$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft File: yoXhM8HiOWFMnFd4ARi9swlSjnY.mft (raw, json) Hash identifier: KfQN1Ew4oTvjW1pSl+qHYdmbPWmOVvjgFEfZsODf6b0= Subject key identifier: F5:B2:49:66:68:18:FE:78:EB:2C:D6:9B:8F:2F:C0:26:C6:C2:52:43 Authority key identifier: CA:85:E1:33:C1:E2:39:61:4C:9C:57:78:01:18:BD:B3:09:52:8E:76 Certificate issuer: /CN=A91DC42E/serialNumber=CA85E133C1E239614C9C57780118BDB309528E76 Certificate serial: 07E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft Manifest number: 07DD Signing time: Sun 02 Nov 2025 21:08:05 +0000 Manifest this update: Sun 02 Nov 2025 21:08:04 +0000 Manifest next update: Sun 09 Nov 2025 21:08:04 +0000 Files and hashes: 1: yoXhM8HiOWFMnFd4ARi9swlSjnY.crl (hash: my/6woiOK1XGhmzEc9tVPneOaJuqQ4kGZ9fqnkhGE38=) 2: 4AAD8CFE0D1E11EB83C9B637C4F9AE02.roa (hash: dqlBL+Mvfc+xCr3YIFtIl73lm9u/ZT3pHNyxLQdBwx0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.crl rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 21:08:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2020 (0x7e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC42E, serialNumber=CA85E133C1E239614C9C57780118BDB309528E76 Validity Not Before: Nov 2 21:08:04 2025 GMT Not After : Nov 9 21:08:04 2025 GMT Subject: CN=6907c834-08f1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:57:dc:97:61:6e:9a:ff:35:bb:72:ae:63:79: f8:29:0f:90:1d:ce:20:da:dc:41:16:b1:2a:21:22: e1:05:40:41:23:b6:1d:e1:d1:b6:e5:e9:aa:95:74: d8:d0:31:e6:f4:dc:1f:e8:72:0d:ea:ad:10:36:ae: e6:98:7c:da:3b:9e:63:97:c5:95:ea:9c:78:9e:be: a3:b3:66:00:63:9a:cd:4a:b6:7f:5b:b2:8c:8c:d7: 20:67:c6:15:87:9f:4b:47:72:58:ab:64:e1:bb:e2: 0f:61:94:45:15:a9:57:12:79:b3:9b:5a:5f:da:d3: 19:55:8c:76:91:ae:ec:0c:98:b0:f2:c9:01:b8:93: 25:25:3e:27:9a:c0:77:2a:55:3d:56:37:9e:20:5b: 3d:b0:03:72:b9:3f:22:ef:70:6e:12:87:e2:2a:0d: 41:da:c1:16:d4:b0:cd:22:8b:e4:34:75:03:f2:ce: 67:0f:84:66:cf:c1:1b:38:be:22:a9:c6:81:1e:88: f9:eb:eb:67:8c:2f:4a:7f:9a:0f:48:02:9f:9c:51: 8f:e0:5d:f4:f8:19:29:92:de:d2:9e:c4:ed:49:06: 97:89:42:1b:ce:c0:f9:88:a3:48:af:1b:99:c1:fd: f3:66:e1:00:65:d3:5d:37:09:8b:ce:ba:f1:d4:98: 0a:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F5:B2:49:66:68:18:FE:78:EB:2C:D6:9B:8F:2F:C0:26:C6:C2:52:43 X509v3 Authority Key Identifier: keyid:CA:85:E1:33:C1:E2:39:61:4C:9C:57:78:01:18:BD:B3:09:52:8E:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/yoXhM8HiOWFMnFd4ARi9swlSjnY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC42E/D6A7FF480D1711EBA741A50AC4F9AE02/yoXhM8HiOWFMnFd4ARi9swlSjnY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1e:3a:5e:4e:e0:6c:52:5b:f1:fc:72:43:ee:55:3c:06:fa:75: b4:91:fa:1f:3c:0f:16:0f:17:37:71:85:39:4e:8f:59:72:7a: ae:0e:78:92:68:78:fb:31:41:3e:a5:c6:02:df:ca:9f:bf:a9: 40:47:a3:c6:33:d7:92:6d:3b:14:d2:d4:e4:c6:ff:be:45:f6: 98:51:99:16:f3:17:9b:7d:9c:7c:e3:d5:d3:09:6a:09:a5:9c: 58:fa:61:32:4c:08:8e:70:97:96:1f:76:c4:98:6e:21:d6:24: cd:73:a1:d7:4e:38:28:b1:70:b8:4a:67:0c:18:9e:77:3f:f3: 53:50:37:18:c1:75:09:e5:5a:70:60:4c:47:f2:6f:ca:e4:2b: 7c:7a:b9:e5:83:9e:af:5f:29:2e:40:e2:00:dc:9f:6d:26:1a: 4f:44:27:e2:9b:63:90:7c:4d:ba:3c:ce:9c:a6:83:66:b2:f5: f0:33:5f:e7:c5:af:73:2a:a6:06:66:4d:f7:ba:34:31:3d:0a: 45:1b:40:0a:d4:80:e7:3a:cd:ec:05:0b:93:57:e1:0f:76:86: fc:9e:e7:2b:07:2c:67:d0:b4:4e:90:a6:2c:0f:03:04:54:9d: 27:40:ca:ed:1a:35:40:7a:70:ab:74:0b:80:42:db:e6:d5:08: 05:db:17:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB+QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM0MkUxMTAvBgNVBAUTKENBODVFMTMzQzFFMjM5NjE0QzlDNTc3ODAxMThCREIz MDk1MjhFNzYwHhcNMjUxMTAyMjEwODA0WhcNMjUxMTA5MjEwODA0WjAYMRYwFAYD VQQDEw02OTA3YzgzNC0wOGYxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvFfcl2Fumv81u3KuY3n4KQ+QHc4g2txBFrEqISLhBUBBI7Yd4dG25emqlXTY 0DHm9Nwf6HIN6q0QNq7mmHzaO55jl8WV6px4nr6js2YAY5rNSrZ/W7KMjNcgZ8YV h59LR3JYq2Thu+IPYZRFFalXEnmzm1pf2tMZVYx2ka7sDJiw8skBuJMlJT4nmsB3 KlU9VjeeIFs9sANyuT8i73BuEofiKg1B2sEW1LDNIovkNHUD8s5nD4Rmz8EbOL4i qcaBHoj56+tnjC9Kf5oPSAKfnFGP4F30+Bkpkt7SnsTtSQaXiUIbzsD5iKNIrxuZ wf3zZuEAZdNdNwmLzrrx1JgKvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPWySWZo GP546yzWm48vwCbGwlJDMB8GA1UdIwQYMBaAFMqF4TPB4jlhTJxXeAEYvbMJUo52 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzQyRS9ENkE3RkY0ODBE MTcxMUVCQTc0MUE1MEFDNEY5QUUwMi95b1hoTThIaU9XRk1uRmQ0QVJpOXN3bFNq blkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lvWGhNOEhpT1dGTW5GZDRBUmk5c3dsU2puWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzQyRS9ENkE3RkY0ODBEMTcxMUVCQTc0MUE1MEFDNEY5QUUwMi95b1hoTThIaU9X Rk1uRmQ0QVJpOXN3bFNqblkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAeOl5O4GxSW/H8ckPuVTwG+nW0kfofPA8WDxc3cYU5To9ZcnquDniS aHj7MUE+pcYC38qfv6lAR6PGM9eSbTsU0tTkxv++RfaYUZkW8xebfZx849XTCWoJ pZxY+mEyTAiOcJeWH3bEmG4h1iTNc6HXTjgosXC4SmcMGJ53P/NTUDcYwXUJ5Vpw YExH8m/K5Ct8ernlg56vXykuQOIA3J9tJhpPRCfim2OQfE26PM6cpoNmsvXwM1/n xa9zKqYGZk33ujQxPQpFG0AK1IDnOs3sBQuTV+EPdob8nucrByxn0LROkKYsDwME VJ0nQMrtGjVAenCrdAuAQtvm1QgF2xeb -----END CERTIFICATE-----Generated at Tue Nov 4 12:34:51 2025 by rpki-client