$ rpki-client -vvf rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft File: Z38M1kpd4sGwKO0APFaHS0j6LiE.mft (raw, json) Hash identifier: XxUOdI2E7lVozuiq0/TQ+YsxSrlY3oIJ8sYIlamGesA= Subject key identifier: 2B:D2:DD:82:49:9C:62:C5:8A:78:05:69:52:0D:3E:CE:08:77:E9:88 Authority key identifier: 67:7F:0C:D6:4A:5D:E2:C1:B0:28:ED:00:3C:56:87:4B:48:FA:2E:21 Certificate issuer: /CN=A91F17B3/serialNumber=677F0CD64A5DE2C1B028ED003C56874B48FA2E21 Certificate serial: 24 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft Manifest number: 23 Signing time: Sun 19 Oct 2025 11:18:16 +0000 Manifest this update: Sun 19 Oct 2025 11:18:15 +0000 Manifest next update: Sun 26 Oct 2025 11:18:15 +0000 Files and hashes: 1: Z38M1kpd4sGwKO0APFaHS0j6LiE.crl (hash: kXsYb7ZVZg6QSubY4nqGa2zV3WkBH709+yyyYMgk4I0=) 2: 2EEDB7A679CE11F08016A625C4F9AE02.roa (hash: gnlUy/hdSeTuVT/qFWeLTFknA13pkDcB1vk6uf4nfjI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.crl rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:18:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F17B3, serialNumber=677F0CD64A5DE2C1B028ED003C56874B48FA2E21 Validity Not Before: Oct 19 11:18:15 2025 GMT Not After : Oct 26 11:18:15 2025 GMT Subject: CN=68f4c8f8-81f7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e5:a4:3c:91:76:44:cb:0b:b3:52:87:85:9b: b8:ca:1f:c1:1c:fe:b1:30:11:59:49:0a:22:4d:ba: 61:c3:ad:dc:ed:c5:82:af:c9:f4:b1:46:95:66:62: db:5e:fd:2d:01:c0:31:e4:94:d4:b0:b0:93:16:c4: 74:7f:28:a5:eb:aa:4a:40:ea:27:10:92:23:85:03: 0a:a0:2d:ac:83:70:9a:92:8b:a8:d8:b1:f0:e9:71: 8b:46:1a:9d:98:ed:fb:dc:be:7b:ef:e9:cb:84:27: 05:34:4e:9a:22:50:40:2d:8f:73:ef:a1:88:0b:d9: 78:bc:26:6a:2c:d5:bc:b3:95:2c:7a:16:2d:d2:ba: f4:6f:fd:62:db:41:e2:8c:66:91:53:6f:a9:ed:27: cd:59:8c:91:7b:77:16:b2:82:12:e9:12:ad:ed:2c: 60:a0:ff:9b:0d:29:6d:1c:0c:db:96:b4:ea:2d:e3: 3d:09:3a:7a:13:49:56:9f:9b:11:ed:fa:b7:2a:9f: 6c:c2:5f:98:97:4e:11:d7:15:82:5d:52:1f:5a:49: 54:66:f0:d9:69:df:c7:0b:32:b9:85:7e:82:bc:f5: 8c:b5:4b:e7:ac:9c:ad:f1:c2:35:bb:2d:ab:08:7f: a6:37:4e:22:91:7d:38:79:be:2c:68:66:35:ed:b9: 7d:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2B:D2:DD:82:49:9C:62:C5:8A:78:05:69:52:0D:3E:CE:08:77:E9:88 X509v3 Authority Key Identifier: keyid:67:7F:0C:D6:4A:5D:E2:C1:B0:28:ED:00:3C:56:87:4B:48:FA:2E:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Z38M1kpd4sGwKO0APFaHS0j6LiE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F17B3/558C609879CD11F0A9B90321C4F9AE02/Z38M1kpd4sGwKO0APFaHS0j6LiE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:10:76:49:55:cd:cf:56:5b:54:d4:d1:e0:82:50:02:4e:40: