$ rpki-client -vvf rpki.apnic.net/member_repository/A91FAFBA/D4420E90C1F511EBAB77977BC4F9AE02/o93avj1GtEgCYdq75SmgZrYgXYs.mft File: o93avj1GtEgCYdq75SmgZrYgXYs.mft (raw, json) Hash identifier: LfkAvIy/DT0dgAyxZ7cVWN9Ej/n/njuh/7KPof9VY7w= Subject key identifier: 0A:71:B1:B0:8C:AF:78:4E:B2:F5:C2:A4:25:EE:26:DC:16:D4:24:B2 Authority key identifier: A3:DD:DA:BE:3D:46:B4:48:02:61:DA:BB:E5:29:A0:66:B6:20:5D:8B Certificate issuer: /CN=A91FAFBA/serialNumber=A3DDDABE3D46B4480261DABBE529A066B6205D8B Certificate serial: 060F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o93avj1GtEgCYdq75SmgZrYgXYs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FAFBA/D4420E90C1F511EBAB77977BC4F9AE02/o93avj1GtEgCYdq75SmgZrYgXYs.mft Manifest number: 060A Signing time: Sun 19 Oct 2025 00:29:11 +0000 Manifest this update: Sun 19 Oct 2025 00:29:10 +0000 Manifest next update: Sun 26 Oct 2025 00:29:10 +0000 Files and hashes: 1: o93avj1GtEgCYdq75SmgZrYgXYs.crl (hash: GPPEOtVEzQkGZGRK0EDU3cfQWjonWOG2XRO/bQ54g3M=) 2: 416E569CC1F911EB91796381C4F9AE02.roa (hash: KmV3A66uHX2ovCCHWTgN+6Kx1zjXxXnhW11qwJ7+Kek=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FAFBA/D4420E90C1F511EBAB77977BC4F9AE02/o93avj1GtEgCYdq75SmgZrYgXYs.crl rsync://rpki.apnic.net/member_repository/A91FAFBA/D4420E90C1F511EBAB77977BC4F9AE02/o93avj1GtEgCYdq75SmgZrYgXYs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o93avj1GtEgCYdq75SmgZrYgXYs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 00:29:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1551 (0x60f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FAFBA, serialNumber=A3DDDABE3D46B4480261DABBE529A066B6205D8B Validity Not Before: Oct 19 00:29:10 2025 GMT Not After : Oct 26 00:29:10 2025 GMT Subject: CN=68f430d7-ae29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:34:bc:1b:d5:27:e8:b0:67:b6:f6:33:9b:cf: 76:26:df:9a:3b:d6:70:a1:81:11:c1:26:ed:f1:e4: 22:f3:89:4a:6d:78:e8:f8:31:99:87:41:46:dc:5a: 58:35:ac:6d:a7:a8:0f:e5:43:09:e0:65:31:4d:5b: c9:c1:3c:4a:3d:c9:59:96:bc:b7:ab:1b:b1:9f:e8: 2d:84:28:a4:0b:74:3e:04:aa:71:e5:1e:19:a4:24: f7:ff:d1:18:00:a4:1b:34:fe:4e:72:86:fa:3e:44: 5b:90:0b:50:98:2b:78:20:f9:97:e3:f3:d8:2d:28: 9f:0a:20:38:37:d6:5b:ff:83:b1:6f:57:26:5e:bf: 23:27:6c:73:d7:aa:a8:83:07:dd:aa:3c:f7:fe:a9: cd:5f:f2:9e:f9:f2:20:18:d2:04:f6:33:fa:3d:68: 71:ae:31:f6:de:38:43:7d:df:0c:49:76:55:55:6b: dc:1b:b4:13:b6:44:f9:93:43:ed:2c:e4:fe:c8:04: 95:ae:d1:a4:52:05:cc:41:79:e9:8a:77:fb:a9:c9: 54:bc:a4:e9:af:ec:a9:6a:ff:73:4a:fa:af:32:17: 0c:bf:fa:37:81:cd:76:01:07:60:ad:a5:32:97:23: e2:75:ee:90:db:cb:27:3d:d5:0d:1f:0e:97:fa:cc: a9:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:71:B1:B0:8C:AF:78:4E:B2:F5:C2:A4:25:EE:26:DC:16:D4:24:B2 X509v3 Authority Key Identifier: keyid:A3:DD:DA:BE:3D:46:B4:48:02:61:DA:BB:E5:29:A0:66:B6:20:5D:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FAFBA/D4420E90C1F511EBAB77977BC4F9AE02/o93avj1GtEgCYdq75SmgZrYgXYs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/o93avj1GtEgCYdq75SmgZrYgXYs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FAFBA/D4420E90C1F511EBAB77977BC4F9AE02/o93avj1GtEgCYdq75SmgZrYgXYs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:35:c8:28:42:5a:2d:32:0e:82:c5:93:be:51:79:89:e0:29: a1:ed:56:9a:c9:30:99:fd:93:e5:7b:f7:9d:f6:38:34:af:b1: e3:85:59:a8:24:89:23:a3:a2:9b:0b:67:85:8c:56:48:06:7b: 5b:28:cf:ef:9b:fc:46:27:5f:83:1b:e0:a5:96:62:50:45:cf: 60:27:c0:23:f7:f5:2d:56:08:0b:e3:5d:bc:04:cc:d6:45:25: 88:66:a7:2e:44:2b:88:f3:b3:d8:f4:74:db:9e:35:aa:df:b9: da:c8:37:67:70:db:8f:48:b4:5a:2a:c0:65:34:35:04:f4:02: 8e:42:d2:6b:f0:c0:e7:b3:d8:d0:4f:b4:6f:59:bb:49:85:70: e8:f2:ab:2f:0c:32:f8:8a:38:98:bb:c6:ad:3d:9b:90:e6:f6: 92:f7:ec:8d:e2:19:56:07:db:7d:6c:86:81:3b:56:c0:c5:3f: df:3c:a9:e1:69:af:4e:1a:eb:73:af:fa:25:fa:89:d4:34:c4: 60:a8:da:1e:ce:fc:b0:96:a3:8d:a9:ce:58:87:c6:67:ec:ad: 64:c9:ed:42:1a:f7:ad:cf:a2:7d:5b:96:85:c9:6b:74:36:d9: 9e:59:3b:3f:7f:72:8f:2a:22:9e:de:86:ea:da:10:bd:ba:3e: 3f:3f:28:42 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBg8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkFGQkExMTAvBgNVBAUTKEEzREREQUJFM0Q0NkI0NDgwMjYxREFCQkU1MjlBMDY2 QjYyMDVEOEIwHhcNMjUxMDE5MDAyOTEwWhcNMjUxMDI2MDAyOTEwWjAYMRYwFAYD VQQDEw02OGY0MzBkNy1hZTI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2zS8G9Un6LBntvYzm892Jt+aO9ZwoYERwSbt8eQi84lKbXjo+DGZh0FG3FpY Naxtp6gP5UMJ4GUxTVvJwTxKPclZlry3qxuxn+gthCikC3Q+BKpx5R4ZpCT3/9EY AKQbNP5Ocob6PkRbkAtQmCt4IPmX4/PYLSifCiA4N9Zb/4Oxb1cmXr8jJ2xz16qo gwfdqjz3/qnNX/Ke+fIgGNIE9jP6PWhxrjH23jhDfd8MSXZVVWvcG7QTtkT5k0Pt LOT+yASVrtGkUgXMQXnpinf7qclUvKTpr+ypav9zSvqvMhcMv/o3gc12AQdgraUy lyPide6Q28snPdUNHw6X+sypwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFApxsbCM r3hOsvXCpCXuJtwW1CSyMB8GA1UdIwQYMBaAFKPd2r49RrRIAmHau+UpoGa2IF2L MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQUZCQS9ENDQyMEU5MEMx RjUxMUVCQUI3Nzk3N0JDNEY5QUUwMi9vOTNhdmoxR3RFZ0NZZHE3NVNtZ1pyWWdY WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL285M2F2ajFHdEVnQ1lkcTc1U21nWnJZZ1hZcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QUZCQS9ENDQyMEU5MEMxRjUxMUVCQUI3Nzk3N0JDNEY5QUUwMi9vOTNhdmoxR3RF Z0NZZHE3NVNtZ1pyWWdYWXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjNcgoQlotMg6CxZO+UXmJ4Cmh7VaayTCZ/ZPle/ed9jg0r7HjhVmo JIkjo6KbC2eFjFZIBntbKM/vm/xGJ1+DG+CllmJQRc9gJ8Aj9/UtVggL4128BMzW RSWIZqcuRCuI87PY9HTbnjWq37nayDdncNuPSLRaKsBlNDUE9AKOQtJr8MDns9jQ T7RvWbtJhXDo8qsvDDL4ijiYu8atPZuQ5vaS9+yN4hlWB9t9bIaBO1bAxT/fPKnh aa9OGutzr/ol+onUNMRgqNoezvywlqONqc5Yh8Zn7K1kye1CGvetz6J9W5aFyWt0 NtmeWTs/f3KPKiKe3obq2hC9uj4/PyhC -----END CERTIFICATE-----Generated at Mon Oct 20 10:16:53 2025 by rpki-client