$ rpki-client -vvf rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft File: XsGmrXajq_3B4TKesmN8AYZLSAg.mft (raw, json) Hash identifier: v7t3Nnuq12bsQ9KhXnVoKovuMH8J9rURZf+p/IuuSxo= Subject key identifier: 52:6A:74:B4:28:03:66:7A:D1:26:E9:59:FA:BA:37:1C:A3:FD:D2:F7 Authority key identifier: 5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 Certificate issuer: /CN=A91AB20B/serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Certificate serial: 0835 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft Manifest number: 07F8 Signing time: Wed 22 Oct 2025 22:03:57 +0000 Manifest this update: Wed 22 Oct 2025 22:03:56 +0000 Manifest next update: Wed 29 Oct 2025 22:03:56 +0000 Files and hashes: 1: XsGmrXajq_3B4TKesmN8AYZLSAg.crl (hash: XxjtN5DrW+ci7MeSHNQSnjwbysPwECFX7yKmclwwJOY=) 2: 46D6261876A511EB82E04A2FC4F9AE02.roa (hash: WVXeC6AWS7dfqRcacJcoXn1KRTzKsuhGFEjOvtdw4gQ=) 3: B512A570109211ECA693D74EC4F9AE02.roa (hash: x6M8DR+ao43yWMJcYfflaCD3HANg4LUaSOgGurV26Rc=) 4: 82BB885E4B9811EB85F74960C4F9AE02.roa (hash: 4+YaEU8/WKlhoShMZ2jQANGth6P34fJaow29AZ/vK1g=) 5: E3AAE94243B511EB8DA3F473C4F9AE02.roa (hash: TVq9O75Mk8dBtHdZIdf95FNbNlO+Xgr7jZqSFhUdSlc=) 6: 7CF84F084B9111EBBA09CA72C4F9AE02.roa (hash: HBup3egCFQ+j4w8tn/YgKXDolvmk1GZOCKm/FjBELHI=) 7: CF41132A1DE811EB9DE34963C4F9AE02.roa (hash: xo4YbqiE7X/F67UsXOYb5uFnpLPpFvm6ZJLr7VXM8NU=) 8: 046130D225FC11EC9D57EA7CC4F9AE02.roa (hash: KydrQv3Yet/a3HLO3h2lsIOeUoieRU/2J4jW34hxmG0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 22:03:56 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2101 (0x835) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AB20B, serialNumber=5EC1A6AD76A3ABFDC1E1329EB2637C01864B4808 Validity Not Before: Oct 22 22:03:56 2025 GMT Not After : Oct 29 22:03:56 2025 GMT Subject: CN=68f954cd-1b5c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:75:c4:c4:1a:57:8f:9e:5b:f9:2a:71:6b:b5: 4d:8d:05:64:cc:34:1b:8a:bc:ba:06:3a:98:71:e3: e1:28:59:cb:e2:91:c0:0b:b6:1b:41:56:31:4d:26: 24:d2:e4:d6:fe:1a:49:fe:4b:8e:69:04:51:f4:de: 33:03:1f:29:34:93:9b:82:f8:a9:d1:56:fb:e8:3b: cc:74:f5:ca:ec:e5:37:f0:d3:c0:a6:76:cb:cf:4b: 1b:da:2e:fe:20:3a:59:c4:c5:12:38:92:d5:e2:72: 00:64:d1:49:55:8c:cf:c0:d4:60:79:e2:83:bf:5c: 62:d9:22:c3:fb:86:b9:f5:9b:8d:59:5c:51:1c:1e: b7:95:d6:dd:5f:d1:98:0c:cf:be:1c:41:8d:6f:0f: 70:3e:56:f8:97:1a:8a:38:25:53:57:e7:e5:ee:c3: 73:de:f3:67:b7:56:d6:88:46:8a:e0:f1:61:0b:45: 64:88:40:3c:2e:fb:8f:e9:5c:32:85:ff:b5:d1:b5: 2d:93:a6:32:16:9a:a2:8e:d4:05:ee:71:24:8d:10: 70:a3:41:67:07:20:1b:14:ca:e0:bc:ff:12:6a:e9: 40:36:3f:e5:45:ca:72:12:58:e8:f3:7a:a3:f2:3b: 06:2d:c7:4a:f5:4d:5d:50:df:37:a4:49:6e:61:e2: de:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 52:6A:74:B4:28:03:66:7A:D1:26:E9:59:FA:BA:37:1C:A3:FD:D2:F7 