$ rpki-client -vvf rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft File: US3AbkHAiZokofyIXrNG5FMH80c.mft (raw, json) Hash identifier: WlYL0SsgnxiZbrvjo5M6a0dblGPapClZr138uaDbALY= Subject key identifier: C2:13:87:AB:08:A0:A2:78:6B:0D:95:2C:32:13:61:30:80:C9:B5:EC Authority key identifier: 51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 Certificate issuer: /CN=A91BA4F2/serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Certificate serial: 09AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft Manifest number: 09A5 Signing time: Tue 04 Nov 2025 20:07:11 +0000 Manifest this update: Tue 04 Nov 2025 20:07:10 +0000 Manifest next update: Tue 11 Nov 2025 20:07:10 +0000 Files and hashes: 1: US3AbkHAiZokofyIXrNG5FMH80c.crl (hash: qn8ctF4HW/XpbXlzJGVv55QQ0GHe9y7X4DKZFeJj9tM=) 2: 9EEA3006979411EA8C6FC25AC4F9AE02.roa (hash: Y4bw++TnnqHhnQXoIqONS+4c30WzzpJSk4du/GajLxg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:07:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2476 (0x9ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BA4F2, serialNumber=512DC06E41C0899A24A1FC885EB346E45307F347 Validity Not Before: Nov 4 20:07:10 2025 GMT Not After : Nov 11 20:07:10 2025 GMT Subject: CN=690a5cee-5d25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:c8:40:92:e2:33:0e:29:7c:01:fc:03:62:4f: d2:74:b0:ef:7e:38:6b:9b:ff:48:62:b7:78:00:db: 4d:86:a8:5f:d7:1d:ce:5c:b4:e2:90:68:70:77:b8: 0b:fb:c9:6a:48:55:25:2b:ad:9b:43:0d:87:0a:8b: 0b:78:4e:e3:1d:f9:a8:15:a4:2c:73:e2:6a:2a:97: 0a:21:10:0e:e1:67:51:98:b4:af:be:6d:c2:eb:c4: fa:de:8c:9d:98:f4:bc:07:cf:4a:22:20:db:7a:64: 08:3a:c6:fc:8d:1a:cc:d9:41:f3:8c:61:52:23:df: 09:7e:d5:c5:03:2b:68:2b:45:d3:5a:3f:af:54:80: a6:b3:c9:6c:1b:d2:b4:ab:fd:18:fa:57:4c:65:df: 12:9d:48:2d:86:f7:2b:db:fd:95:09:28:5d:62:c1: 42:11:04:26:87:d8:9d:18:5e:1b:f9:f2:9a:fc:a1: b4:87:eb:18:38:4a:f2:8e:9e:2b:f3:60:79:1f:88: ab:d8:57:4e:19:16:2c:d3:30:bb:5c:2a:39:cf:28: f2:ac:4f:78:df:7e:f0:73:b3:b8:e3:92:ca:73:2e: 1e:e7:b5:9e:26:0f:bb:8f:05:b3:99:80:38:27:4a: 49:03:e2:bd:f1:34:1a:9c:ef:2f:fe:e2:8c:ad:f9: e5:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:13:87:AB:08:A0:A2:78:6B:0D:95:2C:32:13:61:30:80:C9:B5:EC X509v3 Authority Key Identifier: keyid:51:2D:C0:6E:41:C0:89:9A:24:A1:FC:88:5E:B3:46:E4:53:07:F3:47 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/US3AbkHAiZokofyIXrNG5FMH80c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BA4F2/2AEDEF9A979311EAB2AD2956C4F9AE02/US3AbkHAiZokofyIXrNG5FMH80c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:aa:a5:32:99:31:fc:f1:df:94:48:3d:4e:55:86:4b:78:6a: 