$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: RrWST5VJT9VGVWs5KyQn7B6ZdZ3XOb4u4N7nrWGa0x8= Subject key identifier: FE:C2:CD:B3:CE:71:2E:C9:51:D4:4C:66:C3:7E:93:9C:1D:55:39:A0 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0CAF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C9E Signing time: Tue 04 Nov 2025 18:28:49 +0000 Manifest this update: Tue 04 Nov 2025 18:28:48 +0000 Manifest next update: Tue 11 Nov 2025 18:28:48 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: huYHgPVOM8C88Rr8zQPigr46HoMeo3TklN5cWsaANSA=) 2: 2CF214DC93A611F0B9B44571C4F9AE02.roa (hash: gDTlO8JdKBOhrYpdJ9YbTAbJbDClxcUd9QV6sNxI620=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:28:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3247 (0xcaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Nov 4 18:28:48 2025 GMT Not After : Nov 11 18:28:48 2025 GMT Subject: CN=690a45e1-19e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:82:dd:fc:55:a4:15:c1:23:47:2a:53:57:23: 44:19:83:13:95:b7:e3:4a:82:87:e0:af:ef:1d:a0: 3e:2f:dd:e4:74:1d:21:eb:d7:c3:45:de:7c:dc:95: 82:8e:a5:b6:e1:28:d1:52:78:1a:e8:f8:63:ac:ac: ec:ed:15:03:f3:e8:5f:fb:9c:80:74:dc:0b:be:a4: 80:8c:41:53:ab:c9:44:ea:7b:12:d2:ae:aa:f3:e7: 6a:5c:75:ed:e5:9b:51:42:3e:0b:b5:cd:42:0e:24: bb:74:4e:38:9e:8e:af:1e:27:34:63:c0:36:f2:5b: 46:90:f7:68:91:83:24:7f:29:97:84:1b:77:3f:70: ff:ab:5f:4c:02:7c:e4:34:0f:ad:50:d6:18:8d:6c: 44:6f:4d:50:59:e3:0e:97:35:4c:15:a6:32:36:61: 81:07:b3:13:a0:a8:5d:91:d6:72:fa:61:4d:a4:86: 2e:12:36:8d:90:2b:c4:05:90:20:8b:b0:8d:d5:23: db:7c:da:80:00:96:d9:3a:1f:ab:d5:3a:0e:9c:60: 2a:83:af:7e:65:64:e1:59:21:94:e0:3f:c3:6b:bd: 54:43:51:4e:ee:e4:92:50:44:e7:ea:13:8c:20:ae: 03:2b:b5:9a:86:1b:87:64:94:c1:f0:c3:ed:ae:e6: 0d:8b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FE:C2:CD:B3:CE:71:2E:C9:51:D4:4C:66:C3:7E:93:9C:1D:55:39:A0 X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:d6:09:98:f1:e7:79:2a:fd:99:f4:b8:ba:87:97:8f:ef:a7: 3e:c7:91:a0:41:a6:70:cf:8d:b6:21:e8:ec:70:d7:91:2f:f2: 11:06:83:36:a6:b1:93:6f:45:fb:f3:e0:24:35:04:b4:8b:d6: a5:c4:ba:95:59:a5:a8:19:da:ac:e6:cc:52:69:25:9e:4b:37: e5:45:92:a6:8d:27:98:cd:c3:c5:c4:02:75:83:8b:f8:11:c3: 6b:8d:c8:5c:e8:3e:79:94:2c:bc:d3:a6:5b:d2:37:18:c4:06: 94:cd:30:95:d5:2f:86:e0:2f:7c:81:0e:4a:f1:97:86:2b:05: 41:1b:86:7d:71:68:38:60:7a:f4:ac:8e:0c:78:b4:77:d3:ec: 60:be:54:d5:4b:4e:45:d3:81:f2:85:b7:a3:90:b8:ae:cc:62: 92:a2:18:16:8a:56:7b:8e:39:5f:3c:e3:b9:d7:32:a1:f2:0c: c5:ae:e3:2d:2b:27:59:72:e0:f5:f6:7e:19:f6:03:ba:06:30: c9:d4:c9:07:2a:93:c3:e5:62:f5:86:ef:c6:7c:c9:fb:ab:2a: ea:bc:26:95:a7:c0:de:e3:0f:27:07:99:d5:bf:e6:30:4a:3b: d5:0f:e8:4d:00:b3:dd:71:24:9d:ac:50:d8:8c:e9:52:d3:50: 10:90:30:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUxMTA0MTgyODQ4WhcNMjUxMTExMTgyODQ4WjAYMRYwFAYD VQQDEw02OTBhNDVlMS0xOWU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx4Ld/FWkFcEjRypTVyNEGYMTlbfjSoKH4K/vHaA+L93kdB0h69fDRd583JWC jqW24SjRUnga6PhjrKzs7RUD8+hf+5yAdNwLvqSAjEFTq8lE6nsS0q6q8+dqXHXt 5ZtRQj4Ltc1CDiS7dE44no6vHic0Y8A28ltGkPdokYMkfymXhBt3P3D/q19MAnzk NA+tUNYYjWxEb01QWeMOlzVMFaYyNmGBB7MToKhdkdZy+mFNpIYuEjaNkCvEBZAg i7CN1SPbfNqAAJbZOh+r1ToOnGAqg69+ZWThWSGU4D/Da71UQ1FO7uSSUETn6hOM IK4DK7WahhuHZJTB8MPtruYNiwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP7CzbPO cS7JUdRMZsN+k5wdVTmgMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCY1gmY8ed5Kv2Z9Li6h5eP76c+x5GgQaZwz422IejscNeRL/IRBoM2 prGTb0X78+AkNQS0i9alxLqVWaWoGdqs5sxSaSWeSzflRZKmjSeYzcPFxAJ1g4v4 EcNrjchc6D55lCy806Zb0jcYxAaUzTCV1S+G4C98gQ5K8ZeGKwVBG4Z9cWg4YHr0 rI4MeLR30+xgvlTVS05F04HyhbejkLiuzGKSohgWilZ7jjlfPOO51zKh8gzFruMt KydZcuD19n4Z9gO6BjDJ1MkHKpPD5WL1hu/GfMn7qyrqvCaVp8De4w8nB5nVv+Yw SjvVD+hNALPdcSSdrFDYjOlS01AQkDCB -----END CERTIFICATE-----Generated at Wed Nov 5 15:03:00 2025 by rpki-client