$ rpki-client -vvf rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft File: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft (raw, json) Hash identifier: FUaNgOeR0WCdfZpV5DJV/uaCQLy6RA0UKSx+HCHTYFw= Subject key identifier: 88:EB:90:8F:ED:8D:9F:3A:49:74:C4:9F:A3:88:FA:84:D5:D4:2B:5F Authority key identifier: 64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 Certificate issuer: /CN=A91E6D5D/serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Certificate serial: 1B32 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft Manifest number: A086 Signing time: Tue 04 Nov 2025 14:32:51 +0000 Manifest this update: Tue 04 Nov 2025 14:32:50 +0000 Manifest next update: Tue 11 Nov 2025 14:32:50 +0000 Files and hashes: 1: ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl (hash: 27twhZ24jQd1uVmKv0dwxWHKTnXoJr5MxI91GDOpr+E=) 2: 9907DC46D4BC11EF9BDDAF2EC4F9AE02.roa (hash: RYynr8uizf4mxXQD/bYs58a0i9OmwI4vdpj7nHmjiJU=) 3: 959AC422557911EBBD21EB2FC4F9AE02.roa (hash: oMF/P2hGXRHcLkAXgbmeUw5lcthqUMWdcFQRgDGmw2Q=) 4: 20C6F2EC699D11EAA33EAE83C4F9AE02.roa (hash: 68iXhMXoCKzkvFm4ZJIC/ibhTxkbyNkKn12MmIsJUjc=) 5: 191363A69DD911EC99D91668C4F9AE02.roa (hash: oqniAucPfqcKV0mTFTmt9sxkwi/yyX2GOXb0nYNRsyI=) 6: ACC8833824DE11EDAEC0E529C4F9AE02.roa (hash: SpN5g9M2rsSW+Cra37fKcK/lk5XqYbPAMh8S4vUS9qk=) 7: 4FF339D8F01D11EB8C4B505BC4F9AE02.roa (hash: U9RF+JaWcsKZTr1DEGw1Y5hTdB+oWxy9sRXTz5ZgIuo=) 8: C89FD6DA557611EBA04C290BC4F9AE02.roa (hash: Y+JgutBZqKB0sr/67XUkEfaEMyqBwPZIYt+9Yv44r5c=) 9: FC6A19D892D511EC8FBFF32AC4F9AE02.roa (hash: kjWRly5sP345NgQNsNa2Y38tsuhMAJkUf7cDKkslnxQ=) 10: 1BF3A43C15BE11EF93ABFD7DC4F9AE02.roa (hash: Dnw6VZCydK3JoKDSOzotlEvfgmRpxLVN7ezEA2ZyyGo=) 11: 0B24875C7A4411EB804B7430C4F9AE02.roa (hash: Y+xehgtewaeOdOL6PowHHRPVgAd4mQJAADuq74in7FA=) 12: 3D68F8C29A4A11EA94706012C4F9AE02.roa (hash: +Q2D0d9yEIcvHWqL458RmFQjgHnoWa/Nyf3wOjdRqJY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:32:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6962 (0x1b32) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E6D5D, serialNumber=64A665816AEFED73B3075007DA5337AC7DEC4B81 Validity Not Before: Nov 4 14:32:50 2025 GMT Not After : Nov 11 14:32:50 2025 GMT Subject: CN=690a0e92-8d5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:ff:8a:b5:ad:64:7b:4f:bb:73:b3:62:32:75: 66:e9:31:02:b6:0c:2c:2e:f0:b6:b5:98:87:0c:a2: 1f:09:1c:0b:d8:ec:36:63:ec:b0:f3:ba:bb:84:4a: 0b:35:d0:94:13:f9:fc:22:cb:ca:ca:3e:8b:d9:d3: ef:d9:9a:d4:3c:53:e1:86:81:51:9f:d9:7a:ec:ea: 1c:4d:2b:78:b2:31:4d:d0:f6:25:f0:8d:25:76:eb: 15:99:70:82:5d:5c:b8:81:6c:a8:00:df:eb:1e:16: a0:8f:65:1a:1b:81:14:4d:3c:08:3a:04:2a:fe:4b: 0e:72:7c:52:89:d2:4d:17:4f:0f:07:b9:78:46:79: 43:94:f5:ad:df:2c:25:30:91:6a:8c:67:44:be:a5: 18:01:2a:61:1e:f9:9c:f2:b4:7b:e0:9d:d1:d3:3f: da:58:0c:54:80:65:ab:8c:60:9a:78:00:64:45:76: cf:67:ba:fc:4c:9d:00:08:82:3d:b5:be:41:1b:bc: bd:fb:af:d7:8c:12:dc:02:14:50:ee:7c:dc:64:cd: f5:01:1c:36:14:09:cb:c7:7e:55:05:9a:f6:27:cb: 8a:a2:87:fc:7b:37:fd:0d:42:b0:98:6b:d8:e4:d9: e6:da:1b:9c:9d:80:0a:19:2e:08:c6:ab:b9:7e:5e: c6:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:EB:90:8F:ED:8D:9F:3A:49:74:C4:9F:A3:88:FA:84:D5:D4:2B:5F X509v3 Authority Key Identifier: keyid:64:A6:65:81:6A:EF:ED:73:B3:07:50:07:DA:53:37:AC:7D:EC:4B:81 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E6D5D/9DCB68E01D8811E294B955E108B02CD2/ZKZlgWrv7XOzB1AH2lM3rH3sS4E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:a2:0d:43:71:0f:e5:44:4d:1b:1a:ff:33:e7:41:86:a9:5c: 83:87:ad:6b:a0:9a:ec:f2:33:10:fd:f5:41:db:82:5a:66:19: 6e:3b:1a:2c:05:ec:31:bc:65:66:d1:89:2b:82:e6:2a:fa:68: 73:17:c1:75:bc:35:24:b8:ff:60:4c:36:2e:d5:9c:64:6a:bf: 6e:0d:b0:c2:68:59:c0:8e:c7:21:c3:da:5e:f6:87:5f:53:cd: 55:fe:da:67:65:dd:99:9c:4d:e7:d8:4d:1a:13:c6:b0:c6:4e: 35:f4:c4:65:d9:0e:f7:9d:30:30:d4:43:f5:5b:89:66:af:67: 82:b2:c8:e4:70:1c:70:0e:7e:2f:28:90:1d:93:73:80:4a:4f: 38:6c:0d:f2:4e:46:c4:d2:a0:89:f4:7d:26:90:0d:24:53:cc: f4:84:64:9a:0e:95:45:bf:d1:94:3c:f9:54:da:13:17:40:90: e7:95:89:8e:15:24:6d:b3:e0:b9:63:f0:38:db:c6:fc:d3:a9: 63:d7:42:b7:6c:36:a6:8c:75:0d:89:cc:65:0a:d9:6f:32:3b: 61:0e:c2:13:33:c8:70:05:5d:79:0a:cf:52:7e:2d:5b:47:b0: 35:e6:9b:cf:f1:dc:5c:c1:5a:f7:bb:0c:32:34:05:b5:47:67: 1c:f5:c5:ec -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGzIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTZENUQxMTAvBgNVBAUTKDY0QTY2NTgxNkFFRkVENzNCMzA3NTAwN0RBNTMzN0FD N0RFQzRCODEwHhcNMjUxMTA0MTQzMjUwWhcNMjUxMTExMTQzMjUwWjAYMRYwFAYD VQQDEw02OTBhMGU5Mi04ZDVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1f+Kta1ke0+7c7NiMnVm6TECtgwsLvC2tZiHDKIfCRwL2Ow2Y+yw87q7hEoL NdCUE/n8IsvKyj6L2dPv2ZrUPFPhhoFRn9l67OocTSt4sjFN0PYl8I0ldusVmXCC XVy4gWyoAN/rHhagj2UaG4EUTTwIOgQq/ksOcnxSidJNF08PB7l4RnlDlPWt3ywl MJFqjGdEvqUYASphHvmc8rR74J3R0z/aWAxUgGWrjGCaeABkRXbPZ7r8TJ0ACII9 tb5BG7y9+6/XjBLcAhRQ7nzcZM31ARw2FAnLx35VBZr2J8uKoof8ezf9DUKwmGvY 5Nnm2hucnYAKGS4Ixqu5fl7GOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIjrkI/t jZ86SXTEn6OI+oTV1CtfMB8GA1UdIwQYMBaAFGSmZYFq7+1zswdQB9pTN6x97EuB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNkQ1RC85RENCNjhFMDFE ODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdYT3pCMUFIMmxNM3JIM3NT NEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pLWmxnV3J2N1hPekIxQUgybE0zckgzc1M0RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NkQ1RC85RENCNjhFMDFEODgxMUUyOTRCOTU1RTEwOEIwMkNEMi9aS1psZ1dydjdY T3pCMUFIMmxNM3JIM3NTNEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkog1DcQ/lRE0bGv8z50GGqVyDh61roJrs8jMQ/fVB24JaZhluOxos BewxvGVm0YkrguYq+mhzF8F1vDUkuP9gTDYu1Zxkar9uDbDCaFnAjschw9pe9odf U81V/tpnZd2ZnE3n2E0aE8awxk419MRl2Q73nTAw1EP1W4lmr2eCssjkcBxwDn4v KJAdk3OASk84bA3yTkbE0qCJ9H0mkA0kU8z0hGSaDpVFv9GUPPlU2hMXQJDnlYmO FSRts+C5Y/A428b806lj10K3bDamjHUNicxlCtlvMjthDsITM8hwBV15Cs9Sfi1b R7A15pvP8dxcwVr3uwwyNAW1R2cc9cXs -----END CERTIFICATE-----Generated at Tue Nov 4 21:34:59 2025 by rpki-client