$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft File: cn1G1OfHecpnYSxgtGVS68IZkPs.mft (raw, json) Hash identifier: lQXEMlVSiYgxDOg6dFepS2wFx2vJgR6Gdy8h5B6Rwok= Subject key identifier: 91:56:74:A9:6E:62:B6:3C:35:46:CB:AD:CF:82:5D:F1:C3:E3:A5:E2 Authority key identifier: 72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB Certificate issuer: /CN=A91D4D97/serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Certificate serial: 04A0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft Manifest number: 049B Signing time: Sun 02 Nov 2025 23:57:23 +0000 Manifest this update: Sun 02 Nov 2025 23:57:22 +0000 Manifest next update: Sun 09 Nov 2025 23:57:22 +0000 Files and hashes: 1: cn1G1OfHecpnYSxgtGVS68IZkPs.crl (hash: ftzRUqLCRk5vghcFLGyy68cxRKDiIwwq0ZZ6KWp8waM=) 2: A9E2BE54567B11ECB346816BC4F9AE02.roa (hash: 6npCQGD8mKRcXKLy4jKCYWBhRpmmG05TZblrhBE83zM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 23:57:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1184 (0x4a0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4D97, serialNumber=727D46D4E7C779CA67612C60B46552EBC21990FB Validity Not Before: Nov 2 23:57:22 2025 GMT Not After : Nov 9 23:57:22 2025 GMT Subject: CN=6907efe3-a921 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1a:62:1c:40:d3:9b:aa:a4:2f:5b:2b:dd:07: c9:af:5c:85:92:4a:6b:c7:ea:78:52:c0:3d:fd:dc: 18:dd:51:53:72:75:6d:89:4e:81:1e:54:73:5a:b9: fd:62:9e:9d:87:f9:62:54:d5:2d:1f:b0:ee:79:a0: b0:82:34:a4:67:a0:09:91:8c:a1:38:5a:11:90:4a: 2b:39:5e:1d:a8:2d:ed:3d:ad:21:06:ca:09:d4:16: d1:a6:51:74:a8:1a:bf:81:5e:fa:e4:bb:63:4f:90: a6:35:69:ee:f7:00:81:05:06:a1:c0:fd:a4:6b:46: 3a:cf:a6:52:f1:98:8a:2c:e7:12:8c:46:b1:77:a8: a4:f3:12:38:95:ba:8a:0f:da:01:86:28:6d:c8:97: b5:3b:72:a7:ad:32:ac:f5:a6:b9:36:cd:50:75:2d: fd:49:5a:13:ff:0e:f0:99:b7:a2:2e:99:94:dd:2e: f8:e4:e8:94:d4:bb:84:21:5d:93:e9:79:44:64:32: 61:ab:19:5c:a2:b9:de:38:e8:52:f5:f7:9d:3e:67: 8b:7b:1e:37:d1:62:2b:1e:81:e0:f1:0a:d8:4d:96: 4d:93:ef:78:cb:a7:3c:13:04:4c:59:1a:eb:ac:51: af:33:71:44:3e:d5:cd:20:c5:a4:b8:87:58:50:db: dd:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 91:56:74:A9:6E:62:B6:3C:35:46:CB:AD:CF:82:5D:F1:C3:E3:A5:E2 X509v3 Authority Key Identifier: keyid:72:7D:46:D4:E7:C7:79:CA:67:61:2C:60:B4:65:52:EB:C2:19:90:FB X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cn1G1OfHecpnYSxgtGVS68IZkPs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4D97/1F6146E0567811EC922A3567C4F9AE02/cn1G1OfHecpnYSxgtGVS68IZkPs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption cb:ab:54:6e:d0:c9:06:6f:e9:3d:f0:0f:5b:4b:a9:86:db:05: 37:38:8d:58:54:f9:9e:75:0a:b9:01:d0:39:71:fb:f8:e9:0b: 07:b7:53:93:aa:9d:0b:b7:15:0b:6e:50:c9:8a:59:2c:a0:7c: da:5f:30:d2:0e:e6:b4:55:5b:06:6c:61:57:88:a0:23:34:4c: a1:08:43:ad:37:c4:c8:d0:23:32:ce:5c:99:66:0b:53:93:56: 2f:49:d4:28:8a:27:a5:ac:a1:38:75:3a:e8:e4:d2:c7:30:69: ac:d5:71:05:64:b3:ba:37:57:41:34:09:34:e2:e9:47:4f:c5: c6:dd:3d:cd:d5:ec:95:ab:5a:bd:cf:ec:66:1c:03:1d:61:7a: 0e:31:54:1b:8d:15:30:5e:43:c6:de:d1:a2:bb:d8:e5:10:ce: 3d:6b:fa:c9:fe:7e:1e:05:2e:d8:73:1f:ce:69:e4:04:3d:50: 7f:a6:c6:e6:04:95:3f:04:ef:aa:54:e7:2c:af:0b:5a:f7:70: 1d:88:e1:61:da:db:5d:be:0d:ec:a6:9d:5a:24:e6:20:0e:e9: 56:ed:d4:16:cd:0b:cf:02:49:18:4d:20:e2:31:7d:0f:64:08: 61:42:0c:4e:d7:1f:41:0d:8a:ec:84:59:a1:4f:cf:4e:df:f8: 36:51:21:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBKAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDREOTcxMTAvBgNVBAUTKDcyN0Q0NkQ0RTdDNzc5Q0E2NzYxMkM2MEI0NjU1MkVC QzIxOTkwRkIwHhcNMjUxMTAyMjM1NzIyWhcNMjUxMTA5MjM1NzIyWjAYMRYwFAYD VQQDEw02OTA3ZWZlMy1hOTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtxpiHEDTm6qkL1sr3QfJr1yFkkprx+p4UsA9/dwY3VFTcnVtiU6BHlRzWrn9 Yp6dh/liVNUtH7DueaCwgjSkZ6AJkYyhOFoRkEorOV4dqC3tPa0hBsoJ1BbRplF0 qBq/gV765LtjT5CmNWnu9wCBBQahwP2ka0Y6z6ZS8ZiKLOcSjEaxd6ik8xI4lbqK D9oBhihtyJe1O3KnrTKs9aa5Ns1QdS39SVoT/w7wmbeiLpmU3S745OiU1LuEIV2T 6XlEZDJhqxlcorneOOhS9fedPmeLex430WIrHoHg8QrYTZZNk+94y6c8EwRMWRrr rFGvM3FEPtXNIMWkuIdYUNvd/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJFWdKlu YrY8NUbLrc+CXfHD46XiMB8GA1UdIwQYMBaAFHJ9RtTnx3nKZ2EsYLRlUuvCGZD7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEQ5Ny8xRjYxNDZFMDU2 NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVjcG5ZU3hndEdWUzY4SVpr UHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NuMUcxT2ZIZWNwbllTeGd0R1ZTNjhJWmtQcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEQ5Ny8xRjYxNDZFMDU2NzgxMUVDOTIyQTM1NjdDNEY5QUUwMi9jbjFHMU9mSGVj cG5ZU3hndEdWUzY4SVprUHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDLq1Ru0MkGb+k98A9bS6mG2wU3OI1YVPmedQq5AdA5cfv46QsHt1OT qp0LtxULblDJilksoHzaXzDSDua0VVsGbGFXiKAjNEyhCEOtN8TI0CMyzlyZZgtT k1YvSdQoiielrKE4dTro5NLHMGms1XEFZLO6N1dBNAk04ulHT8XG3T3N1eyVq1q9 z+xmHAMdYXoOMVQbjRUwXkPG3tGiu9jlEM49a/rJ/n4eBS7Ycx/OaeQEPVB/psbm BJU/BO+qVOcsrwta93AdiOFh2ttdvg3spp1aJOYgDulW7dQWzQvPAkkYTSDiMX0P ZAhhQgxO1x9BDYrshFmhT89O3/g2USFg -----END CERTIFICATE-----Generated at Tue Nov 4 16:03:30 2025 by rpki-client