$ rpki-client -vvf rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.mft File: ZTy4p1ENubbBon2HfSEh5t9CGYI.mft (raw, json) Hash identifier: Xn1moAlCkV/za2RQXAHNrkOQae4/rONotaz3mKjoSQw= Subject key identifier: 61:B4:20:E1:B8:20:DA:4D:1F:8D:1A:06:3A:C2:21:4D:46:60:43:DD Authority key identifier: 65:3C:B8:A7:51:0D:B9:B6:C1:A2:7D:87:7D:21:21:E6:DF:42:19:82 Certificate issuer: /CN=A91EFC94/serialNumber=653CB8A7510DB9B6C1A27D877D2121E6DF421982 Certificate serial: DD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZTy4p1ENubbBon2HfSEh5t9CGYI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.mft Manifest number: D1 Signing time: Mon 03 Nov 2025 05:55:18 +0000 Manifest this update: Mon 03 Nov 2025 05:55:18 +0000 Manifest next update: Mon 10 Nov 2025 05:55:18 +0000 Files and hashes: 1: ZTy4p1ENubbBon2HfSEh5t9CGYI.crl (hash: NwVJBsnqyjDu5hdodU4+ZeY1SlKZaaP5V7OgELkU8cA=) 2: 6B7CC19C73B811F08DDFF784C4F9AE02.roa (hash: YrfoAaRH0TwvCd3/fpeLdhWkCOhZ1iXJCt8nCYQZbVA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.crl rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZTy4p1ENubbBon2HfSEh5t9CGYI.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:55:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EFC94, serialNumber=653CB8A7510DB9B6C1A27D877D2121E6DF421982 Validity Not Before: Nov 3 05:55:18 2025 GMT Not After : Nov 10 05:55:18 2025 GMT Subject: CN=690843c6-9779 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:df:e0:b1:7e:ac:b0:30:49:06:9b:ce:de:bc: 96:ce:f9:19:a5:95:b2:7c:ea:1e:c4:84:60:cb:80: 5d:de:96:87:fd:99:04:5f:b4:78:30:09:e5:85:7a: d6:6e:bc:0e:d7:6d:dd:6c:a7:9c:81:7b:37:ef:e1: ed:91:66:90:42:2a:2c:df:3b:a6:72:32:49:6f:8e: 55:02:37:c9:69:e3:81:65:56:72:79:95:a6:96:5d: dd:35:74:a8:5c:8f:30:66:26:c6:dc:d4:43:d8:09: fd:25:b7:84:9b:dd:61:fa:cf:2d:90:3c:17:de:be: 31:8a:b8:d2:33:ea:dc:88:3f:7a:8b:f5:78:28:a4: 36:20:e0:7d:80:64:f3:d0:cb:bd:84:23:30:c1:ae: e0:0d:9d:fc:e1:8b:94:70:78:62:3c:3e:f0:59:95: 61:23:e7:4a:c7:d8:e3:61:ad:0b:ca:ea:6b:bd:e9: 0a:47:c8:7a:7b:6a:8e:58:22:67:a2:6f:dd:a8:4a: d1:ea:74:57:bf:99:47:1e:a1:34:19:dd:19:15:9c: b1:f9:d6:90:2e:35:5d:07:cd:75:52:9b:8a:79:24: d2:36:13:a5:7e:5c:60:5a:cb:ef:86:0e:47:27:dc: 70:cb:1c:a1:06:57:22:3b:a8:23:4c:ad:39:5c:77: 97:ef Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:B4:20:E1:B8:20:DA:4D:1F:8D:1A:06:3A:C2:21:4D:46:60:43:DD X509v3 Authority Key Identifier: keyid:65:3C:B8:A7:51:0D:B9:B6:C1:A2:7D:87:7D:21:21:E6:DF:42:19:82 