$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft File: TnWast4kVGn4MRuSc7VVOH51CpA.mft (raw, json) Hash identifier: M5Wikt3ed5V+xG2HmJg8IqRPf64NXMRWdMQJW3w6tjw= Subject key identifier: 3B:B6:C7:12:75:D6:FC:53:0F:6A:2E:C9:9A:83:3D:8A:0B:97:8B:F0 Authority key identifier: 4E:75:9A:B2:DE:24:54:69:F8:31:1B:92:73:B5:55:38:7E:75:0A:90 Certificate issuer: /CN=A91DF233/serialNumber=4E759AB2DE245469F8311B9273B555387E750A90 Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TnWast4kVGn4MRuSc7VVOH51CpA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft Manifest number: A3 Signing time: Sun 19 Oct 2025 09:29:09 +0000 Manifest this update: Sun 19 Oct 2025 09:29:09 +0000 Manifest next update: Sun 26 Oct 2025 09:29:09 +0000 Files and hashes: 1: TnWast4kVGn4MRuSc7VVOH51CpA.crl (hash: qJv96sA7TDNmaLNb4s1o0XZOiIy22AK5JXL/kd46GGw=) 2: 1FE0E016B37D11EFBDE18263C4F9AE02.roa (hash: i4QqretrMrfllRlkSz0xUOac9qaskNbaHtNPO9MoQA0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.crl rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TnWast4kVGn4MRuSc7VVOH51CpA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:29:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF233, serialNumber=4E759AB2DE245469F8311B9273B555387E750A90 Validity Not Before: Oct 19 09:29:09 2025 GMT Not After : Oct 26 09:29:09 2025 GMT Subject: CN=68f4af65-ca1a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:75:95:77:dc:ae:5d:9a:df:a0:70:30:a2:f8: b4:9b:61:ee:d8:b1:b1:75:1b:f5:02:ab:a5:86:e2: 90:65:d4:0d:07:17:cf:97:98:57:b3:62:19:9c:bc: c4:a7:f9:51:4c:e3:fc:bc:e8:c2:8a:43:8c:3a:53: 94:f6:97:32:d4:50:05:de:c3:32:32:de:3d:6e:05: 6a:67:35:e1:d7:39:df:f1:2b:3c:93:3c:7d:b9:d1: b8:23:13:bc:ee:fa:28:01:97:61:5c:75:fe:fd:d5: ef:c2:bc:36:46:50:f3:8f:6a:ab:79:7a:af:35:7b: b7:3d:2c:12:4a:eb:0f:b2:60:f3:af:d1:69:d4:7c: 80:1b:c5:e0:c8:47:08:9a:29:f3:ca:0a:f3:f3:d4: a0:12:71:8c:cd:4d:1f:ff:d0:19:b4:ab:78:ae:ff: f3:6a:6e:58:5c:df:ad:f3:6b:d0:d0:a4:24:e3:0f: 89:1d:c7:aa:d6:50:25:e1:18:4f:f3:e0:cb:b1:04: 16:a2:af:bb:4c:ad:b0:d1:9e:5f:05:da:af:91:aa: ac:4d:b5:58:f3:3c:5e:33:c9:9d:8d:b2:3e:80:b4: 66:5b:10:60:73:0e:9d:21:62:ed:46:25:42:9c:f2: 1e:1b:30:35:1a:c4:e1:0d:18:6f:63:80:2c:dd:fb: 67:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3B:B6:C7:12:75:D6:FC:53:0F:6A:2E:C9:9A:83:3D:8A:0B:97:8B:F0 X509v3 Authority Key Identifier: keyid:4E:75:9A:B2:DE:24:54:69:F8:31:1B:92:73:B5:55:38:7E:75:0A:90 