$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft File: Y3kC4bqWiB1HLuyt-kW1V348HDE.mft (raw, json) Hash identifier: fH7DjXGz39GQdJdJazp16GSRbJJkXlzb0fUMtQQVbAE= Subject key identifier: 66:88:C8:95:B2:FB:07:FB:D7:1D:DC:E1:D5:26:DC:A3:03:1F:0E:8C Authority key identifier: 63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31 Certificate issuer: /CN=A91CE524/serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31 Certificate serial: 0172 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft Manifest number: 016F Signing time: Wed 05 Nov 2025 04:01:10 +0000 Manifest this update: Wed 05 Nov 2025 04:01:09 +0000 Manifest next update: Wed 12 Nov 2025 04:01:09 +0000 Files and hashes: 1: Y3kC4bqWiB1HLuyt-kW1V348HDE.crl (hash: eDpKy7IBiiscjBycXIA3smL7RB3FDHVHgQ5JOHDH7pM=) 2: FF1FE402898011EEB3403779C4F9AE02.roa (hash: kfUd7cLCmHmQ/k7ENeRjEkFUrum5OXV/qc4Vt8EOcIQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.crl rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:01:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 370 (0x172) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE524, serialNumber=637902E1BA96881D472EECADFA45B5577E3C1C31 Validity Not Before: Nov 5 04:01:09 2025 GMT Not After : Nov 12 04:01:09 2025 GMT Subject: CN=690acc05-6763 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:da:d5:b6:aa:98:0b:5c:2a:bd:8e:20:d7:eb: ab:78:10:1c:59:bb:34:eb:ae:48:95:7c:92:2f:ac: 41:24:68:88:a1:8f:f6:83:ed:6c:38:d4:ef:25:3b: 9e:9b:3e:93:78:95:63:fc:46:70:31:94:d4:2b:9d: 82:c1:cf:9d:33:de:99:ce:8c:1a:fb:ea:bf:22:3b: c2:e6:31:25:39:8b:03:b0:61:e4:fb:93:da:b9:21: 2b:b8:94:a5:0b:22:b3:33:59:6d:70:7a:15:d9:bd: 2e:2f:87:d8:32:02:7a:22:f9:b8:0c:c6:e8:df:f5: 0a:16:7d:37:36:a8:1a:6c:a9:4c:23:1a:94:71:97: bb:3a:e0:f2:4b:6b:14:eb:b7:8a:b7:a5:fc:1a:0f: 5e:60:5e:22:31:22:3c:9f:ff:7a:1a:30:f9:b3:28: 59:98:13:3d:4b:37:aa:bd:e8:96:6c:18:5e:87:11: 03:ee:f9:88:35:c6:52:b3:8c:4d:c7:27:07:40:97: 82:8c:1b:4f:4b:a9:b8:2c:d7:a0:36:e0:77:53:45: 2e:d1:66:a6:ec:a4:ee:51:e9:aa:37:b9:d7:55:6d: 70:fc:42:1f:42:12:9e:ba:af:5b:a8:be:a9:17:8a: bc:6d:7c:2e:eb:c6:25:82:dd:fd:dc:03:a2:65:c9: c7:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:88:C8:95:B2:FB:07:FB:D7:1D:DC:E1:D5:26:DC:A3:03:1F:0E:8C X509v3 Authority Key Identifier: keyid:63:79:02:E1:BA:96:88:1D:47:2E:EC:AD:FA:45:B5:57:7E:3C:1C:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Y3kC4bqWiB1HLuyt-kW1V348HDE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE524/0C2C2BD688C511EEA8311C71C4F9AE02/Y3kC4bqWiB1HLuyt-kW1V348HDE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:34:a6:51:1c:49:54:fe:0c:12:d9:37:aa:72:29:09:2f:c6: 