$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft File: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft (raw, json) Hash identifier: 8fUqFxmUZTJco/hgjk/rA6ajwDuD/w7qeQQD5Bk8u+c= Subject key identifier: 30:0F:12:A6:4C:05:04:A6:D4:98:49:9C:3E:3A:B9:48:C9:CB:61:56 Authority key identifier: 6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 Certificate issuer: /CN=A91EAE3D/serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Certificate serial: 14CC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft Manifest number: 14B8 Signing time: Tue 04 Nov 2025 16:58:59 +0000 Manifest this update: Tue 04 Nov 2025 16:58:58 +0000 Manifest next update: Tue 11 Nov 2025 16:58:58 +0000 Files and hashes: 1: a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl (hash: G69bz8LcEz/LdXOooLw7YTPQLTuX4nTVBzb9aAsVvRY=) 2: F693F2689CB811EB97F77E14C4F9AE02.roa (hash: U3tQJQlcyfHM4FE2g1sFZHo1n5O210FCbrxqZ5WoAEg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:39:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5324 (0x14cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE3D, serialNumber=6B567C843E42523E0E5B64F64A0F2AE05517BB70 Validity Not Before: Nov 4 16:58:58 2025 GMT Not After : Nov 11 16:58:58 2025 GMT Subject: CN=690a30d2-8019 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:ed:d8:98:55:f2:ef:e9:ec:c9:bf:c0:60:88: 55:61:a2:d7:ae:5f:5f:80:c4:a7:95:56:81:95:b9: 9a:9a:5b:b5:26:aa:a9:2b:89:02:e0:6b:b6:c9:9d: 6f:64:a5:b2:97:30:d8:cd:39:11:e2:bd:a6:4d:41: b8:a6:0b:a7:78:cd:6c:f6:95:c8:ab:52:61:c5:5e: 98:53:f1:34:30:84:99:da:49:ff:fa:3e:30:77:d8: 23:fa:67:f6:55:e5:d3:11:92:34:b3:fe:7e:ec:1b: 09:6a:3e:63:9b:5a:67:17:85:6a:d9:89:b2:1e:a7: f7:9b:b1:80:d4:2b:66:e3:0c:8a:03:f3:37:ba:3f: aa:cd:45:b4:43:37:e9:ec:cc:a2:8a:c2:fe:88:ee: dd:80:31:a0:ac:8a:59:2d:8f:3d:61:c2:4f:76:65: 36:5d:91:fd:6c:f4:2d:bd:9c:eb:3a:3a:06:3f:bb: 51:8d:78:56:a1:24:38:c9:da:57:ad:cb:7e:0e:eb: 7a:72:4e:21:3f:6f:fa:e6:d1:3a:b0:67:19:77:75: 6f:ee:4c:55:51:59:50:a3:f8:21:e9:19:95:ce:7a: 64:12:b2:23:ff:c7:c0:40:99:86:61:7b:ea:2d:70: e5:e2:0e:d8:3c:7e:54:be:08:69:ab:ac:8c:6f:7d: 3e:9b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:0F:12:A6:4C:05:04:A6:D4:98:49:9C:3E:3A:B9:48:C9:CB:61:56 X509v3 Authority Key Identifier: keyid:6B:56:7C:84:3E:42:52:3E:0E:5B:64:F6:4A:0F:2A:E0:55:17:BB:70 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE3D/8EF42A4675DE11E8B704A246C4F9AE02/a1Z8hD5CUj4OW2T2Sg8q4FUXu3A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:27:92:7f:af:84:dd:b9:90:db:74:dd:bd:67:49:41:2a:d2: 