$ rpki-client -vvf rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft File: X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft (raw, json) Hash identifier: 4gB2f1jJjgToruz1w6mn08D+ZUrtRuj0zoswr+WTu9Q= Subject key identifier: C6:B9:40:13:9E:D8:61:D9:3B:36:7A:60:13:0A:76:02:AE:A6:43:49 Authority key identifier: 5F:69:91:86:A2:EB:CD:45:B1:FF:6A:0A:4A:F6:06:06:F3:B3:D0:8D Certificate issuer: /CN=A91DF856/serialNumber=5F699186A2EBCD45B1FF6A0A4AF60606F3B3D08D Certificate serial: 67 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft Manifest number: 66 Signing time: Wed 05 Nov 2025 07:12:11 +0000 Manifest this update: Wed 05 Nov 2025 07:12:11 +0000 Manifest next update: Wed 12 Nov 2025 07:12:11 +0000 Files and hashes: 1: X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl (hash: jt2amLZ9AEwUjmyIQsTCaG6pqP/FI7NVj2Flx7LGD2U=) 2: B245BA601C4311F08254DE40C4F9AE02.roa (hash: cR1hA1Kx4PPiBeW49KPuxZm4E1WoNdgwAMLfYPZP980=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:12:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 103 (0x67) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DF856, serialNumber=5F699186A2EBCD45B1FF6A0A4AF60606F3B3D08D Validity Not Before: Nov 5 07:12:11 2025 GMT Not After : Nov 12 07:12:11 2025 GMT Subject: CN=690af8cb-0c73 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:fe:62:12:c2:97:50:f4:71:6d:e9:22:21:2c: 87:7d:ad:e9:5d:8f:a2:74:14:70:5c:71:9e:e1:a2: 7e:6a:48:52:81:34:43:d8:14:5b:a3:07:7b:7d:07: 0f:71:1d:9d:ca:83:b3:3a:20:59:38:2f:1c:96:d2: f5:57:b6:a7:07:2a:df:d7:f9:ad:7d:f0:a9:84:cf: 99:0b:8c:a1:f5:7f:fb:74:3c:02:a0:fe:fc:e0:df: 29:e0:d2:db:d5:d4:89:ca:82:66:58:af:c5:cf:d8: 3f:39:ab:bf:58:05:6d:e0:2d:da:d2:d9:56:15:8d: b9:54:e4:b1:73:1b:5f:28:8e:d9:be:f7:62:0f:5f: 05:e1:f9:e3:55:46:62:dd:b9:46:aa:40:ff:0a:07: be:34:3b:17:9e:c4:37:9a:4d:7d:01:c2:ee:29:b6: 40:58:0d:13:0b:ec:e3:e3:44:6d:c0:7d:94:a6:75: b5:94:72:35:bf:48:74:e9:ee:05:9c:06:21:35:31: c7:a8:48:34:54:22:1d:91:eb:63:73:59:73:49:98: 69:ae:34:72:d8:61:d7:fa:23:ca:42:16:e4:21:e8: b3:78:fe:12:2f:5f:c8:30:e5:bd:52:7f:36:62:2c: 05:51:2b:e4:0f:fd:06:90:fa:e4:1e:e3:3f:4f:0f: 08:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C6:B9:40:13:9E:D8:61:D9:3B:36:7A:60:13:0A:76:02:AE:A6:43:49 X509v3 Authority Key Identifier: keyid:5F:69:91:86:A2:EB:CD:45:B1:FF:6A:0A:4A:F6:06:06:F3:B3:D0:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/X2mRhqLrzUWx_2oKSvYGBvOz0I0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DF856/EFF2A0A01C4111F0A9821F3EC4F9AE02/X2mRhqLrzUWx_2oKSvYGBvOz0I0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:7f:bc:21:8e:da:84:55:fc:35:f4:5e:f0:36:d0:e5:26:47: e7:3e:b3:3d:f6:e7:33:3e:94:d6:ca:3e:c9:55:02:2a:c2:5f: 14:68:5b:79:fe:85:9f:b4:21:d3:f4:d9:bf:0e:ec:15:2f:18: 48:fe:76:b4:3f:e9:68:ca:61:e8:cd:5b:f6:f9:f1:9b:2b:2c: 6f:eb:58:b1:a8:2c:b1:8d:e6:6c:38:3f:e9:d0:4b:9d:20:43: 1a:b1:33:39:ed:12:00:1f:58:09:57:24:7f:c1:e7:45:93:93: aa:aa:71:91:0c:e6:ec:2b:41:78:03:24:dc:38:54:87:2e:b0: 0c:4f:a8:e6:d2:68:29:40:48:77:5c:66:e4:33:af:60:db:a2: 35:3c:eb:d9:6f:43:34:b7:24:ae:b0:2b:aa:0e:5a:e2:5e:97: 8d:53:c5:a5:06:18:18:c6:d4:c1:de:51:48:35:de:66:32:c2: 0d:c9:a3:32:0f:d7:46:0c:78:cf:be:20:8b:2a:22:20:b7:12: 5b:23:9b:eb:c8:06:72:79:11:d0:9b:f3:9c:b4:f9:c3:84:5d: c3:83:97:26:d8:3d:f2:ce:89:b9:f7:b8:de:4d:d6:72:23:8c: 97:1f:7b:bf:ff:fe:3e:3a:f1:11:60:8b:7c:29:7a:8b:a9:df: 8b:c7:03:f3 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE Rjg1NjExMC8GA1UEBRMoNUY2OTkxODZBMkVCQ0Q0NUIxRkY2QTBBNEFGNjA2MDZG M0IzRDA4RDAeFw0yNTExMDUwNzEyMTFaFw0yNTExMTIwNzEyMTFaMBgxFjAUBgNV BAMTDTY5MGFmOGNiLTBjNzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCd/mISwpdQ9HFt6SIhLId9reldj6J0FHBccZ7hon5qSFKBNEPYFFujB3t9Bw9x HZ3Kg7M6IFk4LxyW0vVXtqcHKt/X+a198KmEz5kLjKH1f/t0PAKg/vzg3yng0tvV 1InKgmZYr8XP2D85q79YBW3gLdrS2VYVjblU5LFzG18ojtm+92IPXwXh+eNVRmLd uUaqQP8KB740OxeexDeaTX0Bwu4ptkBYDRML7OPjRG3AfZSmdbWUcjW/SHTp7gWc BiE1MceoSDRUIh2R62NzWXNJmGmuNHLYYdf6I8pCFuQh6LN4/hIvX8gw5b1SfzZi LAVRK+QP/QaQ+uQe4z9PDwhLAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUxrlAE57Y Ydk7NnpgEwp2Aq6mQ0kwHwYDVR0jBBgwFoAUX2mRhqLrzUWx/2oKSvYGBvOz0I0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURGODU2L0VGRjJBMEEwMUM0 MTExRjBBOTgyMUYzRUM0RjlBRTAyL1gybVJocUxyelVXeF8yb0tTdllHQnZPejBJ MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvWDJtUmhxTHJ6VVd4XzJvS1N2WUdCdk96MEkwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURG ODU2L0VGRjJBMEEwMUM0MTExRjBBOTgyMUYzRUM0RjlBRTAyL1gybVJocUxyelVX eF8yb0tTdllHQnZPejBJMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAd/vCGO2oRV/DX0XvA20OUmR+c+sz325zM+lNbKPslVAirCXxRoW3n+ hZ+0IdP02b8O7BUvGEj+drQ/6WjKYejNW/b58ZsrLG/rWLGoLLGN5mw4P+nQS50g QxqxMzntEgAfWAlXJH/B50WTk6qqcZEM5uwrQXgDJNw4VIcusAxPqObSaClASHdc ZuQzr2DbojU869lvQzS3JK6wK6oOWuJel41TxaUGGBjG1MHeUUg13mYywg3JozIP 10YMeM++IIsqIiC3Elsjm+vIBnJ5EdCb85y0+cOEXcODlybYPfLOibn3uN5N1nIj jJcfe7///j468RFgi3wpeoup34vHA/M= -----END CERTIFICATE-----Generated at Wed Nov 5 20:57:10 2025 by rpki-client