$ rpki-client -vvf rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft File: tY0p97gQfxWFtf_nDFAsbI9dMwI.mft (raw, json) Hash identifier: Guw7EP+7CB/bOXI6lctAhqHmfdH9Z5MxgTB9aul+4cA= Subject key identifier: C5:F7:94:38:C9:F3:B3:15:29:04:AF:BD:58:76:8A:48:DE:BD:69:E6 Authority key identifier: B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02 Certificate issuer: /CN=A91B3CA4/serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302 Certificate serial: 08AE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft Manifest number: 0894 Signing time: Sun 02 Nov 2025 20:32:33 +0000 Manifest this update: Sun 02 Nov 2025 20:32:33 +0000 Manifest next update: Sun 09 Nov 2025 20:32:33 +0000 Files and hashes: 1: tY0p97gQfxWFtf_nDFAsbI9dMwI.crl (hash: b0RHC2d5fs1GYRI/by4Jv5Ls10Tx/aI4CPmd/yMu9nc=) 2: C33EB0EC7C4211EB933D233EC4F9AE02.roa (hash: V3s4r52s3OPKDLcYcdmKSn/0GHVPcogcj1iQaYzRFaU=) 3: F6F5BCCE53E711F084348F87C4F9AE02.roa (hash: eEq3ZG4qI8pUpOyGlAwoIW1Iq8bp1Jor6FtXouhYCXM=) 4: 3C3F21BAD6F011EE9B38B67DC4F9AE02.roa (hash: w/43LlQIYPABEvYlfxDIIPmu3emguiTlymMjfBLzQJU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:32:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2222 (0x8ae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B3CA4, serialNumber=B58D29F7B8107F1585B5FFE70C502C6C8F5D3302 Validity Not Before: Nov 2 20:32:33 2025 GMT Not After : Nov 9 20:32:33 2025 GMT Subject: CN=6907bfe1-bff5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:db:ee:e7:14:4a:bd:8e:66:95:57:41:95:30: d6:0b:23:15:dd:cc:9d:5d:72:21:db:92:41:40:20: 8a:fd:d4:e4:0b:83:c5:07:49:7e:9f:9b:6d:51:2c: 14:ae:da:6a:52:d2:1b:02:3e:2c:70:81:ca:04:48: ea:0b:b4:7a:6a:36:fa:ce:1c:16:94:35:d3:83:c1: b2:b1:49:a5:c1:1c:b1:07:79:eb:17:cd:c8:c7:4e: 56:bf:f0:d9:ab:cb:ee:94:bf:d1:5e:6e:7d:dc:53: 66:ad:61:3f:da:38:4e:e4:73:bb:dc:aa:22:d9:73: 13:72:ee:4b:8f:f2:0b:9b:93:68:59:74:6b:71:a7: 42:37:2e:84:33:21:14:21:ac:8c:72:05:b5:f8:c4: 76:32:bb:f9:43:be:5f:5d:41:c6:6b:89:02:eb:f3: a1:48:76:c0:a0:85:2f:18:e5:e6:e5:de:c0:34:a9: 11:ae:87:b5:f3:74:ce:20:43:90:4a:3d:6e:52:3c: 46:e6:1a:c9:94:0a:50:96:88:ad:f2:71:49:81:48: 81:b4:1e:8b:fd:f9:1a:f3:88:b7:6c:d1:4b:6c:71: e9:51:ef:62:8f:cc:0e:98:22:98:a4:69:aa:05:f2: cf:da:77:e7:a0:d3:58:d4:7a:ec:a2:64:4c:ac:00: d4:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:F7:94:38:C9:F3:B3:15:29:04:AF:BD:58:76:8A:48:DE:BD:69:E6 X509v3 Authority Key Identifier: