$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.mft File: zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.mft (raw, json) Hash identifier: rKoxo/PGJkGO9oSsztCDCFC9RChd8DJpOP+8aGvGovc= Subject key identifier: 1E:06:F1:D8:B1:DD:8C:67:2C:5B:F4:64:0A:EB:F1:C1:95:0C:EB:D1 Authority key identifier: CC:85:09:D3:1F:B6:3A:8D:DD:6B:F2:D3:D8:4C:7B:C0:B2:BA:3F:C0 Certificate issuer: /CN=A91EBFB0/serialNumber=CC8509D31FB63A8DDD6BF2D3D84C7BC0B2BA3FC0 Certificate serial: 0CDB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.mft Manifest number: 0CD4 Signing time: Tue 04 Nov 2025 18:14:47 +0000 Manifest this update: Tue 04 Nov 2025 18:14:46 +0000 Manifest next update: Tue 11 Nov 2025 18:14:46 +0000 Files and hashes: 1: zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.crl (hash: qRqnFir8reUn5zGpXwh3BocAnEqmWd+S8fd/afXeI9w=) 2: F690CAECF87D11E9A746D05BC4F9AE02.roa (hash: PKzsRoQOFkH0aPoaShEpuvQ+omyVkcjK/WY8mjX8BEM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.crl rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:14:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3291 (0xcdb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBFB0, serialNumber=CC8509D31FB63A8DDD6BF2D3D84C7BC0B2BA3FC0 Validity Not Before: Nov 4 18:14:46 2025 GMT Not After : Nov 11 18:14:46 2025 GMT Subject: CN=690a4296-2b80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:af:fb:79:c0:c0:ec:78:c5:6d:7b:b7:5d:b1:6d: 86:8b:43:35:b6:72:39:59:75:07:01:71:4c:eb:f3: f2:41:78:34:07:35:db:1c:cf:9d:1e:99:2c:97:30: d8:68:0a:42:5a:5d:51:88:e7:d1:69:d9:cc:94:27: 81:bc:91:d7:a6:66:5f:0e:c9:7e:7c:58:65:8f:95: c5:79:cd:b8:ac:21:0b:5d:0d:23:b0:bb:05:55:0a: 9d:43:59:02:ef:71:41:05:92:54:16:0f:e2:86:6d: b1:03:77:a2:7a:69:de:87:2d:0d:56:a3:c7:32:d5: 5e:6e:6e:e3:1f:77:e0:69:94:5a:ba:cd:60:10:6f: ab:7f:f0:b6:a2:0f:30:2e:d3:2d:12:aa:6e:d7:71: 41:bd:eb:d2:3f:b3:f7:ee:19:12:69:a4:4e:27:28: c6:07:f9:c8:b9:19:66:bb:56:83:61:6a:03:39:f1: 7d:c8:cb:d8:7e:79:0d:0b:21:da:4a:1e:6f:4c:6a: d0:ad:9c:16:93:a7:d5:ed:4a:2a:5d:95:db:c3:0d: 40:9a:62:9c:d7:63:c5:ec:59:78:7d:df:d1:cd:0b: 0f:f9:d5:7f:c1:4d:e2:81:8a:f4:85:d8:fe:7e:ba: 4c:c7:93:70:7b:b6:7d:bf:16:17:90:8e:b9:d2:e8: 72:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:06:F1:D8:B1:DD:8C:67:2C:5B:F4:64:0A:EB:F1:C1:95:0C:EB:D1 X509v3 Authority Key Identifier: keyid:CC:85:09:D3:1F:B6:3A:8D:DD:6B:F2:D3:D8:4C:7B:C0:B2:BA:3F:C0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBFB0/A3AB43B2F87C11E9AA2CF158C4F9AE02/zIUJ0x-2Oo3da_LT2Ex7wLK6P8A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1d:dd:29:e6:3f:83:d9:a2:a8:a0:62:4b:c6:c9:c4:da:bd:24: 43:56:6a:1f:e6:38:8f:e6:54:0e:0d:10:6c:67:f4:49:8f:f0: 2a:5f:7c:6c:68:28:f0:96:49:0a:a5:80:63:3a:e3:88:29:2e: 5a:22:c7:4e:4e:14:a3:0d:bb:89:19:7b:6a:f6:8e:1c:28:35: b2:f6:a8:8c:76:ef:36:b4:46:8b:fc:14:64:3e:17:f2:94:b9: 7a:96:a8:ed:f4:49:16:c8:5f:d3:84:e6:6f:4d:6a:93:54:13: da:fb:2b:d8:b5:0e:10:ef:29:93:45:6b:be:66:1e:a0:ee:18: 3a:0a:ab:00:77:7f:b7:68:03:9f:5d:cd:01:39:3a:13:aa:d8: 0e:ba:a5:1b:bf:c4:12:e3:f2:3b:3d:a1:ee:d1:25:f8:b6:fc: 96:68:a8:ee:ee:0c:fb:c8:d0:6a:c6:9d:c5:1d:90:65:3a:00: d0:2d:7b:80:79:ff:14:55:db:d4:0a:8a:83:54:45:29:b4:94: cd:9b:16:60:7a:7e:76:76:d9:a8:89:32:a0:e8:21:62:19:f5: 32:80:36:e7:0d:af:41:d3:be:3e:f9:68:92:ef:57:30:b1:77: d9:12:e5:98:bb:18:6a:85:7e:ee:70:b0:bc:69:2f:df:39:b5: b3:3e:a1:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJGQjAxMTAvBgNVBAUTKENDODUwOUQzMUZCNjNBOERERDZCRjJEM0Q4NEM3QkMw QjJCQTNGQzAwHhcNMjUxMTA0MTgxNDQ2WhcNMjUxMTExMTgxNDQ2WjAYMRYwFAYD VQQDEw02OTBhNDI5Ni0yYjgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAr/t5wMDseMVte7ddsW2Gi0M1tnI5WXUHAXFM6/PyQXg0BzXbHM+dHpkslzDY aApCWl1RiOfRadnMlCeBvJHXpmZfDsl+fFhlj5XFec24rCELXQ0jsLsFVQqdQ1kC 73FBBZJUFg/ihm2xA3eiemnehy0NVqPHMtVebm7jH3fgaZRaus1gEG+rf/C2og8w LtMtEqpu13FBvevSP7P37hkSaaROJyjGB/nIuRlmu1aDYWoDOfF9yMvYfnkNCyHa Sh5vTGrQrZwWk6fV7UoqXZXbww1AmmKc12PF7Fl4fd/RzQsP+dV/wU3igYr0hdj+ frpMx5Nwe7Z9vxYXkI650uhyGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB4G8dix 3YxnLFv0ZArr8cGVDOvRMB8GA1UdIwQYMBaAFMyFCdMftjqN3Wvy09hMe8Cyuj/A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkZCMC9BM0FCNDNCMkY4 N0MxMUU5QUEyQ0YxNThDNEY5QUUwMi96SVVKMHgtMk9vM2RhX0xUMkV4N3dMSzZQ OEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJVUoweC0yT28zZGFfTFQyRXg3d0xLNlA4QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkZCMC9BM0FCNDNCMkY4N0MxMUU5QUEyQ0YxNThDNEY5QUUwMi96SVVKMHgtMk9v M2RhX0xUMkV4N3dMSzZQOEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAd3SnmP4PZoqigYkvGycTavSRDVmof5jiP5lQODRBsZ/RJj/AqX3xs aCjwlkkKpYBjOuOIKS5aIsdOThSjDbuJGXtq9o4cKDWy9qiMdu82tEaL/BRkPhfy lLl6lqjt9EkWyF/ThOZvTWqTVBPa+yvYtQ4Q7ymTRWu+Zh6g7hg6CqsAd3+3aAOf Xc0BOToTqtgOuqUbv8QS4/I7PaHu0SX4tvyWaKju7gz7yNBqxp3FHZBlOgDQLXuA ef8UVdvUCoqDVEUptJTNmxZgen52dtmoiTKg6CFiGfUygDbnDa9B074++WiS71cw sXfZEuWYuxhqhX7ucLC8aS/fObWzPqFg -----END CERTIFICATE-----Generated at Wed Nov 5 11:49:32 2025 by rpki-client