$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5AAA/8B2824529FF711E2AD9CEDEE2F5A7754/8YaDAEWuVIbpCXNDfanSB6VmhpE.mft File: 8YaDAEWuVIbpCXNDfanSB6VmhpE.mft (raw, json) Hash identifier: jTAZ3zDctDD7uYHG1E3QYo/vz/YaqzOXPsmzC5iCngU= Subject key identifier: 8B:28:3B:48:7B:43:0D:B1:50:D3:63:90:40:54:ED:5A:62:71:86:C0 Authority key identifier: F1:86:83:00:45:AE:54:86:E9:09:73:43:7D:A9:D2:07:A5:66:86:91 Certificate issuer: /CN=A91F5AAA/serialNumber=F186830045AE5486E90973437DA9D207A5668691 Certificate serial: 3233 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8YaDAEWuVIbpCXNDfanSB6VmhpE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5AAA/8B2824529FF711E2AD9CEDEE2F5A7754/8YaDAEWuVIbpCXNDfanSB6VmhpE.mft Manifest number: 3233 Signing time: Sat 18 Oct 2025 15:36:00 +0000 Manifest this update: Sat 18 Oct 2025 15:35:59 +0000 Manifest next update: Sat 25 Oct 2025 15:35:59 +0000 Files and hashes: 1: 8YaDAEWuVIbpCXNDfanSB6VmhpE.crl (hash: GVwLkbTjlujbepSIh44k1E+GL38Lcx87FH+TziNJA6I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5AAA/8B2824529FF711E2AD9CEDEE2F5A7754/8YaDAEWuVIbpCXNDfanSB6VmhpE.crl rsync://rpki.apnic.net/member_repository/A91F5AAA/8B2824529FF711E2AD9CEDEE2F5A7754/8YaDAEWuVIbpCXNDfanSB6VmhpE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8YaDAEWuVIbpCXNDfanSB6VmhpE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:35:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12851 (0x3233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5AAA, serialNumber=F186830045AE5486E90973437DA9D207A5668691 Validity Not Before: Oct 18 15:35:59 2025 GMT Not After : Oct 25 15:35:59 2025 GMT Subject: CN=68f3b3e0-2fbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:6e:87:d5:46:c5:ae:52:ab:08:e3:ae:d1:d2: 9a:c3:8b:f4:66:1f:bb:4f:c1:e6:b7:59:15:81:d9: 0f:c9:44:f5:30:80:31:22:f4:6f:48:ca:e5:27:f1: 16:ec:1d:d9:8e:bd:3d:a8:53:ee:d1:42:c7:89:ef: 3b:b9:64:72:8a:01:63:e9:86:5d:ff:86:79:45:61: 04:14:34:12:0a:48:b6:13:8e:8f:02:92:10:4f:16: 2e:bb:a4:3c:b3:84:91:a3:ac:60:db:19:6f:b5:99: 6e:52:0b:cb:eb:95:87:42:79:da:be:e3:d6:48:be: e2:eb:eb:bd:f4:61:b8:c3:bf:28:e3:d1:4f:3f:31: 4c:7b:e4:72:61:61:16:a2:85:a9:7a:12:28:15:38: 2d:d7:df:8d:76:bb:1f:c4:1f:69:d1:66:e9:4e:99: 66:51:a0:72:53:7a:5e:be:1c:2c:b4:40:05:51:a5: 04:d1:13:d0:f7:0c:c4:f9:6a:4f:7f:80:28:ab:67: ec:8e:de:89:f7:81:f1:6f:ed:0f:df:82:e5:16:86: 16:c2:c5:41:2f:bb:4b:1a:ea:b6:e5:f0:de:ca:f6: 4a:07:b7:ba:76:a3:0a:98:25:f6:09:7d:45:14:1d: ba:1a:2c:d1:b6:66:da:f5:0f:8a:54:6b:6f:e0:67: 0c:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:28:3B:48:7B:43:0D:B1:50:D3:63:90:40:54:ED:5A:62:71:86:C0 X509v3 Authority Key Identifier: keyid:F1:86:83:00:45:AE:54:86:E9:09:73:43:7D:A9:D2:07:A5:66:86:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5AAA/8B2824529FF711E2AD9CEDEE2F5A7754/8YaDAEWuVIbpCXNDfanSB6VmhpE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8YaDAEWuVIbpCXNDfanSB6VmhpE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5AAA/8B2824529FF711E2AD9CEDEE2F5A7754/8YaDAEWuVIbpCXNDfanSB6VmhpE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:73:db:13:d1:64:e8:3c:ed:8c:3d:b9:06:33:79:b2:c2:77: f8:43:f0:ef:c1:60:35:b5:91:7e:29:f5:14:38:c2:4e:96:71: 53:f9:24:b5:e7:14:70:2b:a6:a4:57:8a:88:84:53:8b:4f:95: 73:52:68:79:d7:f9:78:1e:ac:7a:4b:2c:1f:31:ff:53:0c:bc: d2:3e:32:fb:5c:42:2f:11:28:44:fe:34:7a:c8:ff:54:bb:aa: 3b:bf:78:37:3b:84:36:a1:1e:8e:f0:c8:71:66:7f:c5:ad:7c: 8b:80:3b:2a:54:78:8a:f1:a9:16:f5:6f:22:bd:9f:3f:b3:9a: 0f:a3:b2:c8:08:7f:a0:f3:94:51:72:08:d3:d1:12:a9:9a:87: 2a:10:c4:a4:ca:3b:4a:97:83:4d:be:e7:13:6e:36:78:f7:99: 59:5a:dc:d4:ce:c1:6a:5a:4d:04:67:6b:b9:e6:5a:c1:3b:fd: ad:33:04:0c:82:bf:0c:9a:3d:6b:03:d0:a7:76:00:79:48:27: 76:14:cc:b5:c4:ec:f6:f8:5f:58:43:76:60:70:6d:53:90:a1: 15:78:dc:e7:7e:49:d0:cf:34:47:79:84:27:53:4c:b9:d6:4c: ab:99:95:02:56:49:fd:97:85:b7:f3:4f:12:77:21:f3:15:02: c6:a0:81:21 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjVBQUExMTAvBgNVBAUTKEYxODY4MzAwNDVBRTU0ODZFOTA5NzM0MzdEQTlEMjA3 QTU2Njg2OTEwHhcNMjUxMDE4MTUzNTU5WhcNMjUxMDI1MTUzNTU5WjAYMRYwFAYD VQQDEw02OGYzYjNlMC0yZmJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvm6H1UbFrlKrCOOu0dKaw4v0Zh+7T8Hmt1kVgdkPyUT1MIAxIvRvSMrlJ/EW 7B3Zjr09qFPu0ULHie87uWRyigFj6YZd/4Z5RWEEFDQSCki2E46PApIQTxYuu6Q8 s4SRo6xg2xlvtZluUgvL65WHQnnavuPWSL7i6+u99GG4w78o49FPPzFMe+RyYWEW ooWpehIoFTgt19+NdrsfxB9p0WbpTplmUaByU3pevhwstEAFUaUE0RPQ9wzE+WpP f4Aoq2fsjt6J94Hxb+0P34LlFoYWwsVBL7tLGuq25fDeyvZKB7e6dqMKmCX2CX1F FB26GizRtmba9Q+KVGtv4GcMjwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIsoO0h7 Qw2xUNNjkEBU7VpicYbAMB8GA1UdIwQYMBaAFPGGgwBFrlSG6QlzQ32p0gelZoaR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNUFBQS84QjI4MjQ1MjlG RjcxMUUyQUQ5Q0VERUUyRjVBNzc1NC84WWFEQUVXdVZJYnBDWE5EZmFuU0I2Vm1o cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhZYURBRVd1VklicENYTkRmYW5TQjZWbWhwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NUFBQS84QjI4MjQ1MjlGRjcxMUUyQUQ5Q0VERUUyRjVBNzc1NC84WWFEQUVXdVZJ YnBDWE5EZmFuU0I2Vm1ocEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcc9sT0WToPO2MPbkGM3mywnf4Q/DvwWA1tZF+KfUUOMJOlnFT+SS1 5xRwK6akV4qIhFOLT5VzUmh51/l4Hqx6SywfMf9TDLzSPjL7XEIvEShE/jR6yP9U u6o7v3g3O4Q2oR6O8MhxZn/FrXyLgDsqVHiK8akW9W8ivZ8/s5oPo7LICH+g85RR cgjT0RKpmocqEMSkyjtKl4NNvucTbjZ495lZWtzUzsFqWk0EZ2u55lrBO/2tMwQM gr8Mmj1rA9CndgB5SCd2FMy1xOz2+F9YQ3ZgcG1TkKEVeNznfknQzzRHeYQnU0y5 1kyrmZUCVkn9l4W3808SdyHzFQLGoIEh -----END CERTIFICATE-----Generated at Mon Oct 20 09:36:45 2025 by rpki-client