$ rpki-client -vvf rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft File: 089k1dsXYfy2pVLwaAkTMMW19Ts.mft (raw, json) Hash identifier: OcrRN7b/AtoZKiRuhgcsb4r+jJdZjONdvYEpRJOhgnM= Subject key identifier: D3:78:DB:90:FE:68:2F:DB:43:E6:F8:A2:C7:80:78:21:F1:88:55:60 Authority key identifier: D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B Certificate issuer: /CN=A91A25DF/serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft Manifest number: 3D Signing time: Mon 03 Nov 2025 07:29:23 +0000 Manifest this update: Mon 03 Nov 2025 07:29:22 +0000 Manifest next update: Mon 10 Nov 2025 07:29:22 +0000 Files and hashes: 1: 089k1dsXYfy2pVLwaAkTMMW19Ts.crl (hash: ENv4SuoQpWXBBJYh9k5ErDEZGctKEhuLu0KytHei6X4=) 2: C54DD1F45EDA11F0A5EAB579C4F9AE02.roa (hash: yvTiS/oFSBojbCtB284WFEZBM+3n1uqQBo+L9aW7vLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:29:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A25DF, serialNumber=D3CF64D5DB1761FCB6A552F068091330C5B5F53B Validity Not Before: Nov 3 07:29:22 2025 GMT Not After : Nov 10 07:29:22 2025 GMT Subject: CN=690859d3-f79d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:1f:ef:ab:25:65:5f:19:32:b3:01:b2:3e:4f: 1e:19:c9:0f:bb:4c:24:0c:3e:ac:bf:96:9e:73:8b: 15:27:80:f7:ca:fe:27:7a:57:b9:a6:ec:94:f3:13: 27:99:ba:15:5d:b0:c6:3b:73:5a:05:1d:9b:c4:c2: 4b:0c:ff:03:64:0f:a0:1c:73:a1:75:6b:d7:17:c9: 81:33:fa:86:b0:f6:76:3a:4f:fa:77:3e:24:66:6f: 3b:2a:2d:74:ae:79:c5:43:a1:50:dd:1d:4c:f6:f4: 2b:0d:a2:45:e1:29:a3:a8:ff:78:17:e4:28:27:3c: 68:e5:7f:72:c2:be:67:6d:de:2f:d7:9f:e3:db:1c: 4a:a0:0b:14:de:7b:bf:7c:f7:ca:ba:e4:e6:b4:b8: 32:ca:ea:f8:c6:65:ad:fa:75:56:97:69:c9:91:5b: fd:49:aa:87:17:b0:1e:0e:f9:76:1c:d5:9c:29:ac: a0:05:9a:cc:7d:ea:86:1b:03:9b:91:23:6c:95:0a: 34:b4:8a:2e:b1:37:0d:7d:c9:b4:6d:b2:a8:ef:48: 8b:d8:a3:7e:e5:b4:ea:05:58:b9:65:a1:bb:71:0c: 97:68:27:93:d9:73:56:c7:5a:37:07:e8:3c:91:38: d7:d2:d8:57:58:17:48:c8:6c:92:eb:44:23:4e:82: 90:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:78:DB:90:FE:68:2F:DB:43:E6:F8:A2:C7:80:78:21:F1:88:55:60 X509v3 Authority Key Identifier: keyid:D3:CF:64:D5:DB:17:61:FC:B6:A5:52:F0:68:09:13:30:C5:B5:F5:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/089k1dsXYfy2pVLwaAkTMMW19Ts.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A25DF/E61240825ED511F09CF1D50CC4F9AE02/089k1dsXYfy2pVLwaAkTMMW19Ts.