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/TnWast4kVGn4MRuSc7VVOH51CpA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF233/08F05260B37811EF88322B0FC4F9AE02/TnWast4kVGn4MRuSc7VVOH51CpA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:25:ca:db:6a:e3:be:a6:15:7a:af:ac:4b:ab:61:da:36:35: 28:9d:67:5a:98:28:25:75:18:e4:b6:c8:a2:e9:f2:f6:82:75: e1:fc:83:e3:a7:63:36:1b:f5:2f:97:1e:17:f0:38:54:b5:dd: 22:eb:8a:8b:69:c5:f6:6d:bf:a6:a8:50:1b:a6:45:75:c3:a1: cd:ac:c1:7d:1e:a9:c7:75:65:2a:4f:38:51:4b:26:fd:6f:f4: 92:38:a1:ca:47:60:f2:e2:8e:4c:1c:ce:3d:a6:00:25:50:0a: 9d:15:ca:03:2d:35:0f:19:20:32:8c:e0:58:48:56:75:b9:63: 77:cb:ff:b8:84:77:79:6b:58:2f:db:1a:15:58:8b:70:4f:72: 2a:6e:44:78:b5:86:8d:11:cb:26:1b:47:57:6d:9b:f3:4f:ec: 9f:d6:60:bb:22:23:09:01:45:4d:3b:66:42:83:04:34:d4:ef: ea:3b:c3:5e:cd:5e:23:fa:b0:25:0e:0a:33:ab:08:ad:69:f4: 9e:9a:25:cd:4a:fd:bb:59:72:44:b3:a7:65:aa:6c:79:bc:7f: 07:83:06:9a:47:15:1f:f5:41:b9:c6:97:1c:5b:97:44:36:b3: a1:85:5e:e9:f3:23:cc:e7:fb:e8:39:f5:1b:23:00:7f:7b:0a: 2d:ab:0c:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REYyMzMxMTAvBgNVBAUTKDRFNzU5QUIyREUyNDU0NjlGODMxMUI5MjczQjU1NTM4 N0U3NTBBOTAwHhcNMjUxMDE5MDkyOTA5WhcNMjUxMDI2MDkyOTA5WjAYMRYwFAYD VQQDEw02OGY0YWY2NS1jYTFhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA53WVd9yuXZrfoHAwovi0m2Hu2LGxdRv1AqulhuKQZdQNBxfPl5hXs2IZnLzE p/lRTOP8vOjCikOMOlOU9pcy1FAF3sMyMt49bgVqZzXh1znf8Ss8kzx9udG4IxO8 7vooAZdhXHX+/dXvwrw2RlDzj2qreXqvNXu3PSwSSusPsmDzr9Fp1HyAG8XgyEcI minzygrz89SgEnGMzU0f/9AZtKt4rv/zam5YXN+t82vQ0KQk4w+JHceq1lAl4RhP 8+DLsQQWoq+7TK2w0Z5fBdqvkaqsTbVY8zxeM8mdjbI+gLRmWxBgcw6dIWLtRiVC nPIeGzA1GsThDRhvY4As3ftn2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDu2xxJ1 1vxTD2ouyZqDPYoLl4vwMB8GA1UdIwQYMBaAFE51mrLeJFRp+DEbknO1VTh+dQqQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjIzMy8wOEYwNTI2MEIz NzgxMUVGODgzMjJCMEZDNEY5QUUwMi9Ubldhc3Q0a1ZHbjRNUnVTYzdWVk9INTFD cEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RuV2FzdDRrVkduNE1SdVNjN1ZWT0g1MUNwQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjIzMy8wOEYwNTI2MEIzNzgxMUVGODgzMjJCMEZDNEY5QUUwMi9Ubldhc3Q0a1ZH bjRNUnVTYzdWVk9INTFDcEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCJcrbauO+phV6r6xLq2HaNjUonWdamCgldRjktsii6fL2gnXh/IPj p2M2G/Uvlx4X8DhUtd0i64qLacX2bb+mqFAbpkV1w6HNrMF9HqnHdWUqTzhRSyb9 b/SSOKHKR2Dy4o5MHM49pgAlUAqdFcoDLTUPGSAyjOBYSFZ1uWN3y/+4hHd5a1gv 2xoVWItwT3IqbkR4tYaNEcsmG0dXbZvzT+yf1mC7IiMJAUVNO2ZCgwQ01O/qO8Ne zV4j+rAlDgozqwitafSemiXNSv27WXJEs6dlqmx5vH8HgwaaRxUf9UG5xpccW5dE NrOhhV7p8yPM5/voOfUbIwB/ewotqwzK -----END CERTIFICATE-----Generated at Tue Oct 21 11:40:38 2025 by rpki-client