$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft File: kJUWWXx2-jz_qxUgjArpiGY0qgM.mft (raw, json) Hash identifier: WnfRV3jvEdFZvVFlWgHCavUcnPd1v4IKYSl6SwsKfUo= Subject key identifier: 0C:1D:99:D1:19:58:EA:15:55:A5:9A:EB:83:34:58:AB:49:2C:64:BF Authority key identifier: 90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 Certificate issuer: /CN=A91847A2/serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Certificate serial: 0AFA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft Manifest number: 0AF2 Signing time: Tue 04 Nov 2025 19:31:40 +0000 Manifest this update: Tue 04 Nov 2025 19:31:40 +0000 Manifest next update: Tue 11 Nov 2025 19:31:40 +0000 Files and hashes: 1: kJUWWXx2-jz_qxUgjArpiGY0qgM.crl (hash: w29Sh1vWRJY5VSZqJVaAtwYGFCLCmtTKEaLTI7FyTpo=) 2: 54EDB8542E1811EBB4E80B1FC4F9AE02.roa (hash: 3V95dG8EwbjGC7EMndTVlVAHQWvt90W2HKQwUZ++P/E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:31:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2810 (0xafa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847A2, serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Validity Not Before: Nov 4 19:31:40 2025 GMT Not After : Nov 11 19:31:40 2025 GMT Subject: CN=690a549c-30cc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:78:7d:0e:42:ad:e3:f0:33:5d:e7:17:e7:70: 5a:76:6a:c1:f4:23:8b:4c:bc:46:d0:d7:04:a8:f0: 3b:68:f4:45:64:ac:e1:7d:c1:51:53:b6:4b:88:e1: 24:da:24:b8:06:30:32:f9:27:45:b3:fd:5d:90:56: 1a:5e:4a:45:38:48:2f:18:cb:ee:a9:8a:9d:e2:97: 91:96:ed:70:ba:40:5b:ba:4c:0e:15:9c:85:49:9c: 18:a6:3c:32:e7:40:15:29:8b:bf:e1:81:25:67:4f: 31:96:f6:3b:2d:52:af:54:b1:56:91:1e:1a:92:a4: 30:73:12:49:33:4a:d3:9a:44:f8:7b:2c:b7:0b:43: 27:ad:4e:76:47:3c:5c:58:fa:44:86:c1:65:19:67: 60:a6:41:c0:e6:78:5b:09:b3:83:ef:45:ab:87:75: 1a:c9:81:0a:07:a1:a9:fc:1b:65:a4:cd:c4:b6:f3: 0b:2d:4e:5d:60:99:a6:53:b5:82:95:93:05:7c:a7: 27:3c:b2:c6:c6:7e:d3:78:a0:69:48:b3:b6:88:1e: 9f:56:33:f2:34:9c:cb:eb:7f:a0:61:d2:08:0f:2e: aa:a8:3a:07:72:c9:51:8c:0b:df:65:71:f3:d9:15: 99:b7:12:a4:5c:b5:42:0e:18:29:a9:78:8e:bb:14: 38:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:1D:99:D1:19:58:EA:15:55:A5:9A:EB:83:34:58:AB:49:2C:64:BF X509v3 Authority Key Identifier: keyid:90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:a4:58:b6:da:c1:5d:82:26:54:c6:2a:29:d5:5f:3d:3d:74: 29:74:80:c1:06:f8:fd:b9:0e:0b:6d:00:4f:da:05:09:f9:11: 43:69:6f:fe:25:c2:d6:3d:83:b0:64:ad:fa:51:b4:ad:0e:d4: 28:7b:10:b5:27:ea:22:c4:23:db:d9:58:86:f8:e9:80:56:5c: f8:ba:8f:09:39:02:52:90:8c:15:91:12:76:b3:2b:0a:97:6e: aa:77:71:9d:dd:51:c3:f7:e2:7e:1d:52:c5:98:af:62:98:a0: 92:c5:aa:e7:22:f0:f3:86:21:8e:15:54:08:bc:e1:dd:75:55: 92:34:6f:a1:bb:c5:eb:30:39:f4:f7:96:bf:12:cc:87:89:9f: a3:96:e6:b3:4a:dd:3e:8e:b4:70:d1:75:7c:3a:b8:20:8a:2d: f0:19:cf:5e:8c:49:95:48:53:5f:5c:1f:b2:d7:7f:50:ed:d0: ec:81:49:9e:67:67:f1:12:49:a3:79:04:1b:41:a3:b2:f2:03: c2:a3:e2:e1:c2:13:6e:1c:c2:9a:8d:dc:d6:25:c7:f3:e9:8c: 59:b4:99:39:06:b3:cd:d2:e1:81:32:3d:fc:b1:c3:21:4b:ee: b1:87:ca:e0:99:83:dc:5e:40:bc:b2:60:c0:09:b6:ce:05:31: 73:bc:f5:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCvowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QTIxMTAvBgNVBAUTKDkwOTUxNjU5N0M3NkZBM0NGRkFCMTUyMDhDMEFFOTg4 NjYzNEFBMDMwHhcNMjUxMTA0MTkzMTQwWhcNMjUxMTExMTkzMTQwWjAYMRYwFAYD VQQDEw02OTBhNTQ5Yy0zMGNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt3h9DkKt4/AzXecX53BadmrB9COLTLxG0NcEqPA7aPRFZKzhfcFRU7ZLiOEk 2iS4BjAy+SdFs/1dkFYaXkpFOEgvGMvuqYqd4peRlu1wukBbukwOFZyFSZwYpjwy 50AVKYu/4YElZ08xlvY7LVKvVLFWkR4akqQwcxJJM0rTmkT4eyy3C0MnrU52Rzxc WPpEhsFlGWdgpkHA5nhbCbOD70Wrh3UayYEKB6Gp/BtlpM3EtvMLLU5dYJmmU7WC lZMFfKcnPLLGxn7TeKBpSLO2iB6fVjPyNJzL63+gYdIIDy6qqDoHcslRjAvfZXHz 2RWZtxKkXLVCDhgpqXiOuxQ4qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAwdmdEZ WOoVVaWa64M0WKtJLGS/MB8GA1UdIwQYMBaAFJCVFll8dvo8/6sVIIwK6YhmNKoD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9BRUQzRDM1RTU5 NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rSlVXV1h4Mi1qel9xeFVnakFycGlHWTBx Z00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tKVVdXWHgyLWp6X3F4VWdqQXJwaUdZMHFnTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDdBMi9BRUQzRDM1RTU5NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rSlVXV1h4Mi1q el9xeFVnakFycGlHWTBxZ00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkpFi22sFdgiZUxiop1V89PXQpdIDBBvj9uQ4LbQBP2gUJ+RFDaW/+ JcLWPYOwZK36UbStDtQoexC1J+oixCPb2ViG+OmAVlz4uo8JOQJSkIwVkRJ2sysK l26qd3Gd3VHD9+J+HVLFmK9imKCSxarnIvDzhiGOFVQIvOHddVWSNG+hu8XrMDn0 95a/EsyHiZ+jluazSt0+jrRw0XV8Orggii3wGc9ejEmVSFNfXB+y139Q7dDsgUme Z2fxEkmjeQQbQaOy8gPCo+LhwhNuHMKajdzWJcfz6YxZtJk5BrPN0uGBMj38scMh S+6xh8rgmYPcXkC8smDACbbOBTFzvPXh -----END CERTIFICATE-----Generated at Wed Nov 5 20:55:15 2025 by rpki-client