$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: rWQVhkXxoOujS6LnsRqPOHYNn1pQW0EJEVKy5+uWz7c= Subject key identifier: 2F:A0:0B:2B:7E:33:CA:49:15:B3:72:26:C9:65:52:F2:E4:DA:F0:85 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 35C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 353D Signing time: Mon 20 Oct 2025 14:16:38 +0000 Manifest this update: Mon 20 Oct 2025 14:16:37 +0000 Manifest next update: Mon 27 Oct 2025 14:16:37 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: nqnWjz93NHx4MkZ1/yX7pdy1Yo9sSTAI30T9szAlHjM=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: DB3F9CA4817B11F0BDC51985C4F9AE02.roa (hash: JAIKKCo9C8qw6fr8uLdaMchlj/iGB4GqwIN2CeXneAc=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: DCD41E8E98D511F0B3824663C4F9AE02.roa (hash: EWlSDhZJpxeihw3aeM/sQAa10hdfChLc1MQCCqHexiw=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:16:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13764 (0x35c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Oct 20 14:16:37 2025 GMT Not After : Oct 27 14:16:37 2025 GMT Subject: CN=68f64445-dc21 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:22:79:07:ad:3d:5d:c2:70:15:86:f3:95:c7: 42:46:f9:25:f4:6c:ff:33:e1:60:58:f9:ec:7b:c0: 29:2e:21:94:ca:85:e4:38:f4:b6:01:c9:cc:62:e2: 5a:66:58:f2:78:83:11:5b:3a:6f:09:97:47:80:69: 17:f6:b9:c2:fd:de:27:be:67:33:92:f0:b6:9b:12: 00:ef:c0:10:ec:4a:68:4a:b2:44:6c:76:4d:83:54: 57:cd:ea:00:b8:0e:52:e4:ce:a9:32:6b:42:7d:8c: d9:74:3c:b8:7d:03:e8:79:6a:e3:88:53:97:f1:8f: ed:4f:be:9f:e2:11:a9:34:17:8c:f1:e1:c8:d6:53: 60:69:43:a2:61:d4:47:11:b8:09:b0:a9:57:41:e6: 9b:f1:02:f6:a1:95:85:7b:f6:f1:21:be:40:bc:59: a0:34:e7:53:20:42:1d:67:46:64:84:51:b8:86:03: be:d1:52:7b:7d:3a:12:08:1f:10:dc:31:97:7b:53: 78:e9:95:6d:67:5b:49:8e:19:a2:dc:09:8c:f4:15: 50:0c:31:0b:7d:83:77:12:57:36:d2:4d:9d:28:75: f8:f8:c6:a6:dc:08:0c:c9:6d:76:6e:f9:91:dc:0c: c9:53:77:68:a9:fb:1c:d7:1e:7f:8e:ae:d9:d5:2c: d6:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:A0:0B:2B:7E:33:CA:49:15:B3:72:26:C9:65:52:F2:E4:DA:F0:85 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:19:0e:75:2b:b6:02:49:ed:30:a5:c1:52:17:4a:4f:b7:a5: f9:fc:bd:4d:3a:17:b8:17:e7:8c:63:58:b8:10:d6:23:4f:48: e2:e8:cc:bb:3c:41:26:fe:e7:7a:53:c3:c6:4a:65:95:27:5c: 5b:8d:bd:5a:3d:c5:f1:52:d3:62:53:9f:44:d0:16:f6:92:be: 06:0a:ad:02:06:63:58:42:aa:71:89:3d:a4:0e:34:c1:d0:80: 20:5f:b2:f1:dd:7f:da:3d:e8:1e:1b:26:fa:81:e2:8a:24:5c: c9:ea:8d:e4:77:fa:07:09:0e:fb:9a:81:ef:15:6e:da:ee:4d: b5:6a:8e:4a:21:05:79:58:60:7a:55:fb:72:63:c5:2d:2c:e0: 8f:15:f8:60:1d:16:1c:a6:68:a4:fb:52:c0:3b:bc:b1:a2:62: f2:2e:57:34:07:c9:96:a0:f8:8a:a9:52:75:71:08:1f:08:87: 24:85:6a:2d:c1:20:d5:b7:2f:0e:e4:cb:97:ef:73:c7:ad:aa: d9:4f:0a:f8:06:0f:9b:df:f1:a6:b8:7f:55:bd:93:76:94:5e: 6f:9f:6e:22:b4:e0:72:a4:ef:1f:11:2e:b4:de:92:cc:ad:5a: 1c:09:3f:cc:13:5a:52:1f:a9:db:76:46:43:29:c6:39:e3:c4: ed:ea:55:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNcQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUxMDIwMTQxNjM3WhcNMjUxMDI3MTQxNjM3WjAYMRYwFAYD VQQDEw02OGY2NDQ0NS1kYzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyyJ5B609XcJwFYbzlcdCRvkl9Gz/M+FgWPnse8ApLiGUyoXkOPS2AcnMYuJa ZljyeIMRWzpvCZdHgGkX9rnC/d4nvmczkvC2mxIA78AQ7EpoSrJEbHZNg1RXzeoA uA5S5M6pMmtCfYzZdDy4fQPoeWrjiFOX8Y/tT76f4hGpNBeM8eHI1lNgaUOiYdRH EbgJsKlXQeab8QL2oZWFe/bxIb5AvFmgNOdTIEIdZ0ZkhFG4hgO+0VJ7fToSCB8Q 3DGXe1N46ZVtZ1tJjhmi3AmM9BVQDDELfYN3Elc20k2dKHX4+Mam3AgMyW12bvmR 3AzJU3doqfsc1x5/jq7Z1SzWHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC+gCyt+ M8pJFbNyJsllUvLk2vCFMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaGQ51K7YCSe0wpcFSF0pPt6X5/L1NOhe4F+eMY1i4ENYjT0ji6My7 PEEm/ud6U8PGSmWVJ1xbjb1aPcXxUtNiU59E0Bb2kr4GCq0CBmNYQqpxiT2kDjTB 0IAgX7Lx3X/aPegeGyb6geKKJFzJ6o3kd/oHCQ77moHvFW7a7k21ao5KIQV5WGB6 VftyY8UtLOCPFfhgHRYcpmik+1LAO7yxomLyLlc0B8mWoPiKqVJ1cQgfCIckhWot wSDVty8O5MuX73PHrarZTwr4Bg+b3/GmuH9VvZN2lF5vn24itOBypO8fES603pLM rVocCT/ME1pSH6nbdkZDKcY548Tt6lXr -----END CERTIFICATE-----Generated at Mon Oct 20 17:13:38 2025 by rpki-client