$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: LGknipFzaH+LM4w0T+xMXYEwDugd7NeycpTAs48rHlo= Subject key identifier: 4C:1C:C2:90:3D:1D:4E:D3:AE:39:A9:5E:DC:08:EA:6C:5C:DA:E3:37 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: B6 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: B4 Signing time: Sun 19 Oct 2025 09:13:18 +0000 Manifest this update: Sun 19 Oct 2025 09:13:17 +0000 Manifest next update: Sun 26 Oct 2025 09:13:17 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: wpJ8VSe6mHhFmoEHTj8ahtidUBcfD6uQy2u0XMnLwuc=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:13:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 182 (0xb6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Oct 19 09:13:17 2025 GMT Not After : Oct 26 09:13:17 2025 GMT Subject: CN=68f4abad-7a78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:eb:ed:45:5c:80:16:de:61:b9:2f:4f:ba:76: 29:16:8a:a6:4f:ce:db:3c:4c:67:32:20:e5:33:14: 34:45:d8:15:1c:63:ff:f7:4d:21:3a:4a:cd:a6:b3: b2:99:55:d1:d6:2a:de:f6:42:f6:68:32:a7:3b:05: 8e:76:81:d6:45:69:d6:d2:34:78:4d:d3:cc:f4:fc: 7a:6b:67:10:7d:21:69:7a:64:23:37:29:31:bf:37: e6:f4:91:d6:be:5d:95:7c:a1:a6:f9:e4:b8:55:55: 28:cd:ce:52:de:0a:3f:0a:a7:01:c7:ef:a8:72:27: 70:39:d4:a7:63:18:bb:35:d3:95:09:20:35:c2:7c: c4:ca:37:cd:44:c9:cb:32:83:42:78:db:42:ff:ad: cc:81:80:26:8e:c1:68:32:c4:68:b3:89:40:a2:fc: 5a:b9:6a:82:18:cd:3f:92:ff:81:47:40:d1:cc:0d: 63:dd:2a:80:33:1c:95:b0:c2:04:4b:b2:27:ce:fb: 8d:95:35:e6:12:7a:ff:4d:86:90:d4:56:6c:3d:57: 08:72:9a:c4:b0:cd:cb:46:b7:e2:8d:47:bb:64:77: e9:9c:fd:dc:6d:c5:57:6d:06:2e:c2:1a:d6:b2:c6: 24:47:a5:e0:0e:51:cb:eb:9b:b7:28:25:0e:a8:80: 40:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:1C:C2:90:3D:1D:4E:D3:AE:39:A9:5E:DC:08:EA:6C:5C:DA:E3:37 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:23:52:84:7c:60:6c:e3:79:a9:d4:99:6c:06:1c:52:ad:76: 8c:64:e4:21:de:d2:7a:17:60:bd:20:e9:c9:a5:01:69:ae:79: 4a:83:ae:e4:61:4f:99:92:1b:1b:f0:55:74:fd:74:44:a7:a0: 6e:19:6a:7b:b4:d0:a6:dc:60:cc:92:2c:70:c8:1a:f1:1e:a9: 7a:a7:d1:63:14:70:1d:8a:3d:98:9a:54:a7:76:fe:47:16:cd: 15:c9:ef:12:50:2d:29:0a:c8:91:0c:74:52:32:53:0e:30:59: 0f:16:06:d8:99:9a:b5:3e:11:26:1c:83:1b:8d:b0:85:3e:7c: ee:ad:54:51:29:d2:fc:9d:b4:bc:6c:cc:97:22:11:12:79:d2: 6a:99:32:70:e5:9d:b8:c6:b3:d9:a7:87:38:ea:3d:b1:a4:5b: cf:69:c1:de:39:00:9c:8e:84:57:c6:d8:7f:f8:64:cc:70:6b: e3:c3:2b:81:53:95:b1:80:c4:1a:d4:22:a8:9b:d1:6a:ab:36: 24:f0:5a:1d:f8:ba:e5:5e:b7:32:1d:99:d5:e2:56:12:d1:7e: ac:8f:73:43:1b:46:52:1b:de:82:f4:8e:ea:4c:24:84:9a:f7: 6b:87:41:23:5d:25:5e:9a:d8:ce:57:ba:30:c7:60:8d:04:08: b2:e7:3d:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUxMDE5MDkxMzE3WhcNMjUxMDI2MDkxMzE3WjAYMRYwFAYD VQQDEw02OGY0YWJhZC03YTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvuvtRVyAFt5huS9PunYpFoqmT87bPExnMiDlMxQ0RdgVHGP/900hOkrNprOy mVXR1ire9kL2aDKnOwWOdoHWRWnW0jR4TdPM9Px6a2cQfSFpemQjNykxvzfm9JHW vl2VfKGm+eS4VVUozc5S3go/CqcBx++ocidwOdSnYxi7NdOVCSA1wnzEyjfNRMnL MoNCeNtC/63MgYAmjsFoMsRos4lAovxauWqCGM0/kv+BR0DRzA1j3SqAMxyVsMIE S7InzvuNlTXmEnr/TYaQ1FZsPVcIcprEsM3LRrfijUe7ZHfpnP3cbcVXbQYuwhrW ssYkR6XgDlHL65u3KCUOqIBAZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEwcwpA9 HU7TrjmpXtwI6mxc2uM3MB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOI1KEfGBs43mp1JlsBhxSrXaMZOQh3tJ6F2C9IOnJpQFprnlKg67k YU+Zkhsb8FV0/XREp6BuGWp7tNCm3GDMkixwyBrxHql6p9FjFHAdij2YmlSndv5H Fs0Vye8SUC0pCsiRDHRSMlMOMFkPFgbYmZq1PhEmHIMbjbCFPnzurVRRKdL8nbS8 bMyXIhESedJqmTJw5Z24xrPZp4c46j2xpFvPacHeOQCcjoRXxth/+GTMcGvjwyuB U5WxgMQa1CKom9FqqzYk8Fod+LrlXrcyHZnV4lYS0X6sj3NDG0ZSG96C9I7qTCSE mvdrh0EjXSVemtjOV7owx2CNBAiy5z3V -----END CERTIFICATE-----Generated at Tue Oct 21 06:57:47 2025 by rpki-client