$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft File: MGSQ23RcleyGYUmf_IJkZnumf4o.mft (raw, json) Hash identifier: 9rcBWZh1THnR2aA5fqi/6QwLCpodlbdqL6SnO9ftkXM= Subject key identifier: 43:C8:CD:97:57:C5:B5:DB:2A:15:78:18:D3:29:27:5F:68:39:45:B9 Authority key identifier: 30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A Certificate issuer: /CN=A91CE7A4/serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A Certificate serial: 9E Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft Manifest number: 9D Signing time: Wed 05 Nov 2025 06:33:12 +0000 Manifest this update: Wed 05 Nov 2025 06:33:12 +0000 Manifest next update: Wed 12 Nov 2025 06:33:12 +0000 Files and hashes: 1: MGSQ23RcleyGYUmf_IJkZnumf4o.crl (hash: Rtomuyw7vG+zUa50V6yQCsVq1oAEqlv8EnrQxT/Wrt8=) 2: 19C407C0CC1011EFBC7E0050C4F9AE02.roa (hash: 0uD06YfXP8jJiypkQtgg/+0Dg/DOv6s8Gpjo5ybB4rE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.crl rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:59:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 158 (0x9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE7A4, serialNumber=306490DB745C95EC8661499FFC8264667BA67F8A Validity Not Before: Nov 5 06:33:12 2025 GMT Not After : Nov 12 06:33:12 2025 GMT Subject: CN=690aefa8-5e61 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:86:79:4e:af:e7:79:5d:be:88:b7:45:3e:08: cc:90:89:f8:a0:67:9d:c0:1e:7b:dc:e4:03:1b:d3: 80:37:b1:75:03:63:07:d8:24:f0:5f:fe:df:3e:4f: 88:d7:22:bf:a3:f5:8a:35:aa:db:23:21:ee:90:3d: 3c:5a:4b:4f:41:11:db:2e:5a:ff:62:15:af:b8:b8: 01:36:68:6c:b7:c1:f7:22:68:b7:92:af:5f:eb:a2: a8:72:24:2c:75:a5:ba:75:e2:2f:fc:ec:02:31:fd: dd:10:37:da:f7:de:5a:51:f9:42:50:e4:78:78:55: b1:ec:ad:49:0f:eb:2c:86:6a:d7:31:63:1f:91:cc: a8:ca:0e:22:64:8b:ab:54:78:ad:16:ac:7b:fc:7f: 05:fa:71:ce:e6:9a:85:4c:a0:65:9d:fd:bf:ff:9e: 1f:33:92:dc:c3:0d:92:f1:69:1e:86:95:d7:10:bb: 25:0b:91:10:20:a9:9f:a2:75:22:e0:48:88:03:e5: 6c:7a:f8:b8:2d:d6:de:10:47:9a:02:1c:a5:d6:8c: 85:0d:ec:d7:78:5d:f7:34:3d:99:e6:df:1e:0b:16: 2f:36:93:62:70:08:8a:8b:08:8f:61:00:2e:1e:c9: f7:9e:76:e4:9a:6f:1d:fe:d0:d4:c8:77:51:19:19: 6f:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:C8:CD:97:57:C5:B5:DB:2A:15:78:18:D3:29:27:5F:68:39:45:B9 X509v3 Authority Key Identifier: keyid:30:64:90:DB:74:5C:95:EC:86:61:49:9F:FC:82:64:66:7B:A6:7F:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/MGSQ23RcleyGYUmf_IJkZnumf4o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE7A4/B890DFD2CC0F11EFA278FD4CC4F9AE02/MGSQ23RcleyGYUmf_IJkZnumf4o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:cd:84:16:34:40:a5:4c:7a:f2:f4:1f:24:7e:ff:a7:dd:fd: 