$ rpki-client -vvf rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft File: Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft (raw, json) Hash identifier: Uin8gmYBiEwfa/Xn70F7j7G1UxBxWNqlvaj2JQ76tKk= Subject key identifier: 8A:23:C0:9C:C7:F8:61:62:1F:D1:CA:16:36:79:F1:DB:99:75:7F:C8 Authority key identifier: 29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 Certificate issuer: /CN=A91FC985/serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Certificate serial: 84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft Manifest number: 82 Signing time: Wed 05 Nov 2025 06:53:40 +0000 Manifest this update: Wed 05 Nov 2025 06:53:40 +0000 Manifest next update: Wed 12 Nov 2025 06:53:40 +0000 Files and hashes: 1: Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl (hash: Pq5QIJjCjHqKSDECgITi7cTXiG+Qjyhdcp9lHS2ZSQo=) 2: DA3E289CF5B811EFA1046714C4F9AE02.roa (hash: ghtYYnHvBHOXjjafNw/o3b7nWMJznKoJtYacsPdc8uY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:53:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 132 (0x84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FC985, serialNumber=29ADB39B620EAE3CB8AFCA2CA185F5C4876FD043 Validity Not Before: Nov 5 06:53:40 2025 GMT Not After : Nov 12 06:53:40 2025 GMT Subject: CN=690af474-c2fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:9d:81:c7:e3:8d:dd:40:3a:71:48:2f:86:4d: 32:a3:d1:56:50:58:bf:4f:dc:66:8a:94:ae:5c:4e: 0c:59:b6:a0:a6:c0:0a:be:d3:a0:5d:51:ae:b8:2e: 1b:69:9b:22:1a:f6:3f:7c:10:26:b2:c5:f4:42:d8: 85:72:f4:fc:15:6a:8a:d1:ad:90:84:58:e4:ac:f3: 98:0b:e8:9e:f2:ed:24:6e:84:bc:01:fd:4f:30:86: 0c:69:29:56:ff:17:13:ce:80:91:ee:af:98:23:a5: fc:ad:bf:27:b7:84:5e:56:e3:26:ef:66:35:11:af: 1a:77:8a:2c:04:1c:6b:ba:1f:36:72:50:e9:6a:03: a9:0f:7f:2a:d9:29:18:aa:69:ee:c8:ea:5c:ec:60: 4f:82:94:b9:c5:a5:04:2d:ee:e0:3f:7f:c6:40:c7: b7:11:2a:ca:67:38:88:a8:f3:3a:f7:88:a3:40:54: f8:54:04:f4:16:66:9d:25:34:6e:18:c2:dc:c6:b8: c8:95:13:71:7d:ab:47:17:9b:75:5b:32:d5:dd:0e: 55:40:35:54:81:fb:b1:77:9e:73:f0:ab:71:b5:39: b6:2c:22:dc:93:ae:aa:53:e3:40:87:48:6c:b1:f9: 0b:d7:aa:84:70:e6:4e:1a:2a:51:91:de:b8:b1:78: 7a:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:23:C0:9C:C7:F8:61:62:1F:D1:CA:16:36:79:F1:DB:99:75:7F:C8 X509v3 Authority Key Identifier: keyid:29:AD:B3:9B:62:0E:AE:3C:B8:AF:CA:2C:A1:85:F5:C4:87:6F:D0:43 