$ rpki-client -vvf rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft File: PB_di6MB3OPbPwvMJchpTOG83H0.mft (raw, json) Hash identifier: kLm32OJeiMpKUDhjKVPLMEN79Cb4QuBeqQmrXGgJBy8= Subject key identifier: 16:F7:A8:B7:4C:BB:04:D1:A6:C7:97:34:3A:0D:05:B2:C2:E3:0D:38 Authority key identifier: 3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D Certificate issuer: /CN=A91A08FD/serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Certificate serial: 0DD3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft Manifest number: 0DC9 Signing time: Tue 04 Nov 2025 17:57:49 +0000 Manifest this update: Tue 04 Nov 2025 17:57:48 +0000 Manifest next update: Tue 11 Nov 2025 17:57:48 +0000 Files and hashes: 1: PB_di6MB3OPbPwvMJchpTOG83H0.crl (hash: dDnlXKGJikA6a5U3A7YyUdu9r29B309C3rmABISqpYw=) 2: 3802A98EC8AC11E9877DCE2FC4F9AE02.roa (hash: 5AhgINS9PwniKFtC6UdMhxxWx5F0pu9QmvKHh6K5mSA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:57:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3539 (0xdd3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A08FD, serialNumber=3C1FDD8BA301DCE3DB3F0BCC25C8694CE1BCDC7D Validity Not Before: Nov 4 17:57:48 2025 GMT Not After : Nov 11 17:57:48 2025 GMT Subject: CN=690a3e9d-1a80 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:48:db:0e:0f:86:63:7a:72:51:fb:49:25:70: c9:ea:49:33:51:18:d6:e3:35:ba:1f:50:ae:7e:96: 78:18:34:0d:05:af:50:b3:69:74:0d:43:10:ff:d6: f7:81:68:ad:3b:df:24:4a:27:06:30:39:20:df:68: 4e:bf:aa:77:53:0d:dc:2b:9f:8f:71:8d:2e:27:ee: f8:63:d6:ef:17:47:c4:8c:26:7b:46:0b:1b:50:37: ee:b8:6a:32:b9:5e:c2:2f:a2:05:10:8f:68:5d:1b: 06:4a:17:de:f3:c3:fe:bf:00:a2:32:81:64:90:20: 8e:96:ce:45:63:57:f9:13:0a:9d:f8:4d:82:28:1e: 08:61:5d:18:24:8c:03:ba:18:74:b7:26:cf:e9:ee: 5c:73:25:d8:d6:1f:e9:1d:11:04:86:5a:d0:95:eb: 85:0e:61:f2:6c:83:3c:07:ee:d5:4b:fb:a2:1d:5d: 77:23:de:39:66:96:98:54:05:53:37:aa:ca:88:98: 3e:c8:64:a4:a6:d5:86:5e:51:cf:c4:b9:8e:25:b4: 8b:90:5a:54:18:98:bc:05:f7:11:77:47:38:da:6b: 40:24:66:57:47:2a:fb:46:d5:d4:e3:66:2c:11:a0: bc:29:6d:53:a1:6f:ca:a1:9e:a4:cd:7b:c8:3d:5a: 5a:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 16:F7:A8:B7:4C:BB:04:D1:A6:C7:97:34:3A:0D:05:B2:C2:E3:0D:38 X509v3 Authority Key Identifier: keyid:3C:1F:DD:8B:A3:01:DC:E3:DB:3F:0B:CC:25:C8:69:4C:E1:BC:DC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/PB_di6MB3OPbPwvMJchpTOG83H0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A08FD/9F42EAD8C8AB11E9829D282FC4F9AE02/PB_di6MB3OPbPwvMJchpTOG83H0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:97:f2:14:a6:14:6d:fe:55:87:65:b1:5d:4c:ba:b0:5c:dc: 