$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: VRDc0h1rZ+/imYbpc6HpZbSB5O2eXbDFBLU5HAF2eac= Subject key identifier: 49:C0:6B:BD:CD:D1:9C:BF:E6:51:E2:88:D4:EE:D5:F3:32:A4:66:07 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0EA9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0EA1 Signing time: Sun 02 Nov 2025 17:41:03 +0000 Manifest this update: Sun 02 Nov 2025 17:41:03 +0000 Manifest next update: Sun 09 Nov 2025 17:41:03 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: aec44iMBEBzTweGN6n75GMdnlpszq8neKMDFE7aufvU=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:41:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3753 (0xea9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Nov 2 17:41:03 2025 GMT Not After : Nov 9 17:41:03 2025 GMT Subject: CN=690797af-6f1f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:95:52:85:d1:d8:64:de:c5:25:40:a0:1c:1c: 7e:3f:a8:fe:ea:23:a4:d5:08:8c:e7:16:f3:98:35: 88:9c:91:c9:e4:20:d0:8d:0c:d8:55:f1:a9:69:04: 35:4c:70:42:ae:4a:68:9a:58:98:20:c0:63:be:78: 76:2c:54:58:44:0a:fc:32:c1:62:52:a7:ca:8e:9a: 03:d5:26:08:2e:ef:47:c9:22:64:1d:10:47:4c:b2: 0f:16:f7:e6:b1:53:1a:09:90:ba:f0:e8:38:7c:24: d9:2a:e9:70:74:57:9c:f5:9a:ac:c3:2c:f1:5c:86: ba:28:a5:21:6d:6d:9a:66:bb:67:62:ee:46:cb:11: fd:e4:aa:64:a7:27:b5:53:9a:26:21:0f:eb:56:d8: 4a:9c:f4:9f:22:d8:ca:85:a0:91:90:53:22:49:7c: 17:fc:c7:74:a1:6c:1c:43:fd:0e:24:41:1b:4d:a5: e8:40:d9:d0:94:98:08:40:66:ae:89:91:cb:22:e3: 85:25:3b:24:87:93:2f:9d:de:3f:34:3e:ce:d4:cc: fd:12:c5:50:89:50:84:c6:b2:e2:f2:f5:11:47:0a: d4:76:cd:f5:48:fe:93:db:d7:a8:5c:cb:84:b6:b7: ee:77:fc:14:ef:be:a0:b5:b5:67:7e:0e:41:d2:b4: cd:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:C0:6B:BD:CD:D1:9C:BF:E6:51:E2:88:D4:EE:D5:F3:32:A4:66:07 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2b:21:ab:cb:1d:85:7a:28:bd:41:0d:88:1c:70:eb:06:69:15: 87:ec:77:2b:81:6e:08:0c:2e:a8:98:61:ee:92:e1:3b:98:56: 95:aa:5d:cd:e9:12:25:2a:de:68:e6:f6:9d:f1:b8:54:dd:e7: 12:cb:df:7c:f0:8c:bc:63:ea:3b:61:25:0c:1a:c8:52:b9:79: 68:33:79:d2:9c:ae:3c:b4:09:65:e4:07:66:76:eb:00:c1:4f: d3:a4:60:73:ef:3b:94:55:05:aa:6d:62:17:8b:1d:c1:d0:21: 0c:61:b0:88:9d:e9:b8:69:b8:8d:13:51:c1:e8:4d:05:07:c6: 54:b7:03:a4:a3:ee:a1:7a:c6:98:74:14:2c:ec:58:d7:fa:67: 4b:92:aa:ad:d5:33:8a:0f:82:07:10:86:0c:b4:80:5d:30:31: 53:8a:d9:0f:2e:f4:c3:2d:d4:bf:c8:e7:17:54:82:fa:d1:e1: df:ff:d7:2b:df:75:c3:14:3f:fb:2e:54:da:d7:be:fb:6b:06: 65:9c:53:09:c2:8d:ac:f7:22:28:73:b9:e7:38:b7:ad:11:5d: 82:20:67:d5:65:ac:a4:0d:ef:e1:4c:21:58:01:dc:65:41:c1: 63:e9:de:c2:39:f4:c4:d9:e6:4f:aa:ad:84:ad:ce:f2:2a:56: 54:8e:4b:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDqkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUxMTAyMTc0MTAzWhcNMjUxMTA5MTc0MTAzWjAYMRYwFAYD VQQDEw02OTA3OTdhZi02ZjFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9JVShdHYZN7FJUCgHBx+P6j+6iOk1QiM5xbzmDWInJHJ5CDQjQzYVfGpaQQ1 THBCrkpomliYIMBjvnh2LFRYRAr8MsFiUqfKjpoD1SYILu9HySJkHRBHTLIPFvfm sVMaCZC68Og4fCTZKulwdFec9ZqswyzxXIa6KKUhbW2aZrtnYu5GyxH95Kpkpye1 U5omIQ/rVthKnPSfItjKhaCRkFMiSXwX/Md0oWwcQ/0OJEEbTaXoQNnQlJgIQGau iZHLIuOFJTskh5Mvnd4/ND7O1Mz9EsVQiVCExrLi8vURRwrUds31SP6T29eoXMuE trfud/wU776gtbVnfg5B0rTN5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEnAa73N 0Zy/5lHiiNTu1fMypGYHMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQArIavLHYV6KL1BDYgccOsGaRWH7HcrgW4IDC6omGHukuE7mFaVql3N 6RIlKt5o5vad8bhU3ecSy9988Iy8Y+o7YSUMGshSuXloM3nSnK48tAll5AdmdusA wU/TpGBz7zuUVQWqbWIXix3B0CEMYbCInem4abiNE1HB6E0FB8ZUtwOko+6hesaY dBQs7FjX+mdLkqqt1TOKD4IHEIYMtIBdMDFTitkPLvTDLdS/yOcXVIL60eHf/9cr 33XDFD/7LlTa1777awZlnFMJwo2s9yIoc7nnOLetEV2CIGfVZaykDe/hTCFYAdxl QcFj6d7COfTE2eZPqq2Erc7yKlZUjktA -----END CERTIFICATE-----Generated at Tue Nov 4 01:12:14 2025 by rpki-client