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Ka2zm2IOrjy4r8osoYX1xIdv0EM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FC985/673AA2F4F5B711EF8C1FF611C4F9AE02/Ka2zm2IOrjy4r8osoYX1xIdv0EM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:f5:0b:e3:52:85:c2:d6:23:9b:88:f8:a9:28:2b:98:a2:12: 45:0d:bc:5e:29:11:0e:2e:40:42:1e:ce:0c:e8:8d:cf:92:c9: 69:00:67:5c:20:37:48:c6:60:e1:52:e3:bb:8b:7c:7d:64:2b: f5:31:41:d5:c9:7d:b9:7d:33:43:be:c5:ee:a0:bd:50:64:5f: 79:a2:ea:08:e9:11:7e:03:71:75:8e:5a:92:53:49:d3:66:a7: 11:5e:37:60:3e:b3:09:f2:b1:2d:66:a1:72:10:2d:99:1b:ce: 76:14:64:6e:0c:2d:0c:c1:e0:b5:1d:ee:92:00:e0:07:8e:9d: 29:ce:c4:60:1a:a5:10:77:44:48:79:c0:c1:d6:0d:be:f4:4b: 29:3d:89:c5:6f:d0:1e:06:3b:a4:b3:db:78:59:10:38:17:9d: 2e:f3:63:07:ea:63:40:16:f5:46:e4:b5:ee:76:ab:a7:d4:88: 6f:1d:e0:ff:24:b3:a3:80:cb:a2:a2:15:11:0d:57:c2:e1:4d: 83:9c:a7:f3:0d:34:9d:e1:6a:d3:2f:7c:0c:85:7c:81:6f:43: 0a:2c:d7:c5:8f:22:ec:a1:9d:61:36:39:fb:9e:d2:46:96:af: e8:63:ab:f1:b0:8d:ae:b7:01:50:2e:e3:4c:77:8c:fd:30:52: ef:67:5f:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkM5ODUxMTAvBgNVBAUTKDI5QURCMzlCNjIwRUFFM0NCOEFGQ0EyQ0ExODVGNUM0 ODc2RkQwNDMwHhcNMjUxMTA1MDY1MzQwWhcNMjUxMTEyMDY1MzQwWjAYMRYwFAYD VQQDEw02OTBhZjQ3NC1jMmZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwJ2Bx+ON3UA6cUgvhk0yo9FWUFi/T9xmipSuXE4MWbagpsAKvtOgXVGuuC4b aZsiGvY/fBAmssX0QtiFcvT8FWqK0a2QhFjkrPOYC+ie8u0kboS8Af1PMIYMaSlW /xcTzoCR7q+YI6X8rb8nt4ReVuMm72Y1Ea8ad4osBBxruh82clDpagOpD38q2SkY qmnuyOpc7GBPgpS5xaUELe7gP3/GQMe3ESrKZziIqPM694ijQFT4VAT0FmadJTRu GMLcxrjIlRNxfatHF5t1WzLV3Q5VQDVUgfuxd55z8KtxtTm2LCLck66qU+NAh0hs sfkL16qEcOZOGipRkd64sXh6cwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIojwJzH +GFiH9HKFjZ58duZdX/IMB8GA1UdIwQYMBaAFCmts5tiDq48uK/KLKGF9cSHb9BD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQzk4NS82NzNBQTJGNEY1 QjcxMUVGOEMxRkY2MTFDNEY5QUUwMi9LYTJ6bTJJT3JqeTRyOG9zb1lYMXhJZHYw RU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0thMnptMklPcmp5NHI4b3NvWVgxeElkdjBFTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Qzk4NS82NzNBQTJGNEY1QjcxMUVGOEMxRkY2MTFDNEY5QUUwMi9LYTJ6bTJJT3Jq eTRyOG9zb1lYMXhJZHYwRU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCG9QvjUoXC1iObiPipKCuYohJFDbxeKREOLkBCHs4M6I3PkslpAGdc IDdIxmDhUuO7i3x9ZCv1MUHVyX25fTNDvsXuoL1QZF95ouoI6RF+A3F1jlqSU0nT ZqcRXjdgPrMJ8rEtZqFyEC2ZG852FGRuDC0MweC1He6SAOAHjp0pzsRgGqUQd0RI ecDB1g2+9EspPYnFb9AeBjuks9t4WRA4F50u82MH6mNAFvVG5LXudqun1IhvHeD/ JLOjgMuiohURDVfC4U2DnKfzDTSd4WrTL3wMhXyBb0MKLNfFjyLsoZ1hNjn7ntJG lq/oY6vxsI2utwFQLuNMd4z9MFLvZ19V -----END CERTIFICATE-----Generated at Wed Nov 5 15:43:29 2025 by rpki-client