$ rpki-client -vvf rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft File: 4vB0KtgKnbsodRhO4N1elN11eEs.mft (raw, json) Hash identifier: 3zu7IxgM2c9SjHkTXQjY5XZvAVFHKcudgud2fue8XWc= Subject key identifier: F8:33:79:97:E3:C6:44:AE:7A:D3:98:A0:07:C1:3A:1F:62:FB:69:78 Authority key identifier: E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B Certificate issuer: /CN=A91C23FE/serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Certificate serial: 1C36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft Manifest number: 1C2A Signing time: Wed 05 Nov 2025 06:33:50 +0000 Manifest this update: Wed 05 Nov 2025 06:33:49 +0000 Manifest next update: Wed 12 Nov 2025 06:33:49 +0000 Files and hashes: 1: 4vB0KtgKnbsodRhO4N1elN11eEs.crl (hash: xl9rMzKABK4cDS9D+vFNg5A5ObhQx9uudKqn/5Z6UKI=) 2: A88F22ECCC7011ED931BD15FC4F9AE02.roa (hash: 0F+HyKS0ioPFvzCaqyJQESCSfvE7rRFOPbWjnK2cB34=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7222 (0x1c36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C23FE, serialNumber=E2F0742AD80A9DBB2875184EE0DD5E94DD75784B Validity Not Before: Nov 5 06:33:49 2025 GMT Not After : Nov 12 06:33:49 2025 GMT Subject: CN=690aefcd-e8a8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:7d:9d:65:09:fb:55:6b:ef:69:1c:48:d3:8d: 9b:90:ef:f8:b0:aa:a3:4d:2a:dc:ea:30:be:bc:64: 69:74:02:70:af:58:24:f1:61:8b:0c:41:b8:ea:ab: de:ea:31:aa:d5:b6:41:ed:61:bd:93:63:2d:ac:2b: 3f:a7:1f:fc:f4:e9:5a:5f:ba:e8:20:e2:d0:4d:6f: 76:5b:1d:c7:94:dc:a7:e2:6c:bb:5f:16:22:c5:c5: 5f:59:d1:c0:b4:63:27:46:f4:25:ec:1f:2a:79:dd: 92:50:1b:64:6f:1e:2f:d2:47:5a:77:d2:d8:44:d4: 45:01:b7:e6:83:81:03:e6:0c:65:25:37:ee:d8:41: 8a:07:72:3f:ea:70:45:bc:53:1f:58:61:7b:32:bf: 0a:29:3d:02:57:92:58:9e:3b:76:ef:f6:24:07:fc: 5d:be:90:7c:a9:21:34:86:7d:62:ed:4c:5b:70:dc: 25:f0:a7:5e:32:f7:5b:4f:e4:b7:61:9d:84:fd:1f: c3:65:a2:18:0e:8c:af:e1:84:5e:c7:5b:9e:0a:ac: a2:9e:6c:10:c4:dc:f0:10:b9:cc:ce:95:2a:75:9b: 59:56:86:5c:7c:fa:f5:3e:42:ee:89:17:3d:c8:22: 4b:d7:82:2e:b7:b4:71:14:be:94:56:e2:07:df:0a: a6:51 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F8:33:79:97:E3:C6:44:AE:7A:D3:98:A0:07:C1:3A:1F:62:FB:69:78 X509v3 Authority Key Identifier: keyid:E2:F0:74:2A:D8:0A:9D:BB:28:75:18:4E:E0:DD:5E:94:DD:75:78:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4vB0KtgKnbsodRhO4N1elN11eEs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C23FE/825CE9AAF9EB11E6BDE7A968C4F9AE02/4vB0KtgKnbsodRhO4N1elN11eEs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:04:ac:ba:23:b6:f4:0b:d9:5c:ca:b1:4b:85:d5:2d:57:a5: