$ rpki-client -vvf rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft File: Lz71uQE3FOMXTGcArgSCTi8FwjA.mft (raw, json) Hash identifier: feIxBoRBFW4cgHE6dJ2K63l0sTjktVaXXTebhCy3LUA= Subject key identifier: 98:43:9E:D7:73:B4:2E:CA:80:37:E6:53:A1:F3:60:98:7D:18:36:5E Authority key identifier: 2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 Certificate issuer: /CN=A91346B1/serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Certificate serial: 0389 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft Manifest number: 0367 Signing time: Wed 05 Nov 2025 01:01:24 +0000 Manifest this update: Wed 05 Nov 2025 01:01:23 +0000 Manifest next update: Wed 12 Nov 2025 01:01:23 +0000 Files and hashes: 1: Lz71uQE3FOMXTGcArgSCTi8FwjA.crl (hash: h8QkWsbmlDDdAYhPxd6vyW0hMyAUX8AFJ7jRVwsFHGQ=) 2: 19E46D60D0F711EC8673072FC4F9AE02.roa (hash: eS0SkthbbyWxVM1PH+Y2UO1xSi4Vr2C2N13i593TCX4=) 3: 69C96612D0F411EC8DAD6D11C4F9AE02.roa (hash: ugSG0jqem3rs4xTGOWUqAAlzlasFYzS5jXjJfZyh3NM=) 4: 196C52A8D0F711EC8673072FC4F9AE02.roa (hash: 1zywqVEPzRbdKjUH9lfurYX548Q8woU0JCmn0L04HiU=) 5: 6A430D5AD0F411EC8DAD6D11C4F9AE02.roa (hash: QV4TEx4o0H+S1ztXPsRaHI/PqCLYaPoZZrkBgaPymwI=) 6: 1BC3E9F8D0F711EC8673072FC4F9AE02.roa (hash: uEFMEysaJCpfT6acgeEaH657dOYiucYQFMSducsR5+M=) 7: 6920E4D8D0F411EC8DAD6D11C4F9AE02.roa (hash: RP0USEP4cmm5/rPyavYfSImz5bM19LFBMACm4cna7sk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:01:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 905 (0x389) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91346B1, serialNumber=2F3EF5B9013714E3174C6700AE04824E2F05C230 Validity Not Before: Nov 5 01:01:23 2025 GMT Not After : Nov 12 01:01:23 2025 GMT Subject: CN=690aa1e4-33bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:26:c0:a4:1c:d2:3e:95:16:04:3e:af:31:0b: 15:7f:62:81:d5:28:36:38:57:a2:04:21:30:65:1e: 9b:0f:95:64:ee:e8:7e:44:ca:8e:18:a4:a5:ca:45: d1:20:6d:ca:79:12:da:50:03:d9:d9:64:eb:96:be: 20:4c:17:f1:62:bb:5e:d9:96:4f:03:56:f3:72:3f: 44:91:d1:90:f3:ec:73:4f:8c:10:d5:41:58:69:c1: 3e:fd:01:22:26:69:dc:f4:24:dc:fc:55:4f:83:cb: c3:da:8b:8b:17:ab:2e:91:69:02:45:8b:29:ac:ed: 53:c1:ed:b5:4e:69:dd:b3:6d:ff:54:80:c2:fe:d8: 56:d6:36:5b:55:32:fd:de:a6:28:0b:45:7d:d2:af: c4:51:2f:c1:cf:b2:97:ab:20:90:8e:f4:68:63:0f: f9:4b:aa:1d:6f:60:79:d1:b0:6b:74:44:ab:f1:7a: 25:ac:c3:54:e0:76:13:19:92:bc:54:35:b5:2f:68: 83:fe:4e:2e:68:8c:51:86:01:b0:9e:63:68:4c:3c: 59:c3:d2:a4:6a:31:0b:62:e5:f4:9f:1e:ef:1d:19: 34:58:48:8c:d1:b4:9a:8d:75:f6:aa:dc:25:4b:0a: a3:92:c5:8b:5a:ff:74:08:71:4a:d6:a6:d7:3d:c0: 0f:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 98:43:9E:D7:73:B4:2E:CA:80:37:E6:53:A1:F3:60:98:7D:18:36:5E X509v3 Authority Key Identifier: keyid:2F:3E:F5:B9:01:37:14:E3:17:4C:67:00:AE:04:82:4E:2F:05:C2:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Lz71uQE3FOMXTGcArgSCTi8FwjA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91346B1/9A0ECE10D0F011EC8ECDBF63C4F9AE02/Lz71uQE3FOMXTGcArgSCTi8FwjA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:25:f5:b5:4d:bd:73:f6:17:74:b7:e1:08:8d:17:43:89:98: 14:30:6b:af:9c:17:c3:fd:cc:bb:04:a3:00:db:e6:d0:a9:33: 8c:4c:a2:bb:54:a6:85:3e:b5:b5:49:0a:86:0a:28:60:43:cc: a3:97:ae:93:e5:f1:c0:db:82:67:f9:9f:00:44:ba:80:6d:06: f2:ac:a0:5b:66:6c:23:36:00:2c:d4:8b:95:fd:b5:a3:6b:49: f6:81:c0:7e:eb:fa:66:a9:de:12:bb:9b:df:a0:32:98:6c:d7: a5:a8:6d:b3:4e:0e:ca:3c:c1:62:86:de:5d:7d:f6:3f:28:d3: cd:42:e4:17:6f:c7:0d:bb:89:37:dc:cc:3d:f9:e3:a3:a3:64: 12:5a:c9:3d:b9:02:da:5e:ab:b8:73:e1:a6:89:87:a3:ba:5f: 76:8f:6d:73:fa:43:c2:fd:95:10:68:63:c3:5d:e2:9d:a3:af: 0c:a1:ed:b6:40:ec:aa:24:e1:5c:f6:4a:d0:1f:e6:9a:0e:93: 11:e5:21:0f:03:37:63:e6:50:5b:ee:cf:87:23:30:00:03:ef: c7:45:09:f2:a7:45:0c:be:af:08:58:bd:c6:53:99:a3:07:44: d5:64:9f:4f:8f:1e:65:6a:96:70:44:69:e2:df:db:24:4f:39: 2b:4c:35:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQ2QjExMTAvBgNVBAUTKDJGM0VGNUI5MDEzNzE0RTMxNzRDNjcwMEFFMDQ4MjRF MkYwNUMyMzAwHhcNMjUxMTA1MDEwMTIzWhcNMjUxMTEyMDEwMTIzWjAYMRYwFAYD VQQDEw02OTBhYTFlNC0zM2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwybApBzSPpUWBD6vMQsVf2KB1Sg2OFeiBCEwZR6bD5Vk7uh+RMqOGKSlykXR IG3KeRLaUAPZ2WTrlr4gTBfxYrte2ZZPA1bzcj9EkdGQ8+xzT4wQ1UFYacE+/QEi Jmnc9CTc/FVPg8vD2ouLF6sukWkCRYsprO1Twe21Tmnds23/VIDC/thW1jZbVTL9 3qYoC0V90q/EUS/Bz7KXqyCQjvRoYw/5S6odb2B50bBrdESr8XolrMNU4HYTGZK8 VDW1L2iD/k4uaIxRhgGwnmNoTDxZw9KkajELYuX0nx7vHRk0WEiM0bSajXX2qtwl SwqjksWLWv90CHFK1qbXPcAPTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJhDntdz tC7KgDfmU6HzYJh9GDZeMB8GA1UdIwQYMBaAFC8+9bkBNxTjF0xnAK4Egk4vBcIw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDZCMS85QTBFQ0UxMEQw RjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZPTVhUR2NBcmdTQ1RpOEZ3 akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0x6NzF1UUUzRk9NWFRHY0FyZ1NDVGk4RndqQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDZCMS85QTBFQ0UxMEQwRjAxMUVDOEVDREJGNjNDNEY5QUUwMi9MejcxdVFFM0ZP TVhUR2NBcmdTQ1RpOEZ3akEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkJfW1Tb1z9hd0t+EIjRdDiZgUMGuvnBfD/cy7BKMA2+bQqTOMTKK7 VKaFPrW1SQqGCihgQ8yjl66T5fHA24Jn+Z8ARLqAbQbyrKBbZmwjNgAs1IuV/bWj a0n2gcB+6/pmqd4Su5vfoDKYbNelqG2zTg7KPMFiht5dffY/KNPNQuQXb8cNu4k3 3Mw9+eOjo2QSWsk9uQLaXqu4c+GmiYejul92j21z+kPC/ZUQaGPDXeKdo68Moe22 QOyqJOFc9krQH+aaDpMR5SEPAzdj5lBb7s+HIzAAA+/HRQnyp0UMvq8IWL3GU5mj B0TVZJ9Pjx5lapZwRGni39skTzkrTDXe -----END CERTIFICATE-----Generated at Wed Nov 5 18:04:59 2025 by rpki-client