$ rpki-client -vvf rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft File: D-jKZIcKPWORHI0tZRuinKztDso.mft (raw, json) Hash identifier: Ksn/b2PzqG2qvWdqCmAZmI01l+OxrY7B5ybpmIjyhIk= Subject key identifier: E5:72:9A:0F:F1:54:62:BB:2B:31:06:D5:9D:B0:C4:38:90:F9:21:12 Authority key identifier: 0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA Certificate issuer: /CN=A91B428B/serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Certificate serial: 0A0C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft Manifest number: 0A05 Signing time: Sun 02 Nov 2025 19:48:39 +0000 Manifest this update: Sun 02 Nov 2025 19:48:38 +0000 Manifest next update: Sun 09 Nov 2025 19:48:38 +0000 Files and hashes: 1: D-jKZIcKPWORHI0tZRuinKztDso.crl (hash: cbJVXdqikIM16ApwlnKr+Wfg0ho+FBx8p8/jubGAU8s=) 2: 319DF660847811EA8EE07E81C4F9AE02.roa (hash: ZlFR2HTwg3fDW4lClQanT4TaI4rdoCBr8+QBrXHDB9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:48:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2572 (0xa0c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B428B, serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Validity Not Before: Nov 2 19:48:38 2025 GMT Not After : Nov 9 19:48:38 2025 GMT Subject: CN=6907b596-05d9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:46:11:4d:b7:82:58:c4:9b:dd:a5:29:bc:a0: 07:35:26:93:58:5e:e4:92:6e:b3:8f:f8:23:cf:a6: 18:56:fb:fe:a9:58:82:a4:e7:96:5d:23:43:71:64: 76:c9:97:2e:5d:68:f9:45:49:3a:9f:3d:ab:1d:c0: d9:6b:6c:0a:6d:26:5c:27:c9:0b:48:20:62:4e:3d: 9a:3a:58:c2:bd:ed:be:8a:79:aa:86:77:f7:cc:56: 8f:08:d8:d3:02:c1:a7:43:5c:8f:c8:01:58:09:04: 06:b1:e4:70:56:dc:f5:62:7a:ae:01:49:6c:fa:2d: db:82:d5:c4:14:7a:8b:f8:a6:df:da:6a:de:7a:74: 17:b7:dc:d8:41:37:7c:3d:a5:dd:40:2d:67:b3:60: e9:d9:63:21:4e:92:38:99:4e:e5:97:20:db:7e:aa: 4b:0b:bd:3e:d5:ba:8b:98:fc:7a:d2:1e:5f:83:fa: b7:24:61:0a:b9:6e:61:c7:d8:14:01:70:d7:f7:29: 17:65:19:c9:b9:a0:74:b3:6c:eb:99:68:a5:5e:c7: f2:6a:5e:9f:e3:3a:fe:a9:2f:05:89:45:88:7a:e0: 52:0f:81:a4:08:fb:f0:09:bf:f1:cd:59:fb:20:68: 01:1b:9c:1b:df:77:e4:6d:07:c5:ac:71:80:85:df: c6:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:72:9A:0F:F1:54:62:BB:2B:31:06:D5:9D:B0:C4:38:90:F9:21:12 X509v3 Authority Key Identifier: keyid:0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:cf:84:0d:65:69:8a:62:2c:5c:0d:e5:a5:45:f0:5a:75:1b: 97:eb:9c:17:da:ee:87:e4:7d:54:9d:f1:15:e5:9b:2a:f5:95: 9a:37:e5:5f:aa:9b:c2:14:54:1a:69:84:2c:9c:31:d1:9d:c2: 93:0e:92:91:37:fd:dd:17:1c:7e:90:7e:52:ac:73:8e:65:c7: cd:0f:55:ab:26:87:6e:a4:08:7c:5f:e9:7e:21:02:42:15:5c: 21:e5:53:5f:f6:a2:77:cf:5c:76:26:bb:ef:7c:cb:23:40:4f: 58:4a:a6:6f:ab:d3:0f:dc:f4:33:ac:2c:2f:73:e3:f5:51:82: 5d:dc:50:62:19:f2:85:7e:89:ad:6c:25:8a:26:47:0c:43:3f: 7b:32:30:33:3b:9e:90:0a:9b:3b:78:90:32:00:f1:49:d5:ec: 58:46:b3:e9:4a:00:af:6f:8b:9f:40:77:55:4e:03:35:7d:2c: c0:ce:f2:2e:8e:9c:01:4c:9a:78:be:5f:8f:30:f1:ed:42:23: f7:dd:c0:db:05:6a:46:6d:35:bc:a8:92:4e:ea:01:5d:11:71: 54:c7:f8:b3:3b:08:64:f7:78:40:50:79:a6:de:83:09:d6:7d: da:0a:3f:95:91:d5:22:cf:42:c0:f7:00:fb:4b:d7:69:11:e4: 06:ca:c7:d4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCgwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQyOEIxMTAvBgNVBAUTKDBGRThDQTY0ODcwQTNENjM5MTFDOEQyRDY1MUJBMjlD QUNFRDBFQ0EwHhcNMjUxMTAyMTk0ODM4WhcNMjUxMTA5MTk0ODM4WjAYMRYwFAYD VQQDEw02OTA3YjU5Ni0wNWQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyUYRTbeCWMSb3aUpvKAHNSaTWF7kkm6zj/gjz6YYVvv+qViCpOeWXSNDcWR2 yZcuXWj5RUk6nz2rHcDZa2wKbSZcJ8kLSCBiTj2aOljCve2+inmqhnf3zFaPCNjT AsGnQ1yPyAFYCQQGseRwVtz1YnquAUls+i3bgtXEFHqL+Kbf2mreenQXt9zYQTd8 PaXdQC1ns2Dp2WMhTpI4mU7llyDbfqpLC70+1bqLmPx60h5fg/q3JGEKuW5hx9gU AXDX9ykXZRnJuaB0s2zrmWilXsfyal6f4zr+qS8FiUWIeuBSD4GkCPvwCb/xzVn7 IGgBG5wb33fkbQfFrHGAhd/GFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOVymg/x VGK7KzEG1Z2wxDiQ+SESMB8GA1UdIwQYMBaAFA/oymSHCj1jkRyNLWUbopys7Q7K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDI4Qi8zQTBCNkMwQzg0 NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BXT1JISTB0WlJ1aW5LenRE c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QtaktaSWNLUFdPUkhJMHRaUnVpbkt6dERzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDI4Qi8zQTBCNkMwQzg0NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BX T1JISTB0WlJ1aW5LenREc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATz4QNZWmKYixcDeWlRfBadRuX65wX2u6H5H1UnfEV5Zsq9ZWaN+Vf qpvCFFQaaYQsnDHRncKTDpKRN/3dFxx+kH5SrHOOZcfND1WrJodupAh8X+l+IQJC FVwh5VNf9qJ3z1x2JrvvfMsjQE9YSqZvq9MP3PQzrCwvc+P1UYJd3FBiGfKFfomt bCWKJkcMQz97MjAzO56QCps7eJAyAPFJ1exYRrPpSgCvb4ufQHdVTgM1fSzAzvIu jpwBTJp4vl+PMPHtQiP33cDbBWpGbTW8qJJO6gFdEXFUx/izOwhk93hAUHmm3oMJ 1n3aCj+VkdUiz0LA9wD7S9dpEeQGysfU -----END CERTIFICATE-----Generated at Tue Nov 4 20:23:41 2025 by rpki-client