d5:fc:83:d5:1e:bc:fd:5c:1b:c4:00:1c:66:90:f3:93:0e:d0: 8e:80:56:c2:fc:8e:02:6a:51:98:ca:63:ea:be:64:50:18:f4: e1:58:78:d3:72:cf:df:0b:78:00:f1:df:c1:ec:c0:18:00:92: 6e:55:c6:6f:a3:62:b6:d8:eb:17:00:ed:94:f4:28:d6:68:9d: 14:21:3e:ab:09:fa:cd:ae:a3:f3:20:3b:ed:8d:8d:62:64:da: a8:36:43:dc:f3:c8:32:49:12:04:69:9c:8b:4c:d0:d4:76:76: 20:a1:eb:74:d5:a5:a2:87:fa:57:ca:5c:2e:fe:e9:79:43:34: 56:77:34:ec:77:cc:2a:95:a3:2c:fe:00:23:b3:ab:d5:ca:88: 44:f4:40:9d:e7:ec:cc:86:4e:f4:58:4e:c3:c8:85:64:ba:ad: cb:d1:7f:e4:99:a7:5b:b6:3a:9c:a1:cc:22:91:a2:48:9d:b7: dd:70:e1:dd:dc:de:79:51:e0:ff:5b:06:5f:24:86:f8:b0:92: 67:a8:bc:24:4f:5a:3c:d2:a8:17:52:0f:81:de:0f:b8:a1:94: 06:7c:fd:47:a7:87:47:6c:03:89:1b:a5:3d:61:d0:ee:05:6c: 68:80:30:90 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFG MTdCMzExMC8GA1UEBRMoNjc3RjBDRDY0QTVERTJDMUIwMjhFRDAwM0M1Njg3NEI0 OEZBMkUyMTAeFw0yNTEwMTkxMTE4MTVaFw0yNTEwMjYxMTE4MTVaMBgxFjAUBgNV BAMTDTY4ZjRjOGY4LTgxZjcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDF5aQ8kXZEywuzUoeFm7jKH8Ec/rEwEVlJCiJNumHDrdztxYKvyfSxRpVmYtte /S0BwDHklNSwsJMWxHR/KKXrqkpA6icQkiOFAwqgLayDcJqSi6jYsfDpcYtGGp2Y 7fvcvnvv6cuEJwU0TpoiUEAtj3PvoYgL2Xi8Jmos1byzlSx6Fi3SuvRv/WLbQeKM ZpFTb6ntJ81ZjJF7dxayghLpEq3tLGCg/5sNKW0cDNuWtOot4z0JOnoTSVafmxHt +rcqn2zCX5iXThHXFYJdUh9aSVRm8Nlp38cLMrmFfoK89Yy1S+esnK3xwjW7LasI f6Y3TiKRfTh5vixoZjXtuX2jAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUK9Ldgkmc YsWKeAVpUg0+zgh36YgwHwYDVR0jBBgwFoAUZ38M1kpd4sGwKO0APFaHS0j6LiEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYxN0IzLzU1OEM2MDk4NzlD RDExRjBBOUI5MDMyMUM0RjlBRTAyL1ozOE0xa3BkNHNHd0tPMEFQRmFIUzBqNkxp RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvWjM4TTFrcGQ0c0d3S08wQVBGYUhTMGo2TGlFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUYx N0IzLzU1OEM2MDk4NzlDRDExRjBBOUI5MDMyMUM0RjlBRTAyL1ozOE0xa3BkNHNH d0tPMEFQRmFIUzBqNkxpRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEYQdklVzc9WW1TU0eCCUAJOQNX8g9UevP1cG8QAHGaQ85MO0I6AVsL8 jgJqUZjKY+q+ZFAY9OFYeNNyz98LeADx38HswBgAkm5Vxm+jYrbY6xcA7ZT0KNZo nRQhPqsJ+s2uo/MgO+2NjWJk2qg2Q9zzyDJJEgRpnItM0NR2diCh63TVpaKH+lfK XC7+6XlDNFZ3NOx3zCqVoyz+ACOzq9XKiET0QJ3n7MyGTvRYTsPIhWS6rcvRf+SZ p1u2OpyhzCKRokidt91w4d3c3nlR4P9bBl8khviwkmeovCRPWjzSqBdSD4HeD7ih lAZ8/Uenh0dsA4kbpT1h0O4FbGiAMJA= -----END CERTIFICATE-----Generated at Mon Oct 20 21:26:22 2025 by rpki-client