$ rpki-client -vvf rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft File: CkMWPL6xv3mMnOQcHF50ociDesY.mft (raw, json) Hash identifier: TcjtLch0HYkByqbwCRZnjdLUREdIu/T43FHTKKPJ+14= Subject key identifier: 82:9A:E2:51:2A:47:0B:0C:99:CE:2B:52:03:C5:EF:1B:0F:50:A2:23 Authority key identifier: 0A:43:16:3C:BE:B1:BF:79:8C:9C:E4:1C:1C:5E:74:A1:C8:83:7A:C6 Certificate issuer: /CN=A91A95C1/serialNumber=0A43163CBEB1BF798C9CE41C1C5E74A1C8837AC6 Certificate serial: 02C9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft Manifest number: 02C4 Signing time: Mon 03 Nov 2025 01:22:43 +0000 Manifest this update: Mon 03 Nov 2025 01:22:43 +0000 Manifest next update: Mon 10 Nov 2025 01:22:43 +0000 Files and hashes: 1: CkMWPL6xv3mMnOQcHF50ociDesY.crl (hash: qY0N/Xw9IbIbcsKCCP555swivyac88jFlhX0E/rjQY4=) 2: DA61302A0F0211EDABBE3C6AC4F9AE02.roa (hash: vW2EZP2Cwb4m+zHwX4dxc62MHLuj24Kv3gEJBseD9aY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.crl rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:22:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 713 (0x2c9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A95C1, serialNumber=0A43163CBEB1BF798C9CE41C1C5E74A1C8837AC6 Validity Not Before: Nov 3 01:22:43 2025 GMT Not After : Nov 10 01:22:43 2025 GMT Subject: CN=690803e3-26dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:dd:b9:f3:14:97:cb:8d:fe:a7:70:7a:e8:26: 1b:13:85:9e:a8:05:15:3b:05:15:ff:b0:0c:ad:9b: 4c:34:0c:78:59:55:18:c8:29:0e:13:60:39:b7:3b: f8:fc:53:fa:f2:9d:09:f9:39:6a:7d:72:94:9b:ee: 05:4c:af:12:7a:d4:f7:3c:81:06:30:b5:c0:ec:80: 3a:cb:a1:11:9f:9f:6d:83:9e:e2:0c:f9:04:12:d1: ae:93:3f:37:c7:18:46:3d:43:66:c1:b8:11:31:21: 28:6f:41:2f:07:bd:e1:9a:83:4f:27:6b:53:be:0a: 87:b5:aa:d4:bc:70:62:ed:f0:0e:17:ea:f7:87:71: f4:c4:63:08:d6:0c:7f:16:09:a6:d1:29:5a:55:28: 8c:5d:05:c7:2f:e9:1f:4b:0a:90:3f:ea:17:9a:1e: 5e:ec:a8:06:f6:4f:31:df:46:f7:97:9b:aa:ed:f3: 34:e4:00:6b:d6:75:7d:a9:39:0a:89:0d:44:3b:88: 45:9d:c8:39:81:ad:9e:5c:bd:26:cb:9f:ed:5b:43: 58:b6:8e:50:35:45:fc:0b:20:a4:44:1a:8d:aa:31: 43:8b:f2:4a:27:dc:e6:83:61:af:24:bb:87:7f:8d: f4:ff:94:a6:01:fd:32:0e:1b:32:a6:5a:1e:09:73: 84:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:9A:E2:51:2A:47:0B:0C:99:CE:2B:52:03:C5:EF:1B:0F:50:A2:23 X509v3 Authority Key Identifier: keyid:0A:43:16:3C:BE:B1:BF:79:8C:9C:E4:1C:1C:5E:74:A1:C8:83:7A:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d4:7e:c0:73:f1:6b:6b:3e:16:95:44:b9:f7:05:63:0d:19:76: 