$ rpki-client -vvf rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft File: b8Lt8MURUqO-wRSaG9su2yk8nZU.mft (raw, json) Hash identifier: 4/IbjKQH2oyMNPqGlHyoApUf7/pKaoKZ5MBjhQwvG6I= Subject key identifier: A4:C7:BF:CF:C3:E9:43:78:3A:79:CB:73:0D:DC:9D:C9:24:00:79:3B Authority key identifier: 6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 Certificate issuer: /CN=A91AA28B/serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Certificate serial: 0DAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft Manifest number: 0D83 Signing time: Tue 04 Nov 2025 18:04:50 +0000 Manifest this update: Tue 04 Nov 2025 18:04:49 +0000 Manifest next update: Tue 11 Nov 2025 18:04:49 +0000 Files and hashes: 1: b8Lt8MURUqO-wRSaG9su2yk8nZU.crl (hash: jXeyoQu2NncjdvmXBmORCVKWO5KUsMqNWcEMiGixedg=) 2: 4DD0C31C0E2011F0A0825648C4F9AE02.roa (hash: 8r7MWVk5x8o1qlWsJdhw0htq1GLcuT7GZDff98YKUWg=) 3: 11815E36135311EE94A8A114C4F9AE02.roa (hash: 4RiRLEUaqFnMyzAxg+jhTtVSLZnRrw+D1OLV5ZjDtiE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:04:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3502 (0xdae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AA28B, serialNumber=6FC2EDF0C51152A3BEC1149A1BDB2EDB293C9D95 Validity Not Before: Nov 4 18:04:49 2025 GMT Not After : Nov 11 18:04:49 2025 GMT Subject: CN=690a4042-4c15 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:c8:d9:c4:b2:af:e3:a5:a6:9a:9e:7f:df:fe: 0f:62:42:24:5b:be:8c:7b:91:cf:fe:ca:11:2c:9b: 82:c1:34:73:20:2d:ef:ba:fd:3f:62:cd:80:4f:04: 00:30:60:e0:0c:cd:3c:73:d4:d8:de:07:f8:31:44: 11:b4:7f:f7:2c:e8:a6:09:f4:41:bd:e5:e3:83:38: 47:1f:8f:92:90:c2:2e:94:88:9f:fd:c9:37:91:21: 4a:16:4a:26:0a:d0:4f:72:d7:f5:11:fe:31:3b:56: 20:2b:7e:dc:1d:d8:05:d0:f2:2b:41:3b:d7:df:81: 4a:31:08:28:d2:84:08:96:ad:19:38:42:b4:ec:65: 49:02:71:a6:4d:f3:10:f6:fc:ae:dd:bd:b2:4d:cd: 1f:91:6f:55:36:9b:2b:0c:bd:df:b2:16:1a:51:68: aa:0a:26:6a:5d:80:13:d3:6f:31:dd:30:5f:71:f5: e0:e7:cf:86:36:d9:60:5d:c9:6f:59:bf:8e:56:40: 8e:f7:e0:0c:b0:dc:c8:cb:0b:80:86:2c:32:7f:86: 26:e9:77:68:bf:25:69:50:06:44:22:2c:e9:6c:63: fb:f3:bd:c6:b7:75:24:7f:d9:eb:4e:c7:c3:c2:4e: 9f:d0:2b:a7:82:79:bb:36:6c:10:97:11:0c:47:13: f3:6d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A4:C7:BF:CF:C3:E9:43:78:3A:79:CB:73:0D:DC:9D:C9:24:00:79:3B X509v3 Authority Key Identifier: keyid:6F:C2:ED:F0:C5:11:52:A3:BE:C1:14:9A:1B:DB:2E:DB:29:3C:9D:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/b8Lt8MURUqO-wRSaG9su2yk8nZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AA28B/1E0264AADBC811E9BEA91051C4F9AE02/b8Lt8MURUqO-wRSaG9su2yk8nZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:a3:86:19:16:35:7b:58:bd:06:62:24:dc:c9:c1:5e:36:05: 