$ rpki-client -vvf rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.mft File: 7f0U22_TsCp5NdqtR_wCnzpwTEA.mft (raw, json) Hash identifier: ykMsP98vLZfB4gKX3az0YIaVdu+nBxAqFzZ/7CXxrBQ= Subject key identifier: E3:94:CF:5A:29:0B:04:4F:11:E9:72:DC:7C:DD:E2:B9:0B:9B:FB:28 Authority key identifier: ED:FD:14:DB:6F:D3:B0:2A:79:35:DA:AD:47:FC:02:9F:3A:70:4C:40 Certificate issuer: /CN=A91A93B6/serialNumber=EDFD14DB6FD3B02A7935DAAD47FC029F3A704C40 Certificate serial: 022B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.mft Manifest number: 0225 Signing time: Thu 13 Nov 2025 00:31:30 +0000 Manifest this update: Thu 13 Nov 2025 00:31:30 +0000 Manifest next update: Thu 20 Nov 2025 00:31:30 +0000 Files and hashes: 1: 7f0U22_TsCp5NdqtR_wCnzpwTEA.crl (hash: TOYeB07DkbZEFzsYSlMFL34b8a+00j5ipvsTlTL0e44=) 2: 780A3032CB3211EE953DEF37C4F9AE02.roa (hash: bI9ehsJkdKReP7tO6LRGZVdy5KgC9pIKmuFrjzQkdWA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.crl rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 20 Nov 2025 00:31:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 555 (0x22b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A93B6, serialNumber=EDFD14DB6FD3B02A7935DAAD47FC029F3A704C40 Validity Not Before: Nov 13 00:31:30 2025 GMT Not After : Nov 20 00:31:30 2025 GMT Subject: CN=691526e2-efe5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:e9:e0:7e:82:6f:da:32:17:f1:11:dd:39:45: e2:ce:1f:e3:6e:25:b2:5e:3f:70:b7:a9:41:8f:6a: 2c:23:3f:d7:51:9f:e3:83:23:0c:4c:00:b5:c4:9f: f9:59:f2:22:90:7a:fe:3b:9d:e6:1b:7e:57:7a:06: 20:9c:bf:fa:f2:1b:95:b2:1e:82:53:06:c6:7b:9e: 3b:2d:8f:b2:95:22:a8:d8:22:30:28:1e:8d:0f:fa: df:fc:49:43:da:90:76:de:4c:91:4e:7a:96:d1:be: 29:b4:2a:62:09:ee:e5:f3:c0:db:7b:19:ef:9f:d2: 79:0b:ba:82:8b:bb:ee:87:b2:d8:56:34:d6:aa:3a: 75:65:e4:04:93:0d:c7:16:16:38:11:f6:dc:03:46: 76:06:e1:0b:1a:6e:c0:65:bb:6a:d4:f4:3d:1f:d9: c8:60:b4:d7:85:df:0f:50:ed:71:6a:f1:c5:a1:7e: 9d:fe:45:b7:57:a6:be:20:7b:71:83:c1:f1:65:de: f5:83:84:06:21:4c:7c:bf:de:be:87:8e:4a:3b:32: 8a:31:30:25:99:bd:d6:c6:46:b6:e2:ae:48:ed:55: c0:45:e2:ce:a1:47:47:a3:1a:8c:c8:21:35:a0:0b: e8:c9:a7:7a:c8:31:e8:b5:d0:1c:98:50:09:09:e5: b4:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E3:94:CF:5A:29:0B:04:4F:11:E9:72:DC:7C:DD:E2:B9:0B:9B:FB:28 X509v3 Authority Key Identifier: keyid:ED:FD:14:DB:6F:D3:B0:2A:79:35:DA:AD:47:FC:02:9F:3A:70:4C:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/7f0U22_TsCp5NdqtR_wCnzpwTEA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A93B6/70BCFCE07C5711EDA8107866C4F9AE02/7f0U22_TsCp5NdqtR_wCnzpwTEA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 