$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: w+nfbAFTJ+4CPNedO/IxFMkOlYKYH6dd79T3qsqWNqo= Subject key identifier: 49:99:E7:A5:E7:3F:97:B3:53:51:6D:3D:DF:86:D2:62:EB:C5:15:B2 Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 01E7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 01E3 Signing time: Sun 19 Oct 2025 05:05:22 +0000 Manifest this update: Sun 19 Oct 2025 05:05:21 +0000 Manifest next update: Sun 26 Oct 2025 05:05:21 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: 5ZhtVlbWxtn4VsVIMTySRLtvJh+FLPvnYuMksXYIvGU=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:05:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 487 (0x1e7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: Oct 19 05:05:21 2025 GMT Not After : Oct 26 05:05:21 2025 GMT Subject: CN=68f47191-e2f3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:ba:ad:a4:62:31:35:d8:ca:05:41:c7:98:40: e7:63:e1:27:a4:22:17:6d:c2:6b:d6:97:5b:b1:3d: ca:15:3b:27:56:8b:c8:c0:49:48:16:a2:41:22:ea: 4c:be:bf:fc:dc:b3:2d:17:16:3b:81:87:45:88:99: 5e:8f:fe:ba:43:7a:9e:40:fb:ed:9c:ad:f6:5c:59: 0a:f7:e4:5a:26:70:76:15:c7:45:02:ef:54:19:95: 71:59:77:c5:7b:21:47:8c:df:70:3d:ff:23:92:b4: c8:33:7e:5d:40:e4:93:99:db:70:49:09:db:2c:0a: 0d:81:7a:da:99:8b:1a:f3:11:e3:59:16:cf:3f:84: cb:39:fe:db:0a:8a:36:b5:92:b5:2a:43:15:7b:f8: d4:8b:48:6f:e3:b2:00:de:a8:e2:67:9d:ec:94:9f: 2a:00:10:60:78:6f:e9:ea:6b:25:74:16:9d:cc:50: b9:86:d4:61:75:81:bb:67:05:1b:ec:d4:1c:4b:d7: 40:86:be:30:f4:9e:c5:64:c5:43:c0:26:1c:f4:f4: b3:b5:0f:62:f6:f8:b9:cb:e9:34:ef:9b:d1:ce:99: 66:3d:6f:df:71:a3:92:3f:a5:53:5c:f1:f2:21:fc: ab:03:83:70:a0:60:45:22:0d:67:60:d7:75:ca:ba: ec:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:99:E7:A5:E7:3F:97:B3:53:51:6D:3D:DF:86:D2:62:EB:C5:15:B2 X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:81:ea:8e:a8:f3:62:27:49:40:a5:04:a4:1f:43:d6:ba:63: 0d:05:5c:71:a2:bf:d2:71:f9:38:6c:fb:78:66:46:ee:74:e7: 34:3f:ad:db:0b:8f:4e:d5:8d:8f:1e:a8:e5:c1:c8:b4:71:80: 37:78:cd:c8:9b:4e:b5:34:6b:2d:d6:05:d7:f0:49:1a:49:58: 5b:66:22:dd:9e:db:ac:42:fb:07:e5:7c:f9:e2:16:9d:53:5c: bd:00:a7:09:84:6e:07:97:0e:15:cb:b4:a2:20:e5:da:f4:dd: bc:b1:36:4f:63:81:4f:0f:24:42:61:a9:1b:71:fe:05:0c:6f: 48:86:f1:8e:70:8d:a0:af:db:f4:43:78:a0:12:74:dc:62:43: 6e:8f:7b:9f:00:23:d6:a7:69:50:d5:a9:bd:c6:aa:da:4d:78: b5:55:a4:2a:09:80:69:f8:bd:db:fb:7d:ba:c8:4b:b7:58:35: 4b:b6:85:d6:8d:20:72:b5:99:f6:90:fe:03:dc:6e:98:83:f5: aa:68:1f:29:82:92:23:26:26:71:2f:7b:e4:5a:5c:1a:d9:94: a8:2c:08:36:25:f2:4e:81:f2:18:87:b9:80:43:4b:8a:a4:49: a0:f6:7a:e4:aa:89:05:a6:ab:57:1b:48:18:31:0d:84:d2:a8: 39:39:72:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAecwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUxMDE5MDUwNTIxWhcNMjUxMDI2MDUwNTIxWjAYMRYwFAYD VQQDEw02OGY0NzE5MS1lMmYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAybqtpGIxNdjKBUHHmEDnY+EnpCIXbcJr1pdbsT3KFTsnVovIwElIFqJBIupM vr/83LMtFxY7gYdFiJlej/66Q3qeQPvtnK32XFkK9+RaJnB2FcdFAu9UGZVxWXfF eyFHjN9wPf8jkrTIM35dQOSTmdtwSQnbLAoNgXramYsa8xHjWRbPP4TLOf7bCoo2 tZK1KkMVe/jUi0hv47IA3qjiZ53slJ8qABBgeG/p6msldBadzFC5htRhdYG7ZwUb 7NQcS9dAhr4w9J7FZMVDwCYc9PSztQ9i9vi5y+k075vRzplmPW/fcaOSP6VTXPHy IfyrA4NwoGBFIg1nYNd1yrrswwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEmZ56Xn P5ezU1FtPd+G0mLrxRWyMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRgeqOqPNiJ0lApQSkH0PWumMNBVxxor/Scfk4bPt4ZkbudOc0P63b C49O1Y2PHqjlwci0cYA3eM3Im061NGst1gXX8EkaSVhbZiLdntusQvsH5Xz54had U1y9AKcJhG4Hlw4Vy7SiIOXa9N28sTZPY4FPDyRCYakbcf4FDG9IhvGOcI2gr9v0 Q3igEnTcYkNuj3ufACPWp2lQ1am9xqraTXi1VaQqCYBp+L3b+326yEu3WDVLtoXW jSBytZn2kP4D3G6Yg/WqaB8pgpIjJiZxL3vkWlwa2ZSoLAg2JfJOgfIYh7mAQ0uK pEmg9nrkqokFpqtXG0gYMQ2E0qg5OXKW -----END CERTIFICATE-----Generated at Mon Oct 20 09:35:00 2025 by rpki-client