$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft File: IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft (raw, json) Hash identifier: X44oA/FCcj770MQeFjj+bRQUc0MZ6fEa54t/MMHP2Gg= Subject key identifier: DD:10:99:1E:D7:45:7F:34:C0:CC:56:43:28:FF:73:41:58:8F:4A:E0 Authority key identifier: 21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA Certificate issuer: /CN=A91EA409/serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Certificate serial: BE Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft Manifest number: BC Signing time: Mon 03 Nov 2025 05:58:30 +0000 Manifest this update: Mon 03 Nov 2025 05:58:29 +0000 Manifest next update: Mon 10 Nov 2025 05:58:29 +0000 Files and hashes: 1: IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl (hash: XaitghjWF3QRdJmeHpQk2PehJ0Xt0nd1wYoO5Y25JEI=) 2: E9F177B89D9C11EFA9526A6CC4F9AE02.roa (hash: /L7H1H9bfON5bqOj4q1pWVjciM/BYtStadHGVAVA9LE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:58:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 190 (0xbe) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA409, serialNumber=2164DD59A615D5F2E3393E72098A73AD868E78DA Validity Not Before: Nov 3 05:58:29 2025 GMT Not After : Nov 10 05:58:29 2025 GMT Subject: CN=69084485-52c9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3f:10:59:96:13:57:f5:d1:13:fd:bf:ed:c5: 25:c6:1e:fc:66:c2:f2:f7:31:2b:f7:00:13:10:ee: 80:d5:e9:16:e0:09:f1:68:9d:63:c1:89:14:f0:73: 8d:ea:12:5f:99:73:cc:f7:20:bc:96:d2:cd:c4:7e: 26:92:c2:99:39:16:e9:79:61:a9:5d:80:c8:f6:b5: 12:3b:32:b4:e0:2d:4b:92:4f:b0:c9:39:c3:e0:02: 4a:0d:33:c8:9e:76:fc:0f:8e:52:40:86:99:ac:ce: c2:44:82:1a:af:06:ec:a3:59:c0:bc:d4:44:a6:f8: 25:77:60:b9:57:58:f0:31:1d:77:ac:b5:da:07:0a: 5e:22:50:b8:b4:5f:ce:39:74:20:b7:08:5f:a0:c5: 62:a1:0f:6a:10:25:ee:4b:27:07:0a:a3:e1:2a:cb: 45:6c:36:2b:72:81:5c:d5:e1:7b:ad:17:71:58:79: 4b:5c:0a:64:3c:44:cb:d6:ae:6d:72:1f:3f:2c:a0: 3c:26:29:96:b7:73:a8:52:c3:6d:00:fb:3b:48:11: 46:dd:18:d0:f2:c1:76:47:1a:b3:60:b2:db:b6:4b: 1a:86:fc:ef:ef:a4:9b:c6:73:eb:c4:1d:60:eb:60: b5:46:09:e3:9e:82:1c:01:e6:94:29:62:bd:a1:37: 17:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:10:99:1E:D7:45:7F:34:C0:CC:56:43:28:FF:73:41:58:8F:4A:E0 X509v3 Authority Key Identifier: keyid:21:64:DD:59:A6:15:D5:F2:E3:39:3E:72:09:8A:73:AD:86:8E:78:DA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IWTdWaYV1fLjOT5yCYpzrYaOeNo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA409/F944E3CC9CAB11EFAB595516C4F9AE02/IWTdWaYV1fLjOT5yCYpzrYaOeNo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:37:2b:1c:ef:5d:28:75:96:8f:1c:63:6c:15:68:04:10:61: 