$ rpki-client -vvf rpki.apnic.net/member_repository/A91E46A5/0231C154006B11EA97C1BD5FC4F9AE02/su3iAzROnKc1AcVRQvmugWCeiYc.mft File: su3iAzROnKc1AcVRQvmugWCeiYc.mft (raw, json) Hash identifier: uev57rBVbjNfWfzDeBgh4+J0kTqpLp/N03+He7cjHLg= Subject key identifier: 7B:36:AA:39:45:C4:31:08:55:20:F8:40:9C:10:D1:60:1D:59:94:3A Authority key identifier: B2:ED:E2:03:34:4E:9C:A7:35:01:C5:51:42:F9:AE:81:60:9E:89:87 Certificate issuer: /CN=A91E46A5/serialNumber=B2EDE203344E9CA73501C55142F9AE81609E8987 Certificate serial: 0CC3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/su3iAzROnKc1AcVRQvmugWCeiYc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E46A5/0231C154006B11EA97C1BD5FC4F9AE02/su3iAzROnKc1AcVRQvmugWCeiYc.mft Manifest number: 0CB6 Signing time: Tue 04 Nov 2025 18:19:13 +0000 Manifest this update: Tue 04 Nov 2025 18:19:13 +0000 Manifest next update: Tue 11 Nov 2025 18:19:13 +0000 Files and hashes: 1: su3iAzROnKc1AcVRQvmugWCeiYc.crl (hash: S4QtU3FocIefxaQzHe3OMi7fy4H2QOPAUcq0SKIGUcI=) 2: CE094B08006B11EAA2719060C4F9AE02.roa (hash: 3at8OHhr3TWPa09hDLUXiFFjg44cS/0xW9KQOVKngqA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E46A5/0231C154006B11EA97C1BD5FC4F9AE02/su3iAzROnKc1AcVRQvmugWCeiYc.crl rsync://rpki.apnic.net/member_repository/A91E46A5/0231C154006B11EA97C1BD5FC4F9AE02/su3iAzROnKc1AcVRQvmugWCeiYc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/su3iAzROnKc1AcVRQvmugWCeiYc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:19:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3267 (0xcc3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E46A5, serialNumber=B2EDE203344E9CA73501C55142F9AE81609E8987 Validity Not Before: Nov 4 18:19:13 2025 GMT Not After : Nov 11 18:19:13 2025 GMT Subject: CN=690a43a1-57bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:a1:38:93:8b:5c:9f:9c:b8:bb:52:d0:0a:d0: f9:c2:d5:98:06:4b:11:39:6c:46:0a:14:52:90:fe: bf:6c:b0:10:6b:f7:be:bd:1e:85:bd:a0:28:f1:60: 71:6a:c6:b1:45:14:f6:70:77:e0:f7:bb:a2:48:8c: 40:e0:0e:16:15:89:cb:f7:20:63:f0:39:3a:74:6e: ee:ba:26:7c:16:2d:1e:e1:e5:2f:a7:5f:54:31:fc: a9:88:28:6f:8d:00:90:8b:ec:bf:7b:15:5d:29:bc: 9a:17:c0:5e:63:2a:11:27:9a:c2:b3:0f:dc:59:e8: 9c:d6:a0:2c:f9:b5:17:25:1f:2d:2f:67:79:34:2f: 6d:3a:d2:1d:bc:c3:d9:61:64:75:76:44:fd:74:77: 18:07:80:5b:e0:25:fa:13:34:3f:5e:51:8f:e8:f7: 82:20:e7:a8:1b:ac:86:93:54:be:b0:08:85:8e:34: a8:f3:fd:eb:b2:73:f8:cd:26:65:06:85:75:1b:05: 58:d7:aa:e8:30:e7:73:fb:49:27:0b:5e:7d:54:88: d9:ae:88:5a:56:8d:66:42:16:a8:da:2d:08:ed:41: 74:17:4c:d1:54:cf:53:6c:e5:03:89:3a:5b:5e:8b: 5a:10:ef:ed:bb:4f:5d:a7:da:b8:39:c9:49:21:08: 61:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:36:AA:39:45:C4:31:08:55:20:F8:40:9C:10:D1:60:1D:59:94:3A X509v3 Authority Key Identifier: keyid:B2:ED:E2:03:34:4E:9C:A7:35:01:C5:51:42:F9:AE:81:60:9E:89:87 