63:69:85:f2:44:68:c2:30:b2:f3:e2:f6:f1:ca:d1:97:da:ee: 01:d8:b5:b8:8b:6b:90:01:6f:9a:ee:0e:b7:b9:9c:dd:41:91: 8a:8e:20:02:0a:0f:78:c0:55:aa:7b:55:f4:0d:fa:66:d0:9d: d1:62:3c:f1:e7:45:57:2b:31:72:a2:77:0d:64:87:bf:d4:3b: b0:c3:17:b6:a0:e8:6e:4a:cf:79:96:49:b7:ee:9d:69:87:60: 05:ae:0a:61:38:ff:e7:69:98:d9:02:ce:47:1e:2a:9d:ab:0c: 40:41:7e:ca:d8:19:f4:3a:32:3f:fe:8a:39:b3:df:55:7f:72: 5b:f2:a5:9a:35:7b:e3:9d:98:4d:49:6b:e3:14:a1:a2:48:58: aa:ab:0f:e0:71:65:2b:e9:43:ef:2e:27:db:fd:87:d3:a1:02: df:90:e8:5e:7e:4e:8d:be:f4:4c:b5:8a:68:f8:80:07:14:df: 74:9a:a3:00:2d:5a:47:70:86:a6:fa:c0:c3:fb:be:6a:6d:49: 6e:71:f2:7d:94:62:97:78:bc:19:69:c3:65:14:ee:4f:ea:b5: e4:c4:84:de:0b:17:08:23:05:93:64:b8:e6:50:36:d9:8c:de: 26:f9:3a:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJ4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U3QTQxMTAvBgNVBAUTKDMwNjQ5MERCNzQ1Qzk1RUM4NjYxNDk5RkZDODI2NDY2 N0JBNjdGOEEwHhcNMjUxMTA1MDYzMzEyWhcNMjUxMTEyMDYzMzEyWjAYMRYwFAYD VQQDEw02OTBhZWZhOC01ZTYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr4Z5Tq/neV2+iLdFPgjMkIn4oGedwB573OQDG9OAN7F1A2MH2CTwX/7fPk+I 1yK/o/WKNarbIyHukD08WktPQRHbLlr/YhWvuLgBNmhst8H3Imi3kq9f66KociQs daW6deIv/OwCMf3dEDfa995aUflCUOR4eFWx7K1JD+sshmrXMWMfkcyoyg4iZIur VHitFqx7/H8F+nHO5pqFTKBlnf2//54fM5Lcww2S8WkehpXXELslC5EQIKmfonUi 4EiIA+Vsevi4LdbeEEeaAhyl1oyFDezXeF33ND2Z5t8eCxYvNpNicAiKiwiPYQAu Hsn3nnbkmm8d/tDUyHdRGRlvTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEPIzZdX xbXbKhV4GNMpJ19oOUW5MB8GA1UdIwQYMBaAFDBkkNt0XJXshmFJn/yCZGZ7pn+K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTdBNC9CODkwREZEMkND MEYxMUVGQTI3OEZENENDNEY5QUUwMi9NR1NRMjNSY2xleUdZVW1mX0lKa1pudW1m NG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL01HU1EyM1JjbGV5R1lVbWZfSUprWm51bWY0by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTdBNC9CODkwREZEMkNDMEYxMUVGQTI3OEZENENDNEY5QUUwMi9NR1NRMjNSY2xl eUdZVW1mX0lKa1pudW1mNG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBIzYQWNEClTHry9B8kfv+n3f1jaYXyRGjCMLLz4vbxytGX2u4B2LW4 i2uQAW+a7g63uZzdQZGKjiACCg94wFWqe1X0Dfpm0J3RYjzx50VXKzFyoncNZIe/ 1Duwwxe2oOhuSs95lkm37p1ph2AFrgphOP/naZjZAs5HHiqdqwxAQX7K2Bn0OjI/ /oo5s99Vf3Jb8qWaNXvjnZhNSWvjFKGiSFiqqw/gcWUr6UPvLifb/YfToQLfkOhe fk6NvvRMtYpo+IAHFN90mqMALVpHcIam+sDD+75qbUlucfJ9lGKXeLwZacNlFO5P 6rXkxITeCxcIIwWTZLjmUDbZjN4m+TpH -----END CERTIFICATE-----Generated at Wed Nov 5 08:58:59 2025 by rpki-client