9e:5b:2a:f4:e9:17:5c:56:42:4a:3d:cc:92:69:62:dd:3b:ab: de:c3:99:99:73:ea:05:a6:2f:5d:82:ed:ff:b4:f0:14:d1:ef: 12:33:fe:51:10:05:a8:5c:f5:b3:f7:a8:28:f9:18:ec:64:37: ca:8f:fc:10:0c:65:fb:23:a0:2f:6d:94:6f:a6:95:49:d3:51: 61:b0:b6:84:6c:8c:2c:16:be:b7:e6:2c:f4:fe:f2:98:3a:a1: 0c:77:17:17:6b:fa:9e:b0:bc:9f:e6:11:eb:1f:84:89:34:f6: fe:11:35:ed:77:73:6a:cb:cf:21:c2:73:9e:8b:22:1e:6d:f9: 8c:97:42:16:cf:4a:90:c3:66:db:e7:7a:5e:cc:9a:83:b1:8c: 34:87:d3:b3:c2:15:70:e9:07:c4:13:51:b6:ed:59:88:9b:50: 5c:36:c6:8a:61:bc:2f:7b:57:12:d6:82:01:44:05:a2:c0:43: 30:95:a4:45:70:01:ce:c6:c6:11:5e:db:fd:a6:65:5a:62:49: 46:a0:7d:17:a0:16:d1:11:13:b4:b0:2c:82:b8:01:ec:77:89: 89:c8:72:cd:b2:95:e1:76:27:27:5d:07:11:6b:a8:90:64:6e: 30:fd:96:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUE0MDkxMTAvBgNVBAUTKDIxNjRERDU5QTYxNUQ1RjJFMzM5M0U3MjA5OEE3M0FE ODY4RTc4REEwHhcNMjUxMTAzMDU1ODI5WhcNMjUxMTEwMDU1ODI5WjAYMRYwFAYD VQQDEw02OTA4NDQ4NS01MmM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApD8QWZYTV/XRE/2/7cUlxh78ZsLy9zEr9wATEO6A1ekW4AnxaJ1jwYkU8HON 6hJfmXPM9yC8ltLNxH4mksKZORbpeWGpXYDI9rUSOzK04C1Lkk+wyTnD4AJKDTPI nnb8D45SQIaZrM7CRIIarwbso1nAvNREpvgld2C5V1jwMR13rLXaBwpeIlC4tF/O OXQgtwhfoMVioQ9qECXuSycHCqPhKstFbDYrcoFc1eF7rRdxWHlLXApkPETL1q5t ch8/LKA8JimWt3OoUsNtAPs7SBFG3RjQ8sF2RxqzYLLbtksahvzv76SbxnPrxB1g 62C1RgnjnoIcAeaUKWK9oTcXywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN0QmR7X RX80wMxWQyj/c0FYj0rgMB8GA1UdIwQYMBaAFCFk3VmmFdXy4zk+cgmKc62Gjnja MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQTQwOS9GOTQ0RTNDQzlD QUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFmTGpPVDV5Q1lwenJZYU9l Tm8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lXVGRXYVlWMWZMak9UNXlDWXB6cllhT2VOby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QTQwOS9GOTQ0RTNDQzlDQUIxMUVGQUI1OTU1MTZDNEY5QUUwMi9JV1RkV2FZVjFm TGpPVDV5Q1lwenJZYU9lTm8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFNysc710odZaPHGNsFWgEEGGeWyr06RdcVkJKPcySaWLdO6vew5mZ c+oFpi9dgu3/tPAU0e8SM/5REAWoXPWz96go+RjsZDfKj/wQDGX7I6AvbZRvppVJ 01FhsLaEbIwsFr635iz0/vKYOqEMdxcXa/qesLyf5hHrH4SJNPb+ETXtd3Nqy88h wnOeiyIebfmMl0IWz0qQw2bb53pezJqDsYw0h9OzwhVw6QfEE1G27VmIm1BcNsaK Ybwve1cS1oIBRAWiwEMwlaRFcAHOxsYRXtv9pmVaYklGoH0XoBbRERO0sCyCuAHs d4mJyHLNspXhdicnXQcRa6iQZG4w/ZYk -----END CERTIFICATE-----Generated at Tue Nov 4 21:32:13 2025 by rpki-client