$ rpki-client -vvf rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft File: zFfgNkMaXqPBcqpyg0Aa88StXFk.mft (raw, json) Hash identifier: xbmGaBv0tUY/My0rskrlGzIupIjAO+InG0OivCvMm8o= Subject key identifier: D0:FD:1F:97:8F:70:B4:6C:18:3D:CE:DF:73:84:F5:EC:36:D4:29:EA Authority key identifier: CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 Certificate issuer: /CN=A91FDC78/serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Certificate serial: 0954 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft Manifest number: 0942 Signing time: Tue 04 Nov 2025 20:19:03 +0000 Manifest this update: Tue 04 Nov 2025 20:19:02 +0000 Manifest next update: Tue 11 Nov 2025 20:19:02 +0000 Files and hashes: 1: zFfgNkMaXqPBcqpyg0Aa88StXFk.crl (hash: eB4Bxwaf5zVRZn3A3Ny/yz1d1sGeyfVDxCgstI55FSU=) 2: DA0B639E89E711F08DD17A55C4F9AE02.roa (hash: 92JEuDCm1e9WQ8I7GIzUujJiphmCChYv7JlAxtt8zqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:19:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2388 (0x954) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FDC78, serialNumber=CC57E036431A5EA3C172AA7283401AF3C4AD5C59 Validity Not Before: Nov 4 20:19:02 2025 GMT Not After : Nov 11 20:19:02 2025 GMT Subject: CN=690a5fb7-79b0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:37:3c:f3:29:93:8b:b4:f7:59:62:10:cd:df: 04:5e:66:d4:7d:41:3c:9d:9b:0b:76:41:08:98:37: 42:0e:53:ba:ac:d0:ea:2e:e7:38:32:02:34:0e:85: c0:eb:85:be:9c:e2:a9:1d:4c:11:2b:41:c1:04:f5: 52:9f:28:67:f4:d2:f4:89:67:4c:de:7c:b1:19:f0: 5e:48:25:cc:bb:2c:14:cd:b1:e8:fa:4e:61:a0:12: e7:35:d1:60:9f:9e:6e:a4:06:cf:dc:30:18:ce:16: 1a:6b:5c:88:c7:f8:13:ee:ac:15:73:0e:30:39:c2: c2:38:32:63:e2:de:b6:c2:b6:46:3a:b4:a6:33:ce: 7d:f4:4b:0c:64:7d:85:92:4b:4c:12:16:dd:f8:30: d0:29:97:22:aa:0e:91:b1:3e:48:70:98:7d:fd:24: e5:fb:df:70:ae:86:e1:0e:27:c5:aa:6e:be:54:bd: b6:34:04:45:59:ee:0b:e5:19:af:89:ea:8a:95:76: 6a:c9:b3:e0:69:ac:2e:54:c5:20:c9:08:99:38:be: bd:ca:78:c3:91:73:c2:ef:ca:d1:d5:45:aa:2e:cd: d2:27:be:a4:17:0c:7d:3c:a1:47:29:45:55:f2:fd: b0:db:0e:94:54:c2:17:ca:61:61:4c:6d:85:c6:47: 54:df Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:FD:1F:97:8F:70:B4:6C:18:3D:CE:DF:73:84:F5:EC:36:D4:29:EA X509v3 Authority Key Identifier: keyid:CC:57:E0:36:43:1A:5E:A3:C1:72:AA:72:83:40:1A:F3:C4:AD:5C:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zFfgNkMaXqPBcqpyg0Aa88StXFk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FDC78/15474008AEAC11EAA6C1D761C4F9AE02/zFfgNkMaXqPBcqpyg0Aa88StXFk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 