$ rpki-client -vvf rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft File: zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft (raw, json) Hash identifier: Yjr+mfd3p+RbcDdL2FWf11TGg9N3nrVXaIUuDpopUBw= Subject key identifier: 08:E7:21:1E:0C:54:BA:E2:C5:13:74:8A:D8:46:C7:01:A9:59:4B:25 Authority key identifier: CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49 Certificate issuer: /CN=A91ED8E0/serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049 Certificate serial: 0911 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft Manifest number: 08FD Signing time: Mon 20 Oct 2025 21:13:11 +0000 Manifest this update: Mon 20 Oct 2025 21:13:11 +0000 Manifest next update: Mon 27 Oct 2025 21:13:11 +0000 Files and hashes: 1: zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl (hash: 6kkkgX1C1BAoSUe0BhEjpTuOuqZSIqfDLxYL+wNerQA=) 2: 2BEC62FA5DA011EF8E541175C4F9AE02.roa (hash: gGLM1HQ1iS7fd20ceMBraz36fZdGiyHwpUVermAbtmg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 21:13:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2321 (0x911) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ED8E0, serialNumber=CC5419C8A78BCD53AD171C5B74A4071D95395049 Validity Not Before: Oct 20 21:13:11 2025 GMT Not After : Oct 27 21:13:11 2025 GMT Subject: CN=68f6a5e7-8e32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:4e:e6:2b:ed:b4:10:38:06:54:e6:ef:96:b1: cc:a6:d1:24:e4:f1:57:d6:33:d1:b8:9b:23:3f:78: c9:54:36:79:dd:1a:c6:46:34:9f:42:ea:d2:7a:2d: e9:87:37:f3:7b:ae:51:56:45:6b:e5:9e:88:3d:09: 03:e9:6a:e8:d5:7a:f9:40:5e:05:bc:b7:39:23:ba: 01:66:5c:01:5b:6d:1a:89:fe:8d:ac:1c:2d:6f:34: aa:26:dd:16:5c:97:92:42:9d:2e:ff:db:77:33:b7: 92:66:07:f7:ec:c6:bd:c3:95:95:5b:b3:cb:60:9d: a9:e6:06:b3:91:6a:01:88:ce:54:c0:48:37:9e:0f: 85:ee:5a:50:7f:1c:db:d9:3e:7b:d2:b3:c8:a2:d4: 64:e0:cc:88:ee:2b:40:31:f6:b9:27:52:dc:83:17: b9:81:3a:1b:e2:c3:8a:c4:6c:c3:f9:bb:dd:b0:b0: 53:b8:e8:16:84:1a:fa:19:ae:82:15:f0:02:0a:de: 5c:89:8b:16:3b:62:7a:d9:c2:d1:fa:30:c5:ce:27: 5f:0f:56:ac:ea:16:21:45:60:6e:32:2d:1d:c1:69: 46:dc:7d:e0:3e:91:5c:5c:5f:62:0c:e9:d9:04:73: fc:dd:90:96:15:86:dd:de:84:d7:09:d6:06:45:5b: 4a:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:E7:21:1E:0C:54:BA:E2:C5:13:74:8A:D8:46:C7:01:A9:59:4B:25 X509v3 Authority Key Identifier: keyid:CC:54:19:C8:A7:8B:CD:53:AD:17:1C:5B:74:A4:07:1D:95:39:50:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFQZyKeLzVOtFxxbdKQHHZU5UEk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ED8E0/EE2D5326B94711EA8A649E76C4F9AE02/zFQZyKeLzVOtFxxbdKQHHZU5UEk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:c0:04:6e:a0:0b:aa:67:6e:9a:64:cb:bc:46:16:93:43:f6: 