$ rpki-client -vvf rpki.apnic.net/member_repository/A91935EA/19DD467000AE11E8BC3A1F2FC4F9AE02/_XxIEch8Vm71Xtqw50P_BmufqGY.mft File: _XxIEch8Vm71Xtqw50P_BmufqGY.mft (raw, json) Hash identifier: dVRJTa4JQ5zq8Dey6+Bw4fLM1uI9XjMeo3/lXMBRD5M= Subject key identifier: E9:94:CE:2C:71:7F:11:6E:53:CC:04:A9:C0:75:BB:4D:32:13:53:BF Authority key identifier: FD:7C:48:11:C8:7C:56:6E:F5:5E:DA:B0:E7:43:FF:06:6B:9F:A8:66 Certificate issuer: /CN=A91935EA/serialNumber=FD7C4811C87C566EF55EDAB0E743FF066B9FA866 Certificate serial: 16EC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_XxIEch8Vm71Xtqw50P_BmufqGY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91935EA/19DD467000AE11E8BC3A1F2FC4F9AE02/_XxIEch8Vm71Xtqw50P_BmufqGY.mft Manifest number: 16DF Signing time: Tue 04 Nov 2025 16:44:39 +0000 Manifest this update: Tue 04 Nov 2025 16:44:38 +0000 Manifest next update: Tue 11 Nov 2025 16:44:38 +0000 Files and hashes: 1: _XxIEch8Vm71Xtqw50P_BmufqGY.crl (hash: kebU6+Khw/o1qlxZEv5p8/eOChPQA/S/e/aX+169bME=) 2: 01B2AC1E064111E8A62EF586C4F9AE02.roa (hash: gDuc8ZWgCrliQXLxnNcUvIObZ9Jrt4XfymfNcicc4pc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91935EA/19DD467000AE11E8BC3A1F2FC4F9AE02/_XxIEch8Vm71Xtqw50P_BmufqGY.crl rsync://rpki.apnic.net/member_repository/A91935EA/19DD467000AE11E8BC3A1F2FC4F9AE02/_XxIEch8Vm71Xtqw50P_BmufqGY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_XxIEch8Vm71Xtqw50P_BmufqGY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:44:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5868 (0x16ec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91935EA, serialNumber=FD7C4811C87C566EF55EDAB0E743FF066B9FA866 Validity Not Before: Nov 4 16:44:38 2025 GMT Not After : Nov 11 16:44:38 2025 GMT Subject: CN=690a2d76-128d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:59:4b:7f:af:03:89:d1:99:2c:4a:cd:b1:5f: 48:0b:b2:9f:8a:a9:b5:cf:05:45:bb:51:d0:c3:c2: dd:f7:d6:c0:33:6a:24:b0:73:ce:cc:9f:4e:ed:88: df:5d:39:3e:02:b4:42:31:8b:f8:1b:e2:bd:25:27: 2f:de:c4:4d:fd:fb:90:88:e1:fe:94:1f:a9:b2:f9: 58:0e:b3:de:b5:98:12:c4:17:6f:cf:30:d9:fd:47: 05:4d:4e:45:76:3c:8c:a4:5e:79:34:53:64:a8:ba: b7:51:8b:14:49:b6:f9:ac:d2:e9:98:f9:0a:bc:2e: 49:7d:87:80:af:b1:b9:f2:c7:41:2f:14:d1:07:0f: 85:7b:f3:9d:92:b1:2c:b8:07:92:8f:f9:b4:fc:a5: d8:b3:8a:87:7b:58:a9:e9:09:35:8b:00:10:32:2d: 45:67:7e:6d:e6:74:a6:bd:ed:04:c1:e7:f8:8a:fd: c5:b0:b0:fb:f2:8a:97:74:ad:f1:63:99:79:8e:c5: f0:4c:da:50:a0:c2:a5:4a:16:2a:97:7f:23:80:df: 1c:4d:c1:be:cd:9d:bc:34:3b:17:ec:c6:92:89:bb: 70:f8:4e:56:c2:90:e2:90:4c:bc:f9:75:e8:38:c2: c2:6c:ad:f1:a8:8d:b9:9b:2d:03:e8:39:66:8c:6e: b4:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E9:94:CE:2C:71:7F:11:6E:53:CC:04:A9:C0:75:BB:4D:32:13:53:BF X509v3 Authority Key Identifier: keyid:FD:7C:48:11:C8:7C:56:6E:F5:5E:DA:B0:E7:43:FF:06:6B:9F:A8:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91935EA/19DD467000AE11E8BC3A1F2FC4F9AE02/_XxIEch8Vm71Xtqw50P_BmufqGY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_XxIEch8Vm71Xtqw50P_BmufqGY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91935EA/19DD467000AE11E8BC3A1F2FC4F9AE02/_XxIEch8Vm71Xtqw50P_BmufqGY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 08:79:71:0d:5c:b9:42:f4:d5:0d:01:bf:2a:9f:08:c8:2a:4b: 52:48:f4:99:67:7c:23:4f:74:a8:f4:14:d1:48:f6:e0:43:f8: fd:de:55:70:a5:5b:2d:5e:d4:98:0c:56:d1:72:2c:49:97:45: d9:40:69:be:ce:2f:4a:51:45:1c:2c:a7:85:de:0f:f9:5e:9a: 5f:74:1c:06:3c:4b:20:d3:92:19:30:c8:8f:fe:bb:db:16:f8: 75:2f:4a:7f:ed:3f:83:34:55:c1:57:f9:2e:6e:e9:27:b1:1d: 91:73:a0:99:bd:7d:a5:06:08:fa:f3:e4:51:6e:22:fc:e3:41: ab:c2:8d:24:d4:0e:47:1e:fb:19:fa:ab:28:1e:f4:69:fa:b7: a8:7f:a3:fa:79:89:47:27:5f:39:4b:a1:b4:a3:b3:4c:a2:f9: bd:49:2d:c3:76:99:12:c7:bb:90:8c:e9:42:7a:eb:83:bd:5f: 7a:4f:0c:c2:5b:20:71:6c:60:f8:cb:ff:8c:48:d9:be:a8:65: 1c:9d:bf:d8:ca:d6:32:bc:77:44:6e:07:bf:66:80:e3:72:4e: c0:f5:5f:21:40:89:8c:2c:76:01:dc:3a:e7:3f:06:c2:4a:7d: b7:df:08:5d:e3:21:58:5e:01:a2:a8:ba:3e:96:68:b1:6f:b1: ad:0b:ff:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFuwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTM1RUExMTAvBgNVBAUTKEZEN0M0ODExQzg3QzU2NkVGNTVFREFCMEU3NDNGRjA2 NkI5RkE4NjYwHhcNMjUxMTA0MTY0NDM4WhcNMjUxMTExMTY0NDM4WjAYMRYwFAYD VQQDEw02OTBhMmQ3Ni0xMjhkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2VlLf68DidGZLErNsV9IC7Kfiqm1zwVFu1HQw8Ld99bAM2oksHPOzJ9O7Yjf XTk+ArRCMYv4G+K9JScv3sRN/fuQiOH+lB+psvlYDrPetZgSxBdvzzDZ/UcFTU5F djyMpF55NFNkqLq3UYsUSbb5rNLpmPkKvC5JfYeAr7G58sdBLxTRBw+Fe/OdkrEs uAeSj/m0/KXYs4qHe1ip6Qk1iwAQMi1FZ35t5nSmve0Ewef4iv3FsLD78oqXdK3x Y5l5jsXwTNpQoMKlShYql38jgN8cTcG+zZ28NDsX7MaSibtw+E5WwpDikEy8+XXo OMLCbK3xqI25my0D6DlmjG60IwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOmUzixx fxFuU8wEqcB1u00yE1O/MB8GA1UdIwQYMBaAFP18SBHIfFZu9V7asOdD/wZrn6hm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5MzVFQS8xOURENDY3MDAw QUUxMUU4QkMzQTFGMkZDNEY5QUUwMi9fWHhJRWNoOFZtNzFYdHF3NTBQX0JtdWZx R1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL19YeElFY2g4Vm03MVh0cXc1MFBfQm11ZnFHWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 MzVFQS8xOURENDY3MDAwQUUxMUU4QkMzQTFGMkZDNEY5QUUwMi9fWHhJRWNoOFZt NzFYdHF3NTBQX0JtdWZxR1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAIeXENXLlC9NUNAb8qnwjIKktSSPSZZ3wjT3So9BTRSPbgQ/j93lVw pVstXtSYDFbRcixJl0XZQGm+zi9KUUUcLKeF3g/5XppfdBwGPEsg05IZMMiP/rvb Fvh1L0p/7T+DNFXBV/kubuknsR2Rc6CZvX2lBgj68+RRbiL840Grwo0k1A5HHvsZ +qsoHvRp+reof6P6eYlHJ185S6G0o7NMovm9SS3DdpkSx7uQjOlCeuuDvV96TwzC WyBxbGD4y/+MSNm+qGUcnb/YytYyvHdEbge/ZoDjck7A9V8hQImMLHYB3DrnPwbC Sn233whd4yFYXgGiqLo+lmixb7GtC/8j -----END CERTIFICATE-----Generated at Wed Nov 5 10:07:51 2025 by rpki-client