$ rpki-client -vvf rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft File: 8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft (raw, json) Hash identifier: sDw62uJTmRoj5DjKWeKB8E7JbwzmqB2xEL4JbGMumdI= Subject key identifier: D6:A7:A2:71:DD:4E:07:F4:F5:F5:1D:A6:81:51:C2:75:C6:A2:D0:40 Authority key identifier: F0:46:65:93:C2:B6:CE:A9:CB:F0:2E:26:AA:E6:BF:79:0F:52:7E:A8 Certificate issuer: /CN=A91BF8D1/serialNumber=F0466593C2B6CEA9CBF02E26AAE6BF790F527EA8 Certificate serial: 0AA8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft Manifest number: 0AA0 Signing time: Tue 04 Nov 2025 19:38:24 +0000 Manifest this update: Tue 04 Nov 2025 19:38:23 +0000 Manifest next update: Tue 11 Nov 2025 19:38:23 +0000 Files and hashes: 1: 8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl (hash: b+C5ENJ+k6ufWRcNWeCDPy/RhVWeJJ0RHdrFORt4cJs=) 2: 19250B84675711EAA928E22DC4F9AE02.roa (hash: bm4J9Gs8kg53MtutKeTvvvRSq0MtCTJcSE5YLit7Dts=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:38:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2728 (0xaa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BF8D1, serialNumber=F0466593C2B6CEA9CBF02E26AAE6BF790F527EA8 Validity Not Before: Nov 4 19:38:23 2025 GMT Not After : Nov 11 19:38:23 2025 GMT Subject: CN=690a5630-649b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:fe:35:36:aa:d9:ec:a4:ae:9e:68:ca:d4:0c: 1b:4a:f6:00:d4:fa:4c:e9:50:4c:e9:2e:71:7c:58: 8f:7b:1e:e8:fb:fd:93:00:13:cb:d8:c8:a6:4d:95: 61:56:34:81:0f:07:d8:a5:ef:00:db:e0:26:4b:30: 3c:b9:66:31:ff:bd:a6:57:60:c1:38:6f:5e:1d:86: dd:56:77:6f:8a:c9:bc:db:e6:42:07:d4:3e:58:64: 0b:70:1e:07:b6:88:d6:9b:50:26:e0:74:f9:68:f3: 03:e8:a5:2b:04:9c:73:0f:08:ce:88:27:ac:6d:d0: e8:83:f6:af:0f:77:71:f1:60:71:3e:ad:9b:be:62: 77:ef:0f:bf:56:89:04:40:4f:4c:cd:b0:6a:5b:bb: dd:90:3f:0a:cf:b3:5a:ce:a0:85:7f:1e:71:fc:a7: ac:8d:22:0f:90:00:3d:61:2e:5f:f7:1c:81:53:9b: 53:ad:20:f7:b4:62:cf:ec:78:ec:6f:37:50:f7:9b: 06:a7:1b:78:8e:e2:fb:cd:da:8d:66:b2:40:e3:0e: 07:e9:01:a4:fd:91:ff:a3:09:f2:da:07:d8:2e:b3: e7:3f:94:45:86:04:0a:a4:c7:88:e5:67:1b:35:f9: b7:09:f7:a9:2c:42:8f:cf:d1:a6:ed:4a:8a:b6:6f: b0:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:A7:A2:71:DD:4E:07:F4:F5:F5:1D:A6:81:51:C2:75:C6:A2:D0:40 X509v3 Authority Key Identifier: keyid:F0:46:65:93:C2:B6:CE:A9:CB:F0:2E:26:AA:E6:BF:79:0F:52:7E:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BF8D1/7C4E34BC675511EAA087302BC4F9AE02/8EZlk8K2zqnL8C4mqua_eQ9Sfqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:23:11:fd:70:92:60:4b:00:1f:92:34:6c:f8:47:73:3e:8a: 