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:fb:9d:de:36:f0:cf:cf:c3:2b:6b:03:4b:bf:17:d5:b1:d5: 05:9e:c9:1d:a7:77:67:c9:89:e6:74:ac:91:f5:6a:a4:0a:a6: e2:25:bb:a1:96:35:23:dc:13:bf:bd:48:d8:f1:2f:2a:26:14: 94:af:3f:69:2c:b8:a7:b0:c4:4b:4d:5b:64:41:4d:30:7b:f3: ae:90:0f:f5:45:66:ae:1c:94:f0:d7:b4:15:14:ad:b8:0d:1b: e5:ee:ac:28:5b:7a:09:ca:fa:3d:71:40:27:8e:55:52:a4:5b: 2f:e4:0c:c6:ed:d7:40:6d:c4:df:db:8f:2f:4b:b6:87:fd:e3: a3:22:a3:75:9d:f1:c4:90:c6:4f:84:2c:06:11:c9:9f:53:b3: 24:83:a6:fc:01:e3:e1:7b:d9:b0:78:04:19:69:1a:f3:af:ad: 94:a0:28:e0:e4:15:05:d7:9c:f4:5c:2f:6d:6e:0d:60:99:4b: 5c:14:3d:7c:7e:b8:b8:42:ef:9b:95:2f:0c:e0:ea:63:11:5a: 5b:72:3e:17:85:d7:d3:1f:c9:d3:48:d6:7d:a3:ac:bd:37:d0: 84:a3:3e:6b:cf:90:87:90:dc:ff:1c:67:3a:3d:d7:ba:8c:62: d7:f6:56:1c:7d:92:1f:a3:14:ed:5a:16:86:8c:71:6b:6a:39: e5:17:7c:bf -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB MjVERjExMC8GA1UEBRMoRDNDRjY0RDVEQjE3NjFGQ0I2QTU1MkYwNjgwOTEzMzBD NUI1RjUzQjAeFw0yNTExMDMwNzI5MjJaFw0yNTExMTAwNzI5MjJaMBgxFjAUBgNV BAMTDTY5MDg1OWQzLWY3OWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCoH++rJWVfGTKzAbI+Tx4ZyQ+7TCQMPqy/lp5zixUngPfK/id6V7mm7JTzEyeZ uhVdsMY7c1oFHZvEwksM/wNkD6Acc6F1a9cXyYEz+oaw9nY6T/p3PiRmbzsqLXSu ecVDoVDdHUz29CsNokXhKaOo/3gX5CgnPGjlf3LCvmdt3i/Xn+PbHEqgCxTee798 98q65Oa0uDLK6vjGZa36dVaXacmRW/1JqocXsB4O+XYc1ZwprKAFmsx96oYbA5uR I2yVCjS0ii6xNw19ybRtsqjvSIvYo37ltOoFWLllobtxDJdoJ5PZc1bHWjcH6DyR ONfS2FdYF0jIbJLrRCNOgpBjAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU03jbkP5o L9tD5viix4B4IfGIVWAwHwYDVR0jBBgwFoAU089k1dsXYfy2pVLwaAkTMMW19Tsw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEyNURGL0U2MTI0MDgyNUVE NTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5MnBWTHdhQWtUTU1XMTlU cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMDg5azFkc1hZZnkycFZMd2FBa1RNTVcxOVRzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUEy NURGL0U2MTI0MDgyNUVENTExRjA5Q0YxRDUwQ0M0RjlBRTAyLzA4OWsxZHNYWWZ5 MnBWTHdhQWtUTU1XMTlUcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGL7nd428M/PwytrA0u/F9Wx1QWeyR2nd2fJieZ0rJH1aqQKpuIlu6GW NSPcE7+9SNjxLyomFJSvP2ksuKewxEtNW2RBTTB7866QD/VFZq4clPDXtBUUrbgN G+XurChbegnK+j1xQCeOVVKkWy/kDMbt10BtxN/bjy9Ltof946Mio3Wd8cSQxk+E LAYRyZ9TsySDpvwB4+F72bB4BBlpGvOvrZSgKODkFQXXnPRcL21uDWCZS1wUPXx+ uLhC75uVLwzg6mMRWltyPheF19MfydNI1n2jrL030ISjPmvPkIeQ3P8cZzo917qM Ytf2Vhx9kh+jFO1aFoaMcWtqOeUXfL8= -----END CERTIFICATE-----Generated at Tue Nov 4 21:19:26 2025 by rpki-client