f:07:37:68:3e:1c:7f:55:ff:1e:2b:9c:fd: 31:20:b1:c0:b1:25:f0:0a:5b:70:61:72:61:70:64: 3b:f4:d5:d1:24:7f:45:67:b4:94:84:8a:c2:54:41: a0:ee:db:2b:61:ba:7e:b2:9e:de:77:32:74:63:54: 92:ad:57:9e:d8:f5:8e:8e:ed:a9:1c:ca:18:c5:e9: 63:fd:26:6a:34:43:50:a6:ae:17:3f:57:18:ce:22: 43:56:7f:4a:da:46:b9:b4:ba:9e:ef:9b:04:83:79: 1c:58:28:42:19:33:f6:2b:25:d0:b2:86:82:de:9f: 38:98:e7:05:2b:c3:18:7b:42:e0:39:c7:5e:c4:72: 60:37:2d:e7:73:d1:3b:4c:15:a5:48:a4:79:5a:23: f7:f9:d6:1a:de:88:aa:cd:dd:a7:14:cb:58:3a:ee: 86:2f:ea:2d:42:5c:6d:a5:bf:bc:8e:1e:c9:88:a6: 77:80:10:92:71:4a:60:d4:09:78:f2:40:b6:1c:0c: 4d:14:29:dc:76:b3:a0:6f:83:e1:3c:00:72:5e:92: ad:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:CC:58:97:D3:62:D6:29:CF:24:A1:49:37:99:EC:0C:DC:49:30:76 X509v3 Authority Key Identifier: keyid:DC:1B:39:B5:4F:60:89:1A:C7:78:A9:31:6D:71:B0:BE:80:06:39:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3Bs5tU9giRrHeKkxbXGwvoAGOW4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC4E1/2004F144160111E7A8AC225DC4F9AE02/3Bs5tU9giRrHeKkxbXGwvoAGOW4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:64:b4:e9:dc:cd:cb:8a:b7:f7:ee:71:0d:d6:f0:01:51:48: 01:f7:e5:07:60:a0:5a:58:e5:b2:02:a7:1b:ae:aa:81:8f:d2: 5b:1a:58:ed:04:3e:52:b7:3b:f2:ea:89:77:27:60:5e:a6:8b: c9:84:3a:e8:f8:73:a4:4b:4f:ae:26:34:c8:2c:49:e4:fb:4a: 28:08:03:d1:d7:3b:a4:c2:e4:c5:78:ec:38:cf:42:f7:96:3d: 7e:9d:0a:76:15:64:ef:f9:3f:5d:cd:6d:a5:b9:69:4c:6f:d1: 1e:b3:34:44:a5:ca:4a:9c:1e:d2:ec:66:c9:62:5e:2b:0d:48: 5e:11:ec:6a:37:0b:43:e7:e4:f1:b2:24:84:07:1c:d6:03:eb: da:fd:1c:7e:4c:10:a7:6f:e6:43:5f:a7:0f:74:02:71:c2:a0: 9e:0a:1c:81:9d:57:76:98:22:ac:4a:f1:79:24:9f:df:46:e1: d9:81:ac:29:02:38:b1:93:81:0c:40:1e:63:de:05:7c:ea:84: 72:6e:5e:9e:53:a7:1d:54:65:52:6d:65:24:01:c9:c3:95:26: ef:3f:2b:b9:76:f6:59:eb:83:56:a5:35:ed:d5:ee:09:88:b8: 05:62:d9:df:1b:86:b9:f6:f1:0a:5e:70:0f:53:49:d8:37:f8: ae:75:d0:6d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICG7EwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0RTExMTAvBgNVBAUTKERDMUIzOUI1NEY2MDg5MUFDNzc4QTkzMTZENzFCMEJF ODAwNjM5NkUwHhcNMjUxMDIwMTYzNDA5WhcNMjUxMDI3MTYzNDA5WjAYMRYwFAYD VQQDEw02OGY2NjQ4MS0yYTE2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0L+FD5J/6c+WthTHwAiy+nikNizoPUcj2JIrM7ZrVChTEfwRT8kxHt9vO5MY 3A8HN2g+HH9V/x4rnP0xILHAsSXwCltwYXJhcGQ79NXRJH9FZ7SUhIrCVEGg7tsr Ybp+sp7edzJ0Y1SSrVee2PWOju2pHMoYxelj/SZqNENQpq4XP1cYziJDVn9K2ka5 tLqe75sEg3kcWChCGTP2KyXQsoaC3p84mOcFK8MYe0LgOcdexHJgNy3nc9E7TBWl SKR5WiP3+dYa3oiqzd2nFMtYOu6GL+otQlxtpb+8jh7JiKZ3gBCScUpg1Al48kC2 HAxNFCncdrOgb4PhPAByXpKtnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFzMWJfT YtYpzyShSTeZ7AzcSTB2MB8GA1UdIwQYMBaAFNwbObVPYIkax3ipMW1xsL6ABjlu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzRFMS8yMDA0RjE0NDE2 MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5Z2lSckhlS2t4YlhHd3ZvQUdP VzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNCczV0VTlnaVJySGVLa3hiWEd3dm9BR09XNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzRFMS8yMDA0RjE0NDE2MDExMUU3QThBQzIyNURDNEY5QUUwMi8zQnM1dFU5Z2lS ckhlS2t4YlhHd3ZvQUdPVzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADZLTp3M3Lirf37nEN1vABUUgB9+UHYKBaWOWyAqcbrqqBj9JbGljt BD5Stzvy6ol3J2BepovJhDro+HOkS0+uJjTILEnk+0ooCAPR1zukwuTFeOw4z0L3 lj1+nQp2FWTv+T9dzW2luWlMb9EeszREpcpKnB7S7GbJYl4rDUheEexqNwtD5+Tx siSEBxzWA+va/Rx+TBCnb+ZDX6cPdAJxwqCeChyBnVd2mCKsSvF5JJ/fRuHZgawp Ajixk4EMQB5j3gV86oRybl6eU6cdVGVSbWUkAcnDlSbvPyu5dvZZ64NWpTXt1e4J iLgFYtnfG4a59vEKXnAPU0nYN/iuddBt -----END CERTIFICATE-----Generated at Mon Oct 20 23:34:11 2025 by rpki-client