83:81:0a:a9:e2:24:91:06:da:a4:96:52:d0:cd:f8:2c:a0:9b: de:bf:4e:ed:bc:d1:cc:66:8b:f2:e4:96:2a:ac:14:06:f1:77: a6:8f:6e:c2:10:a3:82:5a:c9:ff:3e:74:47:11:9e:cd:df:9d: 2b:c9:25:60:85:11:73:64:2b:5f:2a:2f:96:23:ad:f2:a3:c8: cc:03:e4:71:e4:ae:2e:8c:9d:90:20:af:5c:70:42:76:37:0e: 3f:b6:5f:59:00:4f:46:8e:be:bf:e5:bb:35:a5:c6:98:44:89: 0a:9e:93:13:cf:c4:d0:68:2b:85:d2:82:02:01:26:6c:d6:21: 4a:c1:33:59:a8:1d:3b:f2:cb:c4:d3:f8:2b:25:7b:13:21:d5: 81:3c:22:ae:3c:ed:51:b1:fe:22:b3:2e:bf:bf:1b:99:81:96: ea:49:d2:7d:81:29:be:f5:6d:e5:48:b9:a0:27:db:11:f1:7c: 99:91:cd:51:0c:a3:13:1e:2a:7b:b9:50:93:57:ab:cb:a4:0e: dc:37:b0:03:e8:4a:6c:d1:0d:42:9e:ec:21:0d:1d:6f:63:0c: 46:74:20:96:1f:da:3e:68:29:57:a5:5c:39:ab:eb:2a:81:f2: d6:79:33:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAskwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTk1QzExMTAvBgNVBAUTKDBBNDMxNjNDQkVCMUJGNzk4QzlDRTQxQzFDNUU3NEEx Qzg4MzdBQzYwHhcNMjUxMTAzMDEyMjQzWhcNMjUxMTEwMDEyMjQzWjAYMRYwFAYD VQQDEw02OTA4MDNlMy0yNmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6N258xSXy43+p3B66CYbE4WeqAUVOwUV/7AMrZtMNAx4WVUYyCkOE2A5tzv4 /FP68p0J+TlqfXKUm+4FTK8SetT3PIEGMLXA7IA6y6ERn59tg57iDPkEEtGukz83 xxhGPUNmwbgRMSEob0EvB73hmoNPJ2tTvgqHtarUvHBi7fAOF+r3h3H0xGMI1gx/ Fgmm0SlaVSiMXQXHL+kfSwqQP+oXmh5e7KgG9k8x30b3l5uq7fM05ABr1nV9qTkK iQ1EO4hFncg5ga2eXL0my5/tW0NYto5QNUX8CyCkRBqNqjFDi/JKJ9zmg2GvJLuH f430/5SmAf0yDhsyploeCXOEYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIKa4lEq RwsMmc4rUgPF7xsPUKIjMB8GA1UdIwQYMBaAFApDFjy+sb95jJzkHBxedKHIg3rG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTVDMS9DQkU2QkM3NDBG MDAxMUVEQTc0NDA2NkFDNEY5QUUwMi9Da01XUEw2eHYzbU1uT1FjSEY1MG9jaURl c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NrTVdQTDZ4djNtTW5PUWNIRjUwb2NpRGVzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OTVDMS9DQkU2QkM3NDBGMDAxMUVEQTc0NDA2NkFDNEY5QUUwMi9Da01XUEw2eHYz bU1uT1FjSEY1MG9jaURlc1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDUfsBz8WtrPhaVRLn3BWMNGXaDgQqp4iSRBtqkllLQzfgsoJvev07t vNHMZovy5JYqrBQG8Xemj27CEKOCWsn/PnRHEZ7N350rySVghRFzZCtfKi+WI63y o8jMA+Rx5K4ujJ2QIK9ccEJ2Nw4/tl9ZAE9Gjr6/5bs1pcaYRIkKnpMTz8TQaCuF 0oICASZs1iFKwTNZqB078svE0/grJXsTIdWBPCKuPO1Rsf4isy6/vxuZgZbqSdJ9 gSm+9W3lSLmgJ9sR8XyZkc1RDKMTHip7uVCTV6vLpA7cN7AD6Eps0Q1CnuwhDR1v YwxGdCCWH9o+aClXpVw5q+sqgfLWeTOg -----END CERTIFICATE-----Generated at Tue Nov 4 07:19:20 2025 by rpki-client