$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft File: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft (raw, json) Hash identifier: hvrmXFlASFIC2K/sPUaHsUKBk1zZWnOgYGh1uvtgU1U= Subject key identifier: 36:E6:2D:ED:C6:42:9B:E4:01:98:2B:28:44:1F:90:2B:52:3D:74:C1 Authority key identifier: 53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 Certificate issuer: /CN=A91B6F47/serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Certificate serial: 35C2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft Manifest number: 353A Signing time: Tue 04 Nov 2025 14:30:27 +0000 Manifest this update: Tue 04 Nov 2025 14:30:26 +0000 Manifest next update: Tue 11 Nov 2025 14:30:26 +0000 Files and hashes: 1: U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl (hash: LoSYCUf7uWC2EYrqVKjsq1aPHQGnO6zsJmCb9pctNVY=) 2: DF8602D05E5B11ED994E491CC4F9AE02.roa (hash: 6nK3GoLVaSP0VSJQQ8fMNbxkXH0UKpIkFpkEB95EEy0=) 3: D0886954188811EC8E86754FC4F9AE02.roa (hash: 6VbOvgdK5CTvuRLAoKi7F+0CDGeRIa2tmkBoLvAgouA=) 4: AB9889725E5E11EDB5361D3BC4F9AE02.roa (hash: Co7SE3g9/ARrpsRXeCTg4P0jRRisbdn9kOGmwejTlBg=) 5: 99CF729E221011ED980A6F47C4F9AE02.roa (hash: atHB41zC9ox7WEbx/oU2a0/b1MGieqCzosX2UKLPzlk=) 6: 491E49AECDCA11ED8F57D386C4F9AE02.roa (hash: eobj/eFuFNpYpHWfoCh4R2f9ILietn5YmlGo8HxPsps=) 7: 9F3A919468D811EFB2FE405FC4F9AE02.roa (hash: nVehuPJuIkWIOjh795nZonFcwqqWF8/uu32Co6wlMr4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:30:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13762 (0x35c2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6F47, serialNumber=538B076E0AADD8FAE2970C9543E849A90FE73752 Validity Not Before: Nov 4 14:30:26 2025 GMT Not After : Nov 11 14:30:26 2025 GMT Subject: CN=690a0e03-7a68 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:54:bb:e1:b7:90:7a:29:ae:ae:a1:88:21:9d: 03:42:f6:96:a0:5a:18:97:8d:0f:1f:0a:63:55:19: de:99:4c:39:ac:01:ef:5b:23:de:b7:19:44:f8:eb: 40:d8:41:68:37:c4:6d:f4:23:ea:f0:63:87:fa:e4: 91:be:73:6f:30:e6:7a:ae:04:1b:72:bd:e1:99:db: 26:b8:20:f8:8e:fe:dd:4c:e1:9b:d9:44:c6:4f:5f: 91:ed:9d:e2:b2:3d:ac:24:82:c8:21:41:9c:97:71: 10:12:ed:e2:83:91:cc:e1:b6:98:44:60:4c:45:ae: f7:38:d4:1c:5f:b1:25:e2:25:2a:0b:d4:a1:7b:62: 96:78:a3:17:52:0a:93:93:2d:0d:0f:33:9b:b3:28: 40:cb:a2:20:3b:8e:d9:0f:2d:ca:04:9c:6a:f8:9b: 93:82:05:b9:89:02:4c:d8:dd:e1:58:7b:aa:e3:6b: c3:82:9e:1e:13:3f:53:22:d1:58:3b:54:ea:4f:1c: c4:c8:90:40:84:4a:76:c5:0c:27:74:1b:48:56:1d: 78:e3:12:5a:d4:91:a8:a1:78:db:58:6f:7d:55:c6: 19:e9:5b:8e:85:5b:82:8d:4d:63:a6:3b:60:60:00: 51:37:36:15:c3:c8:3b:4e:de:c8:4b:37:61:90:30: cf:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:E6:2D:ED:C6:42:9B:E4:01:98:2B:28:44:1F:90:2B:52:3D:74:C1 X509v3 