6e:62:b7:d8:93:fb:9b:eb:3c:90:8b:3f:2d:51:aa:b9:82:d1: e8:ca:0e:9f:ed:c0:bc:06:0f:1d:5d:0d:25:18:20:cd:a7:ea: cc:93:07:b1:6c:dd:93:41:d4:aa:59:7a:4f:c2:44:3e:b4:1d: f2:71:1f:11:bf:f3:77:f3:0c:5d:d8:5d:7a:c5:7c:b4:ab:2f: df:98:5b:5c:b7:2b:13:8f:15:43:80:bd:00:b2:59:b2:c7:98: 9c:d3:ae:10:b0:94:2f:e6:62:fe:94:be:82:16:ea:d9:02:27: 30:2c:eb:1a:95:9b:9d:29:ba:fa:3d:c0:5e:b6:91:10:8c:8d: 04:84:d5:84:e7:2d:f5:3e:a1:65:a9:52:7d:7e:ff:c2:6c:b0: fe:29:0a:60:3c:66:ea:34:ef:4d:b9:a3:27:3d:15:ce:a4:a3: c5:cc:ba:84:b4:bd:38:d0:1d:8d:1b:9f:ba:ab:a9:5f:93:db: 91:91:6d:44:c1:41:df:ce:b8:e6:9d:ab:09:53:ce:31:1c:db: bc:17:b1:e5:9d:17:49:11:8c:81:19:d7:a5:88:cc:04:63:0f: 19:bb:53:72:f1:c3:e0:49:a2:68:19:4c:6b:40:3e:ba:97:48: cd:0d:87:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDa4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUEyOEIxMTAvBgNVBAUTKDZGQzJFREYwQzUxMTUyQTNCRUMxMTQ5QTFCREIyRURC MjkzQzlEOTUwHhcNMjUxMTA0MTgwNDQ5WhcNMjUxMTExMTgwNDQ5WjAYMRYwFAYD VQQDEw02OTBhNDA0Mi00YzE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2cjZxLKv46Wmmp5/3/4PYkIkW76Me5HP/soRLJuCwTRzIC3vuv0/Ys2ATwQA MGDgDM08c9TY3gf4MUQRtH/3LOimCfRBveXjgzhHH4+SkMIulIif/ck3kSFKFkom CtBPctf1Ef4xO1YgK37cHdgF0PIrQTvX34FKMQgo0oQIlq0ZOEK07GVJAnGmTfMQ 9vyu3b2yTc0fkW9VNpsrDL3fshYaUWiqCiZqXYAT028x3TBfcfXg58+GNtlgXclv Wb+OVkCO9+AMsNzIywuAhiwyf4Ym6XdovyVpUAZEIizpbGP7873Gt3Ukf9nrTsfD wk6f0Cungnm7NmwQlxEMRxPzbQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKTHv8/D 6UN4OnnLcw3cnckkAHk7MB8GA1UdIwQYMBaAFG/C7fDFEVKjvsEUmhvbLtspPJ2V MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQTI4Qi8xRTAyNjRBQURC QzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVxTy13UlNhRzlzdTJ5azhu WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2I4THQ4TVVSVXFPLXdSU2FHOXN1MnlrOG5aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QTI4Qi8xRTAyNjRBQURCQzgxMUU5QkVBOTEwNTFDNEY5QUUwMi9iOEx0OE1VUlVx Ty13UlNhRzlzdTJ5azhuWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAyo4YZFjV7WL0GYiTcycFeNgVuYrfYk/ub6zyQiz8tUaq5gtHoyg6f 7cC8Bg8dXQ0lGCDNp+rMkwexbN2TQdSqWXpPwkQ+tB3ycR8Rv/N38wxd2F16xXy0 qy/fmFtctysTjxVDgL0Aslmyx5ic064QsJQv5mL+lL6CFurZAicwLOsalZudKbr6 PcBetpEQjI0EhNWE5y31PqFlqVJ9fv/CbLD+KQpgPGbqNO9NuaMnPRXOpKPFzLqE tL040B2NG5+6q6lfk9uRkW1EwUHfzrjmnasJU84xHNu8F7HlnRdJEYyBGdeliMwE Yw8Zu1Ny8cPgSaJoGUxrQD66l0jNDYdZ -----END CERTIFICATE-----Generated at Wed Nov 5 15:17:51 2025 by rpki-client