$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft File: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft (raw, json) Hash identifier: 0gB2U88PRvBcnTuJsriK1CxcdXnIdniZ+6RN2iev4Kg= Subject key identifier: 99:BE:7A:96:AA:8A:2D:6F:99:64:85:0C:4C:77:6B:B1:3F:D8:56:1B Authority key identifier: A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 Certificate issuer: /CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Certificate serial: 25D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft Manifest number: 25CB Signing time: Tue 04 Nov 2025 15:48:22 +0000 Manifest this update: Tue 04 Nov 2025 15:48:22 +0000 Manifest next update: Tue 11 Nov 2025 15:48:22 +0000 Files and hashes: 1: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl (hash: MGgJ72+oPiOb8bxyXwweiydX04uO8dg7u1V3t8Ip0m4=) 2: 96F26DD8E4A511EF8259C769C4F9AE02.roa (hash: 106BmLtTyVCv8aiEyQESyMsMUTUgBCG4YPN0EmuEMYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:48:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9687 (0x25d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Validity Not Before: Nov 4 15:48:22 2025 GMT Not After : Nov 11 15:48:22 2025 GMT Subject: CN=690a2046-7efa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:b6:18:de:2d:35:66:00:19:7b:ba:3d:35:ec: 20:61:06:be:62:5f:d3:6a:e0:c0:52:79:50:05:9b: c5:48:a3:0e:68:d1:85:5f:f4:2e:33:b1:57:13:1f: 6e:a6:ff:ab:2c:ee:67:8a:c1:d7:7e:b5:e4:1e:6a: 5b:5d:fd:ee:39:66:de:08:6d:0f:47:d4:2e:c8:ba: b6:e7:cc:76:fe:10:1c:ff:a6:36:2e:6e:91:a7:87: 80:c8:65:cb:cb:4d:5a:cd:ac:65:80:bf:54:09:25: 4d:fe:35:24:a9:10:ea:f9:11:34:98:d9:80:bf:89: 9f:60:48:c5:6a:f9:16:6b:60:52:6f:59:48:7c:46: 09:4e:cd:88:d7:f9:3a:a6:cb:0e:c5:57:7e:58:b6: af:cd:85:66:3f:82:9b:98:e9:90:45:70:a5:fc:27: 28:79:1c:d3:74:b6:5d:e1:d8:b8:79:9a:79:31:c8: 7f:33:20:f7:1a:14:d0:60:2b:7c:cf:f8:f2:ba:e7: bd:22:90:65:6d:00:23:74:5e:70:5e:8c:89:e8:4a: eb:81:3d:56:98:c2:ec:a2:5d:f9:6f:a9:3a:05:d8: 7d:28:de:95:be:a6:2d:3e:67:0b:3a:92:8a:1a:5b: e7:b7:12:dc:da:fc:50:ce:ac:1d:33:d9:e9:ea:0d: 6a:91 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:BE:7A:96:AA:8A:2D:6F:99:64:85:0C:4C:77:6B:B1:3F:D8:56:1B X509v3 Authority Key Identifier: keyid:A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d8:03:5b:54:3a:21:28:c8:5f:b5:a5:a3:09:cb:3e:37:aa:c0: 58:cb:fc:80:ea:ee:f0:2c:3a:e8:bb:ad:96:a9:f7:96:c7:e9: 73:5e:fa:0f:52:23:96:db:07:c2:34:b6:e8:ac:dd:8d:14:9f: d7:a3:ad:91:c9:62:00:9e:36:df:3a:1b:61:35:bc:bf:a4:d4: 1c:b7:f3:b6:0f:96:ff:25:ad:d2:2d:18:65:58:a3:a0:d7:9e: c5:22:d2:61:92:23:34:89:c1:f8:63:94:ca:3c:5a:c9:f7:0f: ec:07:5f:01:c0:75:2f:8e:f0:dd:a6:6f:5c:61:73:23:7c:8a: e1:0c:de:2f:2d:55:04:cc:b4:bc:ba:6c:0b:b1:bc:7f:e1:cf: f3:48:08:fc:8a:b5:0a:05:70:d1:d3:b1:75:b8:02:27:8d:8f: 69:25:5c:99:2e:15:2b:a7:04:45:db:17:5f:72:4a:6d:a2:89: 21:2b:4d:78:9a:5b:18:22:af:c7:64:42:58:45:b5:9c:2e:7a: 86:f8:2b:91:43:65:d0:86:64:67:ed:33:1a:34:dd:59:e8:ad: 1d:f2:50:98:ba:7c:11:40:92:28:6b:80:40:b3:92:ec:b7:b6: d7:d4:ab:92:73:05:f5:e2:eb:9e:80:a8:b3:12:eb:10:9e:a8: b7:87:4a:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJdcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKEExQzIzOTY1NzA0MDE3NzI0MjlFQjhDQkIwREY2NjUz RjE2NzhDRjYwHhcNMjUxMTA0MTU0ODIyWhcNMjUxMTExMTU0ODIyWjAYMRYwFAYD VQQDEw02OTBhMjA0Ni03ZWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7bYY3i01ZgAZe7o9NewgYQa+Yl/TauDAUnlQBZvFSKMOaNGFX/QuM7FXEx9u pv+rLO5nisHXfrXkHmpbXf3uOWbeCG0PR9QuyLq258x2/hAc/6Y2Lm6Rp4eAyGXL y01azaxlgL9UCSVN/jUkqRDq+RE0mNmAv4mfYEjFavkWa2BSb1lIfEYJTs2I1/k6 pssOxVd+WLavzYVmP4KbmOmQRXCl/CcoeRzTdLZd4di4eZp5Mch/MyD3GhTQYCt8 z/jyuue9IpBlbQAjdF5wXoyJ6ErrgT1WmMLsol35b6k6Bdh9KN6VvqYtPmcLOpKK GlvntxLc2vxQzqwdM9np6g1qkQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJm+epaq ii1vmWSFDEx3a7E/2FYbMB8GA1UdIwQYMBaAFKHCOWVwQBdyQp64y7DfZlPxZ4z2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy9EM0FCNjAxNjE0 QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYzSkNucmpMc045bVVfRm5q UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29jSTVaWEJBRjNKQ25yakxzTjltVV9GbmpQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy9EM0FCNjAxNjE0QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYz SkNucmpMc045bVVfRm5qUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDYA1tUOiEoyF+1paMJyz43qsBYy/yA6u7wLDrou62WqfeWx+lzXvoP UiOW2wfCNLborN2NFJ/Xo62RyWIAnjbfOhthNby/pNQct/O2D5b/Ja3SLRhlWKOg 157FItJhkiM0icH4Y5TKPFrJ9w/sB18BwHUvjvDdpm9cYXMjfIrhDN4vLVUEzLS8 umwLsbx/4c/zSAj8irUKBXDR07F1uAInjY9pJVyZLhUrpwRF2xdfckptookhK014 mlsYIq/HZEJYRbWcLnqG+CuRQ2XQhmRn7TMaNN1Z6K0d8lCYunwRQJIoa4BAs5Ls t7bX1KuScwX14uuegKizEusQnqi3h0rL -----END CERTIFICATE-----Generated at Wed Nov 5 15:12:06 2025 by rpki-client