$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4481/BC840F4602C111EFAF3CB465C4F9AE02/XerjhTD4FfvwubP472N1B4bIrAo.mft File: XerjhTD4FfvwubP472N1B4bIrAo.mft (raw, json) Hash identifier: CJO98sUWlQPvRUqdcqaLyM/I21BQ3VlyWn+LOWnzc84= Subject key identifier: 49:91:12:D1:FD:8B:84:00:F7:C6:60:13:27:8A:3C:AC:1C:9A:72:74 Authority key identifier: 5D:EA:E3:85:30:F8:15:FB:F0:B9:B3:F8:EF:63:75:07:86:C8:AC:0A Certificate issuer: /CN=A91A4481/serialNumber=5DEAE38530F815FBF0B9B3F8EF63750786C8AC0A Certificate serial: 011E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XerjhTD4FfvwubP472N1B4bIrAo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4481/BC840F4602C111EFAF3CB465C4F9AE02/XerjhTD4FfvwubP472N1B4bIrAo.mft Manifest number: 011C Signing time: Mon 03 Nov 2025 04:45:48 +0000 Manifest this update: Mon 03 Nov 2025 04:45:47 +0000 Manifest next update: Mon 10 Nov 2025 04:45:47 +0000 Files and hashes: 1: XerjhTD4FfvwubP472N1B4bIrAo.crl (hash: AXz7gVnv8ptR5mOcxti5OTmGPJseL1GWAUt8bQ6B2WM=) 2: 5B08B12602C211EF9A1E4567C4F9AE02.roa (hash: K+g6F2DggfqAEcFUFS+CObch7aX7JFtpiO+kkOJ8Xy4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4481/BC840F4602C111EFAF3CB465C4F9AE02/XerjhTD4FfvwubP472N1B4bIrAo.crl rsync://rpki.apnic.net/member_repository/A91A4481/BC840F4602C111EFAF3CB465C4F9AE02/XerjhTD4FfvwubP472N1B4bIrAo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XerjhTD4FfvwubP472N1B4bIrAo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:45:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 286 (0x11e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4481, serialNumber=5DEAE38530F815FBF0B9B3F8EF63750786C8AC0A Validity Not Before: Nov 3 04:45:47 2025 GMT Not After : Nov 10 04:45:47 2025 GMT Subject: CN=6908337b-eaff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f3:91:d8:31:8a:ee:3b:db:54:47:6b:ff:8f:be: d9:35:e5:e6:81:20:4b:bc:74:3c:cd:0d:9e:56:61: 0e:88:12:49:05:53:76:0a:3c:52:94:97:fa:38:76: 6f:11:cd:be:6e:84:4e:b1:c1:67:1d:4a:aa:67:66: d8:9f:b4:61:00:67:80:19:79:10:88:bd:9b:44:b2: 20:a4:f5:06:42:93:47:96:cd:f4:8a:f1:4c:81:a6: dd:8d:8a:f7:63:03:25:1f:53:64:8a:07:16:aa:c4: 95:e6:14:a7:ca:fe:f4:b7:9e:60:98:47:0c:fe:8c: 9c:e8:ce:72:c7:5b:f7:67:10:75:9a:c2:07:2f:a4: c4:5c:bf:18:42:7d:49:de:cf:3f:2b:36:b8:e1:72: b5:3e:02:41:45:df:6b:17:5c:6f:28:c3:81:ad:41: 1b:2d:48:92:c0:cb:c1:f7:10:01:f4:30:c4:b6:3d: 34:13:55:dd:45:87:1b:bd:2f:e6:c9:02:57:56:28: 02:04:96:79:e0:23:a5:e7:d6:ef:01:ba:59:e3:95: e5:28:23:8c:c5:fc:c2:24:5a:a9:9f:00:8f:9a:6a: a8:09:6f:91:ce:37:de:e3:12:e0:4b:55:db:42:df: 2c:fe:22:4b:91:d9:47:a4:ab:a1:8b:4e:ca:57:f6: 01:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 49:91:12:D1:FD:8B:84:00:F7:C6:60:13:27:8A:3C:AC:1C:9A:72:74 X509v3 Authority Key Identifier: keyid:5D:EA:E3:85:30:F8:15:FB:F0:B9:B3:F8:EF:63:75:07:86:C8:AC:0A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4481/BC840F4602C111EFAF3CB465C4F9AE02/XerjhTD4FfvwubP472N1B4bIrAo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XerjhTD4FfvwubP472N1B4bIrAo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4481/BC840F4602C111EFAF3CB465C4F9AE02/XerjhTD4FfvwubP472N1B4bIrAo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:0b:b6:72:74:5d:ac:6e:da:90:c4:37:87:db:13:53:68:48: 35:e2:9b:6c:0a:a0:aa:fb:73:80:75:9e:0a:f6:b2:21:29:3a: 76:9f:99:2a:de:bc:d2:cf:ab:fd:ee:9d:22:ea:14:fd:d1:db: 85:c6:f4:b9:70:1d:0e:b8:a6:2f:60:d6:c4:03:7f:86:e0:42: be:ac:dd:57:c8:28:2c:dd:0f:61:17:b0:79:fa:2a:22:0c:76: 8b:62:ba:7d:27:14:82:de:1a:22:fb:94:c1:e8:f2:b4:a6:ba: 5b:c9:85:2a:75:98:5b:54:4d:08:3c:17:49:70:d5:df:12:77: 74:52:67:0c:ca:f8:41:b7:8c:40:c8:ef:7b:d8:1b:4b:33:45: f0:1e:8d:68:73:3d:1a:27:51:ed:56:dd:1a:2a:e7:d4:89:71: e1:83:2b:cf:af:03:c6:6a:e7:65:78:8b:cf:cf:1e:51:6c:fe: 23:61:84:a5:60:e4:9e:4a:6b:46:99:75:62:16:2b:ed:ab:ef: a3:ee:d2:f9:d1:fd:81:46:c5:a6:23:de:62:57:d0:4d:19:cd: 6a:5b:5d:a0:7e:23:cc:a9:3a:f9:56:b3:b8:cd:64:a7:fb:f1: ee:cd:28:43:83:ad:e3:fb:71:1a:fe:16:66:57:76:ec:76:c7: 7f:e7:5e:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAR4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ0ODExMTAvBgNVBAUTKDVERUFFMzg1MzBGODE1RkJGMEI5QjNGOEVGNjM3NTA3 ODZDOEFDMEEwHhcNMjUxMTAzMDQ0NTQ3WhcNMjUxMTEwMDQ0NTQ3WjAYMRYwFAYD VQQDEw02OTA4MzM3Yi1lYWZmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA85HYMYruO9tUR2v/j77ZNeXmgSBLvHQ8zQ2eVmEOiBJJBVN2CjxSlJf6OHZv Ec2+boROscFnHUqqZ2bYn7RhAGeAGXkQiL2bRLIgpPUGQpNHls30ivFMgabdjYr3 YwMlH1NkigcWqsSV5hSnyv70t55gmEcM/oyc6M5yx1v3ZxB1msIHL6TEXL8YQn1J 3s8/Kza44XK1PgJBRd9rF1xvKMOBrUEbLUiSwMvB9xAB9DDEtj00E1XdRYcbvS/m yQJXVigCBJZ54COl59bvAbpZ45XlKCOMxfzCJFqpnwCPmmqoCW+Rzjfe4xLgS1Xb Qt8s/iJLkdlHpKuhi07KV/YB6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEmREtH9 i4QA98ZgEyeKPKwcmnJ0MB8GA1UdIwQYMBaAFF3q44Uw+BX78Lmz+O9jdQeGyKwK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDQ4MS9CQzg0MEY0NjAy QzExMUVGQUYzQ0I0NjVDNEY5QUUwMi9YZXJqaFRENEZmdnd1YlA0NzJOMUI0Ykly QW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hlcmpoVEQ0RmZ2d3ViUDQ3Mk4xQjRiSXJBby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDQ4MS9CQzg0MEY0NjAyQzExMUVGQUYzQ0I0NjVDNEY5QUUwMi9YZXJqaFRENEZm dnd1YlA0NzJOMUI0YklyQW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5C7ZydF2sbtqQxDeH2xNTaEg14ptsCqCq+3OAdZ4K9rIhKTp2n5kq 3rzSz6v97p0i6hT90duFxvS5cB0OuKYvYNbEA3+G4EK+rN1XyCgs3Q9hF7B5+ioi DHaLYrp9JxSC3hoi+5TB6PK0prpbyYUqdZhbVE0IPBdJcNXfEnd0UmcMyvhBt4xA yO972BtLM0XwHo1ocz0aJ1HtVt0aKufUiXHhgyvPrwPGaudleIvPzx5RbP4jYYSl YOSeSmtGmXViFivtq++j7tL50f2BRsWmI95iV9BNGc1qW12gfiPMqTr5VrO4zWSn +/HuzShDg63j+3Ea/hZmV3bsdsd/516W -----END CERTIFICATE-----Generated at Wed Nov 5 05:26:26 2025 by rpki-client