45:44:ae:e9:92:89:8e:e6:66:96:60:da:13:79:2c:44:4a:be: 3b:ed:9e:3e:43:53:7d:42:04:06:3d:db:7a:40:1d:cc:86:f4: 88:58:c7:0d:16:12:e2:a2:2d:5c:63:97:b5:36:bb:5e:ac:e1: 90:13:2f:f7:08:d9:80:40:69:6e:61:cb:45:17:98:3b:ec:94: ad:70:f4:e5:b0:ba:00:d6:02:d0:fc:58:66:f7:1a:2b:54:26: 4e:ef:a1:55:53:29:19:87:e5:ee:b3:9d:29:80:b4:ca:cb:a3: db:45:d3:e8:1d:47:77:b3:00:4a:0b:97:a0:9d:8f:b9:cc:21: 5b:5a:e3:17:51:b8:06:0b:ef:3d:9f:a5:ef:ce:03:c1:bd:d5: 0f:16:67:d8:7f:e4:5f:f6:6b:25:eb:a1:d9:6d:1c:32:2e:cc: ce:d9:b5:2b:7b:5b:23:9c:da:12:3b:8c:f8:71:91:79:ae:36: a6:b2:c4:cd:be:49:ef:06:18:00:25:ce:c0:ef:7e:18:cb:2b: ff:dc:84:7c:aa:ce:5e:cd:1d:e9:53:fb:f8:c1:a3:59:a4:c9: 26:8b:8c:4f:83:17:1e:03:59:9b:44:8f:99:c9:56:35:51:cc: 98:38:c5:78:d6:35:74:cf:e3:eb:11:00:dc:75:ec:f5:04:7a: a6:4e:24:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCVQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkRDNzgxMTAvBgNVBAUTKENDNTdFMDM2NDMxQTVFQTNDMTcyQUE3MjgzNDAxQUYz QzRBRDVDNTkwHhcNMjUxMTA0MjAxOTAyWhcNMjUxMTExMjAxOTAyWjAYMRYwFAYD VQQDEw02OTBhNWZiNy03OWIwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2Dc88ymTi7T3WWIQzd8EXmbUfUE8nZsLdkEImDdCDlO6rNDqLuc4MgI0DoXA 64W+nOKpHUwRK0HBBPVSnyhn9NL0iWdM3nyxGfBeSCXMuywUzbHo+k5hoBLnNdFg n55upAbP3DAYzhYaa1yIx/gT7qwVcw4wOcLCODJj4t62wrZGOrSmM8599EsMZH2F kktMEhbd+DDQKZciqg6RsT5IcJh9/STl+99wrobhDifFqm6+VL22NARFWe4L5Rmv ieqKlXZqybPgaawuVMUgyQiZOL69ynjDkXPC78rR1UWqLs3SJ76kFwx9PKFHKUVV 8v2w2w6UVMIXymFhTG2FxkdU3wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFND9H5eP cLRsGD3O33OE9ew21CnqMB8GA1UdIwQYMBaAFMxX4DZDGl6jwXKqcoNAGvPErVxZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGREM3OC8xNTQ3NDAwOEFF QUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhxUEJjcXB5ZzBBYTg4U3RY RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pGZmdOa01hWHFQQmNxcHlnMEFhODhTdFhGay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG REM3OC8xNTQ3NDAwOEFFQUMxMUVBQTZDMUQ3NjFDNEY5QUUwMi96RmZnTmtNYVhx UEJjcXB5ZzBBYTg4U3RYRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBFRK7pkomO5maWYNoTeSxESr477Z4+Q1N9QgQGPdt6QB3MhvSIWMcN FhLioi1cY5e1NrterOGQEy/3CNmAQGluYctFF5g77JStcPTlsLoA1gLQ/Fhm9xor VCZO76FVUykZh+Xus50pgLTKy6PbRdPoHUd3swBKC5egnY+5zCFbWuMXUbgGC+89 n6XvzgPBvdUPFmfYf+Rf9msl66HZbRwyLszO2bUre1sjnNoSO4z4cZF5rjamssTN vknvBhgAJc7A734Yyyv/3IR8qs5ezR3pU/v4waNZpMkmi4xPgxceA1mbRI+ZyVY1 UcyYOMV41jV0z+PrEQDcdez1BHqmTiRE -----END CERTIFICATE-----Generated at Wed Nov 5 05:13:53 2025 by rpki-client