$ rpki-client -vvf rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft File: D-jKZIcKPWORHI0tZRuinKztDso.mft (raw, json) Hash identifier: 1exMgRGMbmMsgq5Y1MRNKr1jUA51lfHzczL5RZpXtwI= Subject key identifier: 85:A1:71:12:4B:36:0C:CD:21:4A:C4:38:3A:AC:CD:49:7F:F8:41:AF Authority key identifier: 0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA Certificate issuer: /CN=A91B428B/serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Certificate serial: 0A0D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft Manifest number: 0A06 Signing time: Tue 04 Nov 2025 19:56:28 +0000 Manifest this update: Tue 04 Nov 2025 19:56:27 +0000 Manifest next update: Tue 11 Nov 2025 19:56:27 +0000 Files and hashes: 1: D-jKZIcKPWORHI0tZRuinKztDso.crl (hash: o+efA0V3pXrMqJcoNnmqACMBXJ9HMyUn/tGNLtonOWU=) 2: 319DF660847811EA8EE07E81C4F9AE02.roa (hash: ZlFR2HTwg3fDW4lClQanT4TaI4rdoCBr8+QBrXHDB9w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:56:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2573 (0xa0d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B428B, serialNumber=0FE8CA64870A3D63911C8D2D651BA29CACED0ECA Validity Not Before: Nov 4 19:56:27 2025 GMT Not After : Nov 11 19:56:27 2025 GMT Subject: CN=690a5a6c-26ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:84:10:0f:0e:b7:81:95:ea:33:58:83:44:ad: 57:30:35:95:89:59:51:25:df:17:67:03:8a:c4:e8: 3b:75:bd:4c:64:64:a8:d5:3f:9d:e9:19:26:4b:c2: 79:8c:a5:5b:e4:20:8a:af:79:b1:94:eb:ab:6d:d2: 31:ef:e4:67:87:62:32:81:c1:55:ea:d5:1f:3e:64: a3:7a:72:e3:af:bb:31:a2:78:81:a0:2e:60:36:ab: 43:26:5b:67:e7:ca:16:db:d1:46:22:6d:2d:84:23: 0e:2c:33:57:2b:12:5b:84:b7:bd:d6:e4:df:f6:ad: f7:be:a2:c2:30:d5:ec:24:ba:af:0a:c4:d3:20:ee: 70:68:23:c6:ef:40:86:1f:a8:5d:7d:03:81:53:4d: 02:1d:44:09:f9:7d:84:ae:92:3b:5e:98:f9:53:2a: df:de:62:ca:45:27:3e:79:4b:46:2c:13:2a:bd:cc: a6:57:5b:dd:a3:d3:c9:b3:57:dd:9c:4b:74:78:3e: 29:b4:89:d8:2f:48:42:74:27:fd:83:f4:b2:1a:32: 6f:e2:b3:6b:73:92:22:d7:d7:1f:6b:31:83:5a:a4: 44:c5:c9:72:df:89:95:6e:bc:18:ce:ea:4c:c8:e1: 91:64:df:9a:91:38:8f:2a:52:a7:7a:98:49:86:04: 11:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:A1:71:12:4B:36:0C:CD:21:4A:C4:38:3A:AC:CD:49:7F:F8:41:AF X509v3 Authority Key Identifier: keyid:0F:E8:CA:64:87:0A:3D:63:91:1C:8D:2D:65:1B:A2:9C:AC:ED:0E:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/D-jKZIcKPWORHI0tZRuinKztDso.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B428B/3A0B6C0C847711EAB3B43680C4F9AE02/D-jKZIcKPWORHI0tZRuinKztDso.