$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft File: 2itDzBg8qOD2qPbapUzdcwb4Yig.mft (raw, json) Hash identifier: iDWafEUAVgXXIoljO9DfZWoJZ0dkI1SiXBNXR9crZXU= Subject key identifier: E9:86:60:66:4E:A7:01:A3:F3:B5:D0:F6:4B:5A:F8:45:C3:E9:FE:D2 Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 Certificate issuer: /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Certificate serial: 0A53 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft Manifest number: 0A42 Signing time: Mon 20 Oct 2025 20:30:43 +0000 Manifest this update: Mon 20 Oct 2025 20:30:42 +0000 Manifest next update: Mon 27 Oct 2025 20:30:42 +0000 Files and hashes: 1: 2itDzBg8qOD2qPbapUzdcwb4Yig.crl (hash: jCZZPt1n/CZkaHI8P/2GBQTzhUi4vE5Mxs53EuWZlkQ=) 2: FD114232912711EFBCB4ED6EC4F9AE02.roa (hash: TxCwNFrh+xkaqDR3M5kqqPa5bX7FhYwp1p0wkxa1CxU=) 3: 0D6FFE56BA3511ECA20A3817C4F9AE02.roa (hash: JxcjLdYbfNpLt4XJbaeEwHRAAk7SbV4Cw+ExyqNKBV4=) 4: C8A0E422831611EA95762453C4F9AE02.roa (hash: yUwouY97arbHx1ysSRkQtB3/fVJX2BMSgtA5eI1eKIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:30:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2643 (0xa53) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF0EC, serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Validity Not Before: Oct 20 20:30:42 2025 GMT Not After : Oct 27 20:30:42 2025 GMT Subject: CN=68f69bf3-2c68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f5:fb:4e:ee:cb:43:9e:3a:61:1e:7b:16:31: 0c:e0:df:43:ee:17:ca:bf:ce:72:c8:05:9f:e9:f0: b1:3a:e7:74:aa:9f:6d:9d:b2:2e:f2:9c:46:a0:a6: 0d:86:17:2e:ae:8f:86:00:76:f4:f3:90:c1:0d:c6: 38:d7:7c:9c:d6:43:8c:ca:87:4a:fc:a2:68:c3:f2: 67:8c:3d:ea:20:fe:22:4e:b0:61:16:37:9d:42:f3: 54:38:9c:d1:35:8b:8b:61:b4:6c:e3:0b:10:67:df: 47:c9:a6:1f:62:ae:3c:1e:b1:49:76:30:6c:e8:a6: 1f:23:fc:dc:58:98:42:24:a6:d4:82:e6:fb:bf:6f: ac:9c:81:e6:de:2d:47:be:2f:a8:38:f7:db:96:f1: b8:f6:ea:8b:ce:ca:0c:39:31:f7:bb:cb:ce:9e:bb: c7:ec:6f:80:8a:54:d6:37:4e:6b:f5:72:d4:70:84: a4:72:1f:6d:57:a0:54:7e:55:7d:26:f1:2d:87:02: 71:dd:95:35:71:e8:a9:2b:4c:e5:60:02:97:46:b8: 2c:07:a9:a2:b7:f2:83:2f:0b:38:ff:fd:cb:b4:08: 28:a3:61:70:1c:60:f9:be:a7:97:0c:3a:2b:ed:73: 28:b7:25:a7:ef:b2:c0:69:89:5a:4e:e7:69:dd:a5: 66:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:86:60:66:4E:A7:01:A3:F3:B5:D0:F6:4B:5A:F8:45:C3:E9:FE:D2 X509v3 Authority Key Identifier: keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8e:db:14:f0:f2:a1:24:3b:e5:8a:26:79:d7:d4:37:e9:a1:ad: 22:50:a4:ca:93:e1:4c:ed:68:55:6f:32:9d:9b:47:20:c8:7d: b5:d2:f5:e7:49:6e:8e:2f:71:41:7a:2d:c5:06:9b:9b:37:eb: 06:54:73:69:83:44:47:86:5f:88:13:17:20:68:b6:5b:be:90: 68:74:c0:31:69:a5:12:77:7a:b0:ca:fa:a5:59:a6:d1:32:88: fa:8e:d9:e8:b6:fd:a5:ab:90:32:7c:be:ba:31:db:01:37:99: 34:6c:cf:e9:64:cf:86:0e:82:82:41:d2:a5:b4:d9:76:1b:f0: 3c:be:af:94:ed:c5:7d:3b:11:f5:26:33:69:69:42:37:73:0c: 25:28:30:7e:2d:2f:e8:23:b5:c4:62:64:a6:9c:fc:0f:78:af: 58:c1:77:48:26:ac:b8:32:01:f5:64:27:dc:5a:cf:d8:43:b6: 96:50:44:5f:72:6c:28:cb:26:d6:4c:a0:b6:ac:e9:87:1b:7e: a9:17:ce:21:de:ff:45:35:95:c2:48:bb:93:eb:20:61:ad:2b: af:b2:36:a4:8f:02:cb:5c:8e:01:b3:a4:3b:ab:15:7e:df:96: fb:78:db:f1:2c:02:1f:d8:8a:ab:8e:e6:d0:64:db:d3:81:31: 6a:66:b5:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICClMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz MDZGODYyMjgwHhcNMjUxMDIwMjAzMDQyWhcNMjUxMDI3MjAzMDQyWjAYMRYwFAYD VQQDEw02OGY2OWJmMy0yYzY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn/X7Tu7LQ546YR57FjEM4N9D7hfKv85yyAWf6fCxOud0qp9tnbIu8pxGoKYN hhcuro+GAHb085DBDcY413yc1kOMyodK/KJow/JnjD3qIP4iTrBhFjedQvNUOJzR NYuLYbRs4wsQZ99HyaYfYq48HrFJdjBs6KYfI/zcWJhCJKbUgub7v2+snIHm3i1H vi+oOPfblvG49uqLzsoMOTH3u8vOnrvH7G+AilTWN05r9XLUcISkch9tV6BUflV9 JvEthwJx3ZU1ceipK0zlYAKXRrgsB6mit/KDLws4//3LtAgoo2FwHGD5vqeXDDor 7XMotyWn77LAaYlaTudp3aVmUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOmGYGZO pwGj87XQ9kta+EXD6f7SMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5 NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjBFQy85OTFDRUY3RTc5NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFP RDJxUGJhcFV6ZGN3YjRZaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCO2xTw8qEkO+WKJnnX1Dfpoa0iUKTKk+FM7WhVbzKdm0cgyH210vXn SW6OL3FBei3FBpubN+sGVHNpg0RHhl+IExcgaLZbvpBodMAxaaUSd3qwyvqlWabR Moj6jtnotv2lq5AyfL66MdsBN5k0bM/pZM+GDoKCQdKltNl2G/A8vq+U7cV9OxH1 JjNpaUI3cwwlKDB+LS/oI7XEYmSmnPwPeK9YwXdIJqy4MgH1ZCfcWs/YQ7aWUERf cmwoyybWTKC2rOmHG36pF84h3v9FNZXCSLuT6yBhrSuvsjakjwLLXI4Bs6Q7qxV+ 35b7eNvxLAIf2IqrjubQZNvTgTFqZrVS -----END CERTIFICATE-----Generated at Mon Oct 20 23:11:32 2025 by rpki-client