$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: PNVCr9eBog1DQ8Ke6WnkhzgDvQQCR+zVtGcSCQDS2+Q= Subject key identifier: E6:82:27:A2:71:BC:DB:72:16:52:84:6C:D7:1C:AD:1E:F8:E3:C3:D2 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 35CC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3545 Signing time: Tue 04 Nov 2025 14:16:19 +0000 Manifest this update: Tue 04 Nov 2025 14:16:19 +0000 Manifest next update: Tue 11 Nov 2025 14:16:19 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: pXcIb0x8JcIvm2FfanTSI7Fj0x6iO23gl+lVuWG9stg=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: DB3F9CA4817B11F0BDC51985C4F9AE02.roa (hash: JAIKKCo9C8qw6fr8uLdaMchlj/iGB4GqwIN2CeXneAc=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: DCD41E8E98D511F0B3824663C4F9AE02.roa (hash: EWlSDhZJpxeihw3aeM/sQAa10hdfChLc1MQCCqHexiw=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:16:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13772 (0x35cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Nov 4 14:16:19 2025 GMT Not After : Nov 11 14:16:19 2025 GMT Subject: CN=690a0ab3-5829 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:02:73:a0:98:8c:90:51:69:09:27:37:61:35: 70:27:35:ba:ed:44:ed:b7:56:4c:67:33:07:38:41: 98:ef:fb:1e:bb:23:11:9f:fb:d0:ea:12:60:5e:19: a1:06:53:85:f1:cb:1e:67:9a:0f:d8:65:2e:25:35: 08:15:28:64:83:23:df:95:47:27:1e:63:56:7d:13: 52:92:eb:85:55:be:42:1e:ea:c2:7d:08:8c:e3:d2: ea:e7:91:d1:a6:d9:65:83:07:74:fb:f1:f2:ac:6b: ae:37:0d:c7:f5:9a:a3:49:3b:07:e2:d4:5c:0b:7a: 17:93:0e:d4:80:45:aa:3e:fb:52:fa:d0:63:6e:0b: b8:7b:ae:c0:fc:b8:0a:21:97:6d:39:30:5c:54:a4: 17:13:70:03:85:0a:bc:40:98:a7:17:99:93:48:25: 33:99:27:c8:cd:6c:40:bf:e3:fd:77:de:95:cd:7d: 82:74:9e:c4:06:29:ba:90:44:5e:6d:59:2b:84:cc: d4:57:78:ab:73:04:4e:c6:d2:6f:24:04:37:b6:9b: 5c:8b:fd:3a:48:d5:ef:f5:f7:bd:09:ee:a3:89:e3: f6:51:5c:24:ea:72:d3:ec:b0:61:85:46:1c:18:df: 6b:c3:f2:6c:5b:25:fc:ac:3d:78:7a:b5:9d:2a:9b: d1:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:82:27:A2:71:BC:DB:72:16:52:84:6C:D7:1C:AD:1E:F8:E3:C3:D2 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:20:c0:d7:15:86:ef:cc:a9:30:0f:36:ba:2e:7d:e1:02:7a: 2a:d9:46:cc:ac:26:bc:bf:2c:e0:3e:0a:b8:c6:1a:f2:bd:d7: 27:96:d5:50:2e:8b:07:94:ae:4f:41:9f:f7:ee:27:87:bd:86: 1c:32:0a:9f:81:82:25:a2:b3:04:fd:b9:e3:fd:f4:a2:59:73: 15:d0:a6:50:01:bb:f5:94:f0:14:c6:1b:d8:49:b7:ad:64:71: e6:5b:a4:0f:c5:be:06:3a:ab:62:3b:33:83:6f:4d:25:97:a4: b1:2a:a2:da:3e:4e:fe:d2:fc:b2:20:0a:ac:2f:64:26:cf:93: 69:11:50:a1:0b:2e:c6:32:02:4d:9c:9b:da:1b:5a:88:85:69: 40:93:bf:ed:cd:c8:80:0b:db:6e:a8:21:5e:60:98:a2:2b:b9: ed:4e:ec:0e:5f:3e:dc:53:92:dd:97:d5:7c:6f:8e:d8:e9:70: e8:8c:12:90:4b:df:1a:4b:d8:11:b2:2f:37:ad:60:a2:ae:a4: 60:17:a1:4a:0e:6d:7e:6f:ea:a8:e5:46:6e:4d:cb:07:21:c9: 68:08:f1:9c:f0:01:2e:80:6a:51:61:af:92:de:3d:15:d2:e7: d8:12:47:f8:13:e8:34:9c:18:16:cd:47:a8:34:57:0d:a5:35: c3:0c:37:33 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNcwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUxMTA0MTQxNjE5WhcNMjUxMTExMTQxNjE5WjAYMRYwFAYD VQQDEw02OTBhMGFiMy01ODI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsAJzoJiMkFFpCSc3YTVwJzW67UTtt1ZMZzMHOEGY7/seuyMRn/vQ6hJgXhmh BlOF8cseZ5oP2GUuJTUIFShkgyPflUcnHmNWfRNSkuuFVb5CHurCfQiM49Lq55HR ptllgwd0+/HyrGuuNw3H9ZqjSTsH4tRcC3oXkw7UgEWqPvtS+tBjbgu4e67A/LgK IZdtOTBcVKQXE3ADhQq8QJinF5mTSCUzmSfIzWxAv+P9d96VzX2CdJ7EBim6kERe bVkrhMzUV3ircwROxtJvJAQ3tptci/06SNXv9fe9Ce6jieP2UVwk6nLT7LBhhUYc GN9rw/JsWyX8rD14erWdKpvRFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOaCJ6Jx vNtyFlKEbNccrR7448PSMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKIMDXFYbvzKkwDza6Ln3hAnoq2UbMrCa8vyzgPgq4xhryvdcnltVQ LosHlK5PQZ/37ieHvYYcMgqfgYIlorME/bnj/fSiWXMV0KZQAbv1lPAUxhvYSbet ZHHmW6QPxb4GOqtiOzODb00ll6SxKqLaPk7+0vyyIAqsL2Qmz5NpEVChCy7GMgJN nJvaG1qIhWlAk7/tzciAC9tuqCFeYJiiK7ntTuwOXz7cU5Ldl9V8b47Y6XDojBKQ S98aS9gRsi83rWCirqRgF6FKDm1+b+qo5UZuTcsHIcloCPGc8AEugGpRYa+S3j0V 0ufYEkf4E+g0nBgWzUeoNFcNpTXDDDcz -----END CERTIFICATE-----Generated at Wed Nov 5 05:50:32 2025 by rpki-client