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:bd:e5:6e:f6:a0:9f:4d:21:c2:39:0e:10:d5:0f:e4:f0:83: cd:df:ea:b5:be:30:e7:9e:ce:28:81:72:97:8e:62:88:49:cf: 01:76:66:6e:35:78:8f:35:1c:b0:98:fd:48:90:fd:60:0e:bb: c7:f8:c6:f0:cc:1e:f2:4b:3b:cb:38:51:b4:7d:6b:4b:20:1e: 75:45:9e:f7:14:e2:1c:c3:b1:a6:37:dd:34:49:22:51:f5:27: 7e:1a:89:41:de:a8:2a:95:86:1b:bd:ca:be:45:00:08:d8:28: 28:4e:0f:2a:da:74:c4:b6:1b:bc:76:41:3f:64:39:28:48:95: a4:be:fe:03:15:a0:2c:f9:47:6d:80:ed:aa:c1:97:b0:6a:1a: 79:a2:e7:45:69:50:29:6f:07:f2:ea:c7:a8:41:90:66:e6:05: 2a:4a:2a:e9:a9:86:fb:8e:f1:17:8b:38:ad:0f:a6:b1:8a:16: e0:8f:21:13:f0:d5:38:11:9b:bb:11:02:b3:d8:3c:cd:c4:65: 60:39:89:5b:b2:49:e5:32:97:c7:ba:9e:35:b4:bb:ab:86:de: 01:82:b4:23:41:f6:26:6b:63:59:1b:d1:ad:55:80:32:c2:74: 31:b7:b6:15:ae:1d:d1:8e:0f:de:64:72:b8:69:49:52:b4:fd: d2:5e:23:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCg0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQyOEIxMTAvBgNVBAUTKDBGRThDQTY0ODcwQTNENjM5MTFDOEQyRDY1MUJBMjlD QUNFRDBFQ0EwHhcNMjUxMTA0MTk1NjI3WhcNMjUxMTExMTk1NjI3WjAYMRYwFAYD VQQDEw02OTBhNWE2Yy0yNmFkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwIQQDw63gZXqM1iDRK1XMDWViVlRJd8XZwOKxOg7db1MZGSo1T+d6RkmS8J5 jKVb5CCKr3mxlOurbdIx7+Rnh2IygcFV6tUfPmSjenLjr7sxoniBoC5gNqtDJltn 58oW29FGIm0thCMOLDNXKxJbhLe91uTf9q33vqLCMNXsJLqvCsTTIO5waCPG70CG H6hdfQOBU00CHUQJ+X2ErpI7Xpj5Uyrf3mLKRSc+eUtGLBMqvcymV1vdo9PJs1fd nEt0eD4ptInYL0hCdCf9g/SyGjJv4rNrc5Ii19cfazGDWqRExcly34mVbrwYzupM yOGRZN+akTiPKlKnephJhgQRxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIWhcRJL NgzNIUrEODqszUl/+EGvMB8GA1UdIwQYMBaAFA/oymSHCj1jkRyNLWUbopys7Q7K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDI4Qi8zQTBCNkMwQzg0 NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BXT1JISTB0WlJ1aW5LenRE c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0QtaktaSWNLUFdPUkhJMHRaUnVpbkt6dERzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDI4Qi8zQTBCNkMwQzg0NzcxMUVBQjNCNDM2ODBDNEY5QUUwMi9ELWpLWkljS1BX T1JISTB0WlJ1aW5LenREc28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQveVu9qCfTSHCOQ4Q1Q/k8IPN3+q1vjDnns4ogXKXjmKISc8BdmZu NXiPNRywmP1IkP1gDrvH+MbwzB7ySzvLOFG0fWtLIB51RZ73FOIcw7GmN900SSJR 9Sd+GolB3qgqlYYbvcq+RQAI2CgoTg8q2nTEthu8dkE/ZDkoSJWkvv4DFaAs+Udt gO2qwZewahp5oudFaVApbwfy6seoQZBm5gUqSirpqYb7jvEXizitD6axihbgjyET 8NU4EZu7EQKz2DzNxGVgOYlbsknlMpfHup41tLurht4BgrQjQfYma2NZG9GtVYAy wnQxt7YVrh3Rjg/eZHK4aUlStP3SXiOs -----END CERTIFICATE-----Generated at Wed Nov 5 05:13:36 2025 by rpki-client