$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft File: ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft (raw, json) Hash identifier: qBp3kd2Bsapc67fDmKsL1KrrbcjKsB262evaRgv7FPQ= Subject key identifier: 26:79:06:A1:65:98:54:31:BF:E0:FF:E5:F6:56:C0:CB:01:24:B0:B7 Authority key identifier: 67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D Certificate issuer: /CN=A91CAA4E/serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Certificate serial: 1384 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft Manifest number: 1AEC Signing time: Tue 04 Nov 2025 17:04:35 +0000 Manifest this update: Tue 04 Nov 2025 17:04:34 +0000 Manifest next update: Tue 11 Nov 2025 17:04:34 +0000 Files and hashes: 1: ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl (hash: AATsuKxo3hpYSvt8zeLRf39zvoChhiX5rZeZdUmBwcw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:04:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4996 (0x1384) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAA4E, serialNumber=672124F633C8919CA5D766D89E9CCFF0B21F0C8D Validity Not Before: Nov 4 17:04:34 2025 GMT Not After : Nov 11 17:04:34 2025 GMT Subject: CN=690a3223-594d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:c7:2b:59:c4:98:eb:6b:a8:30:e8:5b:8b:95: 31:5a:cf:36:3b:d5:b1:bd:6e:c1:09:79:73:15:81: d6:da:f2:bc:7d:1a:11:2f:d2:24:5a:1f:b1:a8:97: 39:a2:dd:dd:78:5f:5c:b6:e7:16:43:59:15:d9:84: fe:c2:cc:21:24:13:2a:60:02:b4:ff:c8:e3:b3:ef: 2c:27:57:40:12:20:39:6d:9f:74:b7:61:a5:8d:ff: bd:dd:b5:a7:1c:cb:eb:b5:51:7e:b3:26:18:6d:74: 93:fb:8a:0e:95:b2:4f:18:c9:bd:5c:16:9f:20:6e: 11:de:6a:dc:9d:42:8c:f6:15:d0:be:de:93:48:3b: 6c:94:67:85:35:77:23:3a:ec:20:00:dc:76:fe:12: 15:dd:c7:e5:cf:fa:e2:42:3b:70:92:41:96:a7:11: af:fa:7f:79:f7:ca:da:26:87:e1:70:ea:3f:20:e5: f8:29:94:f0:fe:45:d4:f2:7f:68:74:f8:17:c9:e1: ad:60:a0:06:05:73:46:c7:55:0c:fb:2a:cc:17:7e: d1:64:53:c9:09:69:e0:5b:24:84:58:d4:c2:4e:b8: a0:74:7c:9b:d2:a6:6b:0a:60:bf:85:cf:61:38:05: 64:87:ae:0c:80:3d:4f:65:39:4d:86:21:e5:83:23: c5:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 26:79:06:A1:65:98:54:31:BF:E0:FF:E5:F6:56:C0:CB:01:24:B0:B7 X509v3 Authority Key Identifier: keyid:67:21:24:F6:33:C8:91:9C:A5:D7:66:D8:9E:9C:CF:F0:B2:1F:0C:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZyEk9jPIkZyl12bYnpzP8LIfDI0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAA4E/55E9795AA94F11E8AA0C900EC4F9AE02/ZyEk9jPIkZyl12bYnpzP8LIfDI0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:07:a7:ce:27:0f:15:93:ca:2f:4d:a3:19:24:41:d3:0b:dd: 1b:19:dc:f1:c1:b8:60:5b:d2:ec:c5:34:5f:e1:37:d1:f9:d2: d6:01:7f:5c:81:e0:87:94:d7:f2:9d:42:fe:85:83:ed:61:64: b9:00:7f:1f:7f:01:44:8c:47:2e:39:bc:4d:d7:b0:91:86:03: 14:e6:a8:9d:3b:ab:b2:2a:37:38:92:aa:98:76:12:de:96:0a: 12:41:d6:15:e5:f8:b8:02:2f:c1:e3:16:09:dd:40:61:af:1a: 64:41:6c:99:dd:b4:45:7d:8b:cb:79:e4:55:84:9a:f3:42:9b: 5b:d7:d3:4c:19:cf:d9:0c:59:a4:d2:fd:c3:f5:2d:2b:cc:44: 41:c9:7d:61:bb:d9:87:fa:bc:a1:3d:59:84:e0:bb:d3:14:d7: 57:39:7c:37:17:e8:cb:a0:f1:c9:c8:c5:93:1b:a6:66:7a:fb: 24:24:f6:c6:a2:72:4f:8c:19:59:87:5a:94:d5:a1:a3:6d:dd: 49:ab:f7:6a:dc:5b:b5:e3:ce:e0:a0:f3:0e:6c:1a:f9:f6:27: b7:18:9c:69:45:71:17:f8:50:38:ee:f7:09:e7:23:36:53:d7: 03:d6:0f:ba:a2:14:34:1b:a5:c0:c5:bf:0e:c9:b6:e2:b1:66: c3:38:3a:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE4QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FBNEUxMTAvBgNVBAUTKDY3MjEyNEY2MzNDODkxOUNBNUQ3NjZEODlFOUNDRkYw QjIxRjBDOEQwHhcNMjUxMTA0MTcwNDM0WhcNMjUxMTExMTcwNDM0WjAYMRYwFAYD VQQDEw02OTBhMzIyMy01OTRkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6ccrWcSY62uoMOhbi5UxWs82O9WxvW7BCXlzFYHW2vK8fRoRL9IkWh+xqJc5 ot3deF9ctucWQ1kV2YT+wswhJBMqYAK0/8jjs+8sJ1dAEiA5bZ90t2Gljf+93bWn HMvrtVF+syYYbXST+4oOlbJPGMm9XBafIG4R3mrcnUKM9hXQvt6TSDtslGeFNXcj OuwgANx2/hIV3cflz/riQjtwkkGWpxGv+n9598raJofhcOo/IOX4KZTw/kXU8n9o dPgXyeGtYKAGBXNGx1UM+yrMF37RZFPJCWngWySEWNTCTrigdHyb0qZrCmC/hc9h OAVkh64MgD1PZTlNhiHlgyPFaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCZ5BqFl mFQxv+D/5fZWwMsBJLC3MB8GA1UdIwQYMBaAFGchJPYzyJGcpddm2J6cz/CyHwyN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUE0RS81NUU5Nzk1QUE5 NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWtaeWwxMmJZbnB6UDhMSWZE STAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1p5RWs5alBJa1p5bDEyYllucHpQOExJZkRJMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUE0RS81NUU5Nzk1QUE5NEYxMUU4QUEwQzkwMEVDNEY5QUUwMi9aeUVrOWpQSWta eWwxMmJZbnB6UDhMSWZESTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAcB6fOJw8Vk8ovTaMZJEHTC90bGdzxwbhgW9LsxTRf4TfR+dLWAX9c geCHlNfynUL+hYPtYWS5AH8ffwFEjEcuObxN17CRhgMU5qidO6uyKjc4kqqYdhLe lgoSQdYV5fi4Ai/B4xYJ3UBhrxpkQWyZ3bRFfYvLeeRVhJrzQptb19NMGc/ZDFmk 0v3D9S0rzERByX1hu9mH+ryhPVmE4LvTFNdXOXw3F+jLoPHJyMWTG6ZmevskJPbG onJPjBlZh1qU1aGjbd1Jq/dq3Fu1487goPMObBr59ie3GJxpRXEX+FA47vcJ5yM2 U9cD1g+6ohQ0G6XAxb8OybbisWbDODru -----END CERTIFICATE-----Generated at Wed Nov 5 11:45:21 2025 by rpki-client