$ rpki-client -vvf rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft File: XYnzqvmxOgelsmTy3rpk1cUAZRw.mft (raw, json) Hash identifier: 2ZWs6VzdytE2tuAgvkJGzPxhAhHzaKKCOewWDs7N7Vc= Subject key identifier: 7E:30:B4:BC:C7:48:0F:FE:B0:50:50:07:B3:AF:39:E4:77:DF:7D:00 Authority key identifier: 5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C Certificate issuer: /CN=A91D5240/serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Certificate serial: 0218 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft Manifest number: 020D Signing time: Wed 05 Nov 2025 02:25:17 +0000 Manifest this update: Wed 05 Nov 2025 02:25:17 +0000 Manifest next update: Wed 12 Nov 2025 02:25:17 +0000 Files and hashes: 1: XYnzqvmxOgelsmTy3rpk1cUAZRw.crl (hash: cWWebtAjVldR70xw1gmGEe7DjJUkpW0plcZxfBMZ/WE=) 2: 9EA7B7D8A63911ED874E6630C4F9AE02.roa (hash: 6o0EUZvJBerht1y6bzh1g89SRPPeQ5cLEU5AQhJzOAU=) 3: 5DCE1A1AA63C11ED9306165AC4F9AE02.roa (hash: QPGj0eJqXgnGukiRaT/QHSiAaiIAXjZCnZKqvteNQAI=) 4: 9FBA5FCCA63911ED874E6630C4F9AE02.roa (hash: lCV4Wc/C2vG49K6yvqo7KO+pzcjtBqjnxvlmY9cM+oI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:25:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 536 (0x218) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D5240, serialNumber=5D89F3AAF9B13A07A5B264F2DEBA64D5C500651C Validity Not Before: Nov 5 02:25:17 2025 GMT Not After : Nov 12 02:25:17 2025 GMT Subject: CN=690ab58d-44bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:90:ef:d7:81:4c:16:c6:01:3f:da:30:6d:ea: 91:5f:34:12:70:6a:0b:54:cb:66:ed:72:5d:4a:ff: 02:ac:21:8e:9f:6c:e1:33:1e:86:ad:08:11:06:b4: b1:8f:5b:13:73:0f:df:48:67:53:d3:c3:02:ab:10: 7c:9c:28:a2:e0:26:89:a1:69:20:10:f0:f6:41:a8: 10:88:d7:f1:cf:8e:e8:2d:c1:c2:98:a1:3b:91:b1: 4f:09:8e:02:fb:7c:93:c1:bf:fe:da:68:9f:59:f1: 08:79:d8:e0:1a:dc:b7:3d:49:7e:d8:05:34:c5:85: 95:73:94:71:a5:1d:58:70:6b:91:ea:59:16:0b:34: b3:e1:2a:36:64:04:ad:cc:62:f7:ad:2f:9b:f3:4c: b6:03:ee:47:a5:4e:4e:6d:97:48:fe:3a:1d:51:fd: 3e:53:ce:ee:b3:3b:f5:e9:38:ea:c1:db:68:08:c8: 1d:63:6c:6d:61:aa:5f:32:04:82:f1:12:cc:1d:7e: 39:60:24:a3:08:d6:86:00:2f:71:9e:65:45:e0:5b: 21:1a:ae:70:62:83:09:ca:f0:af:d0:73:7a:48:45: c1:c9:7c:3e:dd:54:41:3f:0d:4e:0e:65:3e:6a:77: 3f:4c:19:d0:73:29:a7:21:48:f6:a0:17:5a:43:2c: df:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:30:B4:BC:C7:48:0F:FE:B0:50:50:07:B3:AF:39:E4:77:DF:7D:00 X509v3 Authority Key Identifier: keyid:5D:89:F3:AA:F9:B1:3A:07:A5:B2:64:F2:DE:BA:64:D5:C5:00:65:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XYnzqvmxOgelsmTy3rpk1cUAZRw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D5240/27DDE7D89B7D11EDB3C33F5DC4F9AE02/XYnzqvmxOgelsmTy3rpk1cUAZRw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:53:ae:05:bc:15:2f:00:ec:78:cf:8b:ca:52:b4:68:89:81: c0:3a:fb:d0:89:75:39:a7:b8:a7:2a:4c:7e:e7:b4:60:06:e8: 76:ac:9f:17:2a:c3:62:a9:09:c0:cb:bf:d9:76:dc:26:c8:95: 4b:5e:d6:59:0e:ff:cf:2b:e4:a6:5c:d3:8d:ef:8a:e2:e7:92: 3e:93:a5:ff:74:9a:7c:98:d2:51:7c:2b:69:1a:c3:14:37:f1: 86:31:07:97:26:3a:13:d4:08:99:e5:7b:18:0c:55:0c:5c:6a: 79:26:e8:68:54:3a:d1:da:95:5b:b6:18:b0:8e:e4:f0:d1:f5: 74:ac:8a:3d:86:b5:24:63:c8:55:d4:14:4d:37:64:f2:e0:a8: 6f:11:95:88:55:ec:2c:91:64:2b:67:8d:50:b7:b2:ba:40:4d: 21:cc:27:82:1d:d0:ce:41:e9:e2:57:37:3d:e1:cd:83:65:b5: 90:44:6e:9d:21:e4:87:d9:59:55:a2:69:98:3d:57:4d:d1:0b: f1:d2:9b:57:2a:96:65:5c:bf:c1:02:38:13:75:8a:fc:96:06: 31:3f:90:ca:f2:9e:6d:34:eb:fc:ae:12:bb:02:67:96:a6:4e: a2:73:93:e3:f3:d2:c7:c1:0c:4d:87:44:7b:75:69:af:a3:06: 42:d3:d7:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDUyNDAxMTAvBgNVBAUTKDVEODlGM0FBRjlCMTNBMDdBNUIyNjRGMkRFQkE2NEQ1 QzUwMDY1MUMwHhcNMjUxMTA1MDIyNTE3WhcNMjUxMTEyMDIyNTE3WjAYMRYwFAYD VQQDEw02OTBhYjU4ZC00NGJjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAspDv14FMFsYBP9owbeqRXzQScGoLVMtm7XJdSv8CrCGOn2zhMx6GrQgRBrSx j1sTcw/fSGdT08MCqxB8nCii4CaJoWkgEPD2QagQiNfxz47oLcHCmKE7kbFPCY4C +3yTwb/+2mifWfEIedjgGty3PUl+2AU0xYWVc5RxpR1YcGuR6lkWCzSz4So2ZASt zGL3rS+b80y2A+5HpU5ObZdI/jodUf0+U87uszv16TjqwdtoCMgdY2xtYapfMgSC 8RLMHX45YCSjCNaGAC9xnmVF4FshGq5wYoMJyvCv0HN6SEXByXw+3VRBPw1ODmU+ anc/TBnQcymnIUj2oBdaQyzfCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH4wtLzH SA/+sFBQB7OvOeR3330AMB8GA1UdIwQYMBaAFF2J86r5sToHpbJk8t66ZNXFAGUc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENTI0MC8yN0RERTdEODlC N0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9nZWxzbVR5M3JwazFjVUFa UncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hZbnpxdm14T2dlbHNtVHkzcnBrMWNVQVpSdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NTI0MC8yN0RERTdEODlCN0QxMUVEQjNDMzNGNURDNEY5QUUwMi9YWW56cXZteE9n ZWxzbVR5M3JwazFjVUFaUncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/U64FvBUvAOx4z4vKUrRoiYHAOvvQiXU5p7inKkx+57RgBuh2rJ8X KsNiqQnAy7/ZdtwmyJVLXtZZDv/PK+SmXNON74ri55I+k6X/dJp8mNJRfCtpGsMU N/GGMQeXJjoT1AiZ5XsYDFUMXGp5JuhoVDrR2pVbthiwjuTw0fV0rIo9hrUkY8hV 1BRNN2Ty4KhvEZWIVewskWQrZ41Qt7K6QE0hzCeCHdDOQeniVzc94c2DZbWQRG6d IeSH2VlVommYPVdN0Qvx0ptXKpZlXL/BAjgTdYr8lgYxP5DK8p5tNOv8rhK7AmeW pk6ic5Pj89LHwQxNh0R7dWmvowZC09fd -----END CERTIFICATE-----Generated at Wed Nov 5 15:43:13 2025 by rpki-client