$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft File: 2itDzBg8qOD2qPbapUzdcwb4Yig.mft (raw, json) Hash identifier: GQylweAHCXYpQPDUuK55gbalATJj7JkfGloYUUzkaw0= Subject key identifier: BF:DE:75:4F:BE:8F:C5:13:4F:3D:D5:48:52:79:FA:B1:EB:72:54:30 Authority key identifier: DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 Certificate issuer: /CN=A91DF0EC/serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Certificate serial: 0A5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft Manifest number: 0A4A Signing time: Tue 04 Nov 2025 19:48:12 +0000 Manifest this update: Tue 04 Nov 2025 19:48:11 +0000 Manifest next update: Tue 11 Nov 2025 19:48:11 +0000 Files and hashes: 1: 2itDzBg8qOD2qPbapUzdcwb4Yig.crl (hash: oBQI/Y4ptKqV/Iic5P9w4zQ6Q/0Wm/vYY944W6P3qno=) 2: FD114232912711EFBCB4ED6EC4F9AE02.roa (hash: TxCwNFrh+xkaqDR3M5kqqPa5bX7FhYwp1p0wkxa1CxU=) 3: 0D6FFE56BA3511ECA20A3817C4F9AE02.roa (hash: JxcjLdYbfNpLt4XJbaeEwHRAAk7SbV4Cw+ExyqNKBV4=) 4: C8A0E422831611EA95762453C4F9AE02.roa (hash: yUwouY97arbHx1ysSRkQtB3/fVJX2BMSgtA5eI1eKIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:48:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2651 (0xa5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF0EC, serialNumber=DA2B43CC183CA8E0F6A8F6DAA54CDD7306F86228 Validity Not Before: Nov 4 19:48:11 2025 GMT Not After : Nov 11 19:48:11 2025 GMT Subject: CN=690a587b-20e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:e9:c3:c0:59:35:47:26:d3:88:cb:e5:7d:94: 83:fc:34:ff:8b:89:fb:f5:f5:1f:33:60:60:04:8a: 71:69:74:1f:f0:66:1d:d0:43:88:f3:a6:44:b4:13: 3c:9f:b5:91:10:50:a2:05:14:94:95:58:57:1a:66: 13:52:cc:75:1d:d7:43:cc:f5:53:9c:18:52:19:d2: f0:99:18:50:f5:88:b1:02:ca:3b:5b:bf:a5:cd:70: b3:25:75:07:ab:ec:4f:bd:69:c1:6c:b7:e7:4c:09: 0e:f9:82:ea:ec:8a:25:9a:be:4d:c1:ee:eb:0b:b8: cb:d6:12:2d:a9:30:14:eb:ce:af:aa:a1:0c:03:a5: 15:b6:5b:b4:e1:d3:96:2c:0b:de:57:d9:6c:e6:6e: 71:34:de:1f:e9:4b:21:9b:19:81:2a:30:0d:0a:95: 24:87:51:21:44:dc:be:24:97:74:1a:57:d5:b5:a6: ee:8a:fc:ea:45:e3:d7:da:4c:e7:ae:62:9a:8d:ce: 83:90:75:3e:b8:f4:2d:39:e8:b5:ee:23:ac:4c:51: 92:c6:59:a9:b6:e7:67:21:29:a9:2c:94:d2:b3:2c: 19:32:7a:ba:7d:fd:9a:86:f8:cd:f3:33:c1:c9:01: 82:d6:f9:e7:42:fa:27:a2:b7:d7:35:e7:6a:84:c0: be:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:DE:75:4F:BE:8F:C5:13:4F:3D:D5:48:52:79:FA:B1:EB:72:54:30 X509v3 Authority Key Identifier: keyid:DA:2B:43:CC:18:3C:A8:E0:F6:A8:F6:DA:A5:4C:DD:73:06:F8:62:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2itDzBg8qOD2qPbapUzdcwb4Yig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF0EC/991CEF7E795811EA93AE9646C4F9AE02/2itDzBg8qOD2qPbapUzdcwb4Yig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:32:a7:bc:3c:c4:1c:ab:57:af:0a:5e:93:ad:07:20:96:12: ea:57:13:27:2e:3a:97:90:62:37:bb:3d:30:c2:ac:e1:24:2b: be:1f:d0:0f:9d:af:9d:54:8a:0b:a0:6f:5d:ab:fc:37:f7:a8: 1d:70:27:92:87:47:12:5e:03:93:54:dd:af:77:05:c8:81:d1: a5:78:0b:91:d5:7c:3d:c6:99:84:c1:ed:96:92:1e:4a:bc:ee: 22:a7:ff:5f:b8:95:99:a5:9c:72:50:22:f6:a8:7c:a9:36:59: 3a:06:64:c3:77:6a:d9:52:51:e8:ef:b2:a3:9b:04:e1:7e:2d: 96:9b:73:5f:73:9e:e0:5a:e3:05:bb:04:ca:18:80:cc:2b:e5: 74:bf:c0:9a:2a:f1:af:5b:65:e3:f4:a5:43:b2:4e:d7:20:47: 3e:9e:ba:43:e5:aa:f1:50:b9:60:0f:c0:bf:2a:14:97:73:8e: 66:b8:d3:36:83:70:1c:1b:c0:ce:9d:3b:7a:11:ea:d2:28:25: 8c:ec:1a:00:00:6b:52:75:ba:98:ad:bf:c0:e6:30:ac:71:33: 5b:b2:b1:1e:11:3b:35:91:d7:88:32:95:6d:0d:fe:b7:ea:5b: b8:bd:82:c6:bf:8e:3e:ee:e7:61:6b:9a:64:70:32:c4:a1:f3: 10:9f:d7:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICClswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REYwRUMxMTAvBgNVBAUTKERBMkI0M0NDMTgzQ0E4RTBGNkE4RjZEQUE1NENERDcz MDZGODYyMjgwHhcNMjUxMTA0MTk0ODExWhcNMjUxMTExMTk0ODExWjAYMRYwFAYD VQQDEw02OTBhNTg3Yi0yMGUzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqunDwFk1RybTiMvlfZSD/DT/i4n79fUfM2BgBIpxaXQf8GYd0EOI86ZEtBM8 n7WREFCiBRSUlVhXGmYTUsx1HddDzPVTnBhSGdLwmRhQ9YixAso7W7+lzXCzJXUH q+xPvWnBbLfnTAkO+YLq7Iolmr5Nwe7rC7jL1hItqTAU686vqqEMA6UVtlu04dOW LAveV9ls5m5xNN4f6UshmxmBKjANCpUkh1EhRNy+JJd0GlfVtabuivzqRePX2kzn rmKajc6DkHU+uPQtOei17iOsTFGSxlmptudnISmpLJTSsywZMnq6ff2ahvjN8zPB yQGC1vnnQvonorfXNedqhMC+0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL/edU++ j8UTTz3VSFJ5+rHrclQwMB8GA1UdIwQYMBaAFNorQ8wYPKjg9qj22qVM3XMG+GIo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERjBFQy85OTFDRUY3RTc5 NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFPRDJxUGJhcFV6ZGN3YjRZ aWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJpdER6Qmc4cU9EMnFQYmFwVXpkY3diNFlpZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RjBFQy85OTFDRUY3RTc5NTgxMUVBOTNBRTk2NDZDNEY5QUUwMi8yaXREekJnOHFP RDJxUGJhcFV6ZGN3YjRZaWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYMqe8PMQcq1evCl6TrQcglhLqVxMnLjqXkGI3uz0wwqzhJCu+H9AP na+dVIoLoG9dq/w396gdcCeSh0cSXgOTVN2vdwXIgdGleAuR1Xw9xpmEwe2Wkh5K vO4ip/9fuJWZpZxyUCL2qHypNlk6BmTDd2rZUlHo77KjmwThfi2Wm3Nfc57gWuMF uwTKGIDMK+V0v8CaKvGvW2Xj9KVDsk7XIEc+nrpD5arxULlgD8C/KhSXc45muNM2 g3AcG8DOnTt6EerSKCWM7BoAAGtSdbqYrb/A5jCscTNbsrEeETs1kdeIMpVtDf63 6lu4vYLGv44+7udha5pkcDLEofMQn9eW -----END CERTIFICATE-----Generated at Wed Nov 5 11:38:05 2025 by rpki-client