$ rpki-client -vvf rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft File: D2tHILCjVyLYXzRG79R0C9NBg04.mft (raw, json) Hash identifier: hzPpuyqGc+MgCXodwa7y0eZ7WTuqHuF0Bcme3UGroBQ= Subject key identifier: 28:41:50:66:B3:68:A1:D5:DF:A2:90:A7:9C:E9:10:2D:1A:2E:6B:58 Authority key identifier: 0F:6B:47:20:B0:A3:57:22:D8:5F:34:46:EF:D4:74:0B:D3:41:83:4E Certificate issuer: /CN=A91850AD/serialNumber=0F6B4720B0A35722D85F3446EFD4740BD341834E Certificate serial: E3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D2tHILCjVyLYXzRG79R0C9NBg04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft Manifest number: E1 Signing time: Mon 03 Nov 2025 05:50:40 +0000 Manifest this update: Mon 03 Nov 2025 05:50:39 +0000 Manifest next update: Mon 10 Nov 2025 05:50:39 +0000 Files and hashes: 1: D2tHILCjVyLYXzRG79R0C9NBg04.crl (hash: DPJZcO3NVnO37whZxFX4ol7jq9c79vQqREuTqqrQ/Ss=) 2: CD1FB5C2643611EFA2C41948C4F9AE02.roa (hash: twXmxkbpIQCRuWIwXhAhA1PLu233oTOVjX0i9qp3D/s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.crl rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D2tHILCjVyLYXzRG79R0C9NBg04.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:50:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 227 (0xe3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91850AD, serialNumber=0F6B4720B0A35722D85F3446EFD4740BD341834E Validity Not Before: Nov 3 05:50:39 2025 GMT Not After : Nov 10 05:50:39 2025 GMT Subject: CN=690842af-534f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:13:7b:89:77:f2:f8:69:92:7f:6f:12:7a:5b: 39:90:9a:da:91:b6:cc:ad:4a:61:0f:a4:10:ae:ca: ee:de:04:d0:d8:de:46:8c:43:0a:b8:e3:66:e4:16: bc:c3:9b:37:f0:b3:f2:18:cc:70:19:3a:61:ff:26: 13:17:b2:c2:03:89:25:32:fa:28:0f:cb:87:2c:e9: 36:62:aa:03:86:df:7e:c1:2c:4b:15:ab:3e:3b:09: b4:75:7f:2a:c6:c3:c9:bd:d1:77:9f:21:8c:6e:40: 0a:c0:4c:5a:6c:81:3f:49:60:f8:13:cc:3e:e4:c3: d6:7e:52:e8:b9:00:06:ff:c0:83:d2:65:7a:0c:6e: 47:a0:40:f0:bf:06:c3:fc:b6:b5:40:30:31:03:68: 58:e6:1d:d6:10:03:38:c6:0b:7c:91:6f:b2:c5:81: 71:35:00:70:fb:7e:cc:10:b6:0b:59:a5:7e:e2:1e: d7:6f:bd:a0:6f:25:cc:40:91:b4:f9:e4:cc:69:ec: 39:cd:17:7a:e5:bd:70:0f:f7:0d:45:b6:4b:48:6a: 08:fe:19:7b:66:6b:9c:57:1a:3e:e0:85:81:19:14: 43:da:fa:ae:52:74:84:92:43:8f:81:62:7b:60:eb: 9e:c3:c8:f2:fb:2a:9e:7c:59:00:65:da:f9:ee:46: d6:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:41:50:66:B3:68:A1:D5:DF:A2:90:A7:9C:E9:10:2D:1A:2E:6B:58 X509v3 Authority Key Identifier: