$ rpki-client -vvf rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft File: z3rG54U-SVgocAZDAHZYRlfgyVA.mft (raw, json) Hash identifier: 3apE5knrjvDzXAtl1SfJL9uSBfvrlxJv9OqIu/ApXRM= Subject key identifier: 21:69:45:A7:60:58:D5:B6:71:51:AD:CB:00:56:F9:71:7B:75:04:51 Authority key identifier: CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50 Certificate issuer: /CN=A91F916A/serialNumber=CF7AC6E7853E4958287006430076584657E0C950 Certificate serial: 24EC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft Manifest number: 24D2 Signing time: Sat 18 Oct 2025 16:00:34 +0000 Manifest this update: Sat 18 Oct 2025 16:00:34 +0000 Manifest next update: Sat 25 Oct 2025 16:00:34 +0000 Files and hashes: 1: z3rG54U-SVgocAZDAHZYRlfgyVA.crl (hash: iXjetKih22hE20h/cnRBI12JOy7B6OlCmGxJ2hyU650=) 2: 93957C3A25B211ECB5356475C4F9AE02.roa (hash: BdOiTbzqh5XSdUEde1pJSh9jcSbYou4UnLUcs5Z11Mw=) 3: 54040CE414F111F08814732CC4F9AE02.roa (hash: uhWwpX7EH4SHxyPNQgHJ8g+4j0iOnCO5ph2jjf0SUwo=) 4: 81C0C29CB0F311E5AB30F151C4F9AE02.roa (hash: OW7j0FFz0XfQbm3/I5GoSRUOzPWQeOb92johNE2e0dM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 16:00:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9452 (0x24ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F916A, serialNumber=CF7AC6E7853E4958287006430076584657E0C950 Validity Not Before: Oct 18 16:00:34 2025 GMT Not After : Oct 25 16:00:34 2025 GMT Subject: CN=68f3b9a2-0331 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:f7:0f:e3:01:b2:fc:f2:1f:0b:95:87:61:98: 35:5b:2c:f6:66:27:28:d9:2f:cc:c0:e9:5e:96:98: b6:a1:ca:7a:7e:7c:8c:13:39:8e:6f:bc:d0:ea:55: d2:81:5e:23:fe:2e:30:4d:90:91:03:93:ff:4a:a8: 72:f7:12:48:70:c7:62:bd:cf:98:95:83:dd:2c:c4: 2e:d7:2b:cb:ea:6f:ea:d5:34:9a:fe:59:25:02:67: 9a:1b:1f:5c:e3:67:45:b6:87:8c:eb:51:81:a4:a5: d0:b8:b1:dc:33:36:b9:3f:ca:3c:33:f9:0a:0c:b2: 7e:84:91:db:30:19:d0:8c:13:fe:bd:85:91:67:62: d0:d2:39:13:d3:36:ef:32:aa:80:e7:7a:e4:3a:e1: 5a:40:c7:2a:19:d0:53:69:ea:3f:8c:2d:95:17:ad: 2d:b7:bf:ef:e1:fc:6e:0d:5c:f4:9d:7d:64:d3:71: 38:7f:b2:3d:c8:e4:04:b2:63:f8:44:30:99:5a:f9: ae:3a:24:81:ba:18:0d:28:bd:c9:5a:7d:23:4c:59: b1:fc:56:cb:e4:6e:2e:d9:46:d9:a6:a6:d6:f4:f8: de:f7:a9:ea:5d:0e:04:b4:5a:58:bd:b6:48:31:33: 40:12:ab:cd:c5:00:4d:22:e4:cb:fd:c9:00:97:df: 93:2b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:69:45:A7:60:58:D5:B6:71:51:AD:CB:00:56:F9:71:7B:75:04:51 X509v3 Authority Key Identifier: keyid:CF:7A:C6:E7:85:3E:49:58:28:70:06:43:00:76:58:46:57:E0:C9:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z3rG54U-SVgocAZDAHZYRlfgyVA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F916A/1D7AD0BA458D11E5B3957A79C4F9AE02/z3rG54U-SVgocAZDAHZYRlfgyVA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:6e:b1:8e:ca:f8:50:bb:d4:15:b1:55:49:ca:af:f9:bd:1f: 7f:7f:dc:21:e8:c3:f0:f8:93:1e:c6:17:a5:b2:3e:fc:eb:2e: a1:b5:d7:89:b6:c1:7c:62:a7:91:3d:0d:18:67:75:25:64:91: af:a8:28:5d:72:85:b1:b0:b3:e1:32:a7:0d:49:1f:2d:95:1f: 63:2a:47:14:72:11:b8:60:c7:dd:5d:99:a0:74:66:66:40:03: 5b:b0:6f:49:33:d8:df:13:4c:c6:76:27:90:64:4d:e8:01:54: 28:cc:26:54:f1:9e:9b:73:66:61:36:9f:84:a3:c0:df:39:53: ae:1d:f1:d9:84:07:1f:b7:59:e2:f5:ea:e4:b5:71:eb:b1:35: d0:88:37:3f:c6:b6:72:6e:30:4c:28:3e:80:84:99:60:0e:4e: 67:d9:85:ff:bf:a8:6a:ed:d9:b6:c6:89:eb:68:d7:b1:c7:eb: 3c:f9:a7:cd:dc:05:63:38:4a:3d:bc:9f:55:ad:d9:a8:c6:97: a3:00:fa:de:58:05:a2:94:76:54:74:56:0c:6b:92:7f:83:75: 87:4d:cb:29:28:00:69:e3:c0:2e:09:5d:f9:94:e6:d9:c2:e6: 5d:8a:a7:2c:ae:95:6e:65:40:ce:2e:94:21:9f:14:91:c7:ea: 33:de:89:92 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJOwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxNkExMTAvBgNVBAUTKENGN0FDNkU3ODUzRTQ5NTgyODcwMDY0MzAwNzY1ODQ2 NTdFMEM5NTAwHhcNMjUxMDE4MTYwMDM0WhcNMjUxMDI1MTYwMDM0WjAYMRYwFAYD VQQDEw02OGYzYjlhMi0wMzMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqPcP4wGy/PIfC5WHYZg1Wyz2Zico2S/MwOlelpi2ocp6fnyMEzmOb7zQ6lXS gV4j/i4wTZCRA5P/Sqhy9xJIcMdivc+YlYPdLMQu1yvL6m/q1TSa/lklAmeaGx9c 42dFtoeM61GBpKXQuLHcMza5P8o8M/kKDLJ+hJHbMBnQjBP+vYWRZ2LQ0jkT0zbv MqqA53rkOuFaQMcqGdBTaeo/jC2VF60tt7/v4fxuDVz0nX1k03E4f7I9yOQEsmP4 RDCZWvmuOiSBuhgNKL3JWn0jTFmx/FbL5G4u2UbZpqbW9Pje96nqXQ4EtFpYvbZI MTNAEqvNxQBNIuTL/ckAl9+TKwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCFpRadg WNW2cVGtywBW+XF7dQRRMB8GA1UdIwQYMBaAFM96xueFPklYKHAGQwB2WEZX4MlQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTE2QS8xRDdBRDBCQTQ1 OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNWZ29jQVpEQUhaWVJsZmd5 VkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ozckc1NFUtU1Znb2NBWkRBSFpZUmxmZ3lWQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTE2QS8xRDdBRDBCQTQ1OEQxMUU1QjM5NTdBNzlDNEY5QUUwMi96M3JHNTRVLVNW Z29jQVpEQUhaWVJsZmd5VkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtbrGOyvhQu9QVsVVJyq/5vR9/f9wh6MPw+JMexhelsj786y6htdeJ tsF8YqeRPQ0YZ3UlZJGvqChdcoWxsLPhMqcNSR8tlR9jKkcUchG4YMfdXZmgdGZm QANbsG9JM9jfE0zGdieQZE3oAVQozCZU8Z6bc2ZhNp+Eo8DfOVOuHfHZhAcft1ni 9erktXHrsTXQiDc/xrZybjBMKD6AhJlgDk5n2YX/v6hq7dm2xonraNexx+s8+afN 3AVjOEo9vJ9VrdmoxpejAPreWAWilHZUdFYMa5J/g3WHTcspKABp48AuCV35lObZ wuZdiqcsrpVuZUDOLpQhnxSRx+oz3omS -----END CERTIFICATE-----Generated at Mon Oct 20 16:05:27 2025 by rpki-client