$ rpki-client -vvf rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.mft File: IfICJ1WdsfhjhJq2QyM8PpNXdqY.mft (raw, json) Hash identifier: 6UoKiaPiZlsOwnyDDi3wHQToAghk9xpSQPRa1q5+fv4= Subject key identifier: 4A:26:E1:98:35:34:AA:40:0C:5F:E8:47:79:EF:36:A0:A0:04:60:75 Authority key identifier: 21:F2:02:27:55:9D:B1:F8:63:84:9A:B6:43:23:3C:3E:93:57:76:A6 Certificate issuer: /CN=A91159B7/serialNumber=21F20227559DB1F863849AB643233C3E935776A6 Certificate serial: 0D5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IfICJ1WdsfhjhJq2QyM8PpNXdqY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.mft Manifest number: 0D4D Signing time: Tue 04 Nov 2025 18:06:43 +0000 Manifest this update: Tue 04 Nov 2025 18:06:42 +0000 Manifest next update: Tue 11 Nov 2025 18:06:42 +0000 Files and hashes: 1: IfICJ1WdsfhjhJq2QyM8PpNXdqY.crl (hash: 6JCmPKNGhg8PxCe6/tg5tENBSt1brsXtzmLZAT2LOxE=) 2: 7FC0801ED4EF11EC84AABC0CC4F9AE02.roa (hash: KmGf8Zvcyufmo51iUasTSRX2HWDW8cDhuB6ClqAH62g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.crl rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IfICJ1WdsfhjhJq2QyM8PpNXdqY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:06:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3418 (0xd5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91159B7, serialNumber=21F20227559DB1F863849AB643233C3E935776A6 Validity Not Before: Nov 4 18:06:42 2025 GMT Not After : Nov 11 18:06:42 2025 GMT Subject: CN=690a40b2-80fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:b1:a4:43:8c:30:5c:81:4b:0a:67:d9:55:71: e9:63:0b:1f:1c:a0:f6:a4:51:92:3b:bd:d0:5f:d0: f0:62:ac:bf:6f:03:a5:2f:93:81:ed:49:97:7b:f4: d3:e0:b3:57:ca:43:e9:54:12:d7:46:b2:23:da:93: be:55:ef:21:b2:f8:7e:09:d4:a7:5d:d9:6b:aa:38: 8c:97:ef:51:6a:84:8a:21:81:6e:71:5c:0f:b5:e9: ed:09:7a:80:13:64:29:c6:45:ad:bc:ca:40:10:fc: 33:be:1a:ff:03:52:b3:5e:ad:c4:c3:68:d9:96:2d: 80:42:0a:f6:04:11:f3:e3:cf:f5:a9:c3:39:68:d8: 51:26:d6:c2:b9:bc:64:f1:39:40:10:a6:29:76:36: 8f:6e:9b:74:34:bd:36:bc:6d:72:d9:da:fb:d5:52: 3f:52:67:7d:6f:53:8f:40:f3:d2:20:c7:91:d0:d6: 78:72:8f:fa:90:ad:bb:80:31:61:47:1c:f2:62:7f: b8:c7:4d:4e:be:12:be:48:a7:c5:6a:9b:84:13:50: 86:82:79:d1:f2:88:c6:3f:8f:ec:e4:74:8d:33:b1: ec:76:11:31:c2:e0:7b:9f:23:be:0e:4e:00:ed:f5: f1:33:14:7d:d4:25:3a:18:5b:79:0c:53:da:ce:99: db:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:26:E1:98:35:34:AA:40:0C:5F:E8:47:79:EF:36:A0:A0:04:60:75 X509v3 Authority Key Identifier: keyid:21:F2:02:27:55:9D:B1:F8:63:84:9A:B6:43:23:3C:3E:93:57:76:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IfICJ1WdsfhjhJq2QyM8PpNXdqY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91159B7/A4EC53F6E2B011E99ABB8151C4F9AE02/IfICJ1WdsfhjhJq2QyM8PpNXdqY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:a3:06:5c:69:fa:6e:74:e7:18:58:6c:11:24:1c:5c:ae:f1: 05:82:2f:65:94:37:c8:37:ad:2b:13:74:3b:54:84:76:c0:1c: 59:15:dd:3b:a0:55:5e:b2:e7:9f:1a:0d:09:3e:4b:92:68:2c: f9:13:0d:7e:e9:66:80:98:24:94:cd:4f:b8:07:f9:8e:c1:52: 62:dd:4d:bc:be:9a:7b:e6:d7:73:db:47:d0:43:d8:18:4b:d4: 5d:5c:ad:ed:38:ed:04:28:bd:95:96:09:c4:bd:40:65:a3:0c: b1:e8:d6:99:f6:bb:2b:6e:90:9e:9b:d1:d4:54:98:1d:c4:96: d0:ff:34:44:f9:80:5d:b4:f8:ce:de:61:c7:32:a6:59:02:11: a3:42:97:b5:65:a1:ca:31:cf:dd:2b:cc:34:0b:e3:92:d5:20: 23:98:5c:0d:b8:9b:96:2b:e6:79:b0:ad:aa:c1:41:02:ac:d3: 42:d8:d3:47:68:7e:c1:63:b4:db:b5:7c:a4:4c:dc:1c:30:f9: 7a:61:8d:71:24:36:51:fe:d8:1e:58:6c:95:b0:80:ed:cf:3a: 23:9a:0e:93:ab:87:ef:22:69:87:ed:9c:8c:43:04:d9:04:7a: 2e:99:08:d5:b8:5a:b2:e6:c8:db:93:3c:e2:40:d0:27:fc:33: b0:0c:f8:5c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDVowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTU5QjcxMTAvBgNVBAUTKDIxRjIwMjI3NTU5REIxRjg2Mzg0OUFCNjQzMjMzQzNF OTM1Nzc2QTYwHhcNMjUxMTA0MTgwNjQyWhcNMjUxMTExMTgwNjQyWjAYMRYwFAYD VQQDEw02OTBhNDBiMi04MGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq7GkQ4wwXIFLCmfZVXHpYwsfHKD2pFGSO73QX9DwYqy/bwOlL5OB7UmXe/TT 4LNXykPpVBLXRrIj2pO+Ve8hsvh+CdSnXdlrqjiMl+9RaoSKIYFucVwPtentCXqA E2QpxkWtvMpAEPwzvhr/A1KzXq3Ew2jZli2AQgr2BBHz48/1qcM5aNhRJtbCubxk 8TlAEKYpdjaPbpt0NL02vG1y2dr71VI/Umd9b1OPQPPSIMeR0NZ4co/6kK27gDFh RxzyYn+4x01OvhK+SKfFapuEE1CGgnnR8ojGP4/s5HSNM7HsdhExwuB7nyO+Dk4A 7fXxMxR91CU6GFt5DFPazpnb2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEom4Zg1 NKpADF/oR3nvNqCgBGB1MB8GA1UdIwQYMBaAFCHyAidVnbH4Y4SatkMjPD6TV3am MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExNTlCNy9BNEVDNTNGNkUy QjAxMUU5OUFCQjgxNTFDNEY5QUUwMi9JZklDSjFXZHNmaGpoSnEyUXlNOFBwTlhk cVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lmSUNKMVdkc2ZoamhKcTJReU04UHBOWGRxWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx NTlCNy9BNEVDNTNGNkUyQjAxMUU5OUFCQjgxNTFDNEY5QUUwMi9JZklDSjFXZHNm aGpoSnEyUXlNOFBwTlhkcVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZowZcafpudOcYWGwRJBxcrvEFgi9llDfIN60rE3Q7VIR2wBxZFd07 oFVesuefGg0JPkuSaCz5Ew1+6WaAmCSUzU+4B/mOwVJi3U28vpp75tdz20fQQ9gY S9RdXK3tOO0EKL2VlgnEvUBlowyx6NaZ9rsrbpCem9HUVJgdxJbQ/zRE+YBdtPjO 3mHHMqZZAhGjQpe1ZaHKMc/dK8w0C+OS1SAjmFwNuJuWK+Z5sK2qwUECrNNC2NNH aH7BY7TbtXykTNwcMPl6YY1xJDZR/tgeWGyVsIDtzzojmg6Tq4fvImmH7ZyMQwTZ BHoumQjVuFqy5sjbkzziQNAn/DOwDPhc -----END CERTIFICATE-----Generated at Wed Nov 5 19:48:01 2025 by rpki-client