$ rpki-client -vvf rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft File: ysNNxbjd0zsX7HVcldRdD3YlD6g.mft (raw, json) Hash identifier: qyzdeKF1Pwl5rBNRmcXBefkHTlVR10KOxWM/AEmcCZU= Subject key identifier: 90:AA:C4:A0:C4:BE:A0:12:17:4D:73:7D:CB:59:DE:68:46:44:E4:13 Authority key identifier: CA:C3:4D:C5:B8:DD:D3:3B:17:EC:75:5C:95:D4:5D:0F:76:25:0F:A8 Certificate issuer: /CN=A91C9B39/serialNumber=CAC34DC5B8DDD33B17EC755C95D45D0F76250FA8 Certificate serial: 0222 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft Manifest number: 021E Signing time: Wed 05 Nov 2025 02:14:36 +0000 Manifest this update: Wed 05 Nov 2025 02:14:35 +0000 Manifest next update: Wed 12 Nov 2025 02:14:35 +0000 Files and hashes: 1: ysNNxbjd0zsX7HVcldRdD3YlD6g.crl (hash: Yv0uaAoDkpSnvy+nBsGzJM9Lb076PxxJzCMFcYl0J8g=) 2: E21DEF607B5E11ED98247D60C4F9AE02.roa (hash: sHBWYK9XVEHZv+A/fyqhHjEvweQybzBfh5wreKa0iZw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.crl rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:14:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 546 (0x222) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C9B39, serialNumber=CAC34DC5B8DDD33B17EC755C95D45D0F76250FA8 Validity Not Before: Nov 5 02:14:35 2025 GMT Not After : Nov 12 02:14:35 2025 GMT Subject: CN=690ab30c-1e0a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:3a:bc:41:a2:8e:e6:aa:c0:74:d6:24:a6:2d: b0:a2:f6:f1:23:be:59:a8:fe:86:23:52:52:d9:14: 5a:0b:19:0d:b6:2c:6b:a1:6a:13:a4:bf:28:c6:14: 88:0b:bb:63:f6:fe:ff:21:ef:63:56:6b:d9:6b:d4: 9f:a5:1f:58:12:44:74:81:42:dd:be:c5:83:c0:12: b3:43:da:16:fc:cc:7e:d6:53:47:ca:1f:4e:d6:e0: bd:4e:71:cb:3e:10:12:3c:48:12:59:7e:20:1c:ba: 65:be:e1:2b:a3:ac:ef:7e:f0:fd:5d:11:c3:d8:bd: 74:3c:7c:2d:5a:31:a1:52:19:23:50:72:15:38:4a: 17:f6:8f:e1:3c:ca:e5:5b:24:d7:ba:31:70:d1:7d: 6a:22:65:86:79:20:4a:dd:6e:63:cc:10:99:7c:e3: 6d:6a:78:41:e9:d5:22:6b:61:fe:60:09:c4:f2:9d: 61:5a:10:e5:35:3e:ec:ae:72:a2:83:51:3a:0e:4f: d8:13:48:e2:52:f1:94:ed:9a:56:39:91:ed:85:f4: b3:94:12:ac:fb:b3:95:89:c1:09:cd:95:e8:ad:0d: fd:e5:7f:6c:09:24:06:73:ca:79:72:e9:05:92:45: e1:44:29:6f:50:65:32:0b:48:4a:58:f3:cd:b0:16: eb:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:AA:C4:A0:C4:BE:A0:12:17:4D:73:7D:CB:59:DE:68:46:44:E4:13 X509v3 Authority Key Identifier: keyid:CA:C3:4D:C5:B8:DD:D3:3B:17:EC:75:5C:95:D4:5D:0F:76:25:0F:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ysNNxbjd0zsX7HVcldRdD3YlD6g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C9B39/B615D0BC7B5A11EDA5E3CA66C4F9AE02/ysNNxbjd0zsX7HVcldRdD3YlD6g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:e4:ae:0f:5f:32:27:c9:8f:50:54:9f:24:d1:78:e5:b5:ce: c5:d5:30:43:25:66:5c:96:17:20:c3:43:ee:7a:42:a1:b5:e5: ee:75:b2:4d:dd:ef:1d:1b:9f:82:49:2a:df:df:a3:94:8c:3a: d3:77:74:8b:59:6a:80:88:c2:04:6f:66:95:bc:3c:2e:02:34: 37:0d:24:58:00:f7:bc:45:ae:66:4f:94:5b:fd:c7:90:f4:47: 89:6c:7e:87:6d:a7:97:ec:8c:9d:fc:4f:21:72:6c:d6:86:46: 90:c4:11:47:08:10:e8:dc:d5:53:5b:61:79:e0:2c:1d:e1:96: d6:8e:a1:a6:24:2a:14:2c:da:25:5b:ec:94:9d:e8:4d:1a:23: 71:fc:29:11:19:33:30:bb:6e:07:2d:72:00:1f:40:6d:68:b8: 16:73:03:17:58:97:ac:96:e5:15:f0:64:fe:f0:4f:f5:ff:1f: a1:a8:7b:46:b2:cb:0c:4c:f9:74:f3:18:c3:99:c6:7b:e4:e2: 28:a5:22:6c:ec:ed:b7:66:68:5e:ee:1b:2b:a3:9d:93:46:bd: c4:77:a1:10:33:00:e6:6e:87:54:44:ec:47:5c:3f:ba:c1:3b: cb:53:1b:68:94:82:fa:14:6b:65:08:bf:b8:13:ce:6a:eb:d2: 9c:78:32:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzlCMzkxMTAvBgNVBAUTKENBQzM0REM1QjhEREQzM0IxN0VDNzU1Qzk1RDQ1RDBG NzYyNTBGQTgwHhcNMjUxMTA1MDIxNDM1WhcNMjUxMTEyMDIxNDM1WjAYMRYwFAYD VQQDEw02OTBhYjMwYy0xZTBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuTq8QaKO5qrAdNYkpi2wovbxI75ZqP6GI1JS2RRaCxkNtixroWoTpL8oxhSI C7tj9v7/Ie9jVmvZa9SfpR9YEkR0gULdvsWDwBKzQ9oW/Mx+1lNHyh9O1uC9TnHL PhASPEgSWX4gHLplvuEro6zvfvD9XRHD2L10PHwtWjGhUhkjUHIVOEoX9o/hPMrl WyTXujFw0X1qImWGeSBK3W5jzBCZfONtanhB6dUia2H+YAnE8p1hWhDlNT7srnKi g1E6Dk/YE0jiUvGU7ZpWOZHthfSzlBKs+7OVicEJzZXorQ395X9sCSQGc8p5cukF kkXhRClvUGUyC0hKWPPNsBbrIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJCqxKDE vqASF01zfctZ3mhGROQTMB8GA1UdIwQYMBaAFMrDTcW43dM7F+x1XJXUXQ92JQ+o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDOUIzOS9CNjE1RDBCQzdC NUExMUVEQTVFM0NBNjZDNEY5QUUwMi95c05OeGJqZDB6c1g3SFZjbGRSZEQzWWxE NmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lzTk54YmpkMHpzWDdIVmNsZFJkRDNZbEQ2Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD OUIzOS9CNjE1RDBCQzdCNUExMUVEQTVFM0NBNjZDNEY5QUUwMi95c05OeGJqZDB6 c1g3SFZjbGRSZEQzWWxENmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCk5K4PXzInyY9QVJ8k0Xjltc7F1TBDJWZclhcgw0PuekKhteXudbJN 3e8dG5+CSSrf36OUjDrTd3SLWWqAiMIEb2aVvDwuAjQ3DSRYAPe8Ra5mT5Rb/ceQ 9EeJbH6HbaeX7Iyd/E8hcmzWhkaQxBFHCBDo3NVTW2F54Cwd4ZbWjqGmJCoULNol W+yUnehNGiNx/CkRGTMwu24HLXIAH0BtaLgWcwMXWJesluUV8GT+8E/1/x+hqHtG sssMTPl08xjDmcZ75OIopSJs7O23Zmhe7hsro52TRr3Ed6EQMwDmbodUROxHXD+6 wTvLUxtolIL6FGtlCL+4E85q69KceDJS -----END CERTIFICATE-----Generated at Wed Nov 5 17:03:30 2025 by rpki-client