$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft File: tU-K0c7KwTb8r0eS6_0A5o6h02g.mft (raw, json) Hash identifier: nFBi2dQ+JWy0OsLyjj9yyJzMCj61WTkOn3TsN61MFys= Subject key identifier: 4A:86:CA:F2:F8:A9:F8:92:EF:C0:96:76:B7:F9:D7:D5:B7:88:DB:B6 Authority key identifier: B5:4F:8A:D1:CE:CA:C1:36:FC:AF:47:92:EB:FD:00:E6:8E:A1:D3:68 Certificate issuer: /CN=A91B7DCB/serialNumber=B54F8AD1CECAC136FCAF4792EBFD00E68EA1D368 Certificate serial: 5F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tU-K0c7KwTb8r0eS6_0A5o6h02g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft Manifest number: 5E Signing time: Wed 05 Nov 2025 07:17:06 +0000 Manifest this update: Wed 05 Nov 2025 07:17:06 +0000 Manifest next update: Wed 12 Nov 2025 07:17:06 +0000 Files and hashes: 1: tU-K0c7KwTb8r0eS6_0A5o6h02g.crl (hash: h0tC7VSV5+Vhe+dnHCGJqhH9OIWF7yV1Cw52sFScjVk=) 2: D470A60E294511F0B1412377C4F9AE02.roa (hash: R5e5Pbe0gCRILBx2wr55E5wPwG2ILhIOGtJI6e+r29g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.crl rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tU-K0c7KwTb8r0eS6_0A5o6h02g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:17:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 95 (0x5f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7DCB, serialNumber=B54F8AD1CECAC136FCAF4792EBFD00E68EA1D368 Validity Not Before: Nov 5 07:17:06 2025 GMT Not After : Nov 12 07:17:06 2025 GMT Subject: CN=690af9f2-e29c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:23:b3:d1:92:24:df:84:1e:d5:02:b3:7a:12: 5c:c2:ee:18:b7:31:c0:62:b1:34:4c:ee:3f:be:3b: ad:40:e2:f0:f3:c1:b4:03:7b:d7:8d:e0:c3:95:cd: b6:40:2d:5f:31:3f:f4:86:bd:ac:32:20:62:fb:d1: 30:85:6b:ef:30:24:23:e9:ab:25:91:ad:b6:4e:14: bc:90:ec:b4:63:7d:36:f7:09:d4:61:0c:4f:07:dd: 34:b0:79:33:60:97:85:fc:7d:b0:14:a1:4a:d9:45: c6:21:b2:67:53:69:e7:56:ec:c1:a4:27:ef:26:7c: 3e:98:e2:32:b4:d1:fe:84:0d:ca:12:21:1d:20:e6: 83:b8:ec:40:f2:c7:26:e6:4f:92:3c:c2:74:67:eb: f4:d3:f3:07:f9:0d:b0:63:a2:50:d3:ca:5d:4b:56: 5c:89:6f:d3:5b:47:3f:3a:2e:d2:ef:9e:c3:82:db: 2f:13:8d:7e:8f:76:51:6f:e9:b5:a9:7f:08:da:84: 78:6a:9b:4f:54:e0:13:19:54:1e:56:af:b0:ae:5b: e9:55:8d:b0:2f:e6:37:fd:5d:a7:95:3b:eb:4e:7d: f7:5d:09:4b:cc:e7:97:b9:ab:22:d4:b2:5a:05:83: 45:0d:b5:3c:e4:4e:db:46:2f:50:00:97:2b:5e:d2: 4b:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4A:86:CA:F2:F8:A9:F8:92:EF:C0:96:76:B7:F9:D7:D5:B7:88:DB:B6 X509v3 Authority Key Identifier: keyid:B5:4F:8A:D1:CE:CA:C1:36:FC:AF:47:92:EB:FD:00:E6:8E:A1:D3:68 