$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: knmvYESbs9tVW67+bVqeja1Nk3J7avc+saJAFl3kHpY= Subject key identifier: 7C:C9:F8:4E:7C:2C:7B:4B:39:9B:F0:42:04:AC:71:6D:78:50:F1:73 Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CD8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0CD2 Signing time: Mon 20 Oct 2025 18:43:39 +0000 Manifest this update: Mon 20 Oct 2025 18:43:38 +0000 Manifest next update: Mon 27 Oct 2025 18:43:38 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: XhRcLUdAcsB9JlZiZTBedDldL06gdYYJxXuNX6vWVpo=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:43:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3288 (0xcd8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Oct 20 18:43:38 2025 GMT Not After : Oct 27 18:43:38 2025 GMT Subject: CN=68f682da-ae84 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:d8:5a:6c:ee:dd:68:e4:10:3d:88:1d:23:9b: 42:fc:e4:0c:b2:e2:ff:ac:56:83:26:d3:0a:61:a6: c4:92:f8:0d:3b:72:5e:de:ed:13:2c:ea:26:f8:05: 56:d3:4d:5e:30:66:55:b5:fd:54:27:73:65:55:f6: cb:4a:c5:fe:68:8c:44:33:99:7f:5c:12:8c:6c:a5: 98:d0:e6:0f:38:93:86:a8:50:76:1d:ec:f6:be:50: b1:ab:d4:87:e3:30:11:88:9a:7e:ba:5d:18:69:69: 34:79:80:78:d5:90:a6:0c:29:01:8b:ea:31:b4:36: 31:e8:44:5d:11:06:1c:95:57:5c:1a:dc:cd:4c:f3: 61:ee:f4:66:63:cd:25:72:ed:b8:a8:cb:36:9c:95: 68:ce:5a:e5:2f:bd:c7:f1:b8:b0:6e:bd:9e:11:a5: 3d:f7:86:e6:f6:32:6e:31:3e:0f:ba:0a:0c:09:12: dc:5e:da:91:52:e9:20:7f:c0:f7:b6:e2:fd:60:8c: ea:8c:94:51:ba:75:44:02:c7:a5:e5:b3:7f:d9:cf: ef:4d:05:de:3c:c3:a5:47:c7:fa:db:03:2f:7c:66: a8:c8:44:5d:d8:21:96:45:48:3d:e7:bc:60:86:34: 6a:53:98:dc:19:09:7d:0d:52:b1:44:04:a4:b2:2c: 67:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:C9:F8:4E:7C:2C:7B:4B:39:9B:F0:42:04:AC:71:6D:78:50:F1:73 X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:ed:d8:28:58:73:77:f1:b3:8c:40:2d:54:01:eb:55:01:46: ce:a1:2f:61:bf:5c:c6:ee:13:33:be:ef:1b:02:37:f0:56:d8: ad:eb:46:b2:df:55:5e:bb:e7:65:30:54:01:08:91:8d:07:bc: 8e:16:df:52:2b:b3:1a:7e:59:86:aa:b7:db:5c:58:14:49:7d: 76:22:e8:8c:33:79:f5:ab:19:c5:af:5d:d7:e6:eb:88:26:36: 5e:72:9a:91:d5:ec:b3:62:fa:04:47:66:8d:00:9b:04:06:8e: 9a:08:e3:44:a7:7e:9d:ac:2c:42:09:88:b6:7f:38:b2:e5:6f: a0:83:12:58:d0:72:2c:36:d2:0b:cc:9c:06:7c:58:d5:4d:ca: 43:11:7c:dc:be:c9:1a:71:7f:97:2b:7c:6d:07:7c:ba:e8:73: 28:41:b6:fe:91:16:f2:ee:b7:83:10:82:14:bd:90:b5:4e:3a: e7:df:0d:39:69:94:11:95:77:af:d2:f1:39:25:2b:b6:4e:d0: f0:a7:9f:68:01:94:36:5c:7f:82:da:47:cd:90:0c:3f:3c:da: 43:99:93:3b:50:65:e2:00:97:3c:bf:aa:cb:64:c3:3a:3d:48: c0:54:6b:60:52:d8:15:ad:23:da:93:96:b3:a6:25:97:bb:11: a4:49:78:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUxMDIwMTg0MzM4WhcNMjUxMDI3MTg0MzM4WjAYMRYwFAYD VQQDEw02OGY2ODJkYS1hZTg0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuthabO7daOQQPYgdI5tC/OQMsuL/rFaDJtMKYabEkvgNO3Je3u0TLOom+AVW 001eMGZVtf1UJ3NlVfbLSsX+aIxEM5l/XBKMbKWY0OYPOJOGqFB2Hez2vlCxq9SH 4zARiJp+ul0YaWk0eYB41ZCmDCkBi+oxtDYx6ERdEQYclVdcGtzNTPNh7vRmY80l cu24qMs2nJVozlrlL73H8biwbr2eEaU994bm9jJuMT4PugoMCRLcXtqRUukgf8D3 tuL9YIzqjJRRunVEAsel5bN/2c/vTQXePMOlR8f62wMvfGaoyERd2CGWRUg957xg hjRqU5jcGQl9DVKxRASksixnbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHzJ+E58 LHtLOZvwQgSscW14UPFzMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAe7dgoWHN38bOMQC1UAetVAUbOoS9hv1zG7hMzvu8bAjfwVtit60ay 31Veu+dlMFQBCJGNB7yOFt9SK7MaflmGqrfbXFgUSX12IuiMM3n1qxnFr13X5uuI JjZecpqR1eyzYvoER2aNAJsEBo6aCONEp36drCxCCYi2fziy5W+ggxJY0HIsNtIL zJwGfFjVTcpDEXzcvskacX+XK3xtB3y66HMoQbb+kRby7reDEIIUvZC1Tjrn3w05 aZQRlXev0vE5JSu2TtDwp59oAZQ2XH+C2kfNkAw/PNpDmZM7UGXiAJc8v6rLZMM6 PUjAVGtgUtgVrSPak5azpiWXuxGkSXh8 -----END CERTIFICATE-----Generated at Mon Oct 20 22:21:35 2025 by rpki-client