$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8EAD/3C24DAD28FAD11EA92D1F642C4F9AE02/83YJDdec9qJZrioXAgNy6eYWC7Y.mft File: 83YJDdec9qJZrioXAgNy6eYWC7Y.mft (raw, json) Hash identifier: AiUjst09WUcs8tHGsNUsLsuD2Vaeu0SHZEJRRek42Ps= Subject key identifier: 4C:89:AC:F9:80:7A:F1:32:24:29:80:D1:B5:3A:89:38:A6:44:2E:19 Authority key identifier: F3:76:09:0D:D7:9C:F6:A2:59:AE:2A:17:02:03:72:E9:E6:16:0B:B6 Certificate issuer: /CN=A91E8EAD/serialNumber=F376090DD79CF6A259AE2A17020372E9E6160BB6 Certificate serial: 09D2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83YJDdec9qJZrioXAgNy6eYWC7Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8EAD/3C24DAD28FAD11EA92D1F642C4F9AE02/83YJDdec9qJZrioXAgNy6eYWC7Y.mft Manifest number: 09CA Signing time: Sun 02 Nov 2025 19:55:31 +0000 Manifest this update: Sun 02 Nov 2025 19:55:30 +0000 Manifest next update: Sun 09 Nov 2025 19:55:30 +0000 Files and hashes: 1: 83YJDdec9qJZrioXAgNy6eYWC7Y.crl (hash: xZxbQab3bndaOqM12zglrRfNhAMk9dPgeQYnzvbJDUg=) 2: 16F7FB3E8FAF11EA96738C46C4F9AE02.roa (hash: FDVevWofhV4OBWCY3mCV+bPsuc2xoyahcfyBo3UC3vE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8EAD/3C24DAD28FAD11EA92D1F642C4F9AE02/83YJDdec9qJZrioXAgNy6eYWC7Y.crl rsync://rpki.apnic.net/member_repository/A91E8EAD/3C24DAD28FAD11EA92D1F642C4F9AE02/83YJDdec9qJZrioXAgNy6eYWC7Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83YJDdec9qJZrioXAgNy6eYWC7Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 19:55:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2514 (0x9d2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8EAD, serialNumber=F376090DD79CF6A259AE2A17020372E9E6160BB6 Validity Not Before: Nov 2 19:55:30 2025 GMT Not After : Nov 9 19:55:30 2025 GMT Subject: CN=6907b732-bc69 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:2b:10:68:74:18:ab:60:47:ed:d9:bd:5a:32: 5d:7e:14:93:81:b4:c0:ea:15:bb:bd:eb:5f:16:3e: 19:5e:34:54:d9:4d:79:3e:cc:20:a4:41:a3:3b:6f: 17:dd:80:68:a1:0a:98:e7:ab:dc:ba:74:54:73:c9: e1:8d:af:d6:53:4b:ee:85:7e:e6:e6:04:cd:8a:10: 9a:8a:ab:f5:c8:42:57:9a:3a:7f:c1:60:3b:25:28: 1c:59:ad:c2:2d:6b:57:76:39:62:0a:94:55:6d:2f: 42:7d:64:04:6d:89:20:f8:84:af:57:b9:2f:a1:22: 70:66:c5:0f:3e:69:4e:51:97:0a:40:34:96:1a:d9: e3:34:a0:7d:bc:f8:62:36:15:d1:dc:fc:a7:65:ba: ad:05:9f:a3:f5:a2:0b:78:5e:a1:9f:6b:b0:74:13: df:80:45:d5:a6:fc:01:87:c2:3e:4d:1d:44:fa:eb: b9:26:2c:2f:77:f1:b7:00:c3:47:70:5d:de:32:00: 60:be:2f:2a:d6:66:2e:31:a5:26:df:2f:ad:74:de: 42:45:75:ad:45:4a:1c:32:35:da:32:70:c8:6d:26: 90:40:f5:78:cc:36:32:1d:45:e1:8c:3c:f5:2e:10: 44:c8:35:fe:7a:16:1a:a4:03:d6:57:a6:c4:c3:24: ec:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:89:AC:F9:80:7A:F1:32:24:29:80:D1:B5:3A:89:38:A6:44:2E:19 X509v3 Authority Key Identifier: keyid:F3:76:09:0D:D7:9C:F6:A2:59:AE:2A:17:02:03:72:E9:E6:16:0B:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8EAD/3C24DAD28FAD11EA92D1F642C4F9AE02/83YJDdec9qJZrioXAgNy6eYWC7Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/83YJDdec9qJZrioXAgNy6eYWC7Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8EAD/3C24DAD28FAD11EA92D1F642C4F9AE02/83YJDdec9qJZrioXAgNy6eYWC7Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:d1:8c:0d:d6:55:a7:ad:92:c9:09:ec:ba:71:9f:5b:49:78: c9:f8:57:0f:eb:55:ac:64:08:2a:6f:e5:56:34:51:6c:e8:e9: c3:2d:e2:94:2a:2a:fc:1d:77:ac:5c:29:e6:a2:d3:f1:83:fb: b9:e2:4d:f5:85:d8:73:df:81:63:68:e6:25:8d:ff:8d:71:f8: e3:4b:da:40:be:71:4b:0f:68:ed:54:5b:f5:22:d1:f4:98:9e: 2f:f4:06:02:7a:04:da:cf:80:91:e1:a1:34:a4:6c:38:38:e8: 3e:f5:ce:ae:db:c7:10:ff:64:98:12:1a:82:b9:e9:3c:14:fb: 67:6d:45:ca:e5:09:cc:a2:0b:75:94:8f:54:fe:93:ae:0a:6b: f2:ed:82:41:ae:51:84:83:03:f8:b0:26:de:7d:2f:d3:72:f2: d1:ee:c4:9e:5f:72:0a:80:15:51:0e:41:27:17:64:17:77:20: ab:ea:36:a7:4b:ac:bc:c5:ca:65:59:ce:2a:7f:f7:69:37:8f: 06:46:07:7a:7c:c9:80:99:32:29:f1:e3:48:15:55:71:d2:37: 73:2f:ec:e4:5c:2d:e6:d5:51:c9:ea:dc:36:50:8f:03:39:51: 99:54:91:13:06:f3:69:25:5c:3e:09:b3:fe:bd:36:22:7a:a1: 1b:67:89:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCdIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThFQUQxMTAvBgNVBAUTKEYzNzYwOTBERDc5Q0Y2QTI1OUFFMkExNzAyMDM3MkU5 RTYxNjBCQjYwHhcNMjUxMTAyMTk1NTMwWhcNMjUxMTA5MTk1NTMwWjAYMRYwFAYD VQQDEw02OTA3YjczMi1iYzY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0ysQaHQYq2BH7dm9WjJdfhSTgbTA6hW7vetfFj4ZXjRU2U15PswgpEGjO28X 3YBooQqY56vcunRUc8nhja/WU0vuhX7m5gTNihCaiqv1yEJXmjp/wWA7JSgcWa3C LWtXdjliCpRVbS9CfWQEbYkg+ISvV7kvoSJwZsUPPmlOUZcKQDSWGtnjNKB9vPhi NhXR3PynZbqtBZ+j9aILeF6hn2uwdBPfgEXVpvwBh8I+TR1E+uu5Jiwvd/G3AMNH cF3eMgBgvi8q1mYuMaUm3y+tdN5CRXWtRUocMjXaMnDIbSaQQPV4zDYyHUXhjDz1 LhBEyDX+ehYapAPWV6bEwyTsLwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEyJrPmA evEyJCmA0bU6iTimRC4ZMB8GA1UdIwQYMBaAFPN2CQ3XnPaiWa4qFwIDcunmFgu2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEVBRC8zQzI0REFEMjhG QUQxMUVBOTJEMUY2NDJDNEY5QUUwMi84M1lKRGRlYzlxSlpyaW9YQWdOeTZlWVdD N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzgzWUpEZGVjOXFKWnJpb1hBZ055NmVZV0M3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEVBRC8zQzI0REFEMjhGQUQxMUVBOTJEMUY2NDJDNEY5QUUwMi84M1lKRGRlYzlx SlpyaW9YQWdOeTZlWVdDN1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC70YwN1lWnrZLJCey6cZ9bSXjJ+FcP61WsZAgqb+VWNFFs6OnDLeKU Kir8HXesXCnmotPxg/u54k31hdhz34FjaOYljf+NcfjjS9pAvnFLD2jtVFv1ItH0 mJ4v9AYCegTaz4CR4aE0pGw4OOg+9c6u28cQ/2SYEhqCuek8FPtnbUXK5QnMogt1 lI9U/pOuCmvy7YJBrlGEgwP4sCbefS/TcvLR7sSeX3IKgBVRDkEnF2QXdyCr6jan S6y8xcplWc4qf/dpN48GRgd6fMmAmTIp8eNIFVVx0jdzL+zkXC3m1VHJ6tw2UI8D OVGZVJETBvNpJVw+CbP+vTYieqEbZ4ne -----END CERTIFICATE-----Generated at Tue Nov 4 20:21:54 2025 by rpki-client