$ rpki-client -vvf rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft File: L9JLb9eYBEVzVDhmYs4w3aOyALU.mft (raw, json) Hash identifier: 9BxmgLGyp4sksUbrOaQKxuhe+DMkGsTp/EwXZspxtGY= Subject key identifier: D6:39:44:10:1E:54:8E:F0:1B:89:A2:DB:8B:51:3D:F4:12:5E:5F:CD Authority key identifier: 2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 Certificate issuer: /CN=A91A29DA/serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Certificate serial: 0138 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft Manifest number: 0136 Signing time: Mon 03 Nov 2025 04:28:42 +0000 Manifest this update: Mon 03 Nov 2025 04:28:42 +0000 Manifest next update: Mon 10 Nov 2025 04:28:42 +0000 Files and hashes: 1: L9JLb9eYBEVzVDhmYs4w3aOyALU.crl (hash: WMJB6YJa4TXbBikEz9oxaXKMu+6dKbWs++KoxLxKk1M=) 2: AE2FD9C4DA5411EE83E9E67EC4F9AE02.roa (hash: tK5HTPbAj/ZNMX+j7tcaCGQxo/xqwq0UKtlHWscWUVg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:28:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 312 (0x138) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A29DA, serialNumber=2FD24B6FD79804457354386662CE30DDA3B200B5 Validity Not Before: Nov 3 04:28:42 2025 GMT Not After : Nov 10 04:28:42 2025 GMT Subject: CN=69082f7a-7e48 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:8d:51:c9:99:12:bc:90:df:aa:d7:b6:ad:a9: ad:d5:93:35:17:31:77:e3:e8:fc:2b:18:02:d7:48: cf:f5:0e:a6:54:5d:1a:03:07:f3:1f:16:15:ae:af: e6:a2:00:a8:e0:9b:5f:98:0a:5d:33:20:44:bb:9d: d3:02:ec:84:81:53:3f:2f:ac:2b:30:7d:97:1d:63: 15:12:a3:11:40:fd:f5:e6:99:5f:71:39:8e:c4:dc: 3c:8a:6e:62:cd:7f:31:53:b1:7d:89:38:1c:85:e3: 8f:72:f1:5a:7e:37:8e:47:1c:74:61:92:45:15:c9: 95:00:01:1c:5e:c9:08:b1:5b:3a:88:97:62:aa:df: 89:79:ab:f6:59:9d:b9:e5:a3:18:4b:4b:55:47:ab: ce:bb:95:b4:bf:8e:18:0e:23:52:cd:7e:06:55:ba: b5:87:9e:3e:21:68:7e:55:96:41:4b:d1:f5:2e:66: 86:30:35:9b:42:a2:c8:c3:7a:e4:13:04:9c:5c:af: 7b:5b:1b:82:06:58:f6:1e:88:c9:16:14:ed:98:3c: 5e:81:cf:b2:50:ae:a3:58:67:dc:18:1a:d0:98:75: 6f:4a:be:fb:58:c4:ca:15:ce:37:40:33:2d:28:92: 7b:da:a4:ab:39:4e:78:df:ab:f6:8d:d3:92:ed:5f: 09:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:39:44:10:1E:54:8E:F0:1B:89:A2:DB:8B:51:3D:F4:12:5E:5F:CD X509v3 Authority Key Identifier: keyid:2F:D2:4B:6F:D7:98:04:45:73:54:38:66:62:CE:30:DD:A3:B2:00:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/L9JLb9eYBEVzVDhmYs4w3aOyALU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A29DA/34B5B514DA5411EE827CA57DC4F9AE02/L9JLb9eYBEVzVDhmYs4w3aOyALU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:e1:db:d7:3c:03:c9:2d:22:95:d5:82:f9:84:00:03:1e:d5: ce:2c:4d:9d:99:b4:88:e2:b2:52:78:6b:13:71:0e:39:08:03: d2:55:48:8d:b4:46:09:a9:b6:26:0f:1c:ac:1c:ec:4c:9b:d8: 98:f0:6c:5e:9c:80:91:47:2e:cc:92:57:53:75:e1:4e:09:2a: 2d:81:19:73:76:6b:e5:95:98:c7:cf:1d:3f:7c:22:11:38:de: 31:28:15:d5:92:36:dc:ed:b5:b6:d0:67:37:80:66:b5:6f:ee: 4a:f1:f6:85:54:e7:b8:ce:06:61:9b:b6:aa:ee:db:cb:49:f3: 02:43:f3:e0:26:35:e5:89:29:44:ab:62:72:2d:9b:c7:2f:c2: a4:5d:4e:5a:f3:57:8e:e4:b6:8f:21:97:89:23:cf:67:59:23: 6e:8a:e0:fe:a9:95:22:48:12:3a:ec:65:39:d0:59:de:65:48: cd:3c:44:24:60:7e:e3:c1:a8:f0:66:1c:07:11:14:9b:d2:6d: fc:f7:d3:17:01:49:ae:2d:8f:2c:f4:35:97:69:c4:bd:ad:65: 1e:aa:ba:e4:58:01:e4:6b:34:23:25:e6:17:93:8d:72:39:e7: 48:65:ef:6f:3f:03:6b:b3:ac:e7:c1:fa:44:76:d3:53:6f:59: d0:fc:90:5b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTI5REExMTAvBgNVBAUTKDJGRDI0QjZGRDc5ODA0NDU3MzU0Mzg2NjYyQ0UzMERE QTNCMjAwQjUwHhcNMjUxMTAzMDQyODQyWhcNMjUxMTEwMDQyODQyWjAYMRYwFAYD VQQDEw02OTA4MmY3YS03ZTQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA041RyZkSvJDfqte2ramt1ZM1FzF34+j8KxgC10jP9Q6mVF0aAwfzHxYVrq/m ogCo4JtfmApdMyBEu53TAuyEgVM/L6wrMH2XHWMVEqMRQP315plfcTmOxNw8im5i zX8xU7F9iTgcheOPcvFafjeORxx0YZJFFcmVAAEcXskIsVs6iJdiqt+Jeav2WZ25 5aMYS0tVR6vOu5W0v44YDiNSzX4GVbq1h54+IWh+VZZBS9H1LmaGMDWbQqLIw3rk EwScXK97WxuCBlj2HojJFhTtmDxegc+yUK6jWGfcGBrQmHVvSr77WMTKFc43QDMt KJJ72qSrOU5436v2jdOS7V8JMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNY5RBAe VI7wG4mi24tRPfQSXl/NMB8GA1UdIwQYMBaAFC/SS2/XmARFc1Q4ZmLOMN2jsgC1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMjlEQS8zNEI1QjUxNERB NTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJFVnpWRGhtWXM0dzNhT3lB TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0w5SkxiOWVZQkVWelZEaG1ZczR3M2FPeUFMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MjlEQS8zNEI1QjUxNERBNTQxMUVFODI3Q0E1N0RDNEY5QUUwMi9MOUpMYjllWUJF VnpWRGhtWXM0dzNhT3lBTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCq4dvXPAPJLSKV1YL5hAADHtXOLE2dmbSI4rJSeGsTcQ45CAPSVUiN tEYJqbYmDxysHOxMm9iY8GxenICRRy7MkldTdeFOCSotgRlzdmvllZjHzx0/fCIR ON4xKBXVkjbc7bW20Gc3gGa1b+5K8faFVOe4zgZhm7aq7tvLSfMCQ/PgJjXliSlE q2JyLZvHL8KkXU5a81eO5LaPIZeJI89nWSNuiuD+qZUiSBI67GU50FneZUjNPEQk YH7jwajwZhwHERSb0m3899MXAUmuLY8s9DWXacS9rWUeqrrkWAHkazQjJeYXk41y OedIZe9vPwNrs6znwfpEdtNTb1nQ/JBb -----END CERTIFICATE-----Generated at Tue Nov 4 18:56:24 2025 by rpki-client