$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: llSDQShFb4t25ug2j7EzMhwx13bs0b33bBm/MFBekiA= Subject key identifier: D8:BC:71:69:48:DE:58:7E:67:63:53:BD:22:C2:00:EA:51:11:8B:E4 Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0EB8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E9D Signing time: Tue 04 Nov 2025 17:48:00 +0000 Manifest this update: Tue 04 Nov 2025 17:48:00 +0000 Manifest next update: Tue 11 Nov 2025 17:48:00 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: +GWLAcVaWBaNl7A2xKZV4Wax9U6WDhPCkIFhoNUVWSU=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: k08HrzQA4orJaDMpNJ4cYiGD96bVzWAF2REZWm3ObQ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:47:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3768 (0xeb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: Nov 4 17:48:00 2025 GMT Not After : Nov 11 17:48:00 2025 GMT Subject: CN=690a3c50-6b0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b8:45:c0:cb:2a:a5:d2:03:6a:e7:67:2e:77: 63:d4:b2:f6:96:f1:0e:7b:5d:55:71:cc:5a:1f:e8: a7:c8:0d:70:1e:a3:fc:b9:e1:31:a2:02:cb:11:be: 39:0a:d7:a5:2f:98:08:bd:4e:e1:44:b3:1d:9d:15: 45:74:ea:b2:2a:f3:70:9d:16:9e:cf:8b:9e:8c:0d: f3:4f:77:21:d9:f8:c4:ac:b8:3a:8c:8d:fd:b0:90: c2:fa:b3:55:3d:85:78:2a:4e:c1:d0:16:ba:3a:c1: 86:7b:46:85:ab:f2:3a:42:a5:e9:13:d5:b4:16:d7: 8e:f0:b7:58:35:96:ef:e1:0d:13:01:f9:10:4c:f6: 2d:ef:e2:95:bf:74:15:8e:08:3b:a0:6f:6f:91:d1: 6e:9c:32:6b:4f:26:23:79:50:d1:98:e5:41:1a:74: 5e:dc:9a:d2:36:17:c0:e9:33:39:53:4f:c3:dc:5f: 07:ce:d9:b8:6f:1b:04:92:c9:26:3d:3f:e2:45:d4: fb:31:52:6c:5c:f6:aa:67:e5:cc:6d:1f:f2:f0:89: b2:fb:0d:3a:a1:33:28:d5:2b:bc:ef:1c:a3:06:8e: 84:d8:a1:9b:7c:0b:bf:b7:06:84:e7:97:90:64:47: bf:e5:e5:05:52:8c:fa:94:79:a8:20:64:af:6e:c5: 3e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:BC:71:69:48:DE:58:7E:67:63:53:BD:22:C2:00:EA:51:11:8B:E4 X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:13:34:63:3f:fe:b6:8b:51:52:0b:b3:17:a5:66:d2:e4:cb: 7e:b2:97:93:b8:e2:ee:b5:db:87:e1:8a:cd:6f:fe:ee:4b:fb: f9:b2:58:f9:2f:ce:b4:2e:62:02:b7:8f:47:c9:91:e8:7e:7e: 01:72:d4:99:6f:27:2a:a3:03:4c:d9:ef:7c:a8:8e:fa:f7:16: a3:37:fc:e4:9f:d7:bf:55:00:bd:2b:52:81:96:68:0b:25:c1: 8d:06:75:91:50:37:bd:0b:cb:80:68:df:29:52:5f:35:6d:37: 68:ae:fd:7c:29:9f:98:7b:c2:a4:bc:01:ae:fd:6d:6c:78:d1: ff:2d:ee:f1:71:ab:fa:4f:34:1e:8d:f6:be:49:75:52:1d:f5: 32:e8:4d:e8:c6:e9:e4:c2:48:d3:a0:15:9e:1d:0c:5e:9d:ae: 1e:48:be:54:97:be:90:0b:4f:a2:b4:eb:e1:db:8f:c6:c7:81: f8:bc:c3:0a:76:42:91:f7:62:aa:64:be:8b:7a:35:a1:ab:25: c2:9b:4f:28:42:08:c2:e0:95:74:26:04:2e:a2:e2:b8:41:fa: df:96:30:9f:20:b2:49:e5:62:b3:41:f8:b6:1f:4a:76:32:c8: 9f:7e:41:2d:64:90:6c:b6:a5:ab:a6:ee:9e:27:6c:32:26:64: 1a:9b:1c:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDrgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUxMTA0MTc0ODAwWhcNMjUxMTExMTc0ODAwWjAYMRYwFAYD VQQDEw02OTBhM2M1MC02YjBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1rhFwMsqpdIDaudnLndj1LL2lvEOe11VccxaH+inyA1wHqP8ueExogLLEb45 CtelL5gIvU7hRLMdnRVFdOqyKvNwnRaez4uejA3zT3ch2fjErLg6jI39sJDC+rNV PYV4Kk7B0Ba6OsGGe0aFq/I6QqXpE9W0FteO8LdYNZbv4Q0TAfkQTPYt7+KVv3QV jgg7oG9vkdFunDJrTyYjeVDRmOVBGnRe3JrSNhfA6TM5U0/D3F8Hztm4bxsEkskm PT/iRdT7MVJsXPaqZ+XMbR/y8Imy+w06oTMo1Su87xyjBo6E2KGbfAu/twaE55eQ ZEe/5eUFUoz6lHmoIGSvbsU+aQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNi8cWlI 3lh+Z2NTvSLCAOpREYvkMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWEzRjP/62i1FSC7MXpWbS5Mt+speTuOLutduH4YrNb/7uS/v5slj5 L860LmICt49HyZHofn4BctSZbycqowNM2e98qI769xajN/zkn9e/VQC9K1KBlmgL JcGNBnWRUDe9C8uAaN8pUl81bTdorv18KZ+Ye8KkvAGu/W1seNH/Le7xcav6TzQe jfa+SXVSHfUy6E3oxunkwkjToBWeHQxena4eSL5Ul76QC0+itOvh24/Gx4H4vMMK dkKR92KqZL6LejWhqyXCm08oQgjC4JV0JgQuouK4QfrfljCfILJJ5WKzQfi2H0p2 MsiffkEtZJBstqWrpu6eJ2wyJmQamxwA -----END CERTIFICATE-----Generated at Thu Nov 6 02:55:40 2025 by rpki-client