$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: HnRC3Lq7SjvmHq/9Nt8GTHRULMAc8wFWr0zJWNNQB40= Subject key identifier: F6:04:F0:E3:9C:69:3E:97:15:24:E3:0C:D3:CB:A0:07:1F:0B:52:75 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0DFB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0DC0 Signing time: Tue 04 Nov 2025 18:01:26 +0000 Manifest this update: Tue 04 Nov 2025 18:01:25 +0000 Manifest next update: Tue 11 Nov 2025 18:01:25 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: cnvO2ONz6Rv06KxWEo2cn0narnCvE/B/WIE3erIjq50=) 2: CE3FCE34AF1611F0B50BFF7AC4F9AE02.roa (hash: DtVrkChmZWRD5+fP2Qn5fAqp1kmHQeghAdi18ignO50=) 3: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=) 4: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:59:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3579 (0xdfb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: Nov 4 18:01:25 2025 GMT Not After : Nov 11 18:01:25 2025 GMT Subject: CN=690a3f76-4248 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:5e:cf:ef:29:05:e4:92:b0:e4:44:fb:1f:54: 05:6c:a6:51:b5:3d:54:89:15:a2:ab:fb:df:34:10: 1d:33:e0:77:7e:51:26:61:58:db:03:ae:75:9a:5d: c7:6b:d4:7a:ae:d4:5e:56:4e:c4:b0:83:08:87:fc: f8:ce:50:2e:48:2f:4b:34:0e:79:95:46:c1:40:b2: bf:17:77:34:5d:91:d2:85:57:5b:de:26:49:e8:b2: bb:06:e2:bf:f8:70:98:9d:a6:5f:e5:61:c2:d2:cc: 67:b5:b5:61:16:d8:6f:7d:ba:33:39:8a:a7:a6:2a: 5b:19:27:2f:ac:ec:52:93:2b:13:75:ab:8a:20:61: da:b5:ce:b7:df:da:d3:a5:df:4f:b3:99:30:90:40: c2:6c:fe:45:bf:41:22:0e:fc:e0:fd:c7:72:1a:c3: af:e4:1d:f2:b0:c3:4f:49:33:dc:97:13:4d:a8:42: a8:40:75:5a:f5:ad:68:0f:50:f2:9b:63:32:dd:d6: 7c:97:e8:ee:bb:8e:98:8b:86:44:c7:c3:c7:f0:0c: 9f:b3:1e:3e:0e:6e:83:37:c4:8c:53:d8:dc:57:55: 55:7c:b5:df:47:8d:2c:7c:85:91:03:3d:f8:27:cd: 2b:92:c9:cb:03:f7:e0:60:da:c9:e2:37:13:b6:00: 7e:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F6:04:F0:E3:9C:69:3E:97:15:24:E3:0C:D3:CB:A0:07:1F:0B:52:75 X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 07:1d:93:4c:14:44:7c:6c:9e:4b:ba:db:5c:ca:ec:6d:d1:b5: b3:0e:7e:5e:14:4d:ea:9e:b5:56:7e:5a:e3:3a:8b:ba:1f:05: 63:18:64:10:74:51:c7:a9:20:47:7d:68:1f:22:3f:4a:eb:66: ab:29:6e:a4:da:6e:4e:43:4e:0c:e0:d5:95:4e:69:7f:64:84: 99:0c:37:65:0e:c5:f6:3f:55:db:2f:22:c7:90:e4:96:e0:e5: 01:99:44:8c:54:99:2b:65:2c:88:c9:e8:48:28:ab:3a:0e:9b: 01:13:5d:75:c1:c2:3b:2e:ea:09:5d:39:83:d7:c1:c7:3c:40: 7e:ae:50:cc:31:da:08:87:6e:d6:69:66:50:2f:51:33:d3:e9: 6b:24:01:39:c1:ed:2c:3b:4e:83:7b:da:91:e9:45:a5:39:66: 3d:95:84:7d:96:46:b9:31:70:43:77:fb:2d:d5:03:41:d9:cf: c2:b5:e6:41:c6:d4:8d:fb:6b:c3:84:1b:63:c2:a0:d9:f6:1c: 25:36:44:28:b5:d5:e6:6d:ce:92:e6:ff:d5:a5:b4:f4:06:57: 8c:a7:38:9e:48:89:8c:22:fa:a3:da:ce:a5:e0:30:c7:a4:e9: 71:4c:73:70:9d:75:24:63:c2:ec:a8:af:27:a5:ae:e3:ea:36: f6:1b:17:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUxMTA0MTgwMTI1WhcNMjUxMTExMTgwMTI1WjAYMRYwFAYD VQQDEw02OTBhM2Y3Ni00MjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr17P7ykF5JKw5ET7H1QFbKZRtT1UiRWiq/vfNBAdM+B3flEmYVjbA651ml3H a9R6rtReVk7EsIMIh/z4zlAuSC9LNA55lUbBQLK/F3c0XZHShVdb3iZJ6LK7BuK/ +HCYnaZf5WHC0sxntbVhFthvfbozOYqnpipbGScvrOxSkysTdauKIGHatc6339rT pd9Ps5kwkEDCbP5Fv0EiDvzg/cdyGsOv5B3ysMNPSTPclxNNqEKoQHVa9a1oD1Dy m2My3dZ8l+juu46Yi4ZEx8PH8Ayfsx4+Dm6DN8SMU9jcV1VVfLXfR40sfIWRAz34 J80rksnLA/fgYNrJ4jcTtgB+VwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPYE8OOc aT6XFSTjDNPLoAcfC1J1MB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAHHZNMFER8bJ5Luttcyuxt0bWzDn5eFE3qnrVWflrjOou6HwVjGGQQ dFHHqSBHfWgfIj9K62arKW6k2m5OQ04M4NWVTml/ZISZDDdlDsX2P1XbLyLHkOSW 4OUBmUSMVJkrZSyIyehIKKs6DpsBE111wcI7LuoJXTmD18HHPEB+rlDMMdoIh27W aWZQL1Ez0+lrJAE5we0sO06De9qR6UWlOWY9lYR9lka5MXBDd/st1QNB2c/CteZB xtSN+2vDhBtjwqDZ9hwlNkQotdXmbc6S5v/VpbT0BleMpzieSImMIvqj2s6l4DDH pOlxTHNwnXUkY8LsqK8npa7j6jb2GxfZ -----END CERTIFICATE-----Generated at Tue Nov 4 20:03:41 2025 by rpki-client