$ rpki-client -vvf rpki.apnic.net/member_repository/A91A47B6/905D7FEECEC111EE8CF01740C4F9AE02/DNkEx-s5CtGlXbr0_FAFTAhUbis.mft File: DNkEx-s5CtGlXbr0_FAFTAhUbis.mft (raw, json) Hash identifier: VQWdORRG2QlS5U0QJg/8BVFF/rvjtfWHo44rupzbhfE= Subject key identifier: 71:2F:69:64:6C:92:5B:20:17:D1:B6:87:66:C8:3B:E4:2D:FD:B9:FD Authority key identifier: 0C:D9:04:C7:EB:39:0A:D1:A5:5D:BA:F4:FC:50:05:4C:08:54:6E:2B Certificate issuer: /CN=A91A47B6/serialNumber=0CD904C7EB390AD1A55DBAF4FC50054C08546E2B Certificate serial: 0143 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DNkEx-s5CtGlXbr0_FAFTAhUbis.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A47B6/905D7FEECEC111EE8CF01740C4F9AE02/DNkEx-s5CtGlXbr0_FAFTAhUbis.mft Manifest number: 0140 Signing time: Wed 05 Nov 2025 04:32:56 +0000 Manifest this update: Wed 05 Nov 2025 04:32:56 +0000 Manifest next update: Wed 12 Nov 2025 04:32:56 +0000 Files and hashes: 1: DNkEx-s5CtGlXbr0_FAFTAhUbis.crl (hash: iwkvgGIICN6W61qyaVlF8L17UopCQUxdOYIC+J0h9s0=) 2: D45022C8CEC211EE80F08B36C4F9AE02.roa (hash: lCLpkvr+Mt+EalvdDtGgIkdudrmtSBSHV/CQh7RNEBw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A47B6/905D7FEECEC111EE8CF01740C4F9AE02/DNkEx-s5CtGlXbr0_FAFTAhUbis.crl rsync://rpki.apnic.net/member_repository/A91A47B6/905D7FEECEC111EE8CF01740C4F9AE02/DNkEx-s5CtGlXbr0_FAFTAhUbis.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DNkEx-s5CtGlXbr0_FAFTAhUbis.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:32:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 323 (0x143) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A47B6, serialNumber=0CD904C7EB390AD1A55DBAF4FC50054C08546E2B Validity Not Before: Nov 5 04:32:56 2025 GMT Not After : Nov 12 04:32:56 2025 GMT Subject: CN=690ad378-d3e3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:73:c8:a6:0d:bb:0c:de:50:60:04:b1:db:18: 58:ac:36:03:cd:d6:b8:aa:4e:0f:e0:1a:8c:ed:71: b1:81:48:6b:b1:0c:7e:55:e2:35:94:49:c7:11:2c: 17:d0:01:7e:88:93:2f:74:e9:fd:21:3f:24:d3:d1: 29:23:fb:b6:90:62:d2:02:3e:6a:5b:0f:e3:f9:fc: 4b:03:5c:c8:5c:7c:02:60:f8:7e:f1:b9:aa:20:9c: 47:c3:d2:c3:cd:7d:74:0a:8c:8a:99:37:79:96:cc: d5:0c:71:c0:8c:d3:c9:ef:4f:57:c7:73:7c:10:70: 65:5c:23:25:26:90:b8:21:26:20:57:7c:09:f0:e0: d8:53:70:b7:1f:38:dd:ed:03:c8:b9:66:22:79:8b: bf:7f:16:b6:15:b5:e1:77:f7:a4:01:c7:1d:ea:2b: 50:69:2c:1b:f2:52:6f:23:c7:10:df:10:5b:f3:08: 80:59:f1:90:9f:9e:89:9b:38:f0:60:69:bd:3a:b1: b2:4b:9a:1d:ed:6f:cf:2b:c8:a8:79:6f:f2:2e:29: f8:fc:96:5c:b9:76:51:46:e5:5d:71:ec:0f:7e:f8: 42:90:0e:75:75:df:0f:45:c5:a5:cc:cb:31:fa:eb: f1:e9:7f:38:99:bb:09:df:f7:f3:ca:1d:48:2a:10: ff:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 71:2F:69:64:6C:92:5B:20:17:D1:B6:87:66:C8:3B:E4:2D:FD:B9:FD X509v3 Authority Key Identifier: keyid:0C:D9:04:C7:EB:39:0A:D1:A5:5D:BA:F4:FC:50:05:4C:08:54:6E:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A47B6/905D7FEECEC111EE8CF01740C4F9AE02/DNkEx-s5CtGlXbr0_FAFTAhUbis.