Authority Key Identifier: keyid:53:8B:07:6E:0A:AD:D8:FA:E2:97:0C:95:43:E8:49:A9:0F:E7:37:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6F47/B4A86C381D8411E2969FC5DA08B02CD2/U4sHbgqt2PrilwyVQ-hJqQ_nN1I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:a7:4b:db:78:e1:1a:a3:0a:17:c5:9e:d0:cd:f9:d1:d4:fe: 89:54:08:09:6d:41:69:e8:18:13:93:ea:10:72:57:5a:b2:c2: 89:16:79:0f:20:2c:49:a2:6f:dc:a4:e1:cc:33:19:7c:68:de: d8:b7:ba:47:4b:df:c0:43:8d:ad:bc:6b:21:b3:51:9a:4e:62: bc:49:1e:34:00:89:10:c2:9e:39:0c:dc:1c:57:26:f8:8a:4b: d5:1b:e3:62:92:57:a9:17:38:d3:bb:d5:a3:33:d1:70:41:aa: ac:4c:9d:31:16:42:f7:54:37:39:85:91:6a:e5:2d:7d:52:ce: f8:58:a4:bd:bd:fe:6a:7f:a2:f2:48:3d:de:67:59:c5:70:c0: c9:3c:58:a9:3d:26:80:c4:b0:be:b6:d6:67:8d:84:dd:e9:1e: ef:4b:f8:85:6b:ae:4d:d1:cf:24:4d:56:71:39:82:ed:52:7d: b0:2f:6a:70:24:1a:2d:73:ce:29:7a:d2:4b:e6:ac:23:9c:7b: 8a:19:41:28:12:da:ca:01:06:19:29:13:8e:9a:2d:ae:5b:ce: 1d:7e:84:15:ee:f3:dc:92:11:f3:63:b6:33:3f:85:96:d6:32: c1:4a:f4:1a:18:1a:d5:13:b6:01:40:b8:5d:69:37:89:0b:57: 07:05:1a:45 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNcIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjZGNDcxMTAvBgNVBAUTKDUzOEIwNzZFMEFBREQ4RkFFMjk3MEM5NTQzRTg0OUE5 MEZFNzM3NTIwHhcNMjUxMTA0MTQzMDI2WhcNMjUxMTExMTQzMDI2WjAYMRYwFAYD VQQDEw02OTBhMGUwMy03YTY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwlS74beQeimurqGIIZ0DQvaWoFoYl40PHwpjVRnemUw5rAHvWyPetxlE+OtA 2EFoN8Rt9CPq8GOH+uSRvnNvMOZ6rgQbcr3hmdsmuCD4jv7dTOGb2UTGT1+R7Z3i sj2sJILIIUGcl3EQEu3ig5HM4baYRGBMRa73ONQcX7El4iUqC9She2KWeKMXUgqT ky0NDzObsyhAy6IgO47ZDy3KBJxq+JuTggW5iQJM2N3hWHuq42vDgp4eEz9TItFY O1TqTxzEyJBAhEp2xQwndBtIVh144xJa1JGooXjbWG99VcYZ6VuOhVuCjU1jpjtg YABRNzYVw8g7Tt7ISzdhkDDPrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDbmLe3G QpvkAZgrKEQfkCtSPXTBMB8GA1UdIwQYMBaAFFOLB24Krdj64pcMlUPoSakP5zdS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNkY0Ny9CNEE4NkMzODFE ODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQcmlsd3lWUS1oSnFRX25O MUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0c0hiZ3F0MlByaWx3eVZRLWhKcVFfbk4xSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NkY0Ny9CNEE4NkMzODFEODQxMUUyOTY5RkM1REEwOEIwMkNEMi9VNHNIYmdxdDJQ cmlsd3lWUS1oSnFRX25OMUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBRp0vbeOEaowoXxZ7QzfnR1P6JVAgJbUFp6BgTk+oQcldassKJFnkP ICxJom/cpOHMMxl8aN7Yt7pHS9/AQ42tvGshs1GaTmK8SR40AIkQwp45DNwcVyb4 ikvVG+NiklepFzjTu9WjM9FwQaqsTJ0xFkL3VDc5hZFq5S19Us74WKS9vf5qf6Ly SD3eZ1nFcMDJPFipPSaAxLC+ttZnjYTd6R7vS/iFa65N0c8kTVZxOYLtUn2wL2pw JBotc84petJL5qwjnHuKGUEoEtrKAQYZKROOmi2uW84dfoQV7vPckhHzY7YzP4WW 1jLBSvQaGBrVE7YBQLhdaTeJC1cHBRpF -----END CERTIFICATE-----Generated at Wed Nov 5 11:36:16 2025 by rpki-client