$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft File: rehZrZQNGhc_pkzXBYZ9SH5nNog.mft (raw, json) Hash identifier: SgBTbjgAnrODhc4NgqUXf6uUUgNUutx0tOdbjaRkez0= Subject key identifier: F2:55:9A:7B:9C:E8:C8:6C:0E:E4:BA:D1:B5:43:48:0A:29:78:D0:2E Authority key identifier: AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 Certificate issuer: /CN=A91FDAD4/serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Certificate serial: 0249 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft Manifest number: 0244 Signing time: Wed 05 Nov 2025 00:19:02 +0000 Manifest this update: Wed 05 Nov 2025 00:19:01 +0000 Manifest next update: Wed 12 Nov 2025 00:19:01 +0000 Files and hashes: 1: rehZrZQNGhc_pkzXBYZ9SH5nNog.crl (hash: cDT4LVfKuJLZKsFUix6xPhGsDJ6zTZJd1Y/Q/xWX2jQ=) 2: A99BC9D64CAC11EDA3BF485AC4F9AE02.roa (hash: M0LQ0bOgsXho1IONj8CXX3n4kpo/nKJprHxKVrxONpQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:19:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 585 (0x249) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDAD4, serialNumber=ADE859AD940D1A173FA64CD705867D487E673688 Validity Not Before: Nov 5 00:19:01 2025 GMT Not After : Nov 12 00:19:01 2025 GMT Subject: CN=690a97f6-8248 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:bf:05:d5:4c:36:e9:21:bd:ed:15:95:10:81: 9e:6e:8e:3d:ad:17:5c:37:ee:d4:e7:96:96:4c:02: 75:65:d6:a6:8a:81:27:5a:84:84:e2:0c:75:40:67: 33:3d:2a:98:2b:59:c1:2e:6d:68:40:e5:db:af:1e: 49:7f:1e:b2:ea:8a:56:9a:fc:a1:9e:bc:88:88:49: 58:b4:9f:36:89:86:a2:8d:7d:9f:5a:b1:e5:b3:7d: 58:65:25:89:71:5c:d1:ca:2b:d6:91:ec:2a:df:03: f7:8b:42:56:b8:ba:e9:a7:be:5a:e9:34:d5:a2:d7: ba:42:28:fa:77:a9:7c:30:81:9e:e5:91:0a:4e:7a: 7c:db:fd:a3:4f:d9:9b:52:72:91:72:15:5a:96:fd: 35:2c:3b:1a:07:1d:e5:d3:45:4e:4c:1d:50:44:03: e7:75:5b:16:1a:ba:99:ab:7a:9f:a2:2a:e0:b9:82: ff:5d:f4:13:c3:28:a9:25:d3:5b:80:fb:98:2b:df: 80:a4:2e:af:76:92:86:56:66:50:56:f2:e7:cc:b1: 37:5c:9f:c0:aa:fb:40:54:b8:a7:2d:d5:ba:3d:53: 87:75:38:de:72:d0:c7:08:9f:bf:ab:a3:3f:7d:94: 2b:84:a1:eb:f1:38:bb:3b:4e:0c:d8:5d:d2:24:92: 1b:4f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:55:9A:7B:9C:E8:C8:6C:0E:E4:BA:D1:B5:43:48:0A:29:78:D0:2E X509v3 Authority Key Identifier: keyid:AD:E8:59:AD:94:0D:1A:17:3F:A6:4C:D7:05:86:7D:48:7E:67:36:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/rehZrZQNGhc_pkzXBYZ9SH5nNog.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDAD4/C85E837A439911ED839D720EC4F9AE02/rehZrZQNGhc_pkzXBYZ9SH5nNog.