$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: KYr4+b6/BCaXiYJ2jlSdIaJx3w80HPWpB+0XSAZ38+U= Subject key identifier: 2A:68:F0:DD:9D:2E:96:07:B8:4E:A1:6A:29:43:E7:A6:37:8C:43:89 Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CE1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0CDB Signing time: Tue 04 Nov 2025 18:14:32 +0000 Manifest this update: Tue 04 Nov 2025 18:14:32 +0000 Manifest next update: Tue 11 Nov 2025 18:14:32 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: DvJPw8Y6IwMeZ/PMksOcmJpYZSG4yy82gu6HwKMRkfQ=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:39:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3297 (0xce1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Nov 4 18:14:32 2025 GMT Not After : Nov 11 18:14:32 2025 GMT Subject: CN=690a4288-8932 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:fa:f3:ae:9b:54:7a:ac:c3:44:74:58:09:88: de:cf:da:80:b1:c6:12:17:3c:ed:03:39:34:6b:3b: 1c:a8:cb:0e:f6:2a:d3:72:57:3d:5b:f0:da:e8:3f: 33:b5:63:78:a1:68:f4:63:1e:a2:de:25:94:ea:be: c3:4f:1f:3d:84:be:6f:8f:6b:39:2a:f0:99:10:4d: 0d:d6:d2:8c:24:32:87:81:34:fb:03:25:8b:7d:6a: 59:ea:3e:34:82:aa:6b:5f:c1:42:8e:d8:63:82:9f: 75:06:7f:43:f2:ea:8c:44:0a:a1:5a:d3:02:67:0f: f5:59:8c:92:a7:7c:8d:0e:8c:e9:4b:63:14:f6:d1: 00:f5:19:08:44:db:67:de:3e:62:86:e7:3a:87:5f: 75:a6:f5:47:d6:e4:91:8e:0e:80:46:f4:43:f9:b4: b2:fb:35:0c:8e:3e:c0:bf:98:09:da:3c:a7:e4:06: db:9f:da:74:b3:c9:a0:80:7c:98:46:cf:d6:e0:87: ea:2e:39:de:c1:91:5f:3b:61:91:16:1a:fc:f1:9e: 6c:28:3d:61:5f:5f:3c:fd:d1:0b:11:91:c9:87:77: 76:87:53:99:62:96:29:59:6c:a5:fb:20:97:8d:d9: 17:cf:8a:6d:de:dc:fc:3c:11:d6:09:67:ae:21:92: b7:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:68:F0:DD:9D:2E:96:07:B8:4E:A1:6A:29:43:E7:A6:37:8C:43:89 X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:d6:14:8c:80:9f:c6:e5:43:eb:84:10:f6:1c:81:09:c2:ed: bb:08:bd:08:96:f3:15:d3:55:27:c5:45:45:ac:7e:ba:60:55: 2a:0d:1a:5a:a7:4e:e0:c5:89:c6:9a:fe:20:e4:c5:aa:1e:79: 65:24:18:61:e9:21:a6:47:38:2c:54:9c:35:85:ac:53:f9:6a: 8b:35:1d:13:aa:0c:4b:5d:7b:bc:87:a2:b7:8f:8c:b7:3f:03: 12:2e:47:a6:41:1c:f8:27:f5:7c:9d:eb:2d:1a:03:c3:9a:44: 40:97:d9:60:51:60:5d:be:99:20:cc:67:28:64:a0:be:04:c3: a0:c0:63:78:41:43:f4:c3:37:6c:ad:7d:ae:95:36:fd:c6:d7: 64:45:f4:62:7f:0a:54:e5:76:b4:39:42:21:3f:d5:f3:1c:da: 48:9c:dc:7b:08:cf:99:56:77:d4:e7:1e:ba:2d:c8:bc:e0:35: 54:ba:29:3a:e4:c5:b4:f2:40:f3:e6:cb:2c:30:16:76:00:be: 46:3e:7f:38:92:64:09:c6:56:e0:5d:e1:9c:a8:b1:58:9c:75: 36:bb:0f:2f:2b:0d:1c:6e:0e:4a:e7:23:8c:85:a5:46:14:4d: 7c:71:5b:28:e9:dd:44:00:55:85:a4:ea:f2:b4:d7:90:5d:ab: 25:9e:27:48 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDOEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUxMTA0MTgxNDMyWhcNMjUxMTExMTgxNDMyWjAYMRYwFAYD VQQDEw02OTBhNDI4OC04OTMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsPrzrptUeqzDRHRYCYjez9qAscYSFzztAzk0azscqMsO9irTclc9W/Da6D8z tWN4oWj0Yx6i3iWU6r7DTx89hL5vj2s5KvCZEE0N1tKMJDKHgTT7AyWLfWpZ6j40 gqprX8FCjthjgp91Bn9D8uqMRAqhWtMCZw/1WYySp3yNDozpS2MU9tEA9RkIRNtn 3j5ihuc6h191pvVH1uSRjg6ARvRD+bSy+zUMjj7Av5gJ2jyn5Abbn9p0s8mggHyY Rs/W4IfqLjnewZFfO2GRFhr88Z5sKD1hX188/dELEZHJh3d2h1OZYpYpWWyl+yCX jdkXz4pt3tz8PBHWCWeuIZK3ywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCpo8N2d LpYHuE6hailD56Y3jEOJMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAz1hSMgJ/G5UPrhBD2HIEJwu27CL0IlvMV01UnxUVFrH66YFUqDRpa p07gxYnGmv4g5MWqHnllJBhh6SGmRzgsVJw1haxT+WqLNR0TqgxLXXu8h6K3j4y3 PwMSLkemQRz4J/V8nestGgPDmkRAl9lgUWBdvpkgzGcoZKC+BMOgwGN4QUP0wzds rX2ulTb9xtdkRfRifwpU5Xa0OUIhP9XzHNpInNx7CM+ZVnfU5x66Lci84DVUuik6 5MW08kDz5sssMBZ2AL5GPn84kmQJxlbgXeGcqLFYnHU2uw8vKw0cbg5K5yOMhaVG FE18cVso6d1EAFWFpOrytNeQXaslnidI -----END CERTIFICATE-----Generated at Tue Nov 4 21:23:31 2025 by rpki-client