$ rpki-client -vvf rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft File: Km8SBBLYIPn_JM0F1ez0nmYtmco.mft (raw, json) Hash identifier: lVNwZaSKThTA/3MUOit4/vQInKuGyhq3ufSDMGQf4dA= Subject key identifier: 5F:42:28:2C:B9:21:82:52:CC:3C:71:53:58:0D:CB:54:5F:17:CC:46 Authority key identifier: 2A:6F:12:04:12:D8:20:F9:FF:24:CD:05:D5:EC:F4:9E:66:2D:99:CA Certificate issuer: /CN=A91F240B/serialNumber=2A6F120412D820F9FF24CD05D5ECF49E662D99CA Certificate serial: 1FD0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Km8SBBLYIPn_JM0F1ez0nmYtmco.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft Manifest number: 1FC2 Signing time: Tue 04 Nov 2025 16:04:49 +0000 Manifest this update: Tue 04 Nov 2025 16:04:49 +0000 Manifest next update: Tue 11 Nov 2025 16:04:49 +0000 Files and hashes: 1: Km8SBBLYIPn_JM0F1ez0nmYtmco.crl (hash: Z4MVEhb+ni4D8N5VOxPQxWemuzGBde6dXvYB50sxAL4=) 2: E352E0A2896F11E7BBF2923CC4F9AE02.roa (hash: bpwG3qWkZqt3c9e2parZM85DcFLWLncfBgOv3ugwly0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.crl rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Km8SBBLYIPn_JM0F1ez0nmYtmco.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:04:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8144 (0x1fd0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F240B, serialNumber=2A6F120412D820F9FF24CD05D5ECF49E662D99CA Validity Not Before: Nov 4 16:04:49 2025 GMT Not After : Nov 11 16:04:49 2025 GMT Subject: CN=690a2421-a1e4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:bc:0c:53:cd:0a:67:09:18:d7:9a:cc:f9:54: ce:96:1a:c2:0c:3e:b9:f0:1c:b6:6d:11:66:a9:cd: 66:79:7c:5a:61:5d:63:f4:7e:81:8f:78:a2:fa:ae: 06:a0:81:55:38:9c:88:e1:3a:e1:95:e1:08:68:2e: 0b:6c:22:ad:e9:67:b9:d4:c7:a2:80:25:41:1d:7a: bb:f8:53:c6:eb:53:e8:95:f9:2d:19:29:82:f9:a7: 0a:4f:7c:3b:54:18:70:1f:af:8e:f8:43:fb:7e:76: bf:d3:0c:f6:6c:12:b6:c0:1e:83:91:28:59:e7:29: 14:d4:88:7c:55:fb:18:83:e0:30:05:78:b1:98:63: 3b:a1:e8:f0:56:76:ab:1a:c8:87:56:d4:86:41:15: 87:62:36:ee:b9:a6:da:20:3e:ea:22:48:aa:69:0a: ec:36:c3:28:f3:49:de:4c:4e:08:46:0b:8e:7c:64: 66:2f:3e:52:0e:68:6e:2d:04:bd:6c:71:38:59:be: 69:8f:41:c8:f4:31:fd:b8:5d:7f:b0:8e:6c:06:1a: db:68:8b:19:ea:be:20:dc:d6:4a:c6:23:cc:35:0e: 42:b6:ec:2c:ff:9f:69:db:7f:20:fa:b5:94:3c:51: 75:e6:aa:80:9d:d5:03:13:43:b6:0c:30:28:a0:f3: d0:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5F:42:28:2C:B9:21:82:52:CC:3C:71:53:58:0D:CB:54:5F:17:CC:46 X509v3 Authority Key Identifier: keyid:2A:6F:12:04:12:D8:20:F9:FF:24:CD:05:D5:EC:F4:9E:66:2D:99:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Km8SBBLYIPn_JM0F1ez0nmYtmco.