1e:86:0a:21:a6:df:9f:0d:b8:67:5a:aa:bb:c3:1a:d5:39:cd: e9:76:1e:df:19:e4:ec:49:6f:db:b6:79:ef:dc:cc:59:04:17: 50:37:8a:10:4b:4e:7d:da:68:89:49:85:a5:18:58:8e:f1:6d: 4b:70:c1:da:12:e9:af:08:d7:41:50:c7:ae:dd:a0:ad:69:97: 0d:65:2e:0b:f9:97:91:06:99:db:eb:f2:f1:e8:be:0c:7b:14: 5e:e5:dd:1e:ec:71:76:dd:92:40:e1:90:c6:ed:8f:63:8b:55: 3c:f0:71:3d:52:74:75:77:72:84:b5:76:a9:08:ef:ed:db:00: 3b:0e:87:26:de:7a:50:50:58:54:65:17:d1:35:77:0c:7c:b9: e1:8f:7d:b4:4b:44:a3:55:ef:e1:be:71:5e:b3:16:dc:85:85: 5c:1d:27:61:80:cc:68:5b:1c:4e:19:d0:e6:cd:a2:52:45:ec: fa:b2:19:67:3c:0a:f4:57:e5:98:56:7e:f5:31:de:75:ee:01: 62:0e:3b:8a:40:48:9c:f2:a8:e9:27:0b:ae:f1:bf:da:79:db: d4:88:2c:7e:80:f4:e6:5f:d5:21:66:75:36:f1:bd:d4:cf:39: 72:e4:8a:59 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFMwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFM0QxMTAvBgNVBAUTKDZCNTY3Qzg0M0U0MjUyM0UwRTVCNjRGNjRBMEYyQUUw NTUxN0JCNzAwHhcNMjUxMTA0MTY1ODU4WhcNMjUxMTExMTY1ODU4WjAYMRYwFAYD VQQDEw02OTBhMzBkMi04MDE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0O3YmFXy7+nsyb/AYIhVYaLXrl9fgMSnlVaBlbmamlu1JqqpK4kC4Gu2yZ1v ZKWylzDYzTkR4r2mTUG4pguneM1s9pXIq1JhxV6YU/E0MISZ2kn/+j4wd9gj+mf2 VeXTEZI0s/5+7BsJaj5jm1pnF4Vq2YmyHqf3m7GA1Ctm4wyKA/M3uj+qzUW0Qzfp 7MyiisL+iO7dgDGgrIpZLY89YcJPdmU2XZH9bPQtvZzrOjoGP7tRjXhWoSQ4ydpX rct+Dut6ck4hP2/65tE6sGcZd3Vv7kxVUVlQo/gh6RmVznpkErIj/8fAQJmGYXvq LXDl4g7YPH5Uvghpq6yMb30+mwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDAPEqZM BQSm1JhJnD46uUjJy2FWMB8GA1UdIwQYMBaAFGtWfIQ+QlI+Dltk9koPKuBVF7tw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUzRC84RUY0MkE0Njc1 REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1VqNE9XMlQyU2c4cTRGVVh1 M0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2ExWjhoRDVDVWo0T1cyVDJTZzhxNEZVWHUzQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUzRC84RUY0MkE0Njc1REUxMUU4QjcwNEEyNDZDNEY5QUUwMi9hMVo4aEQ1Q1Vq NE9XMlQyU2c4cTRGVVh1M0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMJ5J/r4TduZDbdN29Z0lBKtIehgohpt+fDbhnWqq7wxrVOc3pdh7f GeTsSW/btnnv3MxZBBdQN4oQS0592miJSYWlGFiO8W1LcMHaEumvCNdBUMeu3aCt aZcNZS4L+ZeRBpnb6/Lx6L4MexRe5d0e7HF23ZJA4ZDG7Y9ji1U88HE9UnR1d3KE tXapCO/t2wA7Docm3npQUFhUZRfRNXcMfLnhj320S0SjVe/hvnFesxbchYVcHSdh gMxoWxxOGdDmzaJSRez6shlnPAr0V+WYVn71Md517gFiDjuKQEic8qjpJwuu8b/a edvUiCx+gPTmX9UhZnU28b3Uzzly5IpZ -----END CERTIFICATE-----Generated at Tue Nov 4 23:26:14 2025 by rpki-client