$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft File: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft (raw, json) Hash identifier: QVDALxBFWz3t5LARVNfpbrU2Zvk3LlWNqbIpvqdDv3A= Subject key identifier: AC:DF:D2:77:E6:76:C4:2D:2C:22:65:C6:74:EB:84:F1:6A:5C:7B:EB Authority key identifier: 8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E Certificate issuer: /CN=A91D4413/serialNumber=8AA8786526852346839372631DFB09984BC3005E Certificate serial: 0AE1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft Manifest number: 2BE8 Signing time: Tue 04 Nov 2025 16:02:21 +0000 Manifest this update: Tue 04 Nov 2025 16:02:20 +0000 Manifest next update: Tue 11 Nov 2025 16:02:20 +0000 Files and hashes: 1: iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl (hash: ZafOTv/nwX7C/iTl4vJdFoop1q9mokP4Rd0Y899yjD0=) 2: DD7FC172E17D11EFAC0A7E29C4F9AE02.roa (hash: iuR0hKy1te9ReiQAcpbPM6UF6bcHMIJQ871N78hvW5A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:02:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2785 (0xae1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4413, serialNumber=8AA8786526852346839372631DFB09984BC3005E Validity Not Before: Nov 4 16:02:20 2025 GMT Not After : Nov 11 16:02:20 2025 GMT Subject: CN=690a238c-6e31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:26:c1:ae:ff:40:ab:65:d8:1e:1d:6d:4e:a9: d9:c1:e9:fe:14:60:fa:25:3d:73:0d:b7:2a:4e:f9: 08:61:cc:59:74:a2:41:44:b1:72:bf:8a:c0:7a:e2: b3:9b:b4:a8:3c:9c:ba:79:61:7e:5d:cd:84:41:86: 48:45:17:2d:a9:b5:c9:6d:08:01:0d:98:eb:fd:cd: b9:a0:0d:1a:22:08:bf:30:e2:0a:bc:bd:26:47:0a: 2e:93:27:2a:aa:f6:69:66:b8:3b:76:10:57:db:28: 62:f3:45:e1:71:f0:fb:62:14:26:6a:62:59:b4:76: 30:fd:7c:05:c4:d4:c9:cb:6b:4e:b1:81:4e:96:6f: b5:39:2d:84:7e:7b:ab:81:cc:ba:6b:ac:e3:69:dc: dd:57:e8:50:8b:5c:1e:ed:54:b4:f5:ae:94:bd:f5: db:2c:aa:b5:17:6a:97:6b:29:5b:48:c5:8e:32:aa: 67:c0:a0:0d:a9:af:05:51:bf:72:18:05:2d:b3:fc: bd:78:5e:9a:c9:e1:e8:96:8c:10:4f:1b:30:d6:ab: 9f:fd:67:b4:5e:91:62:07:ea:18:46:3f:aa:01:55: a9:6e:ca:08:1a:51:b1:20:c1:99:4f:37:f3:40:f5: 8d:3e:1f:f7:cf:27:7f:ae:60:6e:c2:5a:99:a1:87: d3:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AC:DF:D2:77:E6:76:C4:2D:2C:22:65:C6:74:EB:84:F1:6A:5C:7B:EB X509v3 Authority Key Identifier: keyid:8A:A8:78:65:26:85:23:46:83:93:72:63:1D:FB:09:98:4B:C3:00:5E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4413/0816E754FFB411E59443102CC4F9AE02/iqh4ZSaFI0aDk3JjHfsJmEvDAF4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:fe:a7:6b:f8:41:5a:d3:71:32:bb:1e:d6:a4:b2:d0:69:97: 