X509v3 Authority Key Identifier: keyid:5E:C1:A6:AD:76:A3:AB:FD:C1:E1:32:9E:B2:63:7C:01:86:4B:48:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XsGmrXajq_3B4TKesmN8AYZLSAg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AB20B/BA71B648120311EBBAA19414C4F9AE02/XsGmrXajq_3B4TKesmN8AYZLSAg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:41:28:37:d4:ad:3f:5a:10:c6:77:96:60:77:d7:b9:5f:b3: b4:33:37:05:f2:5b:7f:56:38:e3:db:05:b0:f6:0f:e8:56:f9: 09:a9:58:94:40:47:2e:b1:db:0d:64:26:f0:98:0c:58:8b:a9: 4a:56:32:7b:4c:7d:fe:70:03:2b:67:75:05:22:8b:0c:7f:3b: 7c:c7:86:cf:d0:f7:98:0a:09:6d:90:a6:6a:17:e9:57:dd:a4: 4b:c6:e3:52:66:5f:6c:7c:4d:32:7e:f3:bb:66:cd:cd:b3:a4: d7:4c:4c:15:a3:2c:6b:4a:40:97:da:bb:89:ae:dc:44:51:c7: e0:6d:bd:2c:f6:25:b8:92:c7:67:84:a5:b8:a2:a5:3b:aa:4b: bb:82:e3:11:07:ce:7f:e7:07:bb:2b:40:c5:26:aa:db:8e:7d: 71:03:34:a5:69:58:03:56:ea:1a:88:86:6c:57:dc:21:3f:93: e7:75:d6:19:b2:10:91:4d:6a:42:8c:64:36:2c:45:f4:cd:c9: 1e:ec:16:9f:ca:01:7a:01:f3:27:76:95:62:2a:76:0a:3f:36: 52:c6:7b:24:7b:4b:60:6f:ef:32:f7:ce:a0:dc:61:d4:7a:2c: 27:a4:bb:56:99:e6:2e:c3:b6:62:1a:9a:73:82:83:77:fe:dd: 1a:e7:c0:0d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUIyMEIxMTAvBgNVBAUTKDVFQzFBNkFENzZBM0FCRkRDMUUxMzI5RUIyNjM3QzAx ODY0QjQ4MDgwHhcNMjUxMDIyMjIwMzU2WhcNMjUxMDI5MjIwMzU2WjAYMRYwFAYD VQQDEw02OGY5NTRjZC0xYjVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0HXExBpXj55b+Spxa7VNjQVkzDQbiry6BjqYcePhKFnL4pHAC7YbQVYxTSYk 0uTW/hpJ/kuOaQRR9N4zAx8pNJObgvip0Vb76DvMdPXK7OU38NPApnbLz0sb2i7+ IDpZxMUSOJLV4nIAZNFJVYzPwNRgeeKDv1xi2SLD+4a59ZuNWVxRHB63ldbdX9GY DM++HEGNbw9wPlb4lxqKOCVTV+fl7sNz3vNnt1bWiEaK4PFhC0VkiEA8LvuP6Vwy hf+10bUtk6YyFpqijtQF7nEkjRBwo0FnByAbFMrgvP8SaulANj/lRcpyEljo83qj 8jsGLcdK9U1dUN83pEluYeLehwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFJqdLQo A2Z60SbpWfq6Nxyj/dL3MB8GA1UdIwQYMBaAFF7Bpq12o6v9weEynrJjfAGGS0gI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQjIwQi9CQTcxQjY0ODEy MDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFfM0I0VEtlc21OOEFZWkxT QWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hzR21yWGFqcV8zQjRUS2VzbU44QVlaTFNBZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB QjIwQi9CQTcxQjY0ODEyMDMxMUVCQkFBMTk0MTRDNEY5QUUwMi9Yc0dtclhhanFf M0I0VEtlc21OOEFZWkxTQWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAUQSg31K0/WhDGd5Zgd9e5X7O0MzcF8lt/Vjjj2wWw9g/oVvkJqViU QEcusdsNZCbwmAxYi6lKVjJ7TH3+cAMrZ3UFIosMfzt8x4bP0PeYCgltkKZqF+lX 3aRLxuNSZl9sfE0yfvO7Zs3Ns6TXTEwVoyxrSkCX2ruJrtxEUcfgbb0s9iW4ksdn hKW4oqU7qku7guMRB85/5we7K0DFJqrbjn1xAzSlaVgDVuoaiIZsV9whP5PnddYZ shCRTWpCjGQ2LEX0zcke7BafygF6AfMndpViKnYKPzZSxnske0tgb+8y986g3GHU eiwnpLtWmeYuw7ZiGppzgoN3/t0a58AN -----END CERTIFICATE-----Generated at Thu Oct 23 05:59:56 2025 by rpki-client