$ rpki-client -vvf rpki.apnic.net/member_repository/A91F08D9/0FD6AB52817111F09B10AE56C4F9AE02/K7fm9k6JPZEwSosliGA1DWdQVK0.mft File: K7fm9k6JPZEwSosliGA1DWdQVK0.mft (raw, json) Hash identifier: qTHzGmRqfcOmDxFnOFXUgQDzr0wgGk6s3bx7LJbzBnA= Subject key identifier: 03:C7:45:41:E9:9A:D4:6E:AE:63:A7:C9:5A:32:AA:E2:D3:4E:CE:54 Authority key identifier: 2B:B7:E6:F6:4E:89:3D:91:30:4A:8B:25:88:60:35:0D:67:50:54:AD Certificate issuer: /CN=A91F08D9/serialNumber=2BB7E6F64E893D91304A8B258860350D675054AD Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K7fm9k6JPZEwSosliGA1DWdQVK0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F08D9/0FD6AB52817111F09B10AE56C4F9AE02/K7fm9k6JPZEwSosliGA1DWdQVK0.mft Manifest number: 1F Signing time: Sun 19 Oct 2025 11:21:27 +0000 Manifest this update: Sun 19 Oct 2025 11:21:27 +0000 Manifest next update: Sun 26 Oct 2025 11:21:27 +0000 Files and hashes: 1: K7fm9k6JPZEwSosliGA1DWdQVK0.crl (hash: LW3DkpCSm74o5lCxDCHJU/PRSDGkq3F/EWCXvxFjrLg=) 2: 87B1CF3484AB11F08EC73477C4F9AE02.roa (hash: Jt9xrlHuvhlUdrVUwgtvoOyhCxiTlBYw7QDZYg605Dk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F08D9/0FD6AB52817111F09B10AE56C4F9AE02/K7fm9k6JPZEwSosliGA1DWdQVK0.crl rsync://rpki.apnic.net/member_repository/A91F08D9/0FD6AB52817111F09B10AE56C4F9AE02/K7fm9k6JPZEwSosliGA1DWdQVK0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K7fm9k6JPZEwSosliGA1DWdQVK0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:21:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F08D9, serialNumber=2BB7E6F64E893D91304A8B258860350D675054AD Validity Not Before: Oct 19 11:21:27 2025 GMT Not After : Oct 26 11:21:27 2025 GMT Subject: CN=68f4c9b7-2a92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:f5:db:8a:9e:1a:b3:fb:af:2e:eb:c4:b7:c9: d4:94:26:23:59:69:78:b3:8c:5c:2a:a2:dc:e0:c6: 32:b8:14:69:b5:b1:bb:18:21:27:66:58:b1:31:1c: cf:fc:0e:28:b4:e1:bc:26:69:50:f2:23:74:fc:c4: ac:25:44:8d:77:a2:dc:72:00:d7:a4:a1:7d:a2:22: 5a:3c:89:93:1c:54:e2:73:06:90:35:f9:9d:6a:13: bc:62:bf:71:d5:94:ba:68:a7:a4:b7:35:f2:c0:d3: a8:c9:7f:31:a5:f0:6b:17:e5:62:d2:7a:86:e5:f0: 35:c9:d7:89:76:cf:34:fd:7f:09:77:4c:63:20:ce: 00:1c:8f:f7:ea:7d:68:36:e9:21:21:dd:f6:12:cc: 1f:2a:b5:57:b0:5a:9e:45:34:e8:06:1f:26:7b:82: 43:51:6e:83:a0:3b:10:53:9b:2e:3f:97:77:66:cb: 9e:36:74:0e:ce:2e:39:7c:6f:be:be:3d:ca:d8:b4: 9d:82:13:aa:07:55:e6:16:5f:6c:fd:60:91:f9:82: 1f:2d:a3:de:e8:1d:e7:35:66:01:c8:25:3c:d1:f0: 31:a7:43:de:33:06:9f:0f:27:93:74:61:c7:86:35: 62:b3:93:95:ee:ef:08:64:72:c8:b9:a8:92:04:62: a6:39 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 03:C7:45:41:E9:9A:D4:6E:AE:63:A7:C9:5A:32:AA:E2:D3:4E:CE:54 X509v3 Authority Key Identifier: keyid:2B:B7:E6:F6:4E:89:3D:91:30:4A:8B:25:88:60:35:0D:67:50:54:AD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F08D9/0FD6AB52817111F09B10AE56C4F9AE02/K7fm9k6JPZEwSosliGA1DWdQVK0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/K7fm9k6JPZEwSosliGA1DWdQVK0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F08D9/0FD6AB52817111F09B10AE56C4F9AE02/K7fm9k6JPZEwSosliGA1DWdQVK0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:aa:9c:41:a2:6a:b8:51:1f:10:e9:d0:04:b5:50:b7:be:69: 91:95:84:75:db:dd:d8:07:28:9d:8d:da:1e:ce:08:4f:28:4d: c5:84:b2:b5:bf:21:77:f7:60:74:ca:c8:86:b4:d1:96:6e:6a: 86:23:8b:7d:08:85:23:23:14:16:7f:d8:99:15:85:02:6f:3c: d5:b7:f5:8f:81:6e:d6:dd:af:fd:48:e9:a4:68:15:7f:06:1f: 86:0a:4f:9a:1c:88:c6:dd:1c:7b:8f:0e:da:a5:63:e0:f6:ff: af:de:1a:88:0d:a0:da:04:1c:78:88:0e:b3:95:db:b5:6e:d6: 20:34:9e:a7:97:34:c1:1b:28:ba:3d:68:f5:22:31:c1:2a:35: 08:b6:bf:51:88:2a:d2:cb:76:50:74:89:89:b0:13:30:86:79: 7a:98:21:46:7d:09:9c:d7:07:a0:33:b3:14:e0:61:c1:f0:76: 77:fe:26:81:c4:2d:9b:ce:c0:da:36:32:64:42:ed:b8:bc:d1: 83:15:9e:bf:0a:2e:9b:11:d8:53:03:9d:83:97:b4:6c:35:c0: c4:77:a4:34:b7:65:99:2d:61:84:03:65:dc:6a:73:1c:00:8f: 8c:bf:46:64:0d:e0:48:b7:86:64:26:ad:4e:a7:78:03:70:79: 25:32:32:23 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MDhEOTExMC8GA1UEBRMoMkJCN0U2RjY0RTg5M0Q5MTMwNEE4QjI1ODg2MDM1MEQ2 NzUwNTRBRDAeFw0yNTEwMTkxMTIxMjdaFw0yNTEwMjYxMTIxMjdaMBgxFjAUBgNV BAMTDTY4ZjRjOWI3LTJhOTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDF9duKnhqz+68u68S3ydSUJiNZaXizjFwqotzgxjK4FGm1sbsYISdmWLExHM/8 Dii04bwmaVDyI3T8xKwlRI13otxyANekoX2iIlo8iZMcVOJzBpA1+Z1qE7xiv3HV lLpop6S3NfLA06jJfzGl8GsX5WLSeobl8DXJ14l2zzT9fwl3TGMgzgAcj/fqfWg2 6SEh3fYSzB8qtVewWp5FNOgGHyZ7gkNRboOgOxBTmy4/l3dmy542dA7OLjl8b76+ PcrYtJ2CE6oHVeYWX2z9YJH5gh8to97oHec1ZgHIJTzR8DGnQ94zBp8PJ5N0YceG NWKzk5Xu7whkcsi5qJIEYqY5AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUA8dFQema 1G6uY6fJWjKq4tNOzlQwHwYDVR0jBBgwFoAUK7fm9k6JPZEwSosliGA1DWdQVK0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYwOEQ5LzBGRDZBQjUyODE3 MTExRjA5QjEwQUU1NkM0RjlBRTAyL0s3Zm05azZKUFpFd1Nvc2xpR0ExRFdkUVZL MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSzdmbTlrNkpQWkV3U29zbGlHQTFEV2RRVkswLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYw OEQ5LzBGRDZBQjUyODE3MTExRjA5QjEwQUU1NkM0RjlBRTAyL0s3Zm05azZKUFpF d1Nvc2xpR0ExRFdkUVZLMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAA2qnEGiarhRHxDp0AS1ULe+aZGVhHXb3dgHKJ2N2h7OCE8oTcWEsrW/ IXf3YHTKyIa00ZZuaoYji30IhSMjFBZ/2JkVhQJvPNW39Y+Bbtbdr/1I6aRoFX8G H4YKT5ociMbdHHuPDtqlY+D2/6/eGogNoNoEHHiIDrOV27Vu1iA0nqeXNMEbKLo9 aPUiMcEqNQi2v1GIKtLLdlB0iYmwEzCGeXqYIUZ9CZzXB6AzsxTgYcHwdnf+JoHE LZvOwNo2MmRC7bi80YMVnr8KLpsR2FMDnYOXtGw1wMR3pDS3ZZktYYQDZdxqcxwA j4y/RmQN4Ei3hmQmrU6neANweSUyMiM= -----END CERTIFICATE-----Generated at Mon Oct 20 09:09:12 2025 by rpki-client