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E46A5/0231C154006B11EA97C1BD5FC4F9AE02/su3iAzROnKc1AcVRQvmugWCeiYc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/su3iAzROnKc1AcVRQvmugWCeiYc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E46A5/0231C154006B11EA97C1BD5FC4F9AE02/su3iAzROnKc1AcVRQvmugWCeiYc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:a4:33:54:e4:04:a8:d6:d5:08:7a:4e:68:23:13:26:80:be: 21:b0:11:cf:79:99:34:89:e1:85:1b:16:a3:5a:99:ef:ee:5f: a5:0d:19:e7:b3:67:d7:2f:f4:46:a6:60:9c:ea:07:5d:8c:bc: 3e:8b:e6:af:ae:b3:f8:cf:27:6d:e5:e5:2f:4e:22:e9:71:a6: 52:02:85:7d:74:b8:84:5c:af:0b:6f:ef:9e:0a:6d:dd:98:27: e3:9e:a6:44:bc:79:64:b6:c1:a5:a4:b5:bf:d9:8e:1a:46:69: ae:b0:f2:c8:5a:cb:38:58:79:08:19:1f:9a:d1:5d:bc:2f:c6: 25:e1:82:bd:c2:68:52:97:33:1e:0c:48:41:ba:df:c3:6a:3d: 30:04:73:4f:5d:c1:ad:70:46:3c:1a:ff:ec:69:86:d8:6b:49: 12:15:d9:da:2d:2f:a9:53:70:d2:00:20:3c:e1:53:27:fb:60: 34:d5:bd:9f:c5:32:d2:8e:a8:43:f5:07:62:d9:53:f7:02:9f: 1f:72:a6:a4:47:da:70:64:a4:ba:7e:03:71:69:d8:de:5d:44: bb:b5:a9:65:d9:db:fe:ad:37:1a:53:68:9f:e8:c4:ea:4a:2f: b7:c4:a2:6f:49:24:dd:04:7d:eb:a7:1c:c2:03:c9:27:5d:c0: 40:f2:f2:f2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDMMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQ2QTUxMTAvBgNVBAUTKEIyRURFMjAzMzQ0RTlDQTczNTAxQzU1MTQyRjlBRTgx NjA5RTg5ODcwHhcNMjUxMTA0MTgxOTEzWhcNMjUxMTExMTgxOTEzWjAYMRYwFAYD VQQDEw02OTBhNDNhMS01N2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo6E4k4tcn5y4u1LQCtD5wtWYBksROWxGChRSkP6/bLAQa/e+vR6FvaAo8WBx asaxRRT2cHfg97uiSIxA4A4WFYnL9yBj8Dk6dG7uuiZ8Fi0e4eUvp19UMfypiChv jQCQi+y/exVdKbyaF8BeYyoRJ5rCsw/cWeic1qAs+bUXJR8tL2d5NC9tOtIdvMPZ YWR1dkT9dHcYB4Bb4CX6EzQ/XlGP6PeCIOeoG6yGk1S+sAiFjjSo8/3rsnP4zSZl BoV1GwVY16roMOdz+0knC159VIjZrohaVo1mQhao2i0I7UF0F0zRVM9TbOUDiTpb XotaEO/tu09dp9q4OclJIQhhKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHs2qjlF xDEIVSD4QJwQ0WAdWZQ6MB8GA1UdIwQYMBaAFLLt4gM0TpynNQHFUUL5roFgnomH MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDZBNS8wMjMxQzE1NDAw NkIxMUVBOTdDMUJENUZDNEY5QUUwMi9zdTNpQXpST25LYzFBY1ZSUXZtdWdXQ2Vp WWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3N1M2lBelJPbktjMUFjVlJRdm11Z1dDZWlZYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDZBNS8wMjMxQzE1NDAwNkIxMUVBOTdDMUJENUZDNEY5QUUwMi9zdTNpQXpST25L YzFBY1ZSUXZtdWdXQ2VpWWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkpDNU5ASo1tUIek5oIxMmgL4hsBHPeZk0ieGFGxajWpnv7l+lDRnn s2fXL/RGpmCc6gddjLw+i+avrrP4zydt5eUvTiLpcaZSAoV9dLiEXK8Lb++eCm3d mCfjnqZEvHlktsGlpLW/2Y4aRmmusPLIWss4WHkIGR+a0V28L8Yl4YK9wmhSlzMe DEhBut/Daj0wBHNPXcGtcEY8Gv/saYbYa0kSFdnaLS+pU3DSACA84VMn+2A01b2f xTLSjqhD9Qdi2VP3Ap8fcqakR9pwZKS6fgNxadjeXUS7tall2dv+rTcaU2if6MTq Si+3xKJvSSTdBH3rpxzCA8knXcBA8vLy -----END CERTIFICATE-----Generated at Wed Nov 5 02:18:51 2025 by rpki-client