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F240B/5B736D92433311E6959A7815C4F9AE02/Km8SBBLYIPn_JM0F1ez0nmYtmco.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:1b:a0:5e:3a:05:8e:1b:a6:62:f3:89:30:ce:9b:0f:66:b8: 94:a5:27:ae:a3:77:f1:5b:9d:d8:92:f0:cb:79:88:5e:c4:6b: e3:64:c4:4f:d6:d4:29:d6:a3:a7:82:ee:bc:7c:10:f7:c5:78: 40:72:83:73:f2:4a:b6:54:2e:9d:c4:46:09:62:de:09:66:2c: 40:83:d9:59:2d:03:9f:9d:23:cd:79:1c:48:d9:aa:41:f4:cf: 85:8b:39:63:f1:15:e7:46:fc:0b:2a:1e:67:17:14:c8:dd:1a: dc:c3:4d:3a:07:68:da:46:c9:bb:62:b0:29:43:93:bf:4e:aa: 55:57:3c:58:ad:33:a3:a6:15:a5:c4:ab:9b:d0:01:d5:4d:4a: fe:d9:1c:cd:08:22:1a:5e:9a:0f:ed:cd:bd:a0:fd:1c:e6:54: 09:e8:8c:cf:7c:e4:49:6f:25:00:bd:b6:40:1b:ca:10:b3:2d: 25:1e:f1:a5:a1:14:96:eb:07:e0:f8:0c:06:bc:5e:11:75:f6: 12:33:5a:a6:9e:13:0e:50:fc:15:02:77:90:14:60:8f:91:bf: 92:f1:6d:7c:21:4d:b0:c4:5f:9c:78:c2:86:26:33:e4:0f:bf: 5e:93:ea:1b:94:2e:45:e8:b2:58:f3:58:5a:f7:d0:f8:ee:52: f4:11:5e:dd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICH9AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjI0MEIxMTAvBgNVBAUTKDJBNkYxMjA0MTJEODIwRjlGRjI0Q0QwNUQ1RUNGNDlF NjYyRDk5Q0EwHhcNMjUxMTA0MTYwNDQ5WhcNMjUxMTExMTYwNDQ5WjAYMRYwFAYD VQQDEw02OTBhMjQyMS1hMWU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw7wMU80KZwkY15rM+VTOlhrCDD658By2bRFmqc1meXxaYV1j9H6Bj3ii+q4G oIFVOJyI4TrhleEIaC4LbCKt6We51MeigCVBHXq7+FPG61PolfktGSmC+acKT3w7 VBhwH6+O+EP7fna/0wz2bBK2wB6DkShZ5ykU1Ih8VfsYg+AwBXixmGM7oejwVnar GsiHVtSGQRWHYjbuuabaID7qIkiqaQrsNsMo80neTE4IRguOfGRmLz5SDmhuLQS9 bHE4Wb5pj0HI9DH9uF1/sI5sBhrbaIsZ6r4g3NZKxiPMNQ5Ctuws/59p238g+rWU PFF15qqAndUDE0O2DDAooPPQ5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF9CKCy5 IYJSzDxxU1gNy1RfF8xGMB8GA1UdIwQYMBaAFCpvEgQS2CD5/yTNBdXs9J5mLZnK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjQwQi81QjczNkQ5MjQz MzMxMUU2OTU5QTc4MTVDNEY5QUUwMi9LbThTQkJMWUlQbl9KTTBGMWV6MG5tWXRt Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ttOFNCQkxZSVBuX0pNMEYxZXowbm1ZdG1jby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjQwQi81QjczNkQ5MjQzMzMxMUU2OTU5QTc4MTVDNEY5QUUwMi9LbThTQkJMWUlQ bl9KTTBGMWV6MG5tWXRtY28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYG6BeOgWOG6Zi84kwzpsPZriUpSeuo3fxW53YkvDLeYhexGvjZMRP 1tQp1qOngu68fBD3xXhAcoNz8kq2VC6dxEYJYt4JZixAg9lZLQOfnSPNeRxI2apB 9M+Fizlj8RXnRvwLKh5nFxTI3Rrcw006B2jaRsm7YrApQ5O/TqpVVzxYrTOjphWl xKub0AHVTUr+2RzNCCIaXpoP7c29oP0c5lQJ6IzPfORJbyUAvbZAG8oQsy0lHvGl oRSW6wfg+AwGvF4RdfYSM1qmnhMOUPwVAneQFGCPkb+S8W18IU2wxF+ceMKGJjPk D79ek+oblC5F6LJY81ha99D47lL0EV7d -----END CERTIFICATE-----Generated at Wed Nov 5 20:09:23 2025 by rpki-client