$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft File: NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft (raw, json) Hash identifier: CiGkSMy0VrJtkNTAxl/lx0c6ThCrAP0dy6Ry4rwiAZ4= Subject key identifier: CC:3E:35:AB:49:6E:EA:A7:05:6F:DF:A5:9F:1C:F1:D3:E1:6C:43:C2 Authority key identifier: 34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD Certificate issuer: /CN=A91E8F36/serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Certificate serial: 0228 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft Manifest number: 0221 Signing time: Wed 05 Nov 2025 02:15:42 +0000 Manifest this update: Wed 05 Nov 2025 02:15:42 +0000 Manifest next update: Wed 12 Nov 2025 02:15:42 +0000 Files and hashes: 1: NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl (hash: 9VgNLLWKUQZDpe1C3iNnWtjq0pq1GQ/eP1FB3MNVqVY=) 2: AC270A727D0711ED8181DA7FC4F9AE02.roa (hash: iIeWWLVIFJDjrG1ibZP/xl+WAjIK44IJWqOkBlQGCcU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:15:41 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 552 (0x228) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8F36, serialNumber=34D7D6D441C32D7C87142E9FE5C7EBC4F479B0CD Validity Not Before: Nov 5 02:15:42 2025 GMT Not After : Nov 12 02:15:42 2025 GMT Subject: CN=690ab34e-13d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:d5:e1:9a:55:d7:e2:f3:01:c5:ac:cd:5a:3f: f3:0c:f2:1c:d5:dd:04:31:4c:ae:d7:36:0e:77:e8: 9e:a5:15:9c:df:aa:07:69:49:32:8d:89:c6:5c:d6: 2d:db:e7:77:75:1f:fd:2b:c8:d8:ed:06:95:7d:e0: 52:20:9b:20:ec:72:c2:40:7e:0f:37:71:be:9e:9f: 1b:05:a2:f0:39:d0:b1:7c:ca:b3:3e:52:f6:7b:10: a3:26:1c:ed:0f:e5:8f:58:ab:28:ef:49:76:14:a1: 18:5e:7d:d0:26:a5:96:62:33:d4:55:0d:51:d6:5c: 7c:79:7a:4f:11:b0:8b:39:06:66:10:e5:c5:5f:38: c1:55:87:5c:57:7f:09:01:ec:04:94:5f:93:50:0f: 2e:3a:54:01:75:5f:1a:df:81:03:da:92:e7:83:cb: f8:9d:3e:d9:1b:9a:fc:91:ae:db:d5:e2:8f:3f:7d: 8d:08:53:ca:cd:80:e4:13:ed:1a:a6:04:3c:ac:ec: 1d:99:e6:f4:40:45:a0:bc:19:70:5a:2a:e1:0d:8f: 21:48:2b:ac:0b:d5:f6:e2:ff:ef:ed:ae:b7:63:72: c9:3d:b7:50:73:1b:3c:b2:d0:dd:71:a1:f0:60:0a: 70:29:a6:17:88:3f:e6:df:70:d8:23:11:3e:5b:05: cc:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CC:3E:35:AB:49:6E:EA:A7:05:6F:DF:A5:9F:1C:F1:D3:E1:6C:43:C2 X509v3 Authority Key Identifier: keyid:34:D7:D6:D4:41:C3:2D:7C:87:14:2E:9F:E5:C7:EB:C4:F4:79:B0:CD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NNfW1EHDLXyHFC6f5cfrxPR5sM0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8F36/249F41467D0211ED9C5D7D62C4F9AE02/NNfW1EHDLXyHFC6f5cfrxPR5sM0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 