$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft File: YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft (raw, json) Hash identifier: pRCiKDQ9ArlAyxzRNeOkotVKltZ6YD/zndN1knK3ZM0= Subject key identifier: 7D:FF:C9:D1:38:C8:E9:B4:81:5B:17:EC:55:A7:BE:38:50:24:1D:DE Authority key identifier: 61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 Certificate issuer: /CN=A91A1CAA/serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Certificate serial: 0143 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft Manifest number: 0140 Signing time: Mon 03 Nov 2025 04:23:35 +0000 Manifest this update: Mon 03 Nov 2025 04:23:34 +0000 Manifest next update: Mon 10 Nov 2025 04:23:34 +0000 Files and hashes: 1: YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl (hash: B3v1d1f3Tm5tgHz7FQpjER5/+KIQOFjQdOn2Q9QV04E=) 2: E75FB4F0CE4A11EE95C15E20C4F9AE02.roa (hash: utq11zi2cO+ldR8mXOv++lb25ZgD5tUSUW03iRiwBL0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:23:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 323 (0x143) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1CAA, serialNumber=617F054E3CE451E0C3E7F446DD09F7864652B656 Validity Not Before: Nov 3 04:23:34 2025 GMT Not After : Nov 10 04:23:34 2025 GMT Subject: CN=69082e46-6e94 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ed:7b:d0:8f:ee:7f:00:04:09:76:d5:84:63:ab: 2c:01:01:e3:6f:2e:b0:d2:c9:41:f8:01:18:4d:1c: 6b:13:a4:15:13:13:ae:22:e1:65:9e:3f:81:ac:61: c9:c5:93:90:ec:83:06:c1:39:bc:d0:08:10:96:23: a1:33:f7:34:32:88:06:78:ad:a4:f6:1e:ba:46:95: 6d:fb:2b:71:46:67:4d:dc:c6:27:af:84:8b:de:5a: 6e:6a:8d:ba:0f:5c:94:18:7a:06:33:92:30:e7:04: 9b:7c:0c:3c:f9:9f:04:4d:df:4b:47:d1:3e:e2:fb: 50:26:7e:f1:60:1e:b5:a8:f6:b1:42:11:36:db:7d: e1:db:f6:92:3c:ba:f8:d6:46:dd:03:c1:35:71:30: 6c:c7:5a:da:7f:63:bc:b6:f1:77:79:6d:8d:ac:23: c9:14:86:44:06:fa:b9:9f:8b:94:41:94:a3:60:b3: 67:41:e9:d8:f1:09:6d:40:02:00:95:b2:27:0b:25: a7:ae:7e:a5:4c:3a:8e:e1:54:6b:6c:a8:34:9b:08: 1f:99:cf:c4:88:ed:33:d2:86:16:85:f9:f2:ab:ec: aa:75:5a:c3:da:29:86:07:01:8f:56:5f:bd:b7:de: 01:70:04:1c:5b:1c:9c:a1:93:a8:0c:0a:78:67:28: f0:e7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:FF:C9:D1:38:C8:E9:B4:81:5B:17:EC:55:A7:BE:38:50:24:1D:DE X509v3 Authority Key Identifier: keyid:61:7F:05:4E:3C:E4:51:E0:C3:E7:F4:46:DD:09:F7:86:46:52:B6:56 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/YX8FTjzkUeDD5_RG3Qn3hkZStlY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1CAA/8E275A1ECE4A11EE8DE9E51FC4F9AE02/YX8FTjzkUeDD5_RG3Qn3hkZStlY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 