97:53:cd:86:e3:76:d1:ab:d1:07:3e:40:5e:d9:31:87:6d:43: ed:a2:70:c3:34:e6:8a:3d:99:15:03:84:cf:9c:a5:38:38:58: 03:49:b1:66:47:e4:4d:83:35:f0:5d:ea:48:61:c1:f0:38:b7: 13:38:65:69:29:2e:9f:9b:66:a0:89:4c:48:58:40:06:a5:d6: 86:95:89:75:91:1b:e1:f5:22:3e:60:f6:22:8b:37:e4:6e:b4: be:1f:20:17:c2:1b:89:33:84:22:8e:93:e5:b0:97:5f:4b:43: 01:a0:14:a8:dd:b0:0b:80:bf:84:77:db:a0:9f:32:22:4a:a0: 9e:b5:fe:25:a3:88:37:5a:cd:91:27:72:94:cc:ed:98:20:ed: d4:6f:9a:6a:78:83:a4:9a:09:3a:e9:e2:81:7b:1a:b4:17:2e: 2b:b2:ae:db:b1:f7:16:dd:d0:74:5e:5f:ae:0d:41:03:1a:3d: 97:c3:a9:28:4d:61:b2:8f:cd:7e:b3:f6:0a:e9:e2:fe:92:97: b0:fb:b4:15:73:c1:11:e0:d2:f2:b1:ca:0b:47:a0:f8:c1:9f: dd:71:19:b4:58:7a:fb:be:48:89:27:c0:b5:a1:fd:0b:ca:08: c9:71:87:9c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCuEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ0MTMxMTAvBgNVBAUTKDhBQTg3ODY1MjY4NTIzNDY4MzkzNzI2MzFERkIwOTk4 NEJDMzAwNUUwHhcNMjUxMTA0MTYwMjIwWhcNMjUxMTExMTYwMjIwWjAYMRYwFAYD VQQDEw02OTBhMjM4Yy02ZTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4ybBrv9Aq2XYHh1tTqnZwen+FGD6JT1zDbcqTvkIYcxZdKJBRLFyv4rAeuKz m7SoPJy6eWF+Xc2EQYZIRRctqbXJbQgBDZjr/c25oA0aIgi/MOIKvL0mRwoukycq qvZpZrg7dhBX2yhi80XhcfD7YhQmamJZtHYw/XwFxNTJy2tOsYFOlm+1OS2Efnur gcy6a6zjadzdV+hQi1we7VS09a6UvfXbLKq1F2qXaylbSMWOMqpnwKANqa8FUb9y GAUts/y9eF6ayeHolowQTxsw1quf/We0XpFiB+oYRj+qAVWpbsoIGlGxIMGZTzfz QPWNPh/3zyd/rmBuwlqZoYfTAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKzf0nfm dsQtLCJlxnTrhPFqXHvrMB8GA1UdIwQYMBaAFIqoeGUmhSNGg5NyYx37CZhLwwBe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDQxMy8wODE2RTc1NEZG QjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkwYURrM0pqSGZzSm1FdkRB RjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2lxaDRaU2FGSTBhRGszSmpIZnNKbUV2REFGNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDQxMy8wODE2RTc1NEZGQjQxMUU1OTQ0MzEwMkNDNEY5QUUwMi9pcWg0WlNhRkkw YURrM0pqSGZzSm1FdkRBRjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC2/qdr+EFa03Eyux7WpLLQaZeXU82G43bRq9EHPkBe2TGHbUPtonDD NOaKPZkVA4TPnKU4OFgDSbFmR+RNgzXwXepIYcHwOLcTOGVpKS6fm2agiUxIWEAG pdaGlYl1kRvh9SI+YPYiizfkbrS+HyAXwhuJM4QijpPlsJdfS0MBoBSo3bALgL+E d9ugnzIiSqCetf4lo4g3Ws2RJ3KUzO2YIO3Ub5pqeIOkmgk66eKBexq0Fy4rsq7b sfcW3dB0Xl+uDUEDGj2Xw6koTWGyj81+s/YK6eL+kpew+7QVc8ER4NLyscoLR6D4 wZ/dcRm0WHr7vkiJJ8C1of0LygjJcYec -----END CERTIFICATE-----Generated at Wed Nov 5 15:04:00 2025 by rpki-client