3b:19:8b:da:04:e4:5a:4f:43:a5:51:f5:a1:1b:36:3b:c3:5f: e5:76:80:83:ca:22:e0:c7:27:e4:83:9b:ba:b4:25:3b:93:fe: 6b:60:bc:27:45:b6:e0:1c:ee:47:92:2d:b3:b4:33:c9:a2:3a: b0:a0:54:17:64:5f:64:7f:48:25:ff:7c:b6:30:98:6c:d4:3c: aa:0d:93:7c:a2:65:c4:90:7d:06:4d:29:31:f9:39:a2:e3:28: 85:64:74:d8:38:12:b0:6d:8e:6c:3b:2e:c1:2d:be:67:49:9d: ed:9c:01:4a:83:ef:10:d0:99:02:a1:26:bd:48:f4:42:40:08: d3:53:83:17:fc:77:13:c2:60:c3:a9:09:81:f4:ba:1c:bf:3f: 14:cf:8b:93:6c:4b:7b:82:30:77:61:b7:12:86:fd:f2:70:f6: 4e:e8:5e:87:62:b7:43:a4:6e:22:24:62:f2:85:f6:98:1f:54: c0:a0:20:d3:34:1f:39:4d:52:cd:f7:d3:a3:e4:b4:93:6b:12: 79:7a:8d:4a:eb:80:84:e1:29:e2:48:ca:8c:02:70:45:69:a4: 19:2f:81:4d:52:28:06:3e:fe:d4:88:42:5d:67:d4:92:60:fc: 3c:a9:0d:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCqgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkY4RDExMTAvBgNVBAUTKEYwNDY2NTkzQzJCNkNFQTlDQkYwMkUyNkFBRTZCRjc5 MEY1MjdFQTgwHhcNMjUxMTA0MTkzODIzWhcNMjUxMTExMTkzODIzWjAYMRYwFAYD VQQDEw02OTBhNTYzMC02NDliMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxf41NqrZ7KSunmjK1AwbSvYA1PpM6VBM6S5xfFiPex7o+/2TABPL2MimTZVh VjSBDwfYpe8A2+AmSzA8uWYx/72mV2DBOG9eHYbdVndvism82+ZCB9Q+WGQLcB4H tojWm1Am4HT5aPMD6KUrBJxzDwjOiCesbdDog/avD3dx8WBxPq2bvmJ37w+/VokE QE9MzbBqW7vdkD8Kz7NazqCFfx5x/KesjSIPkAA9YS5f9xyBU5tTrSD3tGLP7Hjs bzdQ95sGpxt4juL7zdqNZrJA4w4H6QGk/ZH/owny2gfYLrPnP5RFhgQKpMeI5Wcb Nfm3CfepLEKPz9Gm7UqKtm+w1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNanonHd Tgf09fUdpoFRwnXGotBAMB8GA1UdIwQYMBaAFPBGZZPCts6py/AuJqrmv3kPUn6o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRjhEMS83QzRFMzRCQzY3 NTUxMUVBQTA4NzMwMkJDNEY5QUUwMi84RVpsazhLMnpxbkw4QzRtcXVhX2VROVNm cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhFWmxrOEsyenFuTDhDNG1xdWFfZVE5U2ZxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RjhEMS83QzRFMzRCQzY3NTUxMUVBQTA4NzMwMkJDNEY5QUUwMi84RVpsazhLMnpx bkw4QzRtcXVhX2VROVNmcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCmIxH9cJJgSwAfkjRs+EdzPoo7GYvaBORaT0OlUfWhGzY7w1/ldoCD yiLgxyfkg5u6tCU7k/5rYLwnRbbgHO5Hki2ztDPJojqwoFQXZF9kf0gl/3y2MJhs 1DyqDZN8omXEkH0GTSkx+Tmi4yiFZHTYOBKwbY5sOy7BLb5nSZ3tnAFKg+8Q0JkC oSa9SPRCQAjTU4MX/HcTwmDDqQmB9Locvz8Uz4uTbEt7gjB3YbcShv3ycPZO6F6H YrdDpG4iJGLyhfaYH1TAoCDTNB85TVLN99Oj5LSTaxJ5eo1K64CE4SniSMqMAnBF aaQZL4FNUigGPv7UiEJdZ9SSYPw8qQ1g -----END CERTIFICATE-----Generated at Wed Nov 5 20:11:21 2025 by rpki-client