$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: QdBFSca8qPWjB00tpkZ1Vhs0I2KjaK0yGxOmBsZc6qs= Subject key identifier: F7:E2:B3:52:11:2C:3F:AC:16:B7:A9:48:C5:0E:A6:D6:D3:26:5A:C1 Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 028A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 0286 Signing time: Wed 05 Nov 2025 01:42:45 +0000 Manifest this update: Wed 05 Nov 2025 01:42:45 +0000 Manifest next update: Wed 12 Nov 2025 01:42:45 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: 9EH6MtJY48XNHth42WuZOeFb7JxIiqbPjr8eiQxVNik=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: EUxX4jfQlcU/1uY0IOylmxYMPcoOQVgae213RHQG1Xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:42:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 650 (0x28a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Nov 5 01:42:45 2025 GMT Not After : Nov 12 01:42:45 2025 GMT Subject: CN=690aab95-d295 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:54:16:01:4c:68:0a:a6:84:b8:26:67:88:a8: 5a:db:ad:69:fe:da:ba:fa:ae:a5:44:91:a8:7f:d2: ff:5a:35:71:a8:c9:4e:1f:ad:f1:b6:c2:32:4a:be: e6:d9:d9:7b:49:03:d0:9a:f5:66:18:bf:53:73:15: 1f:ad:8e:b8:e4:49:20:d7:f5:30:54:6c:f4:e7:1c: 0c:1f:3a:4d:00:37:ff:1c:2b:dd:ee:36:bc:ff:8a: e5:e0:5c:15:d2:c7:7f:50:0a:b3:5d:6a:47:71:73: f2:85:fe:82:47:6a:f1:d1:45:1d:e3:3b:e8:34:dd: 31:01:9a:f2:c3:d1:14:4e:4e:db:df:a9:c4:db:3f: 0f:9b:f6:cb:25:07:31:3b:0e:48:33:b5:38:6c:3a: 70:02:f4:dc:63:66:48:a6:3f:27:52:a8:82:7a:ee: a5:52:b9:95:09:c1:57:7a:fb:b6:87:9e:4d:0c:58: 80:d6:1f:ef:82:b9:54:1b:76:a5:df:3d:2b:b3:65: 3a:3b:b9:74:ee:80:f4:26:77:a7:cc:53:95:ca:d2: 8b:4a:7b:b0:44:21:ca:bf:23:3e:39:3f:50:08:44: 96:f7:ca:b4:d4:be:fe:a8:e1:d4:ca:31:0a:f3:c9: f2:ce:c4:73:d8:50:8f:71:84:f4:fb:2a:e5:fd:85: 91:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F7:E2:B3:52:11:2C:3F:AC:16:B7:A9:48:C5:0E:A6:D6:D3:26:5A:C1 X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 68:90:10:46:7b:b1:ce:0c:f8:ad:a7:c3:14:ea:42:db:b8:29: a8:db:f9:a6:2a:5c:19:4c:43:42:21:e2:fe:d1:c2:8b:50:31: 3a:df:ba:1a:83:a9:57:1d:d8:c8:4b:0f:dd:c0:38:95:f1:4b: c6:3a:37:81:26:9e:83:e4:29:2c:4e:da:f2:96:cf:59:ed:37: a6:ef:ca:40:ce:49:8a:5b:43:2a:92:ae:ae:78:fa:d1:2b:1e: 00:e8:88:6a:1c:eb:d7:62:9f:d1:e2:9c:ea:84:04:ca:c2:27: f8:9e:f1:d2:2c:a4:d6:99:9a:61:f1:ed:9b:92:35:f0:28:cc: 40:5c:65:82:35:d6:3b:69:5b:e6:fb:64:3a:e4:55:d1:de:c1: ef:8d:45:46:44:dd:6a:16:b8:d3:65:fd:32:c5:9c:7f:c7:02: e2:f7:38:a5:70:aa:c1:7c:40:06:a5:03:0f:6e:0b:22:ba:93: 64:db:a8:ba:eb:db:3e:62:db:3c:e6:3d:75:af:d4:da:94:90: 53:f1:5a:5f:30:fb:01:6f:0e:fc:2e:1c:a6:54:12:cf:55:a5: c2:f2:43:57:98:fa:3c:2a:a9:14:c5:64:e3:cd:13:b4:06:40: 27:8f:84:7e:8f:31:ed:a6:f7:56:2f:86:ff:45:75:73:af:29: 88:d8:c2:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUxMTA1MDE0MjQ1WhcNMjUxMTEyMDE0MjQ1WjAYMRYwFAYD VQQDEw02OTBhYWI5NS1kMjk1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2FQWAUxoCqaEuCZniKha261p/tq6+q6lRJGof9L/WjVxqMlOH63xtsIySr7m 2dl7SQPQmvVmGL9TcxUfrY645Ekg1/UwVGz05xwMHzpNADf/HCvd7ja8/4rl4FwV 0sd/UAqzXWpHcXPyhf6CR2rx0UUd4zvoNN0xAZryw9EUTk7b36nE2z8Pm/bLJQcx Ow5IM7U4bDpwAvTcY2ZIpj8nUqiCeu6lUrmVCcFXevu2h55NDFiA1h/vgrlUG3al 3z0rs2U6O7l07oD0JnenzFOVytKLSnuwRCHKvyM+OT9QCESW98q01L7+qOHUyjEK 88nyzsRz2FCPcYT0+yrl/YWRhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPfis1IR LD+sFrepSMUOptbTJlrBMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBokBBGe7HODPitp8MU6kLbuCmo2/mmKlwZTENCIeL+0cKLUDE637oa g6lXHdjISw/dwDiV8UvGOjeBJp6D5CksTtryls9Z7Tem78pAzkmKW0Mqkq6uePrR Kx4A6IhqHOvXYp/R4pzqhATKwif4nvHSLKTWmZph8e2bkjXwKMxAXGWCNdY7aVvm +2Q65FXR3sHvjUVGRN1qFrjTZf0yxZx/xwLi9zilcKrBfEAGpQMPbgsiupNk26i6 69s+Yts85j11r9TalJBT8VpfMPsBbw78LhymVBLPVaXC8kNXmPo8KqkUxWTjzRO0 BkAnj4R+jzHtpvdWL4b/RXVzrymI2MKN -----END CERTIFICATE-----Generated at Wed Nov 5 22:44:40 2025 by rpki-client