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DNkEx-s5CtGlXbr0_FAFTAhUbis.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A47B6/905D7FEECEC111EE8CF01740C4F9AE02/DNkEx-s5CtGlXbr0_FAFTAhUbis.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b8:e7:03:69:92:47:d8:66:cc:f6:83:22:ac:71:8a:2f:6c:fe: aa:23:92:04:00:b0:46:08:57:2a:a2:5d:1b:e9:6f:97:17:e7: 4e:cc:34:45:15:70:b7:36:68:f4:85:c4:68:99:1c:cd:bf:dc: 5d:00:bf:4e:67:bc:76:b9:ab:c5:c3:8d:91:53:ca:ec:1b:f1: c7:cf:a9:00:d8:88:a7:90:57:a0:c9:b6:83:07:ee:a0:e8:62: 4c:d3:3c:1f:a9:c8:20:5d:b5:0c:c2:ca:1d:4a:3f:97:99:7c: d4:d0:d4:fb:c4:4a:98:84:d5:d7:5d:d7:df:c7:4b:e0:6a:79: cd:1a:5d:79:95:e9:7f:aa:62:43:42:3e:d9:5c:6c:5e:27:dd: 44:12:e5:52:8e:f2:65:5d:bf:17:33:31:b6:dd:cd:6f:ec:99: 9c:bf:a8:d8:91:e5:8f:68:f9:a1:2b:3e:19:c0:04:f3:d8:3a: c1:b4:18:79:3b:68:82:0a:45:48:6a:51:dd:73:ed:99:6d:24: 0f:8e:e1:aa:27:56:a3:e6:2a:02:d6:f5:37:a0:d9:bc:da:f6: 28:5c:92:02:da:dd:d5:9d:00:04:aa:3c:dc:98:7a:0f:6e:c2: a9:8c:bd:5c:4f:9b:7a:b1:d0:c0:ff:ad:f5:ea:9b:79:ae:ee: c6:64:f2:2b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAUMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTQ3QjYxMTAvBgNVBAUTKDBDRDkwNEM3RUIzOTBBRDFBNTVEQkFGNEZDNTAwNTRD MDg1NDZFMkIwHhcNMjUxMTA1MDQzMjU2WhcNMjUxMTEyMDQzMjU2WjAYMRYwFAYD VQQDEw02OTBhZDM3OC1kM2UzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwHPIpg27DN5QYASx2xhYrDYDzda4qk4P4BqM7XGxgUhrsQx+VeI1lEnHESwX 0AF+iJMvdOn9IT8k09EpI/u2kGLSAj5qWw/j+fxLA1zIXHwCYPh+8bmqIJxHw9LD zX10CoyKmTd5lszVDHHAjNPJ709Xx3N8EHBlXCMlJpC4ISYgV3wJ8ODYU3C3Hzjd 7QPIuWYieYu/fxa2FbXhd/ekAccd6itQaSwb8lJvI8cQ3xBb8wiAWfGQn56Jmzjw YGm9OrGyS5od7W/PK8ioeW/yLin4/JZcuXZRRuVdcewPfvhCkA51dd8PRcWlzMsx +uvx6X84mbsJ3/fzyh1IKhD/tQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHEvaWRs klsgF9G2h2bIO+Qt/bn9MB8GA1UdIwQYMBaAFAzZBMfrOQrRpV269PxQBUwIVG4r MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNDdCNi85MDVEN0ZFRUNF QzExMUVFOENGMDE3NDBDNEY5QUUwMi9ETmtFeC1zNUN0R2xYYnIwX0ZBRlRBaFVi aXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ROa0V4LXM1Q3RHbFhicjBfRkFGVEFoVWJpcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NDdCNi85MDVEN0ZFRUNFQzExMUVFOENGMDE3NDBDNEY5QUUwMi9ETmtFeC1zNUN0 R2xYYnIwX0ZBRlRBaFViaXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC45wNpkkfYZsz2gyKscYovbP6qI5IEALBGCFcqol0b6W+XF+dOzDRF FXC3Nmj0hcRomRzNv9xdAL9OZ7x2uavFw42RU8rsG/HHz6kA2IinkFegybaDB+6g 6GJM0zwfqcggXbUMwsodSj+XmXzU0NT7xEqYhNXXXdffx0vgannNGl15lel/qmJD Qj7ZXGxeJ91EEuVSjvJlXb8XMzG23c1v7Jmcv6jYkeWPaPmhKz4ZwATz2DrBtBh5 O2iCCkVIalHdc+2ZbSQPjuGqJ1aj5ioC1vU3oNm82vYoXJIC2t3VnQAEqjzcmHoP bsKpjL1cT5t6sdDA/6316pt5ru7GZPIr -----END CERTIFICATE-----Generated at Wed Nov 5 16:32:11 2025 by rpki-client