$ rpki-client -vvf rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft File: bxP1UQCfJIptmHQ2AE6FeVFWkns.mft (raw, json) Hash identifier: LzPYTzmkwULt3gHobVq9CZOdsQhh2uZeLjw6Tu1VNlg= Subject key identifier: 62:A7:E1:19:26:51:94:A3:6B:67:F6:46:24:2F:90:2F:DE:C9:41:16 Authority key identifier: 6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B Certificate issuer: /CN=A91CAFC4/serialNumber=6F13F551009F248A6D987436004E85795156927B Certificate serial: 0951 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft Manifest number: 093E Signing time: Tue 04 Nov 2025 20:19:31 +0000 Manifest this update: Tue 04 Nov 2025 20:19:30 +0000 Manifest next update: Tue 11 Nov 2025 20:19:30 +0000 Files and hashes: 1: bxP1UQCfJIptmHQ2AE6FeVFWkns.crl (hash: BoHb12tKH8VWGRA8togInsLkZw7PcbKDih3OTPYM6sk=) 2: D2039A56AABC11EEA0370F2CC4F9AE02.roa (hash: V5P8MqryTvl9uPbcl4kRoIx/Fd4WpfSFp93LMG/SR30=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:19:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2385 (0x951) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CAFC4, serialNumber=6F13F551009F248A6D987436004E85795156927B Validity Not Before: Nov 4 20:19:30 2025 GMT Not After : Nov 11 20:19:30 2025 GMT Subject: CN=690a5fd3-e3a6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:40:45:5c:c3:43:04:7a:9f:21:75:68:b3:3a: e6:8e:8a:e6:bb:17:72:5d:93:73:25:07:24:f4:bb: 0e:a5:38:02:7d:cb:2a:49:d7:06:e2:4e:02:f5:50: f3:d4:94:e1:52:74:88:90:ff:5f:d1:af:45:bf:10: 1d:34:ed:82:40:3c:6e:b3:35:f5:1b:4f:2c:c8:70: 39:6e:1f:0e:77:bd:d0:2e:59:2e:8f:43:47:7d:d3: 17:f7:c0:ca:96:74:7d:f6:ed:c8:7c:7f:a4:4f:ff: 88:ff:a3:93:e9:7f:d3:0d:2e:58:da:bb:75:37:28: ab:ad:96:9f:f1:ee:d2:4d:7f:aa:8e:ed:bb:de:02: 45:87:92:bb:ff:61:ac:d1:89:fd:3f:4c:76:71:09: cf:e3:be:4c:f2:50:0c:29:e3:fd:39:9c:d6:53:47: 93:ed:1c:d0:2f:dd:61:c8:67:2c:f4:e7:57:e1:53: f7:aa:0b:71:49:c6:bc:98:e2:f4:a8:18:20:93:96: 37:60:af:7a:d2:f3:88:26:d7:54:a4:39:6d:17:94: 6f:34:18:97:19:a7:0c:91:72:9e:da:f6:b1:aa:75: 6f:cc:b4:07:a5:a5:a1:dd:69:76:4d:1b:84:4d:90: 2c:57:06:5a:75:25:57:be:a8:df:1f:d1:1d:97:e8: 33:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 62:A7:E1:19:26:51:94:A3:6B:67:F6:46:24:2F:90:2F:DE:C9:41:16 X509v3 Authority Key Identifier: keyid:6F:13:F5:51:00:9F:24:8A:6D:98:74:36:00:4E:85:79:51:56:92:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/bxP1UQCfJIptmHQ2AE6FeVFWkns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CAFC4/BC6062DCAF8A11EA8542D85FC4F9AE02/bxP1UQCfJIptmHQ2AE6FeVFWkns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:73:68:9a:a5:d7:c6:78:19:20:07:cb:e5:79:9d:31:91:a8: 