$ rpki-client -vvf rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft File: 3IDIXlEBCJqyQl0_yRd5haASXG4.mft (raw, json) Hash identifier: cqo+7lkjY0hY4chrI2iMaxMbwiKnMpDMmkEfSL4ANIA= Subject key identifier: 61:0D:04:DD:82:68:21:C0:9B:ED:13:FF:CB:89:53:9C:AC:E4:00:EB Authority key identifier: DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E Certificate issuer: /CN=A91D74A6/serialNumber=DC80C85E5101089AB2425D3FC9177985A0125C6E Certificate serial: AB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft Manifest number: A3 Signing time: Mon 03 Nov 2025 06:25:43 +0000 Manifest this update: Mon 03 Nov 2025 06:25:43 +0000 Manifest next update: Mon 10 Nov 2025 06:25:43 +0000 Files and hashes: 1: 3IDIXlEBCJqyQl0_yRd5haASXG4.crl (hash: Oqkl3FGQGIJnmV8JxoeSvohrEyywkjw3CZYBKvb0EDQ=) 2: 727850D8D3EF11EFB596E00CC4F9AE02.roa (hash: hvte1LGzH8lQs5HlVIeT4otbezAzwXIr7d7vqIECmd8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.crl rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 06:25:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 171 (0xab) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D74A6, serialNumber=DC80C85E5101089AB2425D3FC9177985A0125C6E Validity Not Before: Nov 3 06:25:43 2025 GMT Not After : Nov 10 06:25:43 2025 GMT Subject: CN=69084ae7-73f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:71:6c:2a:02:2d:1e:fc:dd:3a:8d:c6:79:d7: ab:5b:f1:7f:02:76:2a:5d:db:24:98:61:3b:35:04: 15:9e:e8:50:f0:1d:fd:49:9f:86:84:6f:b5:71:86: 8a:80:ac:53:c4:81:83:8b:45:bd:b0:d7:c2:bd:63: 31:c4:76:48:20:95:93:4f:9c:6a:98:eb:a3:f0:16: 94:80:a5:75:0a:fc:9a:8e:84:9f:e0:5d:f8:b2:9a: 90:b9:b2:89:90:2b:5d:a1:97:8b:a5:cb:5c:42:11: 43:64:ad:01:34:c5:f0:02:ea:9c:29:c7:63:39:09: 85:3f:0b:52:a3:c6:1b:79:3d:e1:98:cb:9f:0f:d4: 59:b9:54:7a:ce:46:52:c1:aa:8d:b2:50:94:d6:29: f9:25:9d:ed:9e:98:00:d8:b3:08:78:a6:97:84:bc: 58:73:b7:02:d1:81:51:62:17:cb:0c:3b:b7:00:f9: 9c:6f:73:ec:db:f0:df:b2:3d:8a:41:df:60:61:12: c9:2c:90:ae:e5:a1:69:94:91:00:7e:1b:d5:bd:28: 69:95:cf:54:4e:84:21:e6:07:78:0c:fa:70:a3:22: e5:0e:cf:6b:89:7b:4f:e4:b5:33:62:ad:a0:0b:21: fa:64:70:bd:3e:c4:e7:4c:02:0f:a0:75:85:38:fc: 2b:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:0D:04:DD:82:68:21:C0:9B:ED:13:FF:CB:89:53:9C:AC:E4:00:EB X509v3 Authority Key Identifier: keyid:DC:80:C8:5E:51:01:08:9A:B2:42:5D:3F:C9:17:79:85:A0:12:5C:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3IDIXlEBCJqyQl0_yRd5haASXG4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D74A6/7171BBF2D19C11EF83CEAD3CC4F9AE02/3IDIXlEBCJqyQl0_yRd5haASXG4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:d8:e8:55:0b:15:cb:d3:b7:e4:dd:6e:63:fe:e9:65:90:3a: b3:be:9a:1a:fa:a6:ac:5d:e1:39:38:53:9b:9e:0e:02:7a:9f: 52:04:7d:77:7b:3d:35:39:b5:92:9a:27:8e:2f:b1:17:63:f3: d6:10:51:83:7f:67:f8:a3:6b:35:12:69:c2:96:b6:9f:42:bb: b0:34:02:6a:28:72:48:ce:7c:31:b3:f1:d1:4f:da:72:af:be: df:e3:b8:25:31:9b:c7:ad:7e:1a:6c:97:5a:00:dc:8a:5d:76: 30:5f:4d:22:03:d3:cc:3d:02:51:11:1b:76:13:84:37:43:35: 19:69:52:63:4a:0c:eb:97:14:34:3f:cc:cf:8c:c8:bd:71:d8: 68:2d:0e:f8:5f:c2:75:9f:dc:c9:f7:d2:47:c8:c5:d5:47:5f: fa:4f:10:47:96:8a:66:1e:70:89:06:9d:d7:d8:4b:ba:fb:38: f4:b1:83:39:9b:87:05:be:96:c7:b8:0b:1b:e3:19:fd:60:14: f3:81:66:77:ab:6d:3f:7e:60:33:09:cc:52:66:70:c0:b3:5d: 69:8b:4c:b2:0d:43:a6:ba:09:5b:91:92:b7:e2:91:4b:a1:19: d8:43:f5:99:57:df:3a:2f:d6:0e:c2:bf:72:6a:e4:a3:4e:fa: 3e:c5:e3:1d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDc0QTYxMTAvBgNVBAUTKERDODBDODVFNTEwMTA4OUFCMjQyNUQzRkM5MTc3OTg1 QTAxMjVDNkUwHhcNMjUxMTAzMDYyNTQzWhcNMjUxMTEwMDYyNTQzWjAYMRYwFAYD VQQDEw02OTA4NGFlNy03M2YxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6HFsKgItHvzdOo3GederW/F/AnYqXdskmGE7NQQVnuhQ8B39SZ+GhG+1cYaK gKxTxIGDi0W9sNfCvWMxxHZIIJWTT5xqmOuj8BaUgKV1CvyajoSf4F34spqQubKJ kCtdoZeLpctcQhFDZK0BNMXwAuqcKcdjOQmFPwtSo8YbeT3hmMufD9RZuVR6zkZS waqNslCU1in5JZ3tnpgA2LMIeKaXhLxYc7cC0YFRYhfLDDu3APmcb3Ps2/Dfsj2K Qd9gYRLJLJCu5aFplJEAfhvVvShplc9UToQh5gd4DPpwoyLlDs9riXtP5LUzYq2g CyH6ZHC9PsTnTAIPoHWFOPwrGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGENBN2C aCHAm+0T/8uJU5ys5ADrMB8GA1UdIwQYMBaAFNyAyF5RAQiaskJdP8kXeYWgElxu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENzRBNi83MTcxQkJGMkQx OUMxMUVGODNDRUFEM0NDNEY5QUUwMi8zSURJWGxFQkNKcXlRbDBfeVJkNWhhQVNY RzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNJRElYbEVCQ0pxeVFsMF95UmQ1aGFBU1hHNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NzRBNi83MTcxQkJGMkQxOUMxMUVGODNDRUFEM0NDNEY5QUUwMi8zSURJWGxFQkNK cXlRbDBfeVJkNWhhQVNYRzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZ2OhVCxXL07fk3W5j/ullkDqzvpoa+qasXeE5OFObng4Cep9SBH13 ez01ObWSmieOL7EXY/PWEFGDf2f4o2s1EmnClrafQruwNAJqKHJIznwxs/HRT9py r77f47glMZvHrX4abJdaANyKXXYwX00iA9PMPQJRERt2E4Q3QzUZaVJjSgzrlxQ0 P8zPjMi9cdhoLQ74X8J1n9zJ99JHyMXVR1/6TxBHlopmHnCJBp3X2Eu6+zj0sYM5 m4cFvpbHuAsb4xn9YBTzgWZ3q20/fmAzCcxSZnDAs11pi0yyDUOmuglbkZK34pFL oRnYQ/WZV986L9YOwr9yauSjTvo+xeMd -----END CERTIFICATE-----Generated at Tue Nov 4 19:02:39 2025 by rpki-client