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:e0:98:aa:bf:e0:86:f2:e8:89:08:3d:73:8a:21:db:d2:dc: f4:dd:be:79:f0:65:09:ee:ac:23:c9:53:ac:c2:8a:1d:66:3a: f5:e1:38:08:d5:42:95:a2:bb:f0:cf:cd:70:7c:c0:50:b4:6e: 9c:30:ae:2a:dc:91:63:88:45:5f:cf:61:4f:33:5d:7f:ce:b5: 97:87:ce:61:16:78:ef:b1:f6:ff:45:7d:bf:c1:60:16:b4:47: 98:6f:2c:63:cc:39:48:32:14:11:18:5f:e2:bd:8a:b5:0e:d8: e9:13:9c:a9:f8:4c:18:8f:fb:8c:60:95:f6:53:12:4a:2a:82: e9:be:c6:02:ba:bf:de:61:30:e2:b9:7d:55:2a:3a:4f:39:89: 46:ad:94:20:ef:b2:9b:72:54:25:9c:81:7a:0e:f0:0c:fd:17: 95:e1:31:91:96:f8:8e:f3:9c:d6:61:bb:e4:07:23:56:13:0f: 61:94:d8:dd:a0:f3:97:f0:9e:44:f8:ba:7a:ee:0b:c5:01:23: 0f:ab:ee:76:c4:6c:c1:ee:40:89:6b:b1:a8:e0:dd:46:35:6d: 0a:6a:c8:fa:5d:77:41:80:b3:eb:52:c2:69:63:9d:ff:22:02: b4:0c:44:e9:12:5a:24:3c:05:07:96:9b:f3:85:fc:9f:a1:ca: 7b:9c:9f:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRBRDQxMTAvBgNVBAUTKEFERTg1OUFEOTQwRDFBMTczRkE2NENENzA1ODY3RDQ4 N0U2NzM2ODgwHhcNMjUxMTA1MDAxOTAxWhcNMjUxMTEyMDAxOTAxWjAYMRYwFAYD VQQDEw02OTBhOTdmNi04MjQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3r8F1Uw26SG97RWVEIGebo49rRdcN+7U55aWTAJ1ZdamioEnWoSE4gx1QGcz PSqYK1nBLm1oQOXbrx5Jfx6y6opWmvyhnryIiElYtJ82iYaijX2fWrHls31YZSWJ cVzRyivWkewq3wP3i0JWuLrpp75a6TTVote6Qij6d6l8MIGe5ZEKTnp82/2jT9mb UnKRchValv01LDsaBx3l00VOTB1QRAPndVsWGrqZq3qfoirguYL/XfQTwyipJdNb gPuYK9+ApC6vdpKGVmZQVvLnzLE3XJ/AqvtAVLinLdW6PVOHdTjectDHCJ+/q6M/ fZQrhKHr8Ti7O04M2F3SJJIbTwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPJVmnuc 6MhsDuS60bVDSAopeNAuMB8GA1UdIwQYMBaAFK3oWa2UDRoXP6ZM1wWGfUh+ZzaI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREFENC9DODVFODM3QTQz OTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdoY19wa3pYQllaOVNINW5O b2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL3JlaFpyWlFOR2hjX3BrelhCWVo5U0g1bk5vZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REFENC9DODVFODM3QTQzOTkxMUVEODM5RDcyMEVDNEY5QUUwMi9yZWhaclpRTkdo Y19wa3pYQllaOVNINW5Ob2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBF4Jiqv+CG8uiJCD1ziiHb0tz03b558GUJ7qwjyVOswoodZjr14TgI 1UKVorvwz81wfMBQtG6cMK4q3JFjiEVfz2FPM11/zrWXh85hFnjvsfb/RX2/wWAW tEeYbyxjzDlIMhQRGF/ivYq1DtjpE5yp+EwYj/uMYJX2UxJKKoLpvsYCur/eYTDi uX1VKjpPOYlGrZQg77KbclQlnIF6DvAM/ReV4TGRlviO85zWYbvkByNWEw9hlNjd oPOX8J5E+Lp67gvFASMPq+52xGzB7kCJa7Go4N1GNW0Kasj6XXdBgLPrUsJpY53/ IgK0DETpElokPAUHlpvzhfyfocp7nJ/q -----END CERTIFICATE-----Generated at Wed Nov 5 15:33:35 2025 by rpki-client