keyid:0F:6B:47:20:B0:A3:57:22:D8:5F:34:46:EF:D4:74:0B:D3:41:83:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/D2tHILCjVyLYXzRG79R0C9NBg04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91850AD/60EBE1AC643411EF842FC620C4F9AE02/D2tHILCjVyLYXzRG79R0C9NBg04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:3d:da:18:9b:5e:76:8b:2a:0e:f1:aa:2b:16:21:9b:81:b0: aa:6e:06:3e:da:f7:4a:64:59:0a:e6:f5:c0:3d:79:e4:55:72: ef:58:ca:95:26:44:4b:a3:00:c6:d8:22:9d:58:ff:82:5e:dd: 2a:ad:48:d5:f5:9b:87:52:c8:f9:6d:d8:7b:be:c9:61:2b:3c: ec:de:96:9d:f8:72:50:1f:fe:fb:66:a5:44:72:f7:a7:fa:85: ec:f4:f2:84:a5:1f:1f:8c:ae:3d:c7:16:10:35:bf:a4:ee:ca: c9:30:2a:6f:2b:53:e9:bf:bc:9d:e3:64:97:80:87:14:59:b6: 4e:f0:0b:d9:93:35:82:1c:e2:d6:ec:73:61:34:1b:a4:02:07: 60:69:c9:ee:5f:4a:73:be:6c:9f:1a:96:c3:47:1f:9b:79:c9: 5a:28:50:fc:6c:88:98:9b:5d:db:92:eb:69:7c:19:f2:a6:a1: 7d:8f:6d:c8:3a:68:97:a1:3e:fe:f1:e3:a3:b2:8b:90:74:a5: aa:cb:69:02:f3:68:c6:87:32:99:3d:ce:32:e7:a5:cf:2f:b8: 69:66:ca:ab:1b:be:dc:0a:3d:c6:a8:19:74:a6:d9:8b:ce:e4: 0e:61:fa:6a:01:25:e4:7e:57:69:4f:38:44:fc:19:4d:96:19: 03:a0:9a:cf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODUwQUQxMTAvBgNVBAUTKDBGNkI0NzIwQjBBMzU3MjJEODVGMzQ0NkVGRDQ3NDBC RDM0MTgzNEUwHhcNMjUxMTAzMDU1MDM5WhcNMjUxMTEwMDU1MDM5WjAYMRYwFAYD VQQDEw02OTA4NDJhZi01MzRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtBN7iXfy+GmSf28Sels5kJrakbbMrUphD6QQrsru3gTQ2N5GjEMKuONm5Ba8 w5s38LPyGMxwGTph/yYTF7LCA4klMvooD8uHLOk2YqoDht9+wSxLFas+Owm0dX8q xsPJvdF3nyGMbkAKwExabIE/SWD4E8w+5MPWflLouQAG/8CD0mV6DG5HoEDwvwbD /La1QDAxA2hY5h3WEAM4xgt8kW+yxYFxNQBw+37MELYLWaV+4h7Xb72gbyXMQJG0 +eTMaew5zRd65b1wD/cNRbZLSGoI/hl7ZmucVxo+4IWBGRRD2vquUnSEkkOPgWJ7 YOuew8jy+yqefFkAZdr57kbWrwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFChBUGaz aKHV36KQp5zpEC0aLmtYMB8GA1UdIwQYMBaAFA9rRyCwo1ci2F80Ru/UdAvTQYNO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NTBBRC82MEVCRTFBQzY0 MzQxMUVGODQyRkM2MjBDNEY5QUUwMi9EMnRISUxDalZ5TFlYelJHNzlSMEM5TkJn MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0QydEhJTENqVnlMWVh6Ukc3OVIwQzlOQmcwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NTBBRC82MEVCRTFBQzY0MzQxMUVGODQyRkM2MjBDNEY5QUUwMi9EMnRISUxDalZ5 TFlYelJHNzlSMEM5TkJnMDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnPdoYm152iyoO8aorFiGbgbCqbgY+2vdKZFkK5vXAPXnkVXLvWMqV JkRLowDG2CKdWP+CXt0qrUjV9ZuHUsj5bdh7vslhKzzs3pad+HJQH/77ZqVEcven +oXs9PKEpR8fjK49xxYQNb+k7srJMCpvK1Ppv7yd42SXgIcUWbZO8AvZkzWCHOLW 7HNhNBukAgdgacnuX0pzvmyfGpbDRx+beclaKFD8bIiYm13bkutpfBnypqF9j23I OmiXoT7+8eOjsouQdKWqy2kC82jGhzKZPc4y56XPL7hpZsqrG77cCj3GqBl0ptmL zuQOYfpqASXkfldpTzhE/BlNlhkDoJrP -----END CERTIFICATE-----Generated at Tue Nov 4 21:36:55 2025 by rpki-client