$ rpki-client -vvf rpki.apnic.net/member_repository/A91C17A9/5F89F6ECFB3111EB8FBFA559C4F9AE02/U5TlfShXd_11FCjRXLD7L8WSx6Y.mft File: U5TlfShXd_11FCjRXLD7L8WSx6Y.mft (raw, json) Hash identifier: kfDNspNlJarIbLoB526iLvgfkaZgqExQSyww/AGRgsk= Subject key identifier: 40:20:5E:C3:76:60:44:06:31:7A:67:BE:9A:97:BE:3E:0D:15:8F:23 Authority key identifier: 53:94:E5:7D:28:57:77:FD:75:14:28:D1:5C:B0:FB:2F:C5:92:C7:A6 Certificate issuer: /CN=A91C17A9/serialNumber=5394E57D285777FD751428D15CB0FB2FC592C7A6 Certificate serial: 059D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5TlfShXd_11FCjRXLD7L8WSx6Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C17A9/5F89F6ECFB3111EB8FBFA559C4F9AE02/U5TlfShXd_11FCjRXLD7L8WSx6Y.mft Manifest number: 0587 Signing time: Tue 04 Nov 2025 23:20:38 +0000 Manifest this update: Tue 04 Nov 2025 23:20:38 +0000 Manifest next update: Tue 11 Nov 2025 23:20:37 +0000 Files and hashes: 1: U5TlfShXd_11FCjRXLD7L8WSx6Y.crl (hash: stMS3knysjhBR0WvehvXcvQERaKhSPD26wnGZCrJlL0=) 2: E19B6AD6D5BE11ECA8BE4666C4F9AE02.roa (hash: k5X4by3Br8W/PYfkmb4iRMPeho37AmOnY5X1wBHf0bs=) 3: C2CAC16E5C9D11EC99F7D10BC4F9AE02.roa (hash: 0dj9Leao2hIOrNuzQzhTyOKvRe7wijLNctX+F2sNN6Y=) 4: C25659465C9D11EC99F7D10BC4F9AE02.roa (hash: gBnTTYjyqczZgDb3uD73c44S0Waa5svUhRxTsEIxWDk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C17A9/5F89F6ECFB3111EB8FBFA559C4F9AE02/U5TlfShXd_11FCjRXLD7L8WSx6Y.crl rsync://rpki.apnic.net/member_repository/A91C17A9/5F89F6ECFB3111EB8FBFA559C4F9AE02/U5TlfShXd_11FCjRXLD7L8WSx6Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5TlfShXd_11FCjRXLD7L8WSx6Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:20:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1437 (0x59d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C17A9, serialNumber=5394E57D285777FD751428D15CB0FB2FC592C7A6 Validity Not Before: Nov 4 23:20:38 2025 GMT Not After : Nov 11 23:20:37 2025 GMT Subject: CN=690a8a46-ca39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:7b:32:10:c3:1e:f5:07:71:d4:fd:d9:1b:24: 1d:c1:fd:29:df:35:41:e0:5d:5d:aa:ec:29:86:2c: 9f:e6:8b:65:a9:c1:d7:72:30:b6:18:e5:65:48:ff: 1d:92:11:dc:23:e1:c5:fa:dc:4f:c6:80:21:9d:bf: cf:e3:c1:0f:e9:9c:b4:ec:54:43:79:e0:ed:77:f9: 13:08:81:a2:b9:12:34:d7:33:1d:03:ff:b3:6f:e7: 01:55:62:de:0a:e8:65:8d:6d:d1:c3:06:1e:84:f1: 4a:16:bb:88:fa:69:0b:74:ec:ca:a2:39:2e:1f:19: ee:70:d4:f8:27:bc:bb:7e:35:f5:f3:d8:20:2b:ee: fc:41:34:14:84:50:4e:38:51:79:09:f8:65:82:37: 4c:32:c1:94:e9:99:c7:6c:24:de:87:4f:1c:da:d9: df:07:26:fa:ad:a0:ef:36:b8:a9:fd:e2:d5:ec:5d: 45:c3:39:83:3b:e0:8f:84:ad:5e:d6:9b:fd:f1:4d: d7:37:46:4e:e6:73:ca:65:61:88:23:9d:23:44:e4: 09:01:f6:7d:8b:6c:10:3a:a6:a6:d5:2c:a3:ba:35: 80:fd:f9:a7:6c:f4:28:20:76:d2:d6:a0:48:b2:12: 91:4d:37:3c:2f:81:a5:3b:48:82:f3:83:56:51:a5: 5a:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:20:5E:C3:76:60:44:06:31:7A:67:BE:9A:97:BE:3E:0D:15:8F:23 