83:29:5d:c5:6a:16:ed:85:e7:cf:1d:da:d7:dd:12:0a:b5:06: 1a:1f:2a:b5:78:8f:8c:20:ad:ed:f6:36:cc:66:02:c4:22:6f: 34:26:85:32:f6:98:67:20:a2:f4:56:ac:33:7d:9d:e6:6f:09: e1:0a:02:96:3a:1e:fa:69:48:62:dd:5a:84:f7:0f:07:64:c2: 81:a4:32:74:23:cf:17:9e:8e:98:e0:30:10:9a:6a:46:e7:76: f4:97:20:4c:c1:1b:6b:4f:2f:69:e2:d0:af:2e:30:7f:f7:fc: 86:5c:9a:00:3a:66:d9:26:13:15:cb:3c:27:83:a7:1b:57:fa: f0:fa:cd:b0:09:c4:a8:8c:73:8f:8b:f4:1c:38:9d:93:3b:b9: a1:e7:25:3a:fb:00:c0:1f:5b:b1:c8:a7:f4:53:b6:39:93:77: 69:20:f2:c9:65:e3:a7:81:82:23:6e:c4:2c:16:64:e4:82:3a: e3:07:32:a1:fb:55:df:ce:aa:6f:a7:68:12:33:a2:49:5f:19: 67:40:a9:01:6e:0b:bf:44:60:e8:34:e3:4b:ee:bb:34:c5:cd: df:68:97:52:92:11:6f:f0:69:46:e0:b4:d8:c9:fc:21:3f:25: 43:c0:d4:42:04:08:d0:08:fc:aa:8a:b0:09:1c:c3:04:32:30: b8:da:40:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTFDQUExMTAvBgNVBAUTKDYxN0YwNTRFM0NFNDUxRTBDM0U3RjQ0NkREMDlGNzg2 NDY1MkI2NTYwHhcNMjUxMTAzMDQyMzM0WhcNMjUxMTEwMDQyMzM0WjAYMRYwFAYD VQQDEw02OTA4MmU0Ni02ZTk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7XvQj+5/AAQJdtWEY6ssAQHjby6w0slB+AEYTRxrE6QVExOuIuFlnj+BrGHJ xZOQ7IMGwTm80AgQliOhM/c0MogGeK2k9h66RpVt+ytxRmdN3MYnr4SL3lpuao26 D1yUGHoGM5Iw5wSbfAw8+Z8ETd9LR9E+4vtQJn7xYB61qPaxQhE2233h2/aSPLr4 1kbdA8E1cTBsx1raf2O8tvF3eW2NrCPJFIZEBvq5n4uUQZSjYLNnQenY8QltQAIA lbInCyWnrn6lTDqO4VRrbKg0mwgfmc/EiO0z0oYWhfnyq+yqdVrD2imGBwGPVl+9 t94BcAQcWxycoZOoDAp4Zyjw5wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH3/ydE4 yOm0gVsX7FWnvjhQJB3eMB8GA1UdIwQYMBaAFGF/BU485FHgw+f0Rt0J94ZGUrZW MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMUNBQS84RTI3NUExRUNF NEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1VlREQ1X1JHM1FuM2hrWlN0 bFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1lYOEZUanprVWVERDVfUkczUW4zaGtaU3RsWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MUNBQS84RTI3NUExRUNFNEExMUVFOERFOUU1MUZDNEY5QUUwMi9ZWDhGVGp6a1Vl REQ1X1JHM1FuM2hrWlN0bFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCDKV3FahbthefPHdrX3RIKtQYaHyq1eI+MIK3t9jbMZgLEIm80JoUy 9phnIKL0VqwzfZ3mbwnhCgKWOh76aUhi3VqE9w8HZMKBpDJ0I88Xno6Y4DAQmmpG 53b0lyBMwRtrTy9p4tCvLjB/9/yGXJoAOmbZJhMVyzwng6cbV/rw+s2wCcSojHOP i/QcOJ2TO7mh5yU6+wDAH1uxyKf0U7Y5k3dpIPLJZeOngYIjbsQsFmTkgjrjBzKh +1Xfzqpvp2gSM6JJXxlnQKkBbgu/RGDoNONL7rs0xc3faJdSkhFv8GlG4LTYyfwh PyVDwNRCBAjQCPyqirAJHMMEMjC42kCP -----END CERTIFICATE-----Generated at Mon Nov 3 18:17:22 2025 by rpki-client