$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9DF8/4B3B881EB6D911EB8F865554C4F9AE02/lQaLswq8fgB_2Dh-TeCoPvqt1HI.mft File: lQaLswq8fgB_2Dh-TeCoPvqt1HI.mft (raw, json) Hash identifier: o8O7+oPN+blWzp6JZQbUQbNIMA/YGh+3M8DZSN2w5Dg= Subject key identifier: A6:28:8D:BB:09:5A:A4:AC:D1:F1:1F:0D:E1:D9:6B:3D:40:AB:5B:71 Authority key identifier: 95:06:8B:B3:0A:BC:7E:00:7F:D8:38:7E:4D:E0:A8:3E:FA:AD:D4:72 Certificate issuer: /CN=A91E9DF8/serialNumber=95068BB30ABC7E007FD8387E4DE0A83EFAADD472 Certificate serial: 0633 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQaLswq8fgB_2Dh-TeCoPvqt1HI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9DF8/4B3B881EB6D911EB8F865554C4F9AE02/lQaLswq8fgB_2Dh-TeCoPvqt1HI.mft Manifest number: 062D Signing time: Sun 02 Nov 2025 22:43:50 +0000 Manifest this update: Sun 02 Nov 2025 22:43:50 +0000 Manifest next update: Sun 09 Nov 2025 22:43:50 +0000 Files and hashes: 1: lQaLswq8fgB_2Dh-TeCoPvqt1HI.crl (hash: 1ihW+I3fUFv9T+kf1q9hkiDRxDDPg8hDeJc74Uz9Jp4=) 2: A8086732B6DA11EBB7B67954C4F9AE02.roa (hash: ldWjzJ4l8BsIeHREFrvU51ElQcTYEq5MkB9HbZsC/bI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9DF8/4B3B881EB6D911EB8F865554C4F9AE02/lQaLswq8fgB_2Dh-TeCoPvqt1HI.crl rsync://rpki.apnic.net/member_repository/A91E9DF8/4B3B881EB6D911EB8F865554C4F9AE02/lQaLswq8fgB_2Dh-TeCoPvqt1HI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQaLswq8fgB_2Dh-TeCoPvqt1HI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:43:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1587 (0x633) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9DF8, serialNumber=95068BB30ABC7E007FD8387E4DE0A83EFAADD472 Validity Not Before: Nov 2 22:43:50 2025 GMT Not After : Nov 9 22:43:50 2025 GMT Subject: CN=6907dea6-c35a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:6c:f2:5f:32:70:21:79:a3:0b:5e:65:36:3d: 5a:91:4f:23:00:fa:72:93:8f:58:b3:81:61:73:e6: 5d:03:6c:f0:88:b6:aa:93:7a:d5:94:9f:ff:c9:79: 99:a4:1d:af:12:93:95:f9:57:ba:c1:0a:e5:7a:f3: 9b:9f:bd:c6:c5:71:04:51:2a:b3:b0:3e:41:e3:79: 33:b8:e8:d1:db:84:d2:9d:6e:1d:b6:c0:c1:57:d4: e1:1f:62:f1:b1:f2:ad:3e:98:dc:8e:cf:8d:a6:08: bc:05:7f:92:03:b2:1d:14:d5:dd:5f:8e:d1:5b:6d: 16:4b:6b:c4:4c:27:57:6a:2b:a2:62:7e:6a:4b:5c: 0a:95:99:91:26:c2:36:94:15:44:ad:4b:b3:2d:a7: f4:2f:3b:77:7f:7d:f0:0e:3f:0a:4d:09:52:f7:0e: 3a:5b:78:13:19:ed:f1:36:b7:20:ea:b2:96:93:26: 82:46:ed:20:f6:70:c5:8b:c6:a4:a3:f3:08:14:17: 67:e3:6c:05:d6:87:5e:a8:51:65:d4:2e:6a:fb:69: a7:d8:c9:35:25:7a:2d:2d:c5:a4:3f:16:b8:2e:4f: 8b:55:95:32:5e:79:b6:b7:4e:7c:60:13:5d:dc:2f: 28:4d:0d:fe:46:e5:f9:0f:7a:b7:57:83:cb:22:66: 68:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A6:28:8D:BB:09:5A:A4:AC:D1:F1:1F:0D:E1:D9:6B:3D:40:AB:5B:71 X509v3 Authority Key Identifier: keyid:95:06:8B:B3:0A:BC:7E:00:7F:D8:38:7E:4D:E0:A8:3E:FA:AD:D4:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9DF8/4B3B881EB6D911EB8F865554C4F9AE02/lQaLswq8fgB_2Dh-TeCoPvqt1HI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lQaLswq8fgB_2Dh-TeCoPvqt1HI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9DF8/4B3B881EB6D911EB8F865554C4F9AE02/lQaLswq8fgB_2Dh-TeCoPvqt1HI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:b2:98:92:cb:02:16:fa:26:41:1f:d3:54:ff:10:bb:4b:fe: 6b:11:9d:4b:c2:aa:d4:ea:93:cc:16:b7:db:28:6d:5c:43:a2: fd:ff:b2:01:66:b0:93:63:e4:e0:1a:b5:53:ed:c3:11:37:42: f3:3e:f9:32:bd:da:9e:a2:74:d2:39:97:94:e3:1a:8c:8b:15: c3:7d:ab:08:fb:ed:b6:b1:83:e3:4f:7c:21:bb:e2:25:19:62: 2c:62:0d:95:22:c3:3e:1d:e6:53:d1:fd:3b:1e:27:7c:bb:31: 70:09:c4:bc:7c:e5:cc:8d:ff:de:65:da:84:e4:11:62:43:f0: 16:66:b0:d6:93:78:48:ea:6f:f6:59:e4:65:40:de:f9:13:0e: 46:81:ff:a8:6b:69:c1:d0:54:53:f1:2d:bc:93:59:c7:1a:42: 83:0e:e3:2a:ac:41:59:2b:b9:52:57:88:ae:b9:c1:ee:4e:ab: 55:47:bf:e4:d1:f0:cc:41:cc:ed:b5:d6:0e:9b:f6:5c:b8:d9: b6:13:84:63:94:69:b0:bf:55:3a:9b:18:0f:00:ec:2a:d6:bb: 47:d2:0f:b7:cd:c5:69:f3:fd:24:96:7a:ce:ce:ab:4c:4f:1b: 36:6a:27:75:d7:fd:93:93:16:01:ed:68:ab:9c:d7:5c:c6:dc: e9:bf:9d:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlERjgxMTAvBgNVBAUTKDk1MDY4QkIzMEFCQzdFMDA3RkQ4Mzg3RTRERTBBODNF RkFBREQ0NzIwHhcNMjUxMTAyMjI0MzUwWhcNMjUxMTA5MjI0MzUwWjAYMRYwFAYD VQQDEw02OTA3ZGVhNi1jMzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwmzyXzJwIXmjC15lNj1akU8jAPpyk49Ys4Fhc+ZdA2zwiLaqk3rVlJ//yXmZ pB2vEpOV+Ve6wQrlevObn73GxXEEUSqzsD5B43kzuOjR24TSnW4dtsDBV9ThH2Lx sfKtPpjcjs+Npgi8BX+SA7IdFNXdX47RW20WS2vETCdXaiuiYn5qS1wKlZmRJsI2 lBVErUuzLaf0Lzt3f33wDj8KTQlS9w46W3gTGe3xNrcg6rKWkyaCRu0g9nDFi8ak o/MIFBdn42wF1odeqFFl1C5q+2mn2Mk1JXotLcWkPxa4Lk+LVZUyXnm2t058YBNd 3C8oTQ3+RuX5D3q3V4PLImZo+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKYojbsJ WqSs0fEfDeHZaz1Aq1txMB8GA1UdIwQYMBaAFJUGi7MKvH4Af9g4fk3gqD76rdRy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOURGOC80QjNCODgxRUI2 RDkxMUVCOEY4NjU1NTRDNEY5QUUwMi9sUWFMc3dxOGZnQl8yRGgtVGVDb1B2cXQx SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xRYUxzd3E4ZmdCXzJEaC1UZUNvUHZxdDFISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OURGOC80QjNCODgxRUI2RDkxMUVCOEY4NjU1NTRDNEY5QUUwMi9sUWFMc3dxOGZn Ql8yRGgtVGVDb1B2cXQxSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDspiSywIW+iZBH9NU/xC7S/5rEZ1LwqrU6pPMFrfbKG1cQ6L9/7IB ZrCTY+TgGrVT7cMRN0LzPvkyvdqeonTSOZeU4xqMixXDfasI++22sYPjT3whu+Il GWIsYg2VIsM+HeZT0f07Hid8uzFwCcS8fOXMjf/eZdqE5BFiQ/AWZrDWk3hI6m/2 WeRlQN75Ew5Ggf+oa2nB0FRT8S28k1nHGkKDDuMqrEFZK7lSV4iuucHuTqtVR7/k 0fDMQczttdYOm/ZcuNm2E4RjlGmwv1U6mxgPAOwq1rtH0g+3zcVp8/0klnrOzqtM Txs2aid11/2TkxYB7WirnNdcxtzpv50V -----END CERTIFICATE-----Generated at Tue Nov 4 08:16:16 2025 by rpki-client