$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: iYE5cwht9kPd5H7ZBoek2ddIiwZWtIZWOqt5xAgER+M= Subject key identifier: FE:91:42:CA:55:8A:D2:50:35:E6:98:59:64:33:72:75:F3:76:03:9D Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 02B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 02AA Signing time: Wed 05 Nov 2025 01:37:54 +0000 Manifest this update: Wed 05 Nov 2025 01:37:53 +0000 Manifest next update: Wed 12 Nov 2025 01:37:53 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: WqmliIQv473ux893OmQRk9Cet63dahbrXCrN7zyDu+I=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: wYfrxBgpnREsPiR0qsIaHokVToTMzCIKH0+74g0LVvA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:37:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 695 (0x2b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Nov 5 01:37:53 2025 GMT Not After : Nov 12 01:37:53 2025 GMT Subject: CN=690aaa71-5b0e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:de:38:17:59:d1:01:c4:11:ae:9b:b3:23:13: 58:52:ba:9f:bd:e2:6e:e8:36:f2:b0:15:ec:a5:2d: 81:d2:bf:0b:ee:55:45:78:45:b7:3a:6f:d7:ba:3f: c9:b0:eb:b6:c3:ca:fd:29:e6:bf:ff:0a:dd:ef:a2: 72:c3:3d:66:9e:0c:68:94:2e:71:4d:6d:3c:72:98: 8c:1f:df:45:e9:af:61:28:6e:a2:60:34:73:46:59: 6d:fa:24:f1:79:4a:9b:45:ad:05:5a:75:3b:36:c2: 8d:51:1f:3e:80:ae:54:49:b1:6c:36:91:4c:c9:6a: 02:f4:c8:f1:84:1c:17:23:5c:17:95:60:3d:0e:94: c3:1f:35:91:d7:e5:7e:36:14:3c:68:0a:6a:3d:3f: 0b:71:13:44:04:eb:9d:24:53:81:0a:84:71:54:fb: 10:ad:70:b2:88:98:ee:d1:b9:7b:6f:24:73:d6:0a: 62:17:a0:2d:e2:9e:a0:db:37:e4:51:e5:b9:8b:83: 6b:b3:f7:35:0d:9d:5f:49:21:33:d9:b1:8f:7f:a0: dc:96:7d:6f:22:e3:e7:63:79:7b:ed:99:a7:d2:2a: 29:01:76:38:8a:ed:79:9e:52:e5:0c:ab:45:fd:87: 1b:f1:2a:68:0e:d3:be:86:56:05:8e:fd:81:cb:8b: a4:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:91:42:CA:55:8A:D2:50:35:E6:98:59:64:33:72:75:F3:76:03:9D X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 63:b1:d9:c2:8f:cb:fb:fc:bf:92:d9:02:62:94:75:ec:a4:1f: f9:69:89:12:35:75:80:20:34:ef:b6:48:ba:10:ba:47:d4:b0: 44:ee:2d:df:10:ac:5a:2e:f9:c1:99:41:0a:8d:71:ec:24:de: 0a:16:5a:41:c8:0b:c4:b4:f9:f8:c9:5c:7e:0d:2a:cb:ae:cd: a8:2e:ca:98:7d:a5:59:dc:e4:d1:44:e6:c8:53:5e:7c:f6:a9: 89:f4:a2:12:06:b2:40:0f:cf:0a:18:a9:03:8c:39:f3:26:3f: 0c:7e:d2:c9:47:c1:05:e9:05:ed:d5:04:e6:e7:bc:14:5a:bc: 0e:fd:8e:bd:b9:fb:04:dd:84:6d:62:51:88:e1:7e:bd:fd:3a: 0e:58:5e:8b:60:1a:50:3f:a9:aa:a9:9b:d2:99:a6:aa:a4:94: bd:e3:64:fa:33:98:2b:87:b7:0a:e7:e4:bf:5d:ff:38:84:2f: 13:21:81:66:ba:de:2d:fe:35:f0:31:ea:ea:92:f6:c5:5f:8b: ba:80:00:dd:e5:7f:3e:6f:1b:5c:22:30:e3:90:f5:98:59:a3: 28:e3:23:9f:39:23:fc:6a:f6:08:cf:c8:73:ba:b1:0c:a4:8f: 39:49:87:9e:a0:9c:da:39:83:30:ca:d3:c8:47:f0:29:07:3c: 71:1d:7e:e0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUxMTA1MDEzNzUzWhcNMjUxMTEyMDEzNzUzWjAYMRYwFAYD VQQDEw02OTBhYWE3MS01YjBlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAut44F1nRAcQRrpuzIxNYUrqfveJu6DbysBXspS2B0r8L7lVFeEW3Om/Xuj/J sOu2w8r9Kea//wrd76Jywz1mngxolC5xTW08cpiMH99F6a9hKG6iYDRzRllt+iTx eUqbRa0FWnU7NsKNUR8+gK5USbFsNpFMyWoC9MjxhBwXI1wXlWA9DpTDHzWR1+V+ NhQ8aApqPT8LcRNEBOudJFOBCoRxVPsQrXCyiJju0bl7byRz1gpiF6At4p6g2zfk UeW5i4Nrs/c1DZ1fSSEz2bGPf6Dcln1vIuPnY3l77Zmn0iopAXY4iu15nlLlDKtF /Ycb8SpoDtO+hlYFjv2By4ukDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP6RQspV itJQNeaYWWQzcnXzdgOdMB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBjsdnCj8v7/L+S2QJilHXspB/5aYkSNXWAIDTvtki6ELpH1LBE7i3f EKxaLvnBmUEKjXHsJN4KFlpByAvEtPn4yVx+DSrLrs2oLsqYfaVZ3OTRRObIU158 9qmJ9KISBrJAD88KGKkDjDnzJj8MftLJR8EF6QXt1QTm57wUWrwO/Y69ufsE3YRt YlGI4X69/ToOWF6LYBpQP6mqqZvSmaaqpJS942T6M5grh7cK5+S/Xf84hC8TIYFm ut4t/jXwMerqkvbFX4u6gADd5X8+bxtcIjDjkPWYWaMo4yOfOSP8avYIz8hzurEM pI85SYeeoJzaOYMwytPIR/ApBzxxHX7g -----END CERTIFICATE-----Generated at Wed Nov 5 20:47:55 2025 by rpki-client