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tU-K0c7KwTb8r0eS6_0A5o6h02g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7DCB/F83AC494294411F0AE1ABC74C4F9AE02/tU-K0c7KwTb8r0eS6_0A5o6h02g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6f:4b:bf:f1:a8:21:c3:7a:62:f9:ac:82:f8:aa:f4:68:41:30: 1d:64:ab:59:8b:aa:ae:c8:5c:8d:cf:4b:2b:f5:b8:a2:ea:1d: 25:e3:35:65:30:41:97:32:a3:74:2f:75:fb:b9:f2:37:13:4d: 5e:b1:80:ff:29:de:a4:99:f7:69:c0:4a:90:a6:5a:2a:0b:ee: 9f:a5:d7:d8:52:92:5e:87:81:41:08:69:ed:ce:89:c4:6f:9b: ec:c4:61:bf:ff:1d:4f:e4:c5:e9:d6:aa:43:28:8b:eb:35:fe: 81:bb:6b:1a:da:9a:54:43:cd:3a:f5:98:1a:b4:7d:a7:cf:1b: 6a:ef:99:04:cf:0b:25:07:d3:fe:ba:63:cc:44:0e:33:54:7e: 22:8c:fb:9b:07:b6:80:ab:21:8e:cc:37:bd:e8:86:4d:08:f1: 58:b6:63:be:df:a4:e3:40:2d:51:37:96:e2:87:87:30:ca:ca: 8c:c6:25:0b:4a:92:69:af:8c:03:c1:0f:0e:cf:a3:2f:4b:d7: f2:29:0e:e0:42:09:7f:96:b2:ec:71:a3:5c:a3:fd:d5:19:83: 60:08:f7:bc:8a:03:90:20:9d:1d:23:b9:ac:5f:74:4f:21:72: 41:e3:91:fd:e0:85:e8:e9:75:dd:f1:ee:72:08:f7:63:44:17: 16:b0:64:59 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC N0RDQjExMC8GA1UEBRMoQjU0RjhBRDFDRUNBQzEzNkZDQUY0NzkyRUJGRDAwRTY4 RUExRDM2ODAeFw0yNTExMDUwNzE3MDZaFw0yNTExMTIwNzE3MDZaMBgxFjAUBgNV BAMTDTY5MGFmOWYyLWUyOWMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC+I7PRkiTfhB7VArN6ElzC7hi3McBisTRM7j++O61A4vDzwbQDe9eN4MOVzbZA LV8xP/SGvawyIGL70TCFa+8wJCPpqyWRrbZOFLyQ7LRjfTb3CdRhDE8H3TSweTNg l4X8fbAUoUrZRcYhsmdTaedW7MGkJ+8mfD6Y4jK00f6EDcoSIR0g5oO47EDyxybm T5I8wnRn6/TT8wf5DbBjolDTyl1LVlyJb9NbRz86LtLvnsOC2y8TjX6PdlFv6bWp fwjahHhqm09U4BMZVB5Wr7CuW+lVjbAv5jf9XaeVO+tOffddCUvM55e5qyLUsloF g0UNtTzkTttGL1AAlyte0kuTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUSobK8vip +JLvwJZ2t/nX1beI27YwHwYDVR0jBBgwFoAUtU+K0c7KwTb8r0eS6/0A5o6h02gw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3RENCL0Y4M0FDNDk0Mjk0 NDExRjBBRTFBQkM3NEM0RjlBRTAyL3RVLUswYzdLd1RiOHIwZVM2XzBBNW82aDAy Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdFUtSzBjN0t3VGI4cjBlUzZfMEE1bzZoMDJnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI3 RENCL0Y4M0FDNDk0Mjk0NDExRjBBRTFBQkM3NEM0RjlBRTAyL3RVLUswYzdLd1Ri OHIwZVM2XzBBNW82aDAyZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAG9Lv/GoIcN6Yvmsgviq9GhBMB1kq1mLqq7IXI3PSyv1uKLqHSXjNWUw QZcyo3Qvdfu58jcTTV6xgP8p3qSZ92nASpCmWioL7p+l19hSkl6HgUEIae3OicRv m+zEYb//HU/kxenWqkMoi+s1/oG7axramlRDzTr1mBq0fafPG2rvmQTPCyUH0/66 Y8xEDjNUfiKM+5sHtoCrIY7MN73ohk0I8Vi2Y77fpONALVE3luKHhzDKyozGJQtK kmmvjAPBDw7Poy9L1/IpDuBCCX+Wsuxxo1yj/dUZg2AI97yKA5AgnR0juaxfdE8h ckHjkf3ghejpdd3x7nII92NEFxawZFk= -----END CERTIFICATE-----Generated at Wed Nov 5 12:21:29 2025 by rpki-client