keyid:B5:8D:29:F7:B8:10:7F:15:85:B5:FF:E7:0C:50:2C:6C:8F:5D:33:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tY0p97gQfxWFtf_nDFAsbI9dMwI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B3CA4/15F68B5CCF1911EAAEF60B1EC4F9AE02/tY0p97gQfxWFtf_nDFAsbI9dMwI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:e8:17:bd:04:48:d6:7e:bd:d9:02:af:17:fd:5b:c2:d3:24: 17:c9:b6:58:b3:a7:eb:4a:92:b8:1f:90:d2:b4:4b:60:38:5e: 00:e5:55:b3:41:53:5b:29:ba:ed:1b:b8:b5:2c:06:b3:03:90: d5:27:21:96:9a:65:a2:c6:df:e1:9d:3c:d3:84:a6:0c:c6:05: 6b:8b:35:26:a7:f2:cc:7b:37:d7:79:d8:84:12:30:f4:0a:70: 96:95:82:f4:ca:8a:d6:5b:ab:15:d8:93:41:f9:51:6c:d0:88: 93:ac:95:9b:cf:87:2d:b9:a9:bb:be:e4:cd:5d:4b:d6:3d:d2: fa:a4:f2:a7:e9:32:48:b3:09:b6:45:9a:c8:17:3c:99:17:5e: d3:1c:19:b4:be:a4:10:d9:ab:d4:de:b4:1c:06:45:88:ef:43: f3:e8:ea:ed:b5:39:76:9e:1d:4d:ef:47:ae:b3:47:77:1b:83: ad:17:d8:f3:40:f9:17:e3:fe:d7:89:55:74:f2:d7:0f:53:6b: 7f:59:d7:58:2a:95:f9:71:aa:c2:a9:61:11:7a:c4:b3:d5:80: f6:17:e8:4e:03:6c:45:89:d9:a2:46:14:1b:19:b5:f4:57:ea: cf:ad:34:ad:e8:1f:21:bb:60:35:3d:a2:62:cf:01:d8:b4:70: b9:f0:a4:95 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjNDQTQxMTAvBgNVBAUTKEI1OEQyOUY3QjgxMDdGMTU4NUI1RkZFNzBDNTAyQzZD OEY1RDMzMDIwHhcNMjUxMTAyMjAzMjMzWhcNMjUxMTA5MjAzMjMzWjAYMRYwFAYD VQQDEw02OTA3YmZlMS1iZmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp9vu5xRKvY5mlVdBlTDWCyMV3cydXXIh25JBQCCK/dTkC4PFB0l+n5ttUSwU rtpqUtIbAj4scIHKBEjqC7R6ajb6zhwWlDXTg8GysUmlwRyxB3nrF83Ix05Wv/DZ q8vulL/RXm593FNmrWE/2jhO5HO73Koi2XMTcu5Lj/ILm5NoWXRrcadCNy6EMyEU IayMcgW1+MR2Mrv5Q75fXUHGa4kC6/OhSHbAoIUvGOXm5d7ANKkRroe183TOIEOQ Sj1uUjxG5hrJlApQloit8nFJgUiBtB6L/fka84i3bNFLbHHpUe9ij8wOmCKYpGmq BfLP2nfnoNNY1HrsomRMrADUVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMX3lDjJ 87MVKQSvvVh2ikjevWnmMB8GA1UdIwQYMBaAFLWNKfe4EH8VhbX/5wxQLGyPXTMC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCM0NBNC8xNUY2OEI1Q0NG MTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4V0Z0Zl9uREZBc2JJOWRN d0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RZMHA5N2dRZnhXRnRmX25ERkFzYkk5ZE13SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC M0NBNC8xNUY2OEI1Q0NGMTkxMUVBQUVGNjBCMUVDNEY5QUUwMi90WTBwOTdnUWZ4 V0Z0Zl9uREZBc2JJOWRNd0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA46Be9BEjWfr3ZAq8X/VvC0yQXybZYs6frSpK4H5DStEtgOF4A5VWz QVNbKbrtG7i1LAazA5DVJyGWmmWixt/hnTzThKYMxgVrizUmp/LMezfXediEEjD0 CnCWlYL0yorWW6sV2JNB+VFs0IiTrJWbz4ctuam7vuTNXUvWPdL6pPKn6TJIswm2 RZrIFzyZF17THBm0vqQQ2avU3rQcBkWI70Pz6OrttTl2nh1N70eus0d3G4OtF9jz QPkX4/7XiVV08tcPU2t/WddYKpX5carCqWEResSz1YD2F+hOA2xFidmiRhQbGbX0 V+rPrTSt6B8hu2A1PaJizwHYtHC58KSV -----END CERTIFICATE-----Generated at Tue Nov 4 20:21:50 2025 by rpki-client