$ rpki-client -vvf rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft File: D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft (raw, json) Hash identifier: C7QtEI64QGYXqx6F+p619bW72uksYUH4LLO//BCCSXc= Subject key identifier: 5D:81:30:4F:F3:F8:94:DD:99:6D:53:90:7A:FD:88:11:D1:D7:B0:36 Authority key identifier: 0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 Certificate issuer: /CN=A91A7C68/serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Certificate serial: 0224 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft Manifest number: 0217 Signing time: Wed 05 Nov 2025 02:25:10 +0000 Manifest this update: Wed 05 Nov 2025 02:25:10 +0000 Manifest next update: Wed 12 Nov 2025 02:25:10 +0000 Files and hashes: 1: D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl (hash: Xo8qd2r0qua0FR0XBaYn80aopkiQ1EZjF1nyBG9cThU=) 2: BC72661A972911ED8CBCA476C4F9AE02.roa (hash: 50hi2vNUebBRUz8ceA03XMTbcW3zeli1X+BmJSriA30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:25:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 548 (0x224) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A7C68, serialNumber=0F626A3264D6FECCCBFEB2D99B1DBF8AFFEC3B34 Validity Not Before: Nov 5 02:25:10 2025 GMT Not After : Nov 12 02:25:10 2025 GMT Subject: CN=690ab586-145b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:0c:57:90:0f:ed:98:ae:0b:66:5a:f1:1e:12: 47:31:52:7f:13:0d:cb:82:cd:33:bb:64:bc:c3:5f: b0:d5:53:ae:fd:07:29:9e:c5:ac:3c:bf:a2:46:21: 6c:56:d7:45:f1:67:85:be:cb:fa:ad:9c:41:d4:0f: 4b:7d:00:4c:b3:13:e9:30:e3:22:0e:19:39:87:b9: a7:8a:63:fb:c6:d3:d8:d8:c4:27:55:72:42:a0:a4: bd:e1:b0:f7:7c:36:b9:2c:f7:6d:32:50:fd:cb:a6: 2a:46:8b:0d:74:9e:8a:54:27:03:05:c7:6d:00:d9: 17:8f:c0:92:79:68:6b:80:ec:d6:12:15:68:45:c7: 4b:58:cb:a9:10:eb:75:26:1a:fb:bf:94:71:a7:82: ec:06:0e:ad:9d:98:65:02:bb:65:27:91:1e:ae:68: bf:a0:86:0a:1b:b4:da:7b:1c:97:93:7a:6e:34:84: 25:c2:93:b7:20:5e:81:ce:76:c7:b8:46:79:15:67: 68:44:79:18:b1:d0:12:d0:a7:79:74:f5:a8:21:41: ef:d1:ca:b0:44:8c:a5:28:b4:7b:f1:c9:fd:5e:8a: e2:eb:32:17:e6:bc:ba:70:2f:e7:ab:fd:c6:80:7c: 52:d8:96:65:5a:75:99:70:b7:68:2e:cd:1f:ea:43: 52:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:81:30:4F:F3:F8:94:DD:99:6D:53:90:7A:FD:88:11:D1:D7:B0:36 X509v3 Authority Key Identifier: keyid:0F:62:6A:32:64:D6:FE:CC:CB:FE:B2:D9:9B:1D:BF:8A:FF:EC:3B:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D2JqMmTW_szL_rLZmx2_iv_sOzQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A7C68/423986F6972111EDA2E02251C4F9AE02/D2JqMmTW_szL_rLZmx2_iv_sOzQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:72:b3:d5:ff:b3:e6:9a:65:e0:c1:c8:87:67:ad:9d:6a:4f: f2:a2:54:e9:17:9d:49:dc:48:48:c4:7b:c9:88:15:33:5a:96: 92:e3:ff:bd:b8:8c:b1:66:68:72:e0:48:ca:e9:f8:6a:b1:e4: 54:a2:a0:58:f4:ce:f8:0b:c7:36:60:02:60:bb:4d:7c:56:57: c2:1e:21:ae:8d:61:89:77:c1:3a:7b:5e:5b:41:e9:c2:b7:da: 18:a4:7e:71:01:67:c7:73:bf:fa:b5:68:a0:30:29:66:3c:41: ee:6a:92:03:e4:8d:49:43:be:92:37:37:cd:47:46:88:08:39: 13:2d:fc:94:1d:56:fc:8c:03:fe:28:e7:9a:46:f2:07:9a:47: 3b:9c:15:27:2b:b8:fe:ce:b9:83:01:f9:47:2b:d8:7c:16:52: 2b:a2:06:d1:28:fe:49:2a:ae:f5:14:15:c5:1a:f7:8a:cd:53: 2e:87:a1:5e:75:e6:23:b1:4c:fa:55:95:45:dc:6c:e5:87:6d: 5a:d1:d4:ba:9d:be:d8:18:11:44:79:ea:c8:d8:7e:fe:c2:15: 9f:09:b1:ed:c3:a1:2f:99:60:d7:3b:ed:68:b1:5b:e0:5e:47: 67:b4:23:b3:a8:5f:e5:f9:46:6f:50:a9:f9:8c:b4:c8:69:5f: d1:0b:a4:e9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTdDNjgxMTAvBgNVBAUTKDBGNjI2QTMyNjRENkZFQ0NDQkZFQjJEOTlCMURCRjhB RkZFQzNCMzQwHhcNMjUxMTA1MDIyNTEwWhcNMjUxMTEyMDIyNTEwWjAYMRYwFAYD VQQDEw02OTBhYjU4Ni0xNDViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwwxXkA/tmK4LZlrxHhJHMVJ/Ew3Lgs0zu2S8w1+w1VOu/QcpnsWsPL+iRiFs VtdF8WeFvsv6rZxB1A9LfQBMsxPpMOMiDhk5h7mnimP7xtPY2MQnVXJCoKS94bD3 fDa5LPdtMlD9y6YqRosNdJ6KVCcDBcdtANkXj8CSeWhrgOzWEhVoRcdLWMupEOt1 Jhr7v5Rxp4LsBg6tnZhlArtlJ5Eermi/oIYKG7TaexyXk3puNIQlwpO3IF6BznbH uEZ5FWdoRHkYsdAS0Kd5dPWoIUHv0cqwRIylKLR78cn9Xori6zIX5ry6cC/nq/3G gHxS2JZlWnWZcLdoLs0f6kNSxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF2BME/z +JTdmW1TkHr9iBHR17A2MB8GA1UdIwQYMBaAFA9iajJk1v7My/6y2Zsdv4r/7Ds0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBN0M2OC80MjM5ODZGNjk3 MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19zekxfckxabXgyX2l2X3NP elEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QySnFNbVRXX3N6TF9yTFpteDJfaXZfc096US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB N0M2OC80MjM5ODZGNjk3MjExMUVEQTJFMDIyNTFDNEY5QUUwMi9EMkpxTW1UV19z ekxfckxabXgyX2l2X3NPelEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBpcrPV/7PmmmXgwciHZ62dak/yolTpF51J3EhIxHvJiBUzWpaS4/+9 uIyxZmhy4EjK6fhqseRUoqBY9M74C8c2YAJgu018VlfCHiGujWGJd8E6e15bQenC t9oYpH5xAWfHc7/6tWigMClmPEHuapID5I1JQ76SNzfNR0aICDkTLfyUHVb8jAP+ KOeaRvIHmkc7nBUnK7j+zrmDAflHK9h8FlIrogbRKP5JKq71FBXFGveKzVMuh6Fe deYjsUz6VZVF3Gzlh21a0dS6nb7YGBFEeerI2H7+whWfCbHtw6EvmWDXO+1osVvg XkdntCOzqF/l+UZvUKn5jLTIaV/RC6Tp -----END CERTIFICATE-----Generated at Wed Nov 5 21:15:57 2025 by rpki-client