$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: z6omVO3QRCZNZQNoMQ1jFMfRq7Yp5+HNCQorOGU3Xq4= Subject key identifier: F7:E7:C4:29:DD:D6:37:15:A1:E6:AE:52:D3:68:C9:2F:34:A9:3A:10 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0EAA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0EA2 Signing time: Tue 04 Nov 2025 17:45:31 +0000 Manifest this update: Tue 04 Nov 2025 17:45:31 +0000 Manifest next update: Tue 11 Nov 2025 17:45:31 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: WXUPx4yxA1ZFgIxfsA2j17oJVd9XSRowd0yCBhDbaAk=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:45:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3754 (0xeaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Nov 4 17:45:31 2025 GMT Not After : Nov 11 17:45:31 2025 GMT Subject: CN=690a3bbb-7cd6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:99:77:79:ac:d1:c3:1a:2e:cf:2c:0e:43:bf: 8a:af:bf:95:da:13:b5:3d:0c:2e:b9:86:d7:8f:3b: db:90:f9:9c:30:de:38:2c:06:37:c8:79:fe:07:43: 60:39:4c:29:73:a4:e5:bd:23:30:b0:e4:1b:59:7a: 7b:c7:be:20:a7:b8:f7:a8:0f:2b:2b:c4:c1:28:a8: b0:fb:97:ce:95:cc:c5:41:82:6e:3e:7b:b7:b6:ae: 0f:a0:ac:35:ef:32:9c:f5:97:7e:ad:85:71:07:72: 89:88:e4:23:c3:23:fc:5f:74:3c:1f:c2:44:0e:b6: 4a:33:26:0e:4b:21:d1:ad:e0:04:da:61:9e:57:f3: 25:dc:a4:4a:04:9c:22:59:d7:ef:b9:da:38:19:49: 77:40:79:13:fd:bb:b1:dd:b8:32:95:11:ff:df:0b: ab:f4:d2:85:5c:75:ae:ff:60:63:aa:a6:45:00:37: ed:2d:ae:84:7f:e2:94:54:cd:7d:67:4e:1f:81:24: f9:31:5b:df:4e:52:0e:3b:cb:13:7d:3a:b4:36:d9: 15:50:62:6f:74:89:94:02:00:8a:9d:9b:d6:f7:b2: f7:a0:fd:30:96:f7:b7:7f:f7:e0:f8:a4:2c:42:2b: 0e:42:5c:54:d6:97:4a:1a:65:43:91:de:95:47:88: a4:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:E7:C4:29:DD:D6:37:15:A1:E6:AE:52:D3:68:C9:2F:34:A9:3A:10 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ab:2c:10:45:70:7e:1b:4d:6a:eb:e5:1d:c9:80:88:57:d4:fb: 1b:dd:23:4c:3b:f7:5e:30:d3:25:5c:49:11:66:4c:d7:8c:95: 54:89:bc:d1:68:c3:03:48:8b:f5:a1:d4:c0:1d:08:8e:b5:67: 08:c2:fa:3f:00:f0:4a:ac:3f:10:b6:d0:7d:3d:83:0f:0b:9f: 22:a0:83:7d:68:33:d1:5d:b8:7e:b4:41:b0:b0:f6:67:33:28: e5:41:0c:e5:b1:8a:a5:a6:ad:4f:e8:f0:39:9a:13:7f:eb:9f: 66:4d:f8:f4:fb:c4:3e:54:fc:7e:ac:ba:f6:b3:e3:0f:06:43: 3c:8c:7f:97:76:1f:13:f8:f7:04:22:54:9c:0e:b9:c8:1b:53: 27:23:96:b2:3e:da:54:b1:df:25:8e:43:b8:dc:46:8e:d5:76: 9c:85:1c:89:5a:7f:57:20:d1:2d:09:05:15:77:10:dd:6e:c5: 0b:7b:56:2d:c7:2b:b9:7b:04:54:89:99:17:07:4b:0a:75:6b: 95:18:14:07:40:b7:80:ef:5f:87:35:05:b5:d2:b9:30:1c:81: f1:a0:7b:5e:5d:57:d8:9b:68:f6:d5:12:5b:0d:a6:15:31:97: 37:57:e0:f6:e3:85:dd:cd:9b:d3:8f:a6:aa:6f:c8:d3:b5:92: 66:5a:b7:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUxMTA0MTc0NTMxWhcNMjUxMTExMTc0NTMxWjAYMRYwFAYD VQQDEw02OTBhM2JiYi03Y2Q2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyJl3eazRwxouzywOQ7+Kr7+V2hO1PQwuuYbXjzvbkPmcMN44LAY3yHn+B0Ng OUwpc6TlvSMwsOQbWXp7x74gp7j3qA8rK8TBKKiw+5fOlczFQYJuPnu3tq4PoKw1 7zKc9Zd+rYVxB3KJiOQjwyP8X3Q8H8JEDrZKMyYOSyHRreAE2mGeV/Ml3KRKBJwi Wdfvudo4GUl3QHkT/bux3bgylRH/3wur9NKFXHWu/2BjqqZFADftLa6Ef+KUVM19 Z04fgST5MVvfTlIOO8sTfTq0NtkVUGJvdImUAgCKnZvW97L3oP0wlve3f/fg+KQs QisOQlxU1pdKGmVDkd6VR4ikkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPfnxCnd 1jcVoeauUtNoyS80qToQMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCrLBBFcH4bTWrr5R3JgIhX1Psb3SNMO/deMNMlXEkRZkzXjJVUibzR aMMDSIv1odTAHQiOtWcIwvo/APBKrD8QttB9PYMPC58ioIN9aDPRXbh+tEGwsPZn MyjlQQzlsYqlpq1P6PA5mhN/659mTfj0+8Q+VPx+rLr2s+MPBkM8jH+Xdh8T+PcE IlScDrnIG1MnI5ayPtpUsd8ljkO43EaO1XachRyJWn9XINEtCQUVdxDdbsULe1Yt xyu5ewRUiZkXB0sKdWuVGBQHQLeA71+HNQW10rkwHIHxoHteXVfYm2j21RJbDaYV MZc3V+D244XdzZvTj6aqb8jTtZJmWreN -----END CERTIFICATE-----Generated at Tue Nov 4 21:34:56 2025 by rpki-client