4c:d1:6d:2c:01:84:01:8b:65:0b:1d:dd:7d:fa:d1:eb:51:f5: 57:65:05:88:20:26:04:b3:b0:f0:ce:59:ae:63:ab:f2:d0:1b: 59:d3:a3:35:f4:03:b6:4c:10:98:c1:d7:7f:89:6a:cb:11:b6: 1a:ae:67:70:fd:5d:d9:40:13:2c:bd:68:28:bd:29:1a:f8:a9: 25:41:6c:cc:56:bb:b3:44:31:f1:db:13:50:22:fd:33:67:7f: bc:52:86:12:53:48:f8:b0:12:dc:e7:c0:8e:82:73:aa:d4:bb: 4a:88:6f:9d:30:0d:a1:db:c7:8f:05:a2:cc:7e:7d:bb:f2:41: 62:10:0d:ee:5b:06:ce:f6:b5:93:09:ad:04:5a:d6:ea:a3:d8: 14:2a:90:8a:2a:47:a3:f7:96:94:65:55:a7:01:67:2d:13:f6: bb:cd:bb:2e:c8:5d:d8:70:72:18:92:c3:43:69:a3:ba:4a:b2: ea:7b:85:e7:06:97:f7:3e:62:21:f2:cc:ad:a4:13:0e:bb:2b: 65:80:b3:5f:8a:30:94:b7:e7:a7:e4:5e:71:13:c6:b1:d0:33: 44:e7:19:54:35:04:64:01:48:82:bd:32:5a:df:98:50:87:1f: b6:8c:f1:c4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCREwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUQ4RTAxMTAvBgNVBAUTKENDNTQxOUM4QTc4QkNENTNBRDE3MUM1Qjc0QTQwNzFE OTUzOTUwNDkwHhcNMjUxMDIwMjExMzExWhcNMjUxMDI3MjExMzExWjAYMRYwFAYD VQQDEw02OGY2YTVlNy04ZTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwU7mK+20EDgGVObvlrHMptEk5PFX1jPRuJsjP3jJVDZ53RrGRjSfQurSei3p hzfze65RVkVr5Z6IPQkD6Wro1Xr5QF4FvLc5I7oBZlwBW20aif6NrBwtbzSqJt0W XJeSQp0u/9t3M7eSZgf37Ma9w5WVW7PLYJ2p5gazkWoBiM5UwEg3ng+F7lpQfxzb 2T570rPIotRk4MyI7itAMfa5J1Lcgxe5gTob4sOKxGzD+bvdsLBTuOgWhBr6Ga6C FfACCt5ciYsWO2J62cLR+jDFzidfD1as6hYhRWBuMi0dwWlG3H3gPpFcXF9iDOnZ BHP83ZCWFYbd3oTXCdYGRVtKGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAjnIR4M VLrixRN0ithGxwGpWUslMB8GA1UdIwQYMBaAFMxUGcini81TrRccW3SkBx2VOVBJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRDhFMC9FRTJENTMyNkI5 NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpWT3RGeHhiZEtRSEhaVTVV RWsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGUVp5S2VMelZPdEZ4eGJkS1FISFpVNVVFay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RDhFMC9FRTJENTMyNkI5NDcxMUVBOEE2NDlFNzZDNEY5QUUwMi96RlFaeUtlTHpW T3RGeHhiZEtRSEhaVTVVRWsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQwARuoAuqZ26aZMu8RhaTQ/ZM0W0sAYQBi2ULHd19+tHrUfVXZQWI ICYEs7DwzlmuY6vy0BtZ06M19AO2TBCYwdd/iWrLEbYarmdw/V3ZQBMsvWgovSka +KklQWzMVruzRDHx2xNQIv0zZ3+8UoYSU0j4sBLc58COgnOq1LtKiG+dMA2h28eP BaLMfn278kFiEA3uWwbO9rWTCa0EWtbqo9gUKpCKKkej95aUZVWnAWctE/a7zbsu yF3YcHIYksNDaaO6SrLqe4XnBpf3PmIh8sytpBMOuytlgLNfijCUt+en5F5xE8ax 0DNE5xlUNQRkAUiCvTJa35hQhx+2jPHE -----END CERTIFICATE-----Generated at Tue Oct 21 01:02:49 2025 by rpki-client