$ rpki-client -vvf rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft File: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft (raw, json) Hash identifier: egRlDqbfksF7KMDUmOoUdy8u5G4y3pxozohLqdp+Oqs= Subject key identifier: 51:53:8B:17:FC:A0:F0:07:DB:0C:A1:89:E7:05:34:6E:48:F8:8A:BA Authority key identifier: CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A Certificate issuer: /CN=A91B4357/serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Certificate serial: 04E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft Manifest number: 04CA Signing time: Tue 04 Nov 2025 23:56:10 +0000 Manifest this update: Tue 04 Nov 2025 23:56:09 +0000 Manifest next update: Tue 11 Nov 2025 23:56:09 +0000 Files and hashes: 1: yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl (hash: 4TY08d7haIlwb5RY8RTjUZ5zgcdsZmFqCvbB9ejuV10=) 2: CA888654D0E011EC9E5ACC1CC4F9AE02.roa (hash: XDPidkRVqWeQc1eTHxQCxUaJElvlJNeT6pKmzwyn+HU=) 3: 52B98FDA46AF11ECB113AA4BC4F9AE02.roa (hash: 2y3PU7S4Av5FbaJ/h4zQJFDM0QlsuJevpUkwFDDgj1o=) 4: 35A2418C45AE11ECB857890EC4F9AE02.roa (hash: Ar0eIfX5VeHGn66RhXZc/W9m9hkUWFRl4nMMo5nWhrg=) 5: 9896BA2EB6DE11EC8DB17172C4F9AE02.roa (hash: PZ8hGfo35k+2uwUr51dLJv7koK6JGtYIILiy6ys4KXU=) 6: 351AC73E45AE11ECB857890EC4F9AE02.roa (hash: qBcZRGomI65XMXG658jBmR+nbM6U8JoK99ZN8SiSngA=) 7: 346A2B4045AE11ECB857890EC4F9AE02.roa (hash: A3EDkKvu0aa33VcpNX3QbNZPup+JOPeqQSqq5IEiwAE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:56:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1257 (0x4e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B4357, serialNumber=CB1656811D08457993E8D81B9F9798DAD616971A Validity Not Before: Nov 4 23:56:09 2025 GMT Not After : Nov 11 23:56:09 2025 GMT Subject: CN=690a9299-b766 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:d4:84:bb:8e:b5:c8:09:9c:db:b9:fc:a2:a2: fa:49:e0:dd:f8:3c:42:1b:84:10:c5:df:b9:a6:43: 44:05:90:62:2c:0c:be:16:1a:37:04:96:65:ba:35: 8f:49:31:38:f9:41:0a:84:41:ed:59:e5:a7:23:1e: c4:e3:8e:45:b0:86:51:d6:e0:e1:1b:4c:c5:64:69: bd:7f:33:76:9e:79:54:e3:bc:cb:fa:75:09:70:cb: 5a:77:d7:d1:4c:69:6d:dd:e9:1e:b4:00:b5:55:92: c2:1d:88:31:42:fe:15:37:d7:f9:f1:39:5b:81:9d: a5:f4:f5:83:46:20:ac:43:02:a2:01:9d:10:99:ba: 42:c8:02:93:db:74:4e:07:66:39:ab:53:ce:a3:f4: 89:d0:49:b6:a9:e9:3f:c0:b1:89:97:f7:79:7e:43: af:4c:04:07:c8:7e:7a:63:bd:5b:1f:9e:13:1d:c2: 19:c8:03:bc:fe:81:4a:09:3c:fe:0b:d4:47:a6:42: 8f:d2:09:94:13:a6:5c:a2:d5:a5:f8:23:56:c9:c7: 1e:d9:b9:da:b6:f7:18:86:ec:bf:ae:b7:ed:aa:11: a1:74:2a:13:5d:5c:8a:eb:c4:38:75:1b:46:27:99: ad:1f:e6:64:83:9e:89:ed:2d:49:05:86:c7:b1:13: 21:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:53:8B:17:FC:A0:F0:07:DB:0C:A1:89:E7:05:34:6E:48:F8:8A:BA