$ rpki-client -vvf rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.mft File: UoKkZCr301eZKRu6RH6hQlGk1fw.mft (raw, json) Hash identifier: mO9IzBYJUyXlkpDoKeOoO679RLZK6L3DT35XaOh/G8U= Subject key identifier: 9B:88:B5:05:9F:8B:37:CD:C5:D7:13:CC:B5:30:A6:B9:A2:F5:95:95 Authority key identifier: 52:82:A4:64:2A:F7:D3:57:99:29:1B:BA:44:7E:A1:42:51:A4:D5:FC Certificate issuer: /CN=A91582D9/serialNumber=5282A4642AF7D35799291BBA447EA14251A4D5FC Certificate serial: 089B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoKkZCr301eZKRu6RH6hQlGk1fw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.mft Manifest number: 2034 Signing time: Sun 02 Nov 2025 16:33:32 +0000 Manifest this update: Sun 02 Nov 2025 16:33:31 +0000 Manifest next update: Sun 09 Nov 2025 16:33:31 +0000 Files and hashes: 1: UoKkZCr301eZKRu6RH6hQlGk1fw.crl (hash: 3utOtu1bNaJVW+onuW7799+Q/S4KqMz18daz6RqzTiU=) 2: 654665EA197611F09D2B1C76C4F9AE02.roa (hash: hgO4m8NBFvCWTk/xZ7lTPgH3uo1aBC3KP8OdcPsjkbo=) 3: B5E806CC8BC711EE899A5284C4F9AE02.roa (hash: XzzXA6m5Sfbs0sLhTPVckgYHL3ZiipFrwRLSzgKZ33U=) 4: 172C2B96197711F0A993397AC4F9AE02.roa (hash: 8Qo70bxIag9X+h+p9rkvEiGVmiiK66r021Qwo1g6tkk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.crl rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoKkZCr301eZKRu6RH6hQlGk1fw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 16:33:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2203 (0x89b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91582D9, serialNumber=5282A4642AF7D35799291BBA447EA14251A4D5FC Validity Not Before: Nov 2 16:33:31 2025 GMT Not After : Nov 9 16:33:31 2025 GMT Subject: CN=690787db-8f05 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:0e:16:f3:c1:bc:9f:d4:7c:84:4e:72:10:0d: d7:f4:da:d0:f8:ff:42:0b:4e:78:60:09:c4:78:39: 6c:bf:d7:9e:1b:a5:e9:1c:c8:63:dd:ff:42:69:a0: 9e:09:da:e1:a7:0b:94:1e:07:2e:45:00:83:8a:02: 2b:2a:35:99:d1:bd:45:29:c0:5c:34:24:5b:24:8c: db:f4:8f:d3:c0:34:aa:44:2f:d0:18:58:f3:17:24: e4:ed:d0:3a:b6:f8:53:0f:af:8b:e8:3d:e6:18:81: 9f:e7:86:2b:52:7b:2e:03:64:53:3c:03:b0:c8:09: a2:02:31:d7:5b:71:dc:8a:b0:03:38:35:e5:66:f1: 2a:a8:a5:61:19:1a:66:d0:08:d0:42:67:98:d2:6c: d3:9e:89:2c:a0:59:ac:81:04:d2:b7:cc:df:2b:ff: b1:65:1d:68:df:61:c3:74:b9:1f:82:f3:30:0f:ff: f6:b6:1f:a2:01:b1:cb:a6:71:3b:b1:50:c8:b6:f8: d8:90:29:ed:aa:cc:07:50:92:8b:d4:6c:61:72:e9: d6:9b:bb:a3:57:65:b7:c8:4c:97:ce:47:88:bb:8b: 49:93:a8:b2:93:d7:8e:e8:f0:61:88:21:7b:7f:54: 0f:b2:b6:1e:c7:8d:3e:ad:b5:b3:66:ef:41:b9:ac: 69:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:88:B5:05:9F:8B:37:CD:C5:D7:13:CC:B5:30:A6:B9:A2:F5:95:95 X509v3 Authority Key Identifier: keyid:52:82:A4:64:2A:F7:D3:57:99:29:1B:BA:44:7E:A1:42:51:A4:D5:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/UoKkZCr301eZKRu6RH6hQlGk1fw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91582D9/0EDA6D5ECDDA11E7BDEA8C2BC4F9AE02/UoKkZCr301eZKRu6RH6hQlGk1fw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:b6:df:30:4f:c1:8a:8c:ce:8d:b7:cc:f4:f8:7e:61:3b:75: b1:be:d8:5f:75:11:68:28:07:cb:fa:7a:b4:72:72:d0:38:9c: 9e:e1:2f:43:f4:6e:74:bf:ff:e9:7b:99:1d:91:bf:e7:36:9e: ea:5b:32:86:07:7a:86:fd:23:39:0d:e1:48:0e:55:75:b9:d0: 85:8f:b5:3b:fd:f1:19:a7:19:bf:b0:f0:db:3a:c8:df:95:52: ca:8b:57:86:d7:a1:8c:9f:83:8c:c9:a5:5f:d0:a4:e3:95:76: b3:e7:50:77:d9:c5:86:39:14:a8:2a:e9:70:41:ab:56:3c:62: 4c:9b:51:5c:1d:e7:7e:84:71:58:57:65:cc:63:05:d1:ed:5a: 79:57:cb:2a:8e:20:bb:98:32:8b:0a:b3:78:1e:14:0f:74:23: da:76:53:00:be:a4:34:ad:00:e0:df:cf:95:03:49:2a:88:fd: 2e:bf:95:f7:fc:2f:c3:8f:03:13:8b:47:f9:a9:bb:d6:fb:0f: 7c:4d:76:12:ce:0b:df:e4:e9:83:b5:39:c0:e0:69:a8:7b:1a: ab:14:38:e7:dd:45:bb:e6:75:b6:08:39:eb:19:96:fe:b5:fc: 6a:a4:bc:6e:9a:63:b4:dd:f5:4a:53:8c:7e:d8:da:d6:78:64: 6e:bf:cf:d0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTgyRDkxMTAvBgNVBAUTKDUyODJBNDY0MkFGN0QzNTc5OTI5MUJCQTQ0N0VBMTQy NTFBNEQ1RkMwHhcNMjUxMTAyMTYzMzMxWhcNMjUxMTA5MTYzMzMxWjAYMRYwFAYD VQQDEw02OTA3ODdkYi04ZjA1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzQ4W88G8n9R8hE5yEA3X9NrQ+P9CC054YAnEeDlsv9eeG6XpHMhj3f9CaaCe CdrhpwuUHgcuRQCDigIrKjWZ0b1FKcBcNCRbJIzb9I/TwDSqRC/QGFjzFyTk7dA6 tvhTD6+L6D3mGIGf54YrUnsuA2RTPAOwyAmiAjHXW3HcirADODXlZvEqqKVhGRpm 0AjQQmeY0mzTnoksoFmsgQTSt8zfK/+xZR1o32HDdLkfgvMwD//2th+iAbHLpnE7 sVDItvjYkCntqswHUJKL1GxhcunWm7ujV2W3yEyXzkeIu4tJk6iyk9eO6PBhiCF7 f1QPsrYex40+rbWzZu9BuaxpmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJuItQWf izfNxdcTzLUwprmi9ZWVMB8GA1UdIwQYMBaAFFKCpGQq99NXmSkbukR+oUJRpNX8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODJEOS8wRURBNkQ1RUNE REExMUU3QkRFQThDMkJDNEY5QUUwMi9Vb0trWkNyMzAxZVpLUnU2Ukg2aFFsR2sx ZncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VvS2taQ3IzMDFlWktSdTZSSDZoUWxHazFmdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODJEOS8wRURBNkQ1RUNEREExMUU3QkRFQThDMkJDNEY5QUUwMi9Vb0trWkNyMzAx ZVpLUnU2Ukg2aFFsR2sxZncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqtt8wT8GKjM6Nt8z0+H5hO3WxvthfdRFoKAfL+nq0cnLQOJye4S9D 9G50v//pe5kdkb/nNp7qWzKGB3qG/SM5DeFIDlV1udCFj7U7/fEZpxm/sPDbOsjf lVLKi1eG16GMn4OMyaVf0KTjlXaz51B32cWGORSoKulwQatWPGJMm1FcHed+hHFY V2XMYwXR7Vp5V8sqjiC7mDKLCrN4HhQPdCPadlMAvqQ0rQDg38+VA0kqiP0uv5X3 /C/DjwMTi0f5qbvW+w98TXYSzgvf5OmDtTnA4GmoexqrFDjn3UW75nW2CDnrGZb+ tfxqpLxummO03fVKU4x+2NrWeGRuv8/Q -----END CERTIFICATE-----Generated at Tue Nov 4 08:19:28 2025 by rpki-client