$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft File: XDfN_Mjp6QxBFko5HukDtN5U37E.mft (raw, json) Hash identifier: xDwoDtbtSp4Y+7fM+ACZn8+vx9MOZUnHlCeIajk5h4w= Subject key identifier: A8:5E:45:E9:58:5F:22:A6:86:7C:B8:60:40:35:96:A8:E1:A4:41:91 Authority key identifier: 5C:37:CD:FC:C8:E9:E9:0C:41:16:4A:39:1E:E9:03:B4:DE:54:DF:B1 Certificate issuer: /CN=A91D1EBA/serialNumber=5C37CDFCC8E9E90C41164A391EE903B4DE54DFB1 Certificate serial: 0693 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDfN_Mjp6QxBFko5HukDtN5U37E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft Manifest number: 068D Signing time: Tue 04 Nov 2025 22:30:52 +0000 Manifest this update: Tue 04 Nov 2025 22:30:51 +0000 Manifest next update: Tue 11 Nov 2025 22:30:51 +0000 Files and hashes: 1: XDfN_Mjp6QxBFko5HukDtN5U37E.crl (hash: achLflnfj7LxBDWa7vNy4Y/Z50ShCHF8F14yjdn0LfI=) 2: A14BDCE491EB11EBAD7A1530C4F9AE02.roa (hash: NSWzyjE2HPsrPxuhTouX2YNe98sTsio9BMgnAVmwnyg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.crl rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDfN_Mjp6QxBFko5HukDtN5U37E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:30:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1683 (0x693) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1EBA, serialNumber=5C37CDFCC8E9E90C41164A391EE903B4DE54DFB1 Validity Not Before: Nov 4 22:30:51 2025 GMT Not After : Nov 11 22:30:51 2025 GMT Subject: CN=690a7e9c-a343 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:b4:54:c3:99:82:54:da:95:fd:6a:48:38:fd: 88:15:a3:54:4a:f4:23:ae:e7:a3:2c:97:0a:ee:ac: c4:4d:1c:82:b9:f5:49:52:29:c7:25:ca:1d:c9:1f: de:82:a5:c5:1d:5c:09:a9:64:b7:e2:54:c2:e3:29: 35:40:9b:1a:0a:5e:2d:45:9f:e4:f4:c0:6e:98:6e: eb:1c:e1:2e:9f:8d:f7:81:42:d1:3b:f7:4c:e7:02: eb:1c:30:68:90:d5:52:94:74:b4:ff:c1:3c:5c:ba: db:af:4d:98:b5:36:45:a5:cc:e2:b4:94:e9:52:e6: 66:e5:5b:2e:cc:8b:e6:0a:ea:62:b4:4b:3b:fd:be: e9:41:a0:54:09:aa:a4:82:57:2a:bd:e0:a8:74:b0: 1b:0b:33:c0:63:dc:02:95:55:9e:4f:19:bf:d0:f0: f9:71:b1:f7:17:25:17:35:91:75:dd:91:6b:da:a8: 99:e0:af:1a:10:b4:2c:85:d9:80:fd:0f:8e:ee:31: 1d:78:10:41:3d:6d:6f:c9:f2:47:fe:ab:9c:18:20: 9c:76:08:19:4f:c4:01:29:6f:04:b1:df:d8:8e:42: d5:aa:61:27:86:6a:a7:dc:3d:4e:e2:e8:2c:87:a2: 69:9b:e9:12:5a:f4:0e:23:c3:91:9f:04:f8:23:c7: 5b:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A8:5E:45:E9:58:5F:22:A6:86:7C:B8:60:40:35:96:A8:E1:A4:41:91 X509v3 Authority Key Identifier: keyid:5C:37:CD:FC:C8:E9:E9:0C:41:16:4A:39:1E:E9:03:B4:DE:54:DF:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDfN_Mjp6QxBFko5HukDtN5U37E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1EBA/8394E25091EA11EBAADBF92FC4F9AE02/XDfN_Mjp6QxBFko5HukDtN5U37E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:cc:45:92:79:15:f9:79:41:f7:7a:44:fa:07:af:89:e7:4e: 8e:da:7a:9f:59:77:de:03:41:f9:00:fe:c8:51:2a:fd:54:68: 2f:bc:95:13:c7:a6:ea:db:58:80:cb:20:dd:ec:eb:90:56:2d: 3c:8f:82:1a:d0:cf:47:05:71:bb:47:ea:58:06:4e:65:5e:7c: 2a:0a:58:3c:2e:a1:98:1e:ab:d4:fc:89:ef:22:1e:03:8e:a9: 77:9c:5c:46:c1:b8:f5:d4:0d:27:2a:48:0a:c2:5b:1f:82:d2: 25:8b:1d:9f:47:b7:32:70:b0:da:ba:c1:2b:4e:ff:4c:0a:cb: 64:a9:4d:77:0e:52:ac:18:3f:a1:5f:5b:94:e6:3c:e9:99:06: 9c:64:38:c5:5a:2d:be:f9:04:e9:58:1d:b9:19:f0:95:2e:4a: 72:80:be:bf:1a:04:4e:40:e5:c8:c5:4d:e5:98:0a:de:b2:c3: cb:7e:68:75:c6:a0:0d:3e:b3:fb:63:d9:b5:58:13:c3:9f:4c: fc:b1:06:0e:e9:3d:2f:58:1a:d1:78:6a:ae:00:27:ad:12:e1: f2:36:13:9e:13:9b:c9:89:30:98:7f:22:70:43:64:07:b0:ae: f1:23:ad:9b:b8:b0:e4:78:5a:1e:51:45:23:e9:60:59:6c:e4: b2:9c:ba:14 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDFFQkExMTAvBgNVBAUTKDVDMzdDREZDQzhFOUU5MEM0MTE2NEEzOTFFRTkwM0I0 REU1NERGQjEwHhcNMjUxMTA0MjIzMDUxWhcNMjUxMTExMjIzMDUxWjAYMRYwFAYD VQQDEw02OTBhN2U5Yy1hMzQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3rRUw5mCVNqV/WpIOP2IFaNUSvQjruejLJcK7qzETRyCufVJUinHJcodyR/e gqXFHVwJqWS34lTC4yk1QJsaCl4tRZ/k9MBumG7rHOEun433gULRO/dM5wLrHDBo kNVSlHS0/8E8XLrbr02YtTZFpczitJTpUuZm5VsuzIvmCupitEs7/b7pQaBUCaqk glcqveCodLAbCzPAY9wClVWeTxm/0PD5cbH3FyUXNZF13ZFr2qiZ4K8aELQshdmA /Q+O7jEdeBBBPW1vyfJH/qucGCCcdggZT8QBKW8Esd/YjkLVqmEnhmqn3D1O4ugs h6Jpm+kSWvQOI8ORnwT4I8dbmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKheRelY XyKmhny4YEA1lqjhpEGRMB8GA1UdIwQYMBaAFFw3zfzI6ekMQRZKOR7pA7TeVN+x MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMUVCQS84Mzk0RTI1MDkx RUExMUVCQUFEQkY5MkZDNEY5QUUwMi9YRGZOX01qcDZReEJGa281SHVrRHRONVUz N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEZk5fTWpwNlF4QkZrbzVIdWtEdE41VTM3RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MUVCQS84Mzk0RTI1MDkxRUExMUVCQUFEQkY5MkZDNEY5QUUwMi9YRGZOX01qcDZR eEJGa281SHVrRHRONVUzN0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJzEWSeRX5eUH3ekT6B6+J506O2nqfWXfeA0H5AP7IUSr9VGgvvJUT x6bq21iAyyDd7OuQVi08j4Ia0M9HBXG7R+pYBk5lXnwqClg8LqGYHqvU/InvIh4D jql3nFxGwbj11A0nKkgKwlsfgtIlix2fR7cycLDausErTv9MCstkqU13DlKsGD+h X1uU5jzpmQacZDjFWi2++QTpWB25GfCVLkpygL6/GgROQOXIxU3lmAressPLfmh1 xqANPrP7Y9m1WBPDn0z8sQYO6T0vWBrReGquACetEuHyNhOeE5vJiTCYfyJwQ2QH sK7xI62buLDkeFoeUUUj6WBZbOSynLoU -----END CERTIFICATE-----Generated at Wed Nov 5 19:47:29 2025 by rpki-client