$ rpki-client -vvf rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft File: nr2hI9nugwlDBaEYDCoIBX_lQGo.mft (raw, json) Hash identifier: PS4baqwOoIV81qhfsb8GQQkd5/N1jvOx2UJUVIIoXNk= Subject key identifier: F7:68:FC:99:FD:8F:39:93:01:28:2C:37:8C:A5:23:99:86:DE:F6:30 Authority key identifier: 9E:BD:A1:23:D9:EE:83:09:43:05:A1:18:0C:2A:08:05:7F:E5:40:6A Certificate issuer: /CN=A91425C3/serialNumber=9EBDA123D9EE83094305A1180C2A08057FE5406A Certificate serial: 3D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nr2hI9nugwlDBaEYDCoIBX_lQGo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft Manifest number: 3A Signing time: Mon 03 Nov 2025 07:33:40 +0000 Manifest this update: Mon 03 Nov 2025 07:33:40 +0000 Manifest next update: Mon 10 Nov 2025 07:33:40 +0000 Files and hashes: 1: nr2hI9nugwlDBaEYDCoIBX_lQGo.crl (hash: xAQRzftK2kXepW1Rz57J2ATJF22eD9Z5RYU41gaoI6Y=) 2: CD603AAA6B2B11F0B21D7F0EC4F9AE02.roa (hash: I4V72owrg5qiCod5LgKXA3su1gxxiAdnYcB+BZWhJ8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.crl rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nr2hI9nugwlDBaEYDCoIBX_lQGo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:33:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61 (0x3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91425C3, serialNumber=9EBDA123D9EE83094305A1180C2A08057FE5406A Validity Not Before: Nov 3 07:33:40 2025 GMT Not After : Nov 10 07:33:40 2025 GMT Subject: CN=69085ad4-7dee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:a4:da:d8:e4:b7:58:87:06:06:32:28:32:4f: 9e:34:b5:d3:11:87:1f:67:7c:01:eb:2d:dc:47:28: ed:33:22:fe:b8:eb:13:1c:ff:f7:4d:55:2d:6f:82: b6:f3:c0:1c:ef:e2:37:5f:01:07:25:db:89:e2:0e: 63:88:36:b8:4f:01:02:94:b3:6c:23:12:53:05:8a: b9:56:4f:d0:48:7a:3c:e6:be:51:12:ad:b9:09:51: 2b:fe:07:5d:69:45:5c:82:80:90:06:aa:bc:42:c7: 26:14:cf:5c:82:b2:f1:f0:8b:8c:c5:27:6d:00:59: 85:3e:2a:43:ad:67:60:41:87:ad:d3:3f:fc:0b:c7: 6f:74:15:9e:e8:28:e1:b0:e1:09:44:82:2b:70:fb: ca:36:3f:25:fe:e2:09:d9:8e:b0:64:7e:52:05:f9: 55:1a:88:c7:c7:a1:c1:00:94:e8:e6:5d:ef:3d:4c: fc:c9:eb:8b:ee:fd:45:6e:d3:7f:e6:80:62:68:12: 81:74:9c:3b:ef:ba:ad:18:5b:cc:8f:42:3a:33:b4: 57:1a:4e:47:68:f0:a9:9a:c1:d9:73:00:01:70:25: 2e:92:5e:76:c3:f1:3b:80:92:8f:81:1e:07:06:51: e8:6a:b0:c2:fd:cd:01:29:57:77:0f:f4:64:d1:7c: 95:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:68:FC:99:FD:8F:39:93:01:28:2C:37:8C:A5:23:99:86:DE:F6:30 X509v3 Authority Key Identifier: keyid:9E:BD:A1:23:D9:EE:83:09:43:05:A1:18:0C:2A:08:05:7F:E5:40:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nr2hI9nugwlDBaEYDCoIBX_lQGo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91425C3/2326C63E660411F0A4C5192BC4F9AE02/nr2hI9nugwlDBaEYDCoIBX_lQGo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:ac:41:81:54:af:bd:e4:10:c5:1a:36:14:6a:60:c0:b6:44: ef:ef:b0:9d:f1:53:e7:24:96:10:fc:bd:be:fa:4c:87:c8:dd: 07:2d:66:50:1d:9c:ee:3c:1e:c8:52:76:6d:2c:c1:b0:f7:0f: f9:c0:cb:49:ad:cc:de:e9:39:52:c0:6b:7f:30:96:81:4a:2e: 61:f4:be:7a:30:bd:ab:09:84:95:2d:cb:51:39:d5:df:e5:ec: 5d:de:7b:4d:44:5a:22:17:e3:dc:99:43:61:03:3c:b9:cb:a8: 17:d2:33:28:f5:7b:db:79:55:d7:77:9e:e1:fb:2b:93:a4:5d: a0:b0:a1:65:2d:81:45:f9:2c:36:07:eb:94:6c:dc:e3:20:da: 53:57:6b:b2:db:33:24:31:7f:8b:78:0c:00:1b:f2:d9:a0:98: ce:41:ae:6c:38:62:48:e5:68:3c:37:9d:7b:97:56:51:07:ac: ef:9e:ea:e5:a7:4e:56:5c:c3:18:04:c2:16:f2:68:4d:c0:00: 3a:38:d0:b3:1f:88:7d:19:0e:79:36:94:80:76:7d:93:11:d5: 28:7e:5f:e8:47:9a:9d:79:1f:b6:f6:c9:42:a0:bd:8b:f6:57: 8d:74:61:46:32:61:a6:d8:e9:4e:63:4c:1f:2a:12:fa:39:12: d7:d9:a4:24 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MjVDMzExMC8GA1UEBRMoOUVCREExMjNEOUVFODMwOTQzMDVBMTE4MEMyQTA4MDU3 RkU1NDA2QTAeFw0yNTExMDMwNzMzNDBaFw0yNTExMTAwNzMzNDBaMBgxFjAUBgNV BAMTDTY5MDg1YWQ0LTdkZWUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDGpNrY5LdYhwYGMigyT540tdMRhx9nfAHrLdxHKO0zIv646xMc//dNVS1vgrbz wBzv4jdfAQcl24niDmOINrhPAQKUs2wjElMFirlWT9BIejzmvlESrbkJUSv+B11p RVyCgJAGqrxCxyYUz1yCsvHwi4zFJ20AWYU+KkOtZ2BBh63TP/wLx290FZ7oKOGw 4QlEgitw+8o2PyX+4gnZjrBkflIF+VUaiMfHocEAlOjmXe89TPzJ64vu/UVu03/m gGJoEoF0nDvvuq0YW8yPQjoztFcaTkdo8KmawdlzAAFwJS6SXnbD8TuAko+BHgcG UehqsML9zQEpV3cP9GTRfJVfAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU92j8mf2P OZMBKCw3jKUjmYbe9jAwHwYDVR0jBBgwFoAUnr2hI9nugwlDBaEYDCoIBX/lQGow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyNUMzLzIzMjZDNjNFNjYw NDExRjBBNEM1MTkyQkM0RjlBRTAyL25yMmhJOW51Z3dsREJhRVlEQ29JQlhfbFFH by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbnIyaEk5bnVnd2xEQmFFWURDb0lCWF9sUUdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy NUMzLzIzMjZDNjNFNjYwNDExRjBBNEM1MTkyQkM0RjlBRTAyL25yMmhJOW51Z3ds REJhRVlEQ29JQlhfbFFHby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGCsQYFUr73kEMUaNhRqYMC2RO/vsJ3xU+cklhD8vb76TIfI3QctZlAd nO48HshSdm0swbD3D/nAy0mtzN7pOVLAa38wloFKLmH0vnowvasJhJUty1E51d/l 7F3ee01EWiIX49yZQ2EDPLnLqBfSMyj1e9t5Vdd3nuH7K5OkXaCwoWUtgUX5LDYH 65Rs3OMg2lNXa7LbMyQxf4t4DAAb8tmgmM5Brmw4YkjlaDw3nXuXVlEHrO+e6uWn TlZcwxgEwhbyaE3AADo40LMfiH0ZDnk2lIB2fZMR1Sh+X+hHmp15H7b2yUKgvYv2 V410YUYyYabY6U5jTB8qEvo5EtfZpCQ= -----END CERTIFICATE-----Generated at Wed Nov 5 00:15:15 2025 by rpki-client