15:e7:1e:86:68:21:f6:63:c0:74:a4:b8:25:bf:48:cd:a7:48: 1a:22:33:af:12:3e:90:ca:2b:0a:30:f2:1b:94:49:d4:4f:ab: a7:61:e0:34:9f:13:0e:7d:7f:c8:9b:27:66:11:ee:82:fa:58: 44:48:0f:d0:17:cb:c0:9e:48:7a:24:9d:0b:0d:56:d8:a9:aa: 27:10:19:36:61:9c:16:0b:88:cd:2f:b1:8a:0d:64:8e:25:26: 93:80:f3:84:f5:c4:20:47:e3:74:e5:73:b5:37:a7:f3:c2:83: b4:88:df:8f:d2:60:39:d3:23:72:b2:67:c5:0f:44:04:64:7a: 45:e1:d8:cb:a3:a1:01:14:d5:a8:bc:20:70:c8:ff:1e:aa:59: f6:aa:8a:28:ff:26:14:03:73:17:6a:d0:cd:6e:9c:6d:5a:f1: 9e:bf:e4:25:d6:fa:ec:97:07:5e:b1:27:7d:74:e3:83:99:b5: 76:2a:39:b2:e0:0d:05:60:0f:79:04:da:0d:50:13:6c:34:35: d0:7d:0e:25:4b:8f:e4:77:75:ec:3a:9c:7c:71:c2:51:e6:9c: d2:5a:74:9d:90:57:09:4f:20:d4:58:37:31:43:e4:68:3d:f3: d3:f1:2a:b5:56:12:f5:cc:f6:eb:3f:d9:1d:bf:66:06:bd:1f: 3f:53:59:ce -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAigwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThGMzYxMTAvBgNVBAUTKDM0RDdENkQ0NDFDMzJEN0M4NzE0MkU5RkU1QzdFQkM0 RjQ3OUIwQ0QwHhcNMjUxMTA1MDIxNTQyWhcNMjUxMTEyMDIxNTQyWjAYMRYwFAYD VQQDEw02OTBhYjM0ZS0xM2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1tXhmlXX4vMBxazNWj/zDPIc1d0EMUyu1zYOd+iepRWc36oHaUkyjYnGXNYt 2+d3dR/9K8jY7QaVfeBSIJsg7HLCQH4PN3G+np8bBaLwOdCxfMqzPlL2exCjJhzt D+WPWKso70l2FKEYXn3QJqWWYjPUVQ1R1lx8eXpPEbCLOQZmEOXFXzjBVYdcV38J AewElF+TUA8uOlQBdV8a34ED2pLng8v4nT7ZG5r8ka7b1eKPP32NCFPKzYDkE+0a pgQ8rOwdmeb0QEWgvBlwWirhDY8hSCusC9X24v/v7a63Y3LJPbdQcxs8stDdcaHw YApwKaYXiD/m33DYIxE+WwXMmwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMw+NatJ buqnBW/fpZ8c8dPhbEPCMB8GA1UdIwQYMBaAFDTX1tRBwy18hxQun+XH68T0ebDN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEYzNi8yNDlGNDE0NjdE MDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExYeUhGQzZmNWNmcnhQUjVz TTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05OZlcxRUhETFh5SEZDNmY1Y2ZyeFBSNXNNMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEYzNi8yNDlGNDE0NjdEMDIxMUVEOUM1RDdENjJDNEY5QUUwMi9OTmZXMUVIRExY eUhGQzZmNWNmcnhQUjVzTTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAV5x6GaCH2Y8B0pLglv0jNp0gaIjOvEj6QyisKMPIblEnUT6unYeA0 nxMOfX/ImydmEe6C+lhESA/QF8vAnkh6JJ0LDVbYqaonEBk2YZwWC4jNL7GKDWSO JSaTgPOE9cQgR+N05XO1N6fzwoO0iN+P0mA50yNysmfFD0QEZHpF4djLo6EBFNWo vCBwyP8eqln2qooo/yYUA3MXatDNbpxtWvGev+Ql1vrslwdesSd9dOODmbV2Kjmy 4A0FYA95BNoNUBNsNDXQfQ4lS4/kd3XsOpx8ccJR5pzSWnSdkFcJTyDUWDcxQ+Ro PfPT8Sq1VhL1zPbrP9kdv2YGvR8/U1nO -----END CERTIFICATE-----Generated at Wed Nov 5 16:36:42 2025 by rpki-client