5c:9f:a8:59:71:47:17:ee:15:3d:0f:0c:bf:4a:48:8f:4f:4b: b8:b5:3f:04:53:f6:f7:fe:94:74:ae:1d:2e:ad:6c:ef:f7:00: 73:29:2d:0f:83:7b:87:10:ba:84:7a:43:77:94:85:f4:6c:a3: 36:69:cd:08:b2:88:0e:62:73:51:d1:49:e9:32:c1:ca:3d:e4: 02:08:3f:af:01:36:35:99:b6:d4:0d:1e:b8:67:6f:b6:d1:84: eb:63:dd:d4:80:58:cb:22:14:bb:8f:84:6f:8c:e0:15:d8:fb: 35:dc:8c:16:a7:50:10:b7:ef:d4:6f:08:39:fa:2c:8d:4b:59: 88:95:a3:d9:0f:bb:10:78:f4:be:04:49:7e:df:ff:51:f1:76: 46:50:d6:da:43:9d:30:db:da:16:3b:9d:68:25:5e:1a:fe:7e: 8d:47:b0:00:1e:25:7d:9f:97:8e:ea:a0:8d:bc:00:3a:6b:8d: 44:0c:3a:90:1a:f8:25:85:1e:d6:0e:63:eb:9c:0e:da:38:14: 80:46:23:e7:4f:5f:ef:e4:b5:da:9e:a0:c3:7f:86:20:e2:eb: 34:69:35:c3:2c:51:35:08:fa:03:f7:9b:c9:10:72:7e:36:c1: 84:09:c3:73 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0FGQzQxMTAvBgNVBAUTKDZGMTNGNTUxMDA5RjI0OEE2RDk4NzQzNjAwNEU4NTc5 NTE1NjkyN0IwHhcNMjUxMTA0MjAxOTMwWhcNMjUxMTExMjAxOTMwWjAYMRYwFAYD VQQDEw02OTBhNWZkMy1lM2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArEBFXMNDBHqfIXVoszrmjormuxdyXZNzJQck9LsOpTgCfcsqSdcG4k4C9VDz 1JThUnSIkP9f0a9FvxAdNO2CQDxuszX1G08syHA5bh8Od73QLlkuj0NHfdMX98DK lnR99u3IfH+kT/+I/6OT6X/TDS5Y2rt1NyirrZaf8e7STX+qju273gJFh5K7/2Gs 0Yn9P0x2cQnP475M8lAMKeP9OZzWU0eT7RzQL91hyGcs9OdX4VP3qgtxSca8mOL0 qBggk5Y3YK960vOIJtdUpDltF5RvNBiXGacMkXKe2vaxqnVvzLQHpaWh3Wl2TRuE TZAsVwZadSVXvqjfH9Edl+gzuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGKn4Rkm UZSja2f2RiQvkC/eyUEWMB8GA1UdIwQYMBaAFG8T9VEAnySKbZh0NgBOhXlRVpJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDQUZDNC9CQzYwNjJEQ0FG OEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJcHRtSFEyQUU2RmVWRldr bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2J4UDFVUUNmSklwdG1IUTJBRTZGZVZGV2tucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD QUZDNC9CQzYwNjJEQ0FGOEExMUVBODU0MkQ4NUZDNEY5QUUwMi9ieFAxVVFDZkpJ cHRtSFEyQUU2RmVWRldrbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtc2iapdfGeBkgB8vleZ0xkahcn6hZcUcX7hU9Dwy/SkiPT0u4tT8E U/b3/pR0rh0urWzv9wBzKS0Pg3uHELqEekN3lIX0bKM2ac0IsogOYnNR0UnpMsHK PeQCCD+vATY1mbbUDR64Z2+20YTrY93UgFjLIhS7j4RvjOAV2Ps13IwWp1AQt+/U bwg5+iyNS1mIlaPZD7sQePS+BEl+3/9R8XZGUNbaQ50w29oWO51oJV4a/n6NR7AA HiV9n5eO6qCNvAA6a41EDDqQGvglhR7WDmPrnA7aOBSARiPnT1/v5LXanqDDf4Yg 4us0aTXDLFE1CPoD95vJEHJ+NsGECcNz -----END CERTIFICATE-----Generated at Wed Nov 5 10:25:47 2025 by rpki-client