$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft File: B7Y7XcFse0rper0AhqMVbV10Rlk.mft (raw, json) Hash identifier: 4VH9ghQ91evNA/WNftfrIpHsA5RJQOSoOhzdbXq+RnM= Subject key identifier: 00:9C:3E:0A:85:C5:08:CF:22:5C:A3:54:78:E7:26:A3:96:F6:3B:45 Authority key identifier: 07:B6:3B:5D:C1:6C:7B:4A:E9:7A:BD:00:86:A3:15:6D:5D:74:46:59 Certificate issuer: /CN=A91C6E49/serialNumber=07B63B5DC16C7B4AE97ABD0086A3156D5D744659 Certificate serial: 023F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft Manifest number: 023A Signing time: Wed 05 Nov 2025 01:58:10 +0000 Manifest this update: Wed 05 Nov 2025 01:58:09 +0000 Manifest next update: Wed 12 Nov 2025 01:58:09 +0000 Files and hashes: 1: B7Y7XcFse0rper0AhqMVbV10Rlk.crl (hash: 4REV+cPtV2mBiKiSoea4kjzQZZdpN6Mg4V1sxa5VttU=) 2: 98FD8A0E538411ED8D781C7CC4F9AE02.roa (hash: KvaqXLWWsSi0DyIW72uaV8JvweT4UuqZ2OwGOX+bYh8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.crl rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:58:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 575 (0x23f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6E49, serialNumber=07B63B5DC16C7B4AE97ABD0086A3156D5D744659 Validity Not Before: Nov 5 01:58:09 2025 GMT Not After : Nov 12 01:58:09 2025 GMT Subject: CN=690aaf31-efdb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:55:2e:6e:26:4b:e4:2f:82:a3:11:62:6d:70: 85:c6:a8:25:6f:f5:df:a7:d8:40:a4:e6:a8:a7:4b: ad:80:0d:d5:fa:5f:5f:d7:bc:f8:82:7c:1a:28:0b: be:37:40:cf:79:5a:71:e6:51:7e:78:f8:16:9f:8b: e2:c0:e1:be:5b:4c:86:90:97:f2:b5:2a:43:4a:c2: c0:07:10:20:e0:b6:bc:87:b9:7c:31:31:7c:29:bf: a1:a7:30:00:dd:38:69:6d:11:cd:be:c5:9b:9c:d5: 3e:c3:21:5e:4e:8b:ac:5e:c0:20:56:12:3d:f8:b8: 84:57:98:8e:c5:35:6c:e1:42:42:23:cb:7a:a8:13: ba:82:5f:cd:69:6d:c6:da:19:7a:5a:8d:2b:25:cb: 2e:22:97:ee:6d:dc:95:d8:36:70:8c:93:b6:6b:24: e6:98:bc:e7:85:54:fa:ef:69:1b:a1:96:8f:8f:f1: 40:29:2d:13:06:da:ca:be:d8:db:52:c2:8f:b6:5b: 25:ef:df:30:cc:4a:a0:4e:0d:7c:7d:93:18:44:73: 7e:c6:c0:6b:33:c6:07:6a:42:58:63:9a:78:04:16: 6c:99:14:ee:ca:a6:85:14:95:9e:9e:5b:16:69:5c: 90:ce:b2:e3:4f:96:6c:f6:e6:80:d1:b4:f3:82:ae: 05:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:9C:3E:0A:85:C5:08:CF:22:5C:A3:54:78:E7:26:A3:96:F6:3B:45 X509v3 Authority Key Identifier: keyid:07:B6:3B:5D:C1:6C:7B:4A:E9:7A:BD:00:86:A3:15:6D:5D:74:46:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/B7Y7XcFse0rper0AhqMVbV10Rlk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6E49/B33AA7A6538111ED8AA98F77C4F9AE02/B7Y7XcFse0rper0AhqMVbV10Rlk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:3e:e9:ad:5c:76:63:e3:68:08:31:62:3f:09:6b:d6:02:cb: 