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/ZTy4p1ENubbBon2HfSEh5t9CGYI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EFC94/A8CD016494DA11EF89086D21C4F9AE02/ZTy4p1ENubbBon2HfSEh5t9CGYI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:2c:16:e3:7d:60:44:b8:3f:f1:bf:b3:61:2c:02:5d:b1:50: fe:5d:9d:70:1c:8f:30:76:3e:81:a2:21:d0:0d:89:de:ae:7a: 07:cf:f6:37:b4:1e:dd:9b:c0:b0:1d:fa:38:24:af:f8:e4:48: 94:4b:d5:ba:7a:55:f0:7e:61:85:2e:93:68:37:18:36:68:3f: b2:2e:4a:a7:8f:32:ca:ec:23:68:8c:4a:0b:d6:e6:8f:0d:ae: 04:fe:09:39:67:48:60:41:f0:83:28:d3:37:ff:97:9d:6e:13: 0e:27:42:9c:9d:6d:4c:76:6d:6d:aa:75:11:e3:eb:39:98:20: 9c:dd:3e:c5:5e:7f:9c:76:e5:5a:a4:8f:4e:24:0d:1c:4a:a6: 98:8d:27:83:4c:d5:75:fc:81:b2:76:7c:c8:56:29:b5:00:9f: 66:c7:a2:46:3e:57:f2:b0:27:ea:a4:62:90:b4:34:d8:d4:b2: d9:58:63:5b:36:30:14:b1:d7:28:d9:95:48:20:ed:aa:5b:ac: 1d:e9:37:23:4c:e9:21:83:c7:e5:55:0d:53:85:2b:d3:bc:83: d6:45:de:c5:fb:25:9f:14:81:dd:f2:dd:fc:6e:8c:66:01:6d: a7:ed:0e:71:00:94:2a:8d:17:fa:71:ca:82:e4:18:2d:4f:b3: 0b:87:fc:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUZDOTQxMTAvBgNVBAUTKDY1M0NCOEE3NTEwREI5QjZDMUEyN0Q4NzdEMjEyMUU2 REY0MjE5ODIwHhcNMjUxMTAzMDU1NTE4WhcNMjUxMTEwMDU1NTE4WjAYMRYwFAYD VQQDEw02OTA4NDNjNi05Nzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2N/gsX6ssDBJBpvO3ryWzvkZpZWyfOoexIRgy4Bd3paH/ZkEX7R4MAnlhXrW brwO123dbKecgXs37+HtkWaQQios3zumcjJJb45VAjfJaeOBZVZyeZWmll3dNXSo XI8wZibG3NRD2An9JbeEm91h+s8tkDwX3r4xirjSM+rciD96i/V4KKQ2IOB9gGTz 0Mu9hCMwwa7gDZ384YuUcHhiPD7wWZVhI+dKx9jjYa0LyuprvekKR8h6e2qOWCJn om/dqErR6nRXv5lHHqE0Gd0ZFZyx+daQLjVdB811UpuKeSTSNhOlflxgWsvvhg5H J9xwyxyhBlciO6gjTK05XHeX7wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGG0IOG4 INpNH40aBjrCIU1GYEPdMB8GA1UdIwQYMBaAFGU8uKdRDbm2waJ9h30hIebfQhmC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRkM5NC9BOENEMDE2NDk0 REExMUVGODkwODZEMjFDNEY5QUUwMi9aVHk0cDFFTnViYkJvbjJIZlNFaDV0OUNH WUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1pUeTRwMUVOdWJiQm9uMkhmU0VoNXQ5Q0dZSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RkM5NC9BOENEMDE2NDk0REExMUVGODkwODZEMjFDNEY5QUUwMi9aVHk0cDFFTnVi YkJvbjJIZlNFaDV0OUNHWUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC7LBbjfWBEuD/xv7NhLAJdsVD+XZ1wHI8wdj6BoiHQDYnernoHz/Y3 tB7dm8CwHfo4JK/45EiUS9W6elXwfmGFLpNoNxg2aD+yLkqnjzLK7CNojEoL1uaP Da4E/gk5Z0hgQfCDKNM3/5edbhMOJ0KcnW1Mdm1tqnUR4+s5mCCc3T7FXn+cduVa pI9OJA0cSqaYjSeDTNV1/IGydnzIVim1AJ9mx6JGPlfysCfqpGKQtDTY1LLZWGNb NjAUsdco2ZVIIO2qW6wd6TcjTOkhg8flVQ1ThSvTvIPWRd7F+yWfFIHd8t38boxm AW2n7Q5xAJQqjRf6ccqC5BgtT7MLh/zd -----END CERTIFICATE-----Generated at Tue Nov 4 21:32:05 2025 by rpki-client