$ rpki-client -vvf rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft File: U4XhOhtYRftEzutr7Y3rTomvOCk.mft (raw, json) Hash identifier: hhxbTuIpgOXUCNIqFgw3uRPRVlc09zvVMfa4pPbNYxo= Subject key identifier: 81:76:11:94:F3:42:A8:AE:05:D2:D8:73:06:46:23:9B:F5:0A:5C:E6 Authority key identifier: 53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 Certificate issuer: /CN=A91ACFEB/serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Certificate serial: 09C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft Manifest number: 09B7 Signing time: Wed 22 Oct 2025 20:42:16 +0000 Manifest this update: Wed 22 Oct 2025 20:42:15 +0000 Manifest next update: Wed 29 Oct 2025 20:42:15 +0000 Files and hashes: 1: U4XhOhtYRftEzutr7Y3rTomvOCk.crl (hash: x53vBCOS3gI+46GYRyFPVFVwrgI90aHNqcvVGv1Vrw0=) 2: 3636BCD2937011EA8A795583C4F9AE02.roa (hash: Xd/9pByFb2cbZ9xoUnmDVjNmjmus87X0lFOERhfsZNI=) 3: 35831FCE937011EA8A795583C4F9AE02.roa (hash: N79J5/addSjvuTRJUjHpGEDoonJ5OZtfdl2v8Aonsr8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 20:42:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2503 (0x9c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91ACFEB, serialNumber=5385E13A1B5845FB44CEEB6BED8DEB4E89AF3829 Validity Not Before: Oct 22 20:42:15 2025 GMT Not After : Oct 29 20:42:15 2025 GMT Subject: CN=68f941a8-ee8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:6e:a8:ab:86:77:3c:fa:a8:94:15:85:55:a0: 85:38:99:82:3c:a7:2b:0b:47:78:f9:cf:60:a8:49: 46:cb:92:0d:16:ba:54:f0:64:e0:80:2b:49:6b:44: e5:be:37:4b:e7:97:97:2b:22:f1:09:7f:c1:79:93: 05:e8:80:c3:89:5a:87:94:8d:db:02:f1:3e:8e:28: 30:c4:5e:17:51:55:69:b9:9c:74:41:63:db:cb:62: f8:dc:7d:c8:e3:83:9e:ad:c9:3e:7f:1c:a2:a4:d8: de:09:25:70:ac:db:6d:5f:db:a0:c5:17:14:cf:a7: 80:1f:8d:84:66:8f:cd:47:a9:69:a4:01:05:cb:ea: 51:d3:21:7c:6f:b5:3f:b6:b9:bf:f0:b5:a7:02:17: b1:62:eb:4c:95:37:1e:9e:bb:54:70:d5:68:f0:73: eb:99:9d:be:36:6a:c0:c2:19:8d:29:d1:73:e7:63: 22:2b:a5:00:16:90:9b:3b:56:56:1b:eb:0c:ab:65: 1a:5f:6b:06:ed:44:57:9f:55:5c:10:e5:c7:e4:4d: 14:4f:99:30:b5:9b:1a:c8:0f:63:a3:e9:b9:f0:5a: f1:70:96:73:4b:fd:f7:7d:56:e1:53:c7:7d:e7:d0: 4e:de:92:5d:7e:89:6c:7e:e6:7e:d1:79:48:4b:4d: e9:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:76:11:94:F3:42:A8:AE:05:D2:D8:73:06:46:23:9B:F5:0A:5C:E6 X509v3 Authority Key Identifier: keyid:53:85:E1:3A:1B:58:45:FB:44:CE:EB:6B:ED:8D:EB:4E:89:AF:38:29 