7b:88:a5:f2:5a:28:bb:a0:5d:50:32:eb:c8:99:78:26:78:d3: 16:71:59:6e:e5:70:1d:cf:56:9a:98:3a:ef:8c:38:0f:3b:8a: fa:06:44:16:7f:07:c6:29:a7:97:1a:21:b8:89:af:8f:7f:44: 5e:6f:eb:93:0e:f2:f1:43:6c:61:61:f1:5e:65:0c:7b:0b:e8: 43:b2:90:50:30:32:38:11:16:81:c0:ff:39:82:ab:56:0a:53: 45:9a:3e:ef:bf:ce:c9:06:97:7e:c7:92:8e:26:f8:40:9e:c9: 81:6a:9a:4c:df:67:b4:f3:93:61:64:0e:f1:58:2e:47:16:a3: cd:41:43:d3:34:b5:85:fa:a0:81:10:16:ad:1c:cb:73:0a:68: 70:87:10:51:4a:b5:52:5d:e3:95:06:e3:e5:7e:46:ad:27:d0: e7:24:e2:5e:db:2a:da:05:24:a3:06:fa:c1:15:8e:31:ce:48: 6c:d2:e6:c2:e6:94:76:96:80:85:4e:ff:3c:26:38:c8:44:51: 56:d7:38:fe:c0:62:ce:49:99:b7:9f:d2:17:33:4d:b4:65:73: 3c:31:49:dc:68:d9:a6:84:f7:c0:14:bd:f2:31:fe:1e:44:fa: 12:2d:dd:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCawwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkE0RjIxMTAvBgNVBAUTKDUxMkRDMDZFNDFDMDg5OUEyNEExRkM4ODVFQjM0NkU0 NTMwN0YzNDcwHhcNMjUxMTA0MjAwNzEwWhcNMjUxMTExMjAwNzEwWjAYMRYwFAYD VQQDEw02OTBhNWNlZS01ZDI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw8hAkuIzDil8AfwDYk/SdLDvfjhrm/9IYrd4ANtNhqhf1x3OXLTikGhwd7gL +8lqSFUlK62bQw2HCosLeE7jHfmoFaQsc+JqKpcKIRAO4WdRmLSvvm3C68T63oyd mPS8B89KIiDbemQIOsb8jRrM2UHzjGFSI98JftXFAytoK0XTWj+vVICms8lsG9K0 q/0Y+ldMZd8SnUgthvcr2/2VCShdYsFCEQQmh9idGF4b+fKa/KG0h+sYOEryjp4r 82B5H4ir2FdOGRYs0zC7XCo5zyjyrE94337wc7O445LKcy4e57WeJg+7jwWzmYA4 J0pJA+K98TQanO8v/uKMrfnlywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMITh6sI oKJ4aw2VLDITYTCAybXsMB8GA1UdIwQYMBaAFFEtwG5BwImaJKH8iF6zRuRTB/NH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQTRGMi8yQUVERUY5QTk3 OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWlab2tvZnlJWHJORzVGTUg4 MGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1VTM0Fia0hBaVpva29meUlYck5HNUZNSDgwYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QTRGMi8yQUVERUY5QTk3OTMxMUVBQjJBRDI5NTZDNEY5QUUwMi9VUzNBYmtIQWla b2tvZnlJWHJORzVGTUg4MGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHqqUymTH88d+USD1OVYZLeGp7iKXyWii7oF1QMuvImXgmeNMWcVlu 5XAdz1aamDrvjDgPO4r6BkQWfwfGKaeXGiG4ia+Pf0Reb+uTDvLxQ2xhYfFeZQx7 C+hDspBQMDI4ERaBwP85gqtWClNFmj7vv87JBpd+x5KOJvhAnsmBappM32e085Nh ZA7xWC5HFqPNQUPTNLWF+qCBEBatHMtzCmhwhxBRSrVSXeOVBuPlfkatJ9DnJOJe 2yraBSSjBvrBFY4xzkhs0ubC5pR2loCFTv88JjjIRFFW1zj+wGLOSZm3n9IXM020 ZXM8MUncaNmmhPfAFL3yMf4eRPoSLd2F -----END CERTIFICATE-----Generated at Wed Nov 5 06:27:12 2025 by rpki-client