X509v3 Authority Key Identifier: keyid:CB:16:56:81:1D:08:45:79:93:E8:D8:1B:9F:97:98:DA:D6:16:97:1A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B4357/B84B10EC45A811EC8B140558C4F9AE02/yxZWgR0IRXmT6Ngbn5eY2tYWlxo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:31:a7:62:0b:16:52:e1:a4:64:c8:25:3d:d2:5e:08:12:6a: 9d:d2:36:ef:d3:a4:0e:e9:9a:c0:f4:ba:6e:b1:93:d7:fe:f0: 26:f0:99:2a:57:1d:40:35:9e:2a:70:66:9b:20:2d:6f:f0:87: eb:fc:ea:fe:ba:79:cb:c8:84:c8:58:0a:87:5d:a2:0b:88:74: 38:31:c3:2a:f2:fd:af:e0:15:fb:38:aa:8d:6a:aa:3c:c3:0f: 94:8f:04:8f:71:d5:86:b4:59:72:81:27:cf:1b:33:09:14:c7: 15:cf:fe:34:21:e3:6c:b1:be:77:19:11:00:f4:cf:c5:11:83: 6b:f1:28:53:af:95:71:9b:10:7a:ee:82:e7:5a:00:41:19:63: 2f:a4:b3:28:86:15:6c:76:8f:df:7a:b8:3b:30:35:55:51:71: 24:2d:a6:d6:97:76:fb:9e:82:93:28:46:09:0e:90:b3:70:7d: 7c:fc:e8:ca:a5:5b:9f:c7:fa:f7:68:3b:5c:a9:1f:83:be:80: 81:74:30:c5:0a:02:87:e3:60:f1:e1:03:0f:c8:dc:47:4a:54: 5f:84:ff:64:9b:ac:87:ff:46:0a:5e:80:4b:d6:e5:c2:04:35: ab:bf:b8:17:8f:ae:39:f7:d7:e2:35:4d:c5:b1:ee:f6:65:18: 1b:ea:68:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzNTcxMTAvBgNVBAUTKENCMTY1NjgxMUQwODQ1Nzk5M0U4RDgxQjlGOTc5OERB RDYxNjk3MUEwHhcNMjUxMTA0MjM1NjA5WhcNMjUxMTExMjM1NjA5WjAYMRYwFAYD VQQDEw02OTBhOTI5OS1iNzY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0dSEu461yAmc27n8oqL6SeDd+DxCG4QQxd+5pkNEBZBiLAy+Fho3BJZlujWP STE4+UEKhEHtWeWnIx7E445FsIZR1uDhG0zFZGm9fzN2nnlU47zL+nUJcMtad9fR TGlt3eketAC1VZLCHYgxQv4VN9f58TlbgZ2l9PWDRiCsQwKiAZ0QmbpCyAKT23RO B2Y5q1POo/SJ0Em2qek/wLGJl/d5fkOvTAQHyH56Y71bH54THcIZyAO8/oFKCTz+ C9RHpkKP0gmUE6ZcotWl+CNWycce2bnatvcYhuy/rrftqhGhdCoTXVyK68Q4dRtG J5mtH+Zkg56J7S1JBYbHsRMhhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFFTixf8 oPAH2wyhiecFNG5I+Iq6MB8GA1UdIwQYMBaAFMsWVoEdCEV5k+jYG5+XmNrWFpca MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDM1Ny9CODRCMTBFQzQ1 QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJYbVQ2TmdibjVlWTJ0WVds eG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3l4WldnUjBJUlhtVDZOZ2JuNWVZMnRZV2x4by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDM1Ny9CODRCMTBFQzQ1QTgxMUVDOEIxNDA1NThDNEY5QUUwMi95eFpXZ1IwSVJY bVQ2TmdibjVlWTJ0WVdseG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmMadiCxZS4aRkyCU90l4IEmqd0jbv06QO6ZrA9LpusZPX/vAm8Jkq Vx1ANZ4qcGabIC1v8Ifr/Or+unnLyITIWAqHXaILiHQ4McMq8v2v4BX7OKqNaqo8 ww+UjwSPcdWGtFlygSfPGzMJFMcVz/40IeNssb53GREA9M/FEYNr8ShTr5VxmxB6 7oLnWgBBGWMvpLMohhVsdo/ferg7MDVVUXEkLabWl3b7noKTKEYJDpCzcH18/OjK pVufx/r3aDtcqR+DvoCBdDDFCgKH42Dx4QMPyNxHSlRfhP9km6yH/0YKXoBL1uXC BDWrv7gXj64599fiNU3Fse72ZRgb6miL -----END CERTIFICATE-----Generated at Wed Nov 5 08:02:59 2025 by rpki-client