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/U4XhOhtYRftEzutr7Y3rTomvOCk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91ACFEB/CB2C33E6936E11EAA5E56B7EC4F9AE02/U4XhOhtYRftEzutr7Y3rTomvOCk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:e3:67:c2:6b:cc:5b:e8:46:d5:10:34:8f:18:a1:15:63:ce: 55:94:e5:19:f1:21:93:83:c2:e9:31:75:03:fa:c8:14:1c:9c: ff:dd:4f:51:61:68:4c:c9:36:37:17:96:ac:81:7a:3c:eb:75: 01:f2:bb:e1:7b:b1:72:bd:42:58:38:b3:64:a8:21:c2:a7:ca: a6:e3:be:90:70:91:dc:78:f9:d9:8d:b6:d9:ef:87:b6:cc:a8: 6a:b8:7b:a0:55:1a:7e:2b:7e:f0:0b:35:22:dc:83:d1:9d:29: ac:86:02:41:23:15:19:04:f7:d1:7a:54:fd:c7:02:28:5a:92: ed:08:d1:21:0b:1a:a2:81:cf:a8:de:31:b1:e3:37:5d:3b:5b: 10:ff:98:70:69:02:c2:cc:59:34:17:27:d6:60:81:de:d6:5c: bc:51:73:6d:72:31:51:e8:c1:89:1e:f7:ff:42:c2:9a:80:97: eb:17:03:58:d9:8e:01:9d:f7:3e:c6:57:9a:16:75:9c:1c:d2: 95:ce:15:08:9c:37:05:9b:65:14:47:29:96:c4:7d:ce:d4:ed: 43:af:97:b1:e7:c9:02:24:04:db:7d:47:fc:d8:13:fd:18:47: 3c:7f:2a:e0:25:9d:52:a2:11:b5:5e:ec:c6:9b:cb:54:48:ae: d6:e4:49:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUNGRUIxMTAvBgNVBAUTKDUzODVFMTNBMUI1ODQ1RkI0NENFRUI2QkVEOERFQjRF ODlBRjM4MjkwHhcNMjUxMDIyMjA0MjE1WhcNMjUxMDI5MjA0MjE1WjAYMRYwFAYD VQQDEw02OGY5NDFhOC1lZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp26oq4Z3PPqolBWFVaCFOJmCPKcrC0d4+c9gqElGy5INFrpU8GTggCtJa0Tl vjdL55eXKyLxCX/BeZMF6IDDiVqHlI3bAvE+jigwxF4XUVVpuZx0QWPby2L43H3I 44Oerck+fxyipNjeCSVwrNttX9ugxRcUz6eAH42EZo/NR6lppAEFy+pR0yF8b7U/ trm/8LWnAhexYutMlTcenrtUcNVo8HPrmZ2+NmrAwhmNKdFz52MiK6UAFpCbO1ZW G+sMq2UaX2sG7URXn1VcEOXH5E0UT5kwtZsayA9jo+m58FrxcJZzS/33fVbhU8d9 59BO3pJdfolsfuZ+0XlIS03pUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIF2EZTz QqiuBdLYcwZGI5v1ClzmMB8GA1UdIwQYMBaAFFOF4TobWEX7RM7ra+2N606Jrzgp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBQ0ZFQi9DQjJDMzNFNjkz NkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJmdEV6dXRyN1kzclRvbXZP Q2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1U0WGhPaHRZUmZ0RXp1dHI3WTNyVG9tdk9Day5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB Q0ZFQi9DQjJDMzNFNjkzNkUxMUVBQTVFNTZCN0VDNEY5QUUwMi9VNFhoT2h0WVJm dEV6dXRyN1kzclRvbXZPQ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAn42fCa8xb6EbVEDSPGKEVY85VlOUZ8SGTg8LpMXUD+sgUHJz/3U9R YWhMyTY3F5asgXo863UB8rvhe7FyvUJYOLNkqCHCp8qm476QcJHcePnZjbbZ74e2 zKhquHugVRp+K37wCzUi3IPRnSmshgJBIxUZBPfRelT9xwIoWpLtCNEhCxqigc+o 3jGx4zddO1sQ/5hwaQLCzFk0FyfWYIHe1ly8UXNtcjFR6MGJHvf/QsKagJfrFwNY 2Y4Bnfc+xleaFnWcHNKVzhUInDcFm2UURymWxH3O1O1Dr5ex58kCJATbfUf82BP9 GEc8fyrgJZ1SohG1XuzGm8tUSK7W5El2 -----END CERTIFICATE-----Generated at Thu Oct 23 16:17:58 2025 by rpki-client