16:be:e5:bf:0d:7b:0a:32:b6:ef:40:20:d3:94:2c:a3:09:b6: df:8e:48:0f:8a:bd:e9:77:50:56:7b:d8:44:db:fc:37:5e:2c: 34:ac:d6:3d:eb:aa:0d:b2:95:a7:b2:df:62:c9:d0:2a:d1:27: e3:f2:24:52:ba:ae:49:9f:db:bc:70:bb:cc:0c:b8:07:99:93: 63:5a:61:30:1b:58:7d:bb:d9:c8:90:50:11:65:cc:30:55:d9: de:ec:87:54:56:b4:fb:01:ae:ef:80:fa:a8:6b:ec:2e:53:24: 59:6a:ea:ec:4a:a7:af:75:52:ce:9e:d0:99:13:17:56:39:4f: 95:c9:23:03:3a:24:eb:d7:be:51:cd:7e:00:3a:e8:6c:72:67: ed:b9:d7:30:e1:86:1b:e8:e5:fc:71:81:54:5a:0a:95:65:86: 27:1e:e6:8c:2e:e5:da:fe:5a:23:10:8c:b8:2a:7d:35:63:63: 9d:17:56:83:db:05:85:0c:25:78:01:52:ad:07:9d:76:9a:16: 9c:aa:60:2b:b9:75:a5:b4:c9:69:f5:30:1c:76:8b:4b:76:34: d2:06:9f:a2:ce:48:05:a5:0b:f5:b6:7c:78:40:13:fb:8a:7a: fe:60:55:7f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDdMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA4RkQxMTAvBgNVBAUTKDNDMUZERDhCQTMwMURDRTNEQjNGMEJDQzI1Qzg2OTRD RTFCQ0RDN0QwHhcNMjUxMTA0MTc1NzQ4WhcNMjUxMTExMTc1NzQ4WjAYMRYwFAYD VQQDEw02OTBhM2U5ZC0xYTgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAy0jbDg+GY3pyUftJJXDJ6kkzURjW4zW6H1CufpZ4GDQNBa9Qs2l0DUMQ/9b3 gWitO98kSicGMDkg32hOv6p3Uw3cK5+PcY0uJ+74Y9bvF0fEjCZ7RgsbUDfuuGoy uV7CL6IFEI9oXRsGShfe88P+vwCiMoFkkCCOls5FY1f5Ewqd+E2CKB4IYV0YJIwD uhh0tybP6e5ccyXY1h/pHREEhlrQleuFDmHybIM8B+7VS/uiHV13I945ZpaYVAVT N6rKiJg+yGSkptWGXlHPxLmOJbSLkFpUGJi8BfcRd0c42mtAJGZXRyr7RtXU42Ys EaC8KW1ToW/KoZ6kzXvIPVpafQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBb3qLdM uwTRpseXNDoNBbLC4w04MB8GA1UdIwQYMBaAFDwf3YujAdzj2z8LzCXIaUzhvNx9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDhGRC85RjQyRUFEOEM4 QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNPUGJQd3ZNSmNocFRPRzgz SDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1BCX2RpNk1CM09QYlB3dk1KY2hwVE9HODNIMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDhGRC85RjQyRUFEOEM4QUIxMUU5ODI5RDI4MkZDNEY5QUUwMi9QQl9kaTZNQjNP UGJQd3ZNSmNocFRPRzgzSDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxl/IUphRt/lWHZbFdTLqwXNwWvuW/DXsKMrbvQCDTlCyjCbbfjkgP ir3pd1BWe9hE2/w3Xiw0rNY966oNspWnst9iydAq0Sfj8iRSuq5Jn9u8cLvMDLgH mZNjWmEwG1h9u9nIkFARZcwwVdne7IdUVrT7Aa7vgPqoa+wuUyRZaursSqevdVLO ntCZExdWOU+VySMDOiTr175RzX4AOuhscmftudcw4YYb6OX8cYFUWgqVZYYnHuaM LuXa/lojEIy4Kn01Y2OdF1aD2wWFDCV4AVKtB512mhacqmAruXWltMlp9TAcdotL djTSBp+izkgFpQv1tnx4QBP7inr+YFV/ -----END CERTIFICATE-----Generated at Wed Nov 5 05:20:36 2025 by rpki-client