50:48:26:67:9a:42:ea:95:6e:2a:fa:f1:6b:12:a8:c9:33:09: 9f:b5:1c:91:c8:8a:56:14:83:c5:bd:13:13:77:b4:33:1f:af: 88:17:f6:3e:f9:f4:09:c6:6e:36:ce:0d:27:f7:c5:93:d5:bf: 51:aa:3b:7d:51:10:64:99:ef:2e:97:3c:f4:c5:73:fc:9a:54: 07:f2:3e:e9:f9:9e:4c:c7:6f:4b:12:52:89:dc:73:44:cd:dc: 79:9d:b2:63:4e:f4:f2:7e:d7:e8:95:3b:f5:27:42:83:14:c9: 45:71:2c:0e:84:4c:73:09:56:87:c2:8b:99:04:7c:a5:24:8c: 6c:63:b9:68:ac:1c:4b:be:d3:89:37:00:86:b2:fa:aa:2c:87: 37:08:ce:4f:94:a8:fe:79:e1:31:11:cf:9d:90:4d:d0:67:74: b3:5c:fa:c1:b5:d0:dc:7e:05:59:7a:92:cc:1f:cb:22:7f:95: e2:d6:a5:93:13:08:6c:55:3f:1f:5b:95:61:ad:64:6e:3f:45: 32:15:5f:ca:ca:87:60:b5:13:1c:2b:d8:fe:f3:b4:94:2d:3c: e4:11:d1:12:f7:53:3d:a3:9c:e2:cf:f1:61:d7:e2:c1:58:d3: 4c:7b:58:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAj8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzZFNDkxMTAvBgNVBAUTKDA3QjYzQjVEQzE2QzdCNEFFOTdBQkQwMDg2QTMxNTZE NUQ3NDQ2NTkwHhcNMjUxMTA1MDE1ODA5WhcNMjUxMTEyMDE1ODA5WjAYMRYwFAYD VQQDEw02OTBhYWYzMS1lZmRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzVUubiZL5C+CoxFibXCFxqglb/Xfp9hApOaop0utgA3V+l9f17z4gnwaKAu+ N0DPeVpx5lF+ePgWn4viwOG+W0yGkJfytSpDSsLABxAg4La8h7l8MTF8Kb+hpzAA 3ThpbRHNvsWbnNU+wyFeTousXsAgVhI9+LiEV5iOxTVs4UJCI8t6qBO6gl/NaW3G 2hl6Wo0rJcsuIpfubdyV2DZwjJO2ayTmmLznhVT672kboZaPj/FAKS0TBtrKvtjb UsKPtlsl798wzEqgTg18fZMYRHN+xsBrM8YHakJYY5p4BBZsmRTuyqaFFJWenlsW aVyQzrLjT5Zs9uaA0bTzgq4FoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFACcPgqF xQjPIlyjVHjnJqOW9jtFMB8GA1UdIwQYMBaAFAe2O13BbHtK6Xq9AIajFW1ddEZZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNkU0OS9CMzNBQTdBNjUz ODExMUVEOEFBOThGNzdDNEY5QUUwMi9CN1k3WGNGc2UwcnBlcjBBaHFNVmJWMTBS bGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0I3WTdYY0ZzZTBycGVyMEFocU1WYlYxMFJsay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NkU0OS9CMzNBQTdBNjUzODExMUVEOEFBOThGNzdDNEY5QUUwMi9CN1k3WGNGc2Uw cnBlcjBBaHFNVmJWMTBSbGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA2PumtXHZj42gIMWI/CWvWAstQSCZnmkLqlW4q+vFrEqjJMwmftRyR yIpWFIPFvRMTd7QzH6+IF/Y++fQJxm42zg0n98WT1b9Rqjt9URBkme8ulzz0xXP8 mlQH8j7p+Z5Mx29LElKJ3HNEzdx5nbJjTvTyftfolTv1J0KDFMlFcSwOhExzCVaH wouZBHylJIxsY7lorBxLvtOJNwCGsvqqLIc3CM5PlKj+eeExEc+dkE3QZ3SzXPrB tdDcfgVZepLMH8sif5Xi1qWTEwhsVT8fW5VhrWRuP0UyFV/KyodgtRMcK9j+87SU LTzkEdES91M9o5ziz/Fh1+LBWNNMe1jN -----END CERTIFICATE-----Generated at Wed Nov 5 10:01:23 2025 by rpki-client