58:ee:2c:19:e2:62:81:bc:9f:54:af:87:17:24:38:c3:0f:d6: 07:91:c2:4e:dc:96:4f:4e:3a:08:34:3e:a0:0c:05:aa:e2:52: 1b:e1:20:af:58:08:f0:9b:ed:bb:d1:1c:66:89:2a:e4:2a:80: c3:22:3b:f8:35:5b:b5:b0:67:4a:5d:7a:7d:c8:6e:73:88:d9: 1d:80:ab:cf:c1:0f:3c:e3:15:71:fe:b6:bd:d8:9e:c3:a5:56: 29:7a:89:37:e7:10:43:3a:9d:6f:53:54:12:eb:71:88:cc:64: ad:8b:7e:c1:92:59:19:30:49:7e:27:07:96:5c:ec:5c:e5:84: ea:1b:bc:91:e3:3b:6c:de:c6:cc:b3:5d:7f:d0:aa:05:75:83: fe:e4:15:9a:ed:32:38:ab:28:ff:64:5f:21:49:97:5f:12:07: ec:10:fe:3d:97:3e:78:47:2d:fc:f9:99:24:61:d2:90:bd:d7: a6:05:d7:96:a9:9d:be:65:24:7d:24:24:fd:71:05:21:7a:5f: 2e:a8:70:f5:34:14:31:95:5a:c9:69:37:fa:b0:e3:0f:df:c5: 76:da:76:18:2c:e1:e7:fc:78:c9:f1:bf:41:b8:bd:cc:5b:1c: 65:3d:43:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U1MjQxMTAvBgNVBAUTKDYzNzkwMkUxQkE5Njg4MUQ0NzJFRUNBREZBNDVCNTU3 N0UzQzFDMzEwHhcNMjUxMTA1MDQwMTA5WhcNMjUxMTEyMDQwMTA5WjAYMRYwFAYD VQQDEw02OTBhY2MwNS02NzYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6drVtqqYC1wqvY4g1+ureBAcWbs0665IlXySL6xBJGiIoY/2g+1sONTvJTue mz6TeJVj/EZwMZTUK52Cwc+dM96Zzowa++q/IjvC5jElOYsDsGHk+5PauSEruJSl CyKzM1ltcHoV2b0uL4fYMgJ6Ivm4DMbo3/UKFn03NqgabKlMIxqUcZe7OuDyS2sU 67eKt6X8Gg9eYF4iMSI8n/96GjD5syhZmBM9SzeqveiWbBhehxED7vmINcZSs4xN xycHQJeCjBtPS6m4LNegNuB3U0Uu0Wam7KTuUemqN7nXVW1w/EIfQhKeuq9bqL6p F4q8bXwu68Ylgt393AOiZcnHdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGaIyJWy +wf71x3c4dUm3KMDHw6MMB8GA1UdIwQYMBaAFGN5AuG6logdRy7srfpFtVd+PBwx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTUyNC8wQzJDMkJENjg4 QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJxV2lCMUhMdXl0LWtXMVYzNDhI REUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1kza0M0YnFXaUIxSEx1eXQta1cxVjM0OEhERS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTUyNC8wQzJDMkJENjg4QzUxMUVFQTgzMTFDNzFDNEY5QUUwMi9ZM2tDNGJxV2lC MUhMdXl0LWtXMVYzNDhIREUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzNKZRHElU/gwS2TeqcikJL8ZY7iwZ4mKBvJ9Ur4cXJDjDD9YHkcJO 3JZPTjoIND6gDAWq4lIb4SCvWAjwm+270RxmiSrkKoDDIjv4NVu1sGdKXXp9yG5z iNkdgKvPwQ884xVx/ra92J7DpVYpeok35xBDOp1vU1QS63GIzGSti37BklkZMEl+ JweWXOxc5YTqG7yR4zts3sbMs11/0KoFdYP+5BWa7TI4qyj/ZF8hSZdfEgfsEP49 lz54Ry38+ZkkYdKQvdemBdeWqZ2+ZSR9JCT9cQUhel8uqHD1NBQxlVrJaTf6sOMP 38V22nYYLOHn/HjJ8b9BuL3MWxxlPUOx -----END CERTIFICATE-----Generated at Wed Nov 5 12:05:58 2025 by rpki-client