99:24:c4:ea:81:27:18:ec:ce:91:82:10:43:8f:d4:e1:16:ad: c0:4b:bd:91:fd:74:85:e0:68:ec:63:90:65:c2:f0:3a:3b:f5: 40:d2:31:c7:73:9e:d9:a7:95:db:4d:05:17:7f:fd:c3:01:ff: 8c:c7:b1:a8:66:3f:08:42:c1:f3:97:be:e6:bb:8d:8a:fd:2e: ef:52:fa:77:b3:36:22:1a:5a:90:69:cd:bb:e9:ab:63:65:cd: c2:80:73:9f:37:d5:f4:79:10:f9:44:f0:57:13:0c:ba:b7:8d: 9d:a9:81:49:c4:de:07:81:d1:56:eb:14:68:97:96:c9:3d:e9: 53:5b:34:c3:35:de:f3:06:4e:a9:23:fa:60:14:bd:b7:a3:70: 87:64:a1:67:e0:2b:0e:39:ce:38:6c:e5:f5:e8:b5:8c:be:7e: 47:6b:0c:b9:8e:01:b2:dd:59:6c:e1:6a:ea:e9:88:c4:1e:b9: 12:5d:42:45:75:a3:54:b4:29:6f:51:45:32:34:e3:04:e0:04: f7:9f:12:15:07:3a:c7:33:de:f4:7c:d4:d4:b7:9c:fc:5f:30: 67:08:e8:da:ab:25:c3:0d:d9:ed:f8:f4:d4:66:ee:6b:83:a9: d7:97:80:9f:b9:1d:62:61:b8:cf:06:d4:43:5b:ab:14:bf:06: d4:a5:74:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAiswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTkzQjYxMTAvBgNVBAUTKEVERkQxNERCNkZEM0IwMkE3OTM1REFBRDQ3RkMwMjlG M0E3MDRDNDAwHhcNMjUxMTEzMDAzMTMwWhcNMjUxMTIwMDAzMTMwWjAYMRYwFAYD VQQDEw02OTE1MjZlMi1lZmU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx+ngfoJv2jIX8RHdOUXizh/jbiWyXj9wt6lBj2osIz/XUZ/jgyMMTAC1xJ/5 WfIikHr+O53mG35XegYgnL/68huVsh6CUwbGe547LY+ylSKo2CIwKB6ND/rf/ElD 2pB23kyRTnqW0b4ptCpiCe7l88Dbexnvn9J5C7qCi7vuh7LYVjTWqjp1ZeQEkw3H FhY4EfbcA0Z2BuELGm7AZbtq1PQ9H9nIYLTXhd8PUO1xavHFoX6d/kW3V6a+IHtx g8HxZd71g4QGIUx8v96+h45KOzKKMTAlmb3Wxka24q5I7VXAReLOoUdHoxqMyCE1 oAvoyad6yDHotdAcmFAJCeW0qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOOUz1op CwRPEely3Hzd4rkLm/soMB8GA1UdIwQYMBaAFO39FNtv07AqeTXarUf8Ap86cExA MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTNCNi83MEJDRkNFMDdD NTcxMUVEQTgxMDc4NjZDNEY5QUUwMi83ZjBVMjJfVHNDcDVOZHF0Ul93Q256cHdU RUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzdmMFUyMl9Uc0NwNU5kcXRSX3dDbnpwd1RFQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OTNCNi83MEJDRkNFMDdDNTcxMUVEQTgxMDc4NjZDNEY5QUUwMi83ZjBVMjJfVHND cDVOZHF0Ul93Q256cHdURUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCZJMTqgScY7M6RghBDj9ThFq3AS72R/XSF4GjsY5BlwvA6O/VA0jHH c57Zp5XbTQUXf/3DAf+Mx7GoZj8IQsHzl77mu42K/S7vUvp3szYiGlqQac276atj Zc3CgHOfN9X0eRD5RPBXEwy6t42dqYFJxN4HgdFW6xRol5bJPelTWzTDNd7zBk6p I/pgFL23o3CHZKFn4CsOOc44bOX16LWMvn5Hawy5jgGy3Vls4Wrq6YjEHrkSXUJF daNUtClvUUUyNOME4AT3nxIVBzrHM970fNTUt5z8XzBnCOjaqyXDDdnt+PTUZu5r g6nXl4CfuR1iYbjPBtRDW6sUvwbUpXQ1 -----END CERTIFICATE-----Generated at Fri Nov 14 09:07:16 2025 by rpki-client