$ rpki-client -vvf rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft File: Tcfii1RvKgtTjozfgy2aofN8yOQ.mft (raw, json) Hash identifier: iPc1JaZ8E02aoDK6JW1aA1TIrWZlQp/tduMSvn69V4g= Subject key identifier: 0E:19:92:BB:66:F4:68:39:58:5A:C6:4C:29:9D:6D:32:8B:B3:05:16 Authority key identifier: 4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4 Certificate issuer: /CN=A91423C1/serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4 Certificate serial: DC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft Manifest number: C8 Signing time: Wed 05 Nov 2025 04:02:47 +0000 Manifest this update: Wed 05 Nov 2025 04:02:47 +0000 Manifest next update: Wed 12 Nov 2025 04:02:47 +0000 Files and hashes: 1: Tcfii1RvKgtTjozfgy2aofN8yOQ.crl (hash: 4yRozkAV+5sx+7w5w2I9HYl0uZXJWh6YTCpaCq1b008=) 2: 640E4E709F6F11F0A268CE5DC4F9AE02.roa (hash: 2zmhOrf3j4kWN7WNyi93+FWxSiadjBJUCk2CS0HquvM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:02:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91423C1, serialNumber=4DC7E28B546F2A0B538E8CDF832D9AA1F37CC8E4 Validity Not Before: Nov 5 04:02:47 2025 GMT Not After : Nov 12 04:02:47 2025 GMT Subject: CN=690acc67-670a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:d0:f2:50:a0:15:0f:cc:30:0b:56:54:0a:69: a1:6b:43:dd:55:54:05:9f:53:ea:4c:50:02:39:97: 64:fa:7b:62:51:03:47:09:00:0c:77:cb:7e:22:34: b9:62:c6:ea:5d:e0:a1:83:89:37:d8:1e:2b:27:e5: 3d:59:30:45:10:30:56:30:0b:a2:83:19:8b:93:62: 30:76:04:8d:83:5e:b1:27:d5:5d:29:f1:98:94:9e: 08:be:f4:60:c1:8b:76:d8:46:b0:1b:65:f9:f1:22: fa:3c:14:ac:9c:69:ce:bc:c3:fb:42:72:9c:ad:a9: 54:a6:50:88:40:c6:b1:b6:f1:e8:e3:45:a0:b8:a4: 28:66:cc:a3:a0:47:23:bc:b2:47:51:fe:26:4d:2c: 13:66:f9:6c:bd:f4:63:77:53:16:a4:1b:bd:78:d9: df:db:19:4f:77:f8:95:b0:fd:be:1c:56:4a:b4:1d: db:cd:93:27:c0:a9:82:26:59:49:0e:61:c7:e0:c9: 62:2c:cf:e6:67:47:7a:89:60:2a:78:fa:d2:dd:f7: e6:b9:4c:c3:2e:71:1a:ca:2b:46:30:ac:86:91:1a: 53:31:17:0c:4d:eb:21:85:1d:b0:89:cd:bb:00:df: 0f:7e:0e:f9:65:9c:d3:70:10:67:54:80:d8:0f:9f: de:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:19:92:BB:66:F4:68:39:58:5A:C6:4C:29:9D:6D:32:8B:B3:05:16 X509v3 Authority Key Identifier: keyid:4D:C7:E2:8B:54:6F:2A:0B:53:8E:8C:DF:83:2D:9A:A1:F3:7C:C8:E4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Tcfii1RvKgtTjozfgy2aofN8yOQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91423C1/D0320EF8BF4F11EFBCF68944C4F9AE02/Tcfii1RvKgtTjozfgy2aofN8yOQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:43:90:10:96:e6:92:80:90:4e:0c:14:4d:b3:99:da:de:27: 