X509v3 Authority Key Identifier: keyid:53:94:E5:7D:28:57:77:FD:75:14:28:D1:5C:B0:FB:2F:C5:92:C7:A6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C17A9/5F89F6ECFB3111EB8FBFA559C4F9AE02/U5TlfShXd_11FCjRXLD7L8WSx6Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U5TlfShXd_11FCjRXLD7L8WSx6Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C17A9/5F89F6ECFB3111EB8FBFA559C4F9AE02/U5TlfShXd_11FCjRXLD7L8WSx6Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:b2:b2:b1:6e:ff:4f:e3:5a:fd:d5:6c:56:5a:e1:c2:e2:11: a5:4f:e7:31:a8:77:2b:fa:a8:57:cf:e5:69:dc:e5:8d:88:fb: 87:d2:19:b0:24:28:19:a5:4f:e8:82:9d:15:a9:21:d2:79:ef: 2f:37:97:f9:58:8b:9e:b7:12:8c:53:d9:13:51:51:35:a9:fb: bc:c8:e9:6e:45:4d:96:5e:db:dc:e3:64:e1:e3:c9:2b:72:03: 10:67:10:e1:bd:d1:8a:fc:b6:fc:7c:c1:90:b4:20:60:ac:2c: 19:0e:68:bc:4d:e4:b2:f0:c3:49:6c:42:45:b7:dd:61:02:c1: a6:5b:79:b6:af:ac:1d:f6:bf:85:4f:42:5f:0b:6d:dc:c1:48: d9:95:07:f8:df:9e:1d:5b:f0:bb:c6:29:e2:29:38:d4:80:b8: d5:f5:10:b2:a4:aa:9d:79:29:1b:88:e6:cf:e3:c0:d5:73:a4: cc:f1:45:fa:07:8a:c0:77:83:b8:3d:b3:3e:5b:e1:ae:2f:8f: 51:e6:17:cb:94:9e:70:7f:3c:10:68:e0:59:09:a1:ad:18:83: 34:19:ec:61:a9:81:cc:67:0d:35:3d:6f:b3:39:ea:af:cb:72: d2:40:9c:73:6e:15:cc:92:53:da:af:01:e1:76:8f:1f:8b:72: 6d:e6:35:6e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBZ0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE3QTkxMTAvBgNVBAUTKDUzOTRFNTdEMjg1Nzc3RkQ3NTE0MjhEMTVDQjBGQjJG QzU5MkM3QTYwHhcNMjUxMTA0MjMyMDM4WhcNMjUxMTExMjMyMDM3WjAYMRYwFAYD VQQDEw02OTBhOGE0Ni1jYTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx3syEMMe9Qdx1P3ZGyQdwf0p3zVB4F1dquwphiyf5otlqcHXcjC2GOVlSP8d khHcI+HF+txPxoAhnb/P48EP6Zy07FRDeeDtd/kTCIGiuRI01zMdA/+zb+cBVWLe CuhljW3RwwYehPFKFruI+mkLdOzKojkuHxnucNT4J7y7fjX189ggK+78QTQUhFBO OFF5CfhlgjdMMsGU6ZnHbCTeh08c2tnfByb6raDvNrip/eLV7F1FwzmDO+CPhK1e 1pv98U3XN0ZO5nPKZWGII50jROQJAfZ9i2wQOqam1SyjujWA/fmnbPQoIHbS1qBI shKRTTc8L4GlO0iC84NWUaVadwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEAgXsN2 YEQGMXpnvpqXvj4NFY8jMB8GA1UdIwQYMBaAFFOU5X0oV3f9dRQo0Vyw+y/Fksem MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTdBOS81Rjg5RjZFQ0ZC MzExMUVCOEZCRkE1NTlDNEY5QUUwMi9VNVRsZlNoWGRfMTFGQ2pSWExEN0w4V1N4 NlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U1VGxmU2hYZF8xMUZDalJYTEQ3TDhXU3g2WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MTdBOS81Rjg5RjZFQ0ZCMzExMUVCOEZCRkE1NTlDNEY5QUUwMi9VNVRsZlNoWGRf MTFGQ2pSWExEN0w4V1N4NlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbsrKxbv9P41r91WxWWuHC4hGlT+cxqHcr+qhXz+Vp3OWNiPuH0hmw JCgZpU/ogp0VqSHSee8vN5f5WIuetxKMU9kTUVE1qfu8yOluRU2WXtvc42Th48kr cgMQZxDhvdGK/Lb8fMGQtCBgrCwZDmi8TeSy8MNJbEJFt91hAsGmW3m2r6wd9r+F T0JfC23cwUjZlQf4354dW/C7xiniKTjUgLjV9RCypKqdeSkbiObP48DVc6TM8UX6 B4rAd4O4PbM+W+GuL49R5hfLlJ5wfzwQaOBZCaGtGIM0GexhqYHMZw01PW+zOeqv y3LSQJxzbhXMklParwHhdo8fi3Jt5jVu -----END CERTIFICATE-----Generated at Wed Nov 5 11:47:27 2025 by rpki-client