$ rpki-client -vvf rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft File: s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft (raw, json) Hash identifier: U7eIbQzL+f8UzspiFRV+x3gidMmrfNM5AxLdkUHLLUA= Subject key identifier: 5D:E0:3C:58:EE:87:F1:73:C9:F6:05:4F:10:56:AF:5C:87:C9:00:C2 Authority key identifier: B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25 Certificate issuer: /CN=A91964B3/serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625 Certificate serial: 375D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft Manifest number: 3639 Signing time: Tue 04 Nov 2025 14:26:20 +0000 Manifest this update: Tue 04 Nov 2025 14:26:19 +0000 Manifest next update: Tue 11 Nov 2025 14:26:19 +0000 Files and hashes: 1: s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl (hash: eGekkrErkjhqNVSuS0Ao2lGriurYsx9qs5qkSkA2DK0=) 2: B36EA83C70B111E98CFFF710C4F9AE02.roa (hash: YPxJgAFP2pm+e64iG82yJRkFHNHfja4F2rH7VSVuFpA=) 3: B81E038AAB2B11F0B1F65E12C4F9AE02.roa (hash: 3eaZx6Z9vRAe802TOzROCss3VWzUi3sLvQ3ZKDy9SF0=) 4: 160B219870BA11E99E0F6D2DC4F9AE02.roa (hash: 3QqIb/PpEMe7CSOMb9cfzIUcXW1tet3HABkiD8A3zkU=) 5: 26A143C291EB11EF8A024083C4F9AE02.roa (hash: apyNb0gzlP7QIPlzF+1SGVtUOjpAimi2EUrocnrYZRM=) 6: 18F4FD76918111EC93DCA42AC4F9AE02.roa (hash: 8JKaEfgtThOrevd/FI1wUsWQCsjDZCsWDfH4rtPvYOM=) 7: B0EB27B470B811E9B32F6726C4F9AE02.roa (hash: Yn6iyp3sOHzht7NrUVV1K95CTLrIyR+zeCU6DhPlbi0=) 8: 9538F912A09511EE9616A86EC4F9AE02.roa (hash: UIhH1UdXX1/WldxbBw/5eFdUsW8H5rv3xowCVi4x/js=) 9: 71D60BC2F6BA11EB865C4246C4F9AE02.roa (hash: E9Q0DLQxOx2PNLNxJzUPOmEekE0nfR8RNH8+NziMkYc=) 10: 9AF37E96D71B11EA9532F30CC4F9AE02.roa (hash: UB9M+LLNN3sS8I2EFsp8N9BHGeanS2Z+lbFEvYsOTeM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:26:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14173 (0x375d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91964B3, serialNumber=B39866A99D1CD9F4E7E8F53C88AD14DA89A18625 Validity Not Before: Nov 4 14:26:19 2025 GMT Not After : Nov 11 14:26:19 2025 GMT Subject: CN=690a0d0b-4aac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9a:34:20:9b:5e:82:e6:a2:c1:53:61:0a:68:ac: ca:e6:4d:5a:66:06:a8:31:40:94:10:21:d9:3c:16: 05:ad:e9:a6:0e:93:54:31:29:a9:36:0d:3a:f8:a0: 30:f7:10:79:89:15:66:5c:a8:d5:80:5f:b3:b3:88: 39:1d:f6:26:59:0d:9d:ef:4c:ba:69:82:4e:6b:23: 47:47:a4:23:25:28:8d:89:55:63:07:78:f5:6a:45: b7:59:32:97:29:df:ec:b9:82:e7:bb:e6:7b:0b:a4: 64:4b:78:76:4c:cc:76:c6:ba:38:64:3f:9f:74:60: 3c:fb:28:fc:53:43:b1:e1:7d:33:e8:e7:05:b9:eb: aa:65:79:4a:66:be:32:33:b6:be:e8:94:4a:04:7b: 17:8a:73:eb:20:30:bf:49:51:f4:ba:70:cd:57:1c: 93:0d:56:0a:fa:b4:ca:72:23:fc:cf:f4:51:ea:cf: ca:7d:0d:8c:6f:03:d6:a2:ac:1f:29:67:ad:ed:ff: 80:9d:20:99:dd:cd:a5:ff:76:03:02:09:46:a6:35: 90:c2:2f:69:be:8c:7b:eb:e9:d6:fa:78:00:d8:b7: 8d:0e:09:36:65:6e:44:87:20:52:1d:ac:63:79:8f: e7:06:c4:55:88:3d:37:de:53:2e:fc:94:27:ae:dc: 52:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:E0:3C:58:EE:87:F1:73:C9:F6:05:4F:10:56:AF:5C:87:C9:00:C2 X509v3 Authority Key Identifier: keyid:B3:98:66:A9:9D:1C:D9:F4:E7:E8:F5:3C:88:AD:14:DA:89:A1:86:25 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91964B3/E65851121D8411E2A1BA30DB08B02CD2/s5hmqZ0c2fTn6PU8iK0U2omhhiU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:9c:0b:51:3f:47:ec:0f:60:5e:81:b1:92:79:db:5f:9c:aa: cd:8b:df:d1:14:9b:de:fe:3b:23:34:38:4a:e5:e0:29:79:a0: 24:05:b3:dd:df:c3:7e:54:ee:16:ae:19:d2:39:67:83:e8:54: 43:08:61:b3:be:68:81:d0:ed:64:9e:c7:62:c2:13:c3:cd:58: 08:e5:0f:61:81:67:30:74:b1:2b:45:5a:eb:a4:37:f0:be:3f: 0d:41:d5:a0:7e:e6:ce:19:9c:b0:f2:57:bd:d9:ad:f8:58:23: 6f:b6:92:e1:f6:d7:66:2b:87:cc:9a:c5:81:86:0f:dc:d8:d0: 9e:bf:cc:57:7e:a2:67:46:8f:84:c4:43:b0:5a:9a:7d:86:5e: 1b:e2:b3:7a:33:ca:14:ef:c2:cd:ba:7c:5a:77:6a:9b:c5:09: ec:b9:b4:5c:b1:b3:e1:be:00:85:c1:e1:b5:f8:45:6e:27:23: f4:dc:1e:2e:b3:83:de:70:f3:f4:18:4c:da:26:25:81:3c:ff: 97:05:05:03:0f:8b:0f:8f:f5:0e:a7:cd:b1:e6:50:0c:e7:3f: bf:95:cf:39:6b:1c:28:d1:d7:42:2b:c8:27:da:aa:7b:8f:84: f5:85:4a:e5:9b:c9:ae:f5:26:8b:0a:a5:24:94:9e:ba:3e:12: c7:a7:00:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICN10wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTY0QjMxMTAvBgNVBAUTKEIzOTg2NkE5OUQxQ0Q5RjRFN0U4RjUzQzg4QUQxNERB ODlBMTg2MjUwHhcNMjUxMTA0MTQyNjE5WhcNMjUxMTExMTQyNjE5WjAYMRYwFAYD VQQDEw02OTBhMGQwYi00YWFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmjQgm16C5qLBU2EKaKzK5k1aZgaoMUCUECHZPBYFremmDpNUMSmpNg06+KAw 9xB5iRVmXKjVgF+zs4g5HfYmWQ2d70y6aYJOayNHR6QjJSiNiVVjB3j1akW3WTKX Kd/suYLnu+Z7C6RkS3h2TMx2xro4ZD+fdGA8+yj8U0Ox4X0z6OcFueuqZXlKZr4y M7a+6JRKBHsXinPrIDC/SVH0unDNVxyTDVYK+rTKciP8z/RR6s/KfQ2MbwPWoqwf KWet7f+AnSCZ3c2l/3YDAglGpjWQwi9pvox76+nW+ngA2LeNDgk2ZW5EhyBSHaxj eY/nBsRViD033lMu/JQnrtxSFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF3gPFju h/FzyfYFTxBWr1yHyQDCMB8GA1UdIwQYMBaAFLOYZqmdHNn05+j1PIitFNqJoYYl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjRCMy9FNjU4NTExMjFE ODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJmVG42UFU4aUswVTJvbWho aVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3M1aG1xWjBjMmZUbjZQVThpSzBVMm9taGhpVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NjRCMy9FNjU4NTExMjFEODQxMUUyQTFCQTMwREIwOEIwMkNEMi9zNWhtcVowYzJm VG42UFU4aUswVTJvbWhoaVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHnAtRP0fsD2BegbGSedtfnKrNi9/RFJve/jsjNDhK5eApeaAkBbPd 38N+VO4WrhnSOWeD6FRDCGGzvmiB0O1knsdiwhPDzVgI5Q9hgWcwdLErRVrrpDfw vj8NQdWgfubOGZyw8le92a34WCNvtpLh9tdmK4fMmsWBhg/c2NCev8xXfqJnRo+E xEOwWpp9hl4b4rN6M8oU78LNunxad2qbxQnsubRcsbPhvgCFweG1+EVuJyP03B4u s4PecPP0GEzaJiWBPP+XBQUDD4sPj/UOp82x5lAM5z+/lc85axwo0ddCK8gn2qp7 j4T1hUrlm8mu9SaLCqUklJ66PhLHpwDh -----END CERTIFICATE-----Generated at Tue Nov 4 20:23:34 2025 by rpki-client