9e:9f:60:2b:df:c9:f4:da:0a:7c:83:b1:c1:52:1b:89:6c:bb: ae:f4:2d:8f:c0:60:6e:03:c8:26:43:49:82:f4:f6:e9:5b:73: ea:6b:4f:b2:28:28:95:d1:63:4c:4f:00:47:6c:61:8a:6b:f3: 04:f5:5b:f6:3a:69:d5:51:1e:5c:aa:f6:13:e2:be:40:ba:2d: 00:d0:33:5b:d4:63:95:0a:bc:16:0e:4d:7f:c9:f1:2e:9a:3f: b2:d7:9d:1f:2c:f6:0a:9f:87:11:3b:06:ec:9e:d8:29:06:c7: 60:c3:10:28:ff:4c:af:7f:53:af:da:5e:74:56:d2:7a:d5:d2: 20:f6:7a:63:6b:ba:68:36:73:0c:d9:31:bf:6c:53:71:6d:a4: ed:ea:dc:e1:a7:8b:e0:39:ee:67:b1:72:9e:58:42:7b:17:d2: bb:5b:42:c1:69:b1:b4:06:6e:da:01:99:9e:f6:78:27:05:7e: 24:4c:47:76:9d:e9:50:46:c6:db:f0:44:9d:c1:3e:18:36:23: e9:a0:8f:d9:7e:ec:fd:14:7b:c5:6b:6f:1b:71:d0:bb:22:5e: c8:a5:f9:38:a9:67:bb:60:bc:42:15:97:5e:43:fe:4f:dd:fd: f3:e7:07:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDIzQzExMTAvBgNVBAUTKDREQzdFMjhCNTQ2RjJBMEI1MzhFOENERjgzMkQ5QUEx RjM3Q0M4RTQwHhcNMjUxMTA1MDQwMjQ3WhcNMjUxMTEyMDQwMjQ3WjAYMRYwFAYD VQQDEw02OTBhY2M2Ny02NzBhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAydDyUKAVD8wwC1ZUCmmha0PdVVQFn1PqTFACOZdk+ntiUQNHCQAMd8t+IjS5 YsbqXeChg4k32B4rJ+U9WTBFEDBWMAuigxmLk2IwdgSNg16xJ9VdKfGYlJ4IvvRg wYt22EawG2X58SL6PBSsnGnOvMP7QnKcralUplCIQMaxtvHo40WguKQoZsyjoEcj vLJHUf4mTSwTZvlsvfRjd1MWpBu9eNnf2xlPd/iVsP2+HFZKtB3bzZMnwKmCJllJ DmHH4MliLM/mZ0d6iWAqePrS3ffmuUzDLnEayitGMKyGkRpTMRcMTeshhR2wic27 AN8Pfg75ZZzTcBBnVIDYD5/epQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA4Zkrtm 9Gg5WFrGTCmdbTKLswUWMB8GA1UdIwQYMBaAFE3H4otUbyoLU46M34MtmqHzfMjk MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MjNDMS9EMDMyMEVGOEJG NEYxMUVGQkNGNjg5NDRDNEY5QUUwMi9UY2ZpaTFSdktndFRqb3pmZ3kyYW9mTjh5 T1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1RjZmlpMVJ2S2d0VGpvemZneTJhb2ZOOHlPUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MjNDMS9EMDMyMEVGOEJGNEYxMUVGQkNGNjg5NDRDNEY5QUUwMi9UY2ZpaTFSdktn dFRqb3pmZ3kyYW9mTjh5T1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKQ5AQluaSgJBODBRNs5na3ieen2Ar38n02gp8g7HBUhuJbLuu9C2P wGBuA8gmQ0mC9PbpW3Pqa0+yKCiV0WNMTwBHbGGKa/ME9Vv2OmnVUR5cqvYT4r5A ui0A0DNb1GOVCrwWDk1/yfEumj+y150fLPYKn4cROwbsntgpBsdgwxAo/0yvf1Ov 2l50VtJ61dIg9npja7poNnMM2TG/bFNxbaTt6tzhp4vgOe5nsXKeWEJ7F9K7W0LB abG0Bm7aAZme9ngnBX4kTEd2nelQRsbb8ESdwT4YNiPpoI/Zfuz9FHvFa28bcdC7 Il7Ipfk4qWe7YLxCFZdeQ/5P3f3z5wdO -----END CERTIFICATE-----Generated at Wed Nov 5 22:02:56 2025 by rpki-client