ac:ee:f5:24:5c:8c:c5:13:9a:8c:d6:30:cc:83:99:fd:5f:3d: c0:af:23:9c:ed:5c:9c:e3:4a:11:b3:26:a3:d5:8c:2b:17:7e: bb:ea:be:82:a6:6c:5e:40:80:65:f8:e2:ea:83:86:ba:a7:2b: aa:40:f7:75:e2:95:6c:0e:c2:c1:54:1b:f3:f8:07:30:6f:1d: 4a:eb:24:d6:9c:a3:c1:6d:cb:ce:d4:93:86:f5:c0:6d:9f:8a: 2a:48:aa:d0:f6:e3:ea:35:1c:f4:cb:e3:54:e1:b7:b2:db:8e: 2a:43:bd:ea:8b:f0:49:81:b8:6d:d5:15:fb:7c:36:6f:dd:e1: e1:ec:8c:f7:37:66:75:72:7e:29:0d:f7:41:b8:1d:68:74:13: 8d:d5:69:c5:86:b5:6b:3a:d9:0f:54:0e:c6:89:3b:ac:dd:4f: 77:79:7e:1d:ea:24:29:e3:3e:86:b7:00:fd:b5:15:76:0a:b4: 46:fd:23:33:8b:b3:ee:2f:02:6b:fe:c6:c5:58:e6:ef:c7:dd: fb:e8:77:94:cd:99:d3:db:4f:ee:03:60:cc:2c:cb:b9:c8:49: ea:09:96:04:91:53:a7:2d:dc:cc:be:99:7e:98:5e:56:38:88: 85:06:86:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzIzRkUxMTAvBgNVBAUTKEUyRjA3NDJBRDgwQTlEQkIyODc1MTg0RUUwREQ1RTk0 REQ3NTc4NEIwHhcNMjUxMTA1MDYzMzQ5WhcNMjUxMTEyMDYzMzQ5WjAYMRYwFAYD VQQDEw02OTBhZWZjZC1lOGE4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvn2dZQn7VWvvaRxI042bkO/4sKqjTSrc6jC+vGRpdAJwr1gk8WGLDEG46qve 6jGq1bZB7WG9k2MtrCs/px/89OlaX7roIOLQTW92Wx3HlNyn4my7XxYixcVfWdHA tGMnRvQl7B8qed2SUBtkbx4v0kdad9LYRNRFAbfmg4ED5gxlJTfu2EGKB3I/6nBF vFMfWGF7Mr8KKT0CV5JYnjt27/YkB/xdvpB8qSE0hn1i7UxbcNwl8KdeMvdbT+S3 YZ2E/R/DZaIYDoyv4YRex1ueCqyinmwQxNzwELnMzpUqdZtZVoZcfPr1PkLuiRc9 yCJL14Iut7RxFL6UVuIH3wqmUQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPgzeZfj xkSuetOYoAfBOh9i+2l4MB8GA1UdIwQYMBaAFOLwdCrYCp27KHUYTuDdXpTddXhL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjNGRS84MjVDRTlBQUY5 RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25ic29kUmhPNE4xZWxOMTFl RXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzR2QjBLdGdLbmJzb2RSaE80TjFlbE4xMWVFcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MjNGRS84MjVDRTlBQUY5RUIxMUU2QkRFN0E5NjhDNEY5QUUwMi80dkIwS3RnS25i c29kUmhPNE4xZWxOMTFlRXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAuBKy6I7b0C9lcyrFLhdUtV6Ws7vUkXIzFE5qM1jDMg5n9Xz3AryOc 7Vyc40oRsyaj1YwrF3676r6CpmxeQIBl+OLqg4a6pyuqQPd14pVsDsLBVBvz+Acw bx1K6yTWnKPBbcvO1JOG9cBtn4oqSKrQ9uPqNRz0y+NU4bey244qQ73qi/BJgbht 1RX7fDZv3eHh7Iz3N2Z1cn4pDfdBuB1odBON1WnFhrVrOtkPVA7GiTus3U93eX4d 6iQp4z6GtwD9tRV2CrRG/SMzi7PuLwJr/sbFWObvx9376HeUzZnT20/uA2DMLMu5 yEnqCZYEkVOnLdzMvpl+mF5WOIiFBoYU -----END CERTIFICATE-----Generated at Wed Nov 5 11:56:28 2025 by rpki-client