$ rpki-client -vvf rpki.apnic.net/member_repository/A91AE08E/B2A3C23CBF4A11EA8C315D31C4F9AE02/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.mft File: 0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.mft (raw, json) Hash identifier: 43/sCCug2bepDjECcE6HH8f5Mcjqs0yNQoVbPjm79Qc= Subject key identifier: 4B:DD:9B:71:E0:D2:99:92:B0:CE:C0:84:98:AC:53:CA:75:5B:55:ED Authority key identifier: D2:90:DD:16:72:22:C3:9B:13:4F:81:E5:27:F0:22:D8:5E:DF:23:F4 Certificate issuer: /CN=A91AE08E/serialNumber=D290DD167222C39B134F81E527F022D85EDF23F4 Certificate serial: 08E3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AE08E/B2A3C23CBF4A11EA8C315D31C4F9AE02/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.mft Manifest number: 08D8 Signing time: Fri 24 Oct 2025 21:13:29 +0000 Manifest this update: Fri 24 Oct 2025 21:13:28 +0000 Manifest next update: Fri 31 Oct 2025 21:13:28 +0000 Files and hashes: 1: 0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.crl (hash: mUrcAOn+FO/xlAlEJRCdBMAutXAcJs/NQCDf+11GMLc=) 2: 6E038820BF6211EA94C2957CC4F9AE02.roa (hash: PLkHHx8GaTekc9dmC5heFwXjJ3zz86/8Y8QSgJQ+mrU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AE08E/B2A3C23CBF4A11EA8C315D31C4F9AE02/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.crl rsync://rpki.apnic.net/member_repository/A91AE08E/B2A3C23CBF4A11EA8C315D31C4F9AE02/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 21:13:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2275 (0x8e3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AE08E, serialNumber=D290DD167222C39B134F81E527F022D85EDF23F4 Validity Not Before: Oct 24 21:13:28 2025 GMT Not After : Oct 31 21:13:28 2025 GMT Subject: CN=68fbebf8-8729 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:99:74:4b:cc:3f:05:37:02:7b:62:0e:17:33: 2b:fb:b5:e7:79:99:8f:ec:6d:28:29:2d:3f:de:b0: be:34:f7:09:7b:e7:de:4b:06:97:44:6a:76:14:16: a4:f7:0c:a2:8c:02:0d:91:29:1e:ac:3e:4e:f8:1d: fc:1c:28:5f:c7:54:fd:20:6b:57:17:e7:e7:58:46: ff:a8:d5:6b:28:eb:c4:b1:12:18:6a:e8:e6:a2:ae: f6:de:f9:08:24:34:23:c6:ac:d4:92:8a:43:3d:43: a1:2f:02:13:58:02:9f:4d:95:7d:31:86:f3:a8:75: b3:8d:cf:20:70:9b:9a:bc:ba:6d:be:43:2c:99:21: b4:75:04:97:80:7f:3b:b3:cb:a7:bc:21:4d:50:d1: 91:cd:2b:da:ff:da:71:01:1b:e1:67:fb:eb:d1:cc: 3c:28:d4:01:fe:53:42:ae:e4:85:cb:8b:28:bc:76: fd:08:ce:9d:94:70:3d:a3:cc:3a:03:1a:25:38:d3: 8d:4b:3b:27:c9:c4:97:6b:31:f3:04:fd:cc:95:28: 32:8a:36:8e:54:3d:4b:ed:4c:db:39:ae:c4:ca:47: 77:da:fa:ed:39:f7:be:f8:96:e8:57:48:98:cb:c6: 8e:43:05:96:c4:4c:48:2e:e5:34:26:97:12:9d:ad: 4d:4d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:DD:9B:71:E0:D2:99:92:B0:CE:C0:84:98:AC:53:CA:75:5B:55:ED X509v3 Authority Key Identifier: keyid:D2:90:DD:16:72:22:C3:9B:13:4F:81:E5:27:F0:22:D8:5E:DF:23:F4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AE08E/B2A3C23CBF4A11EA8C315D31C4F9AE02/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AE08E/B2A3C23CBF4A11EA8C315D31C4F9AE02/0pDdFnIiw5sTT4HlJ_Ai2F7fI_Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:7f:f9:5c:c7:5e:66:2e:5a:f7:ed:ea:de:5b:54:7c:b5:b6: 2f:9e:e1:a8:ae:0c:32:3e:a1:c7:53:c6:b9:de:2a:08:a5:61: e7:28:ed:c6:b3:38:c2:9c:5b:6f:71:6c:ab:64:6b:ed:4a:e3: cb:77:f0:7f:2a:c0:a7:c8:08:30:e4:fd:67:e8:22:ea:06:b9: 54:a8:20:51:74:24:a2:ff:7d:1a:04:d0:00:25:73:cc:f3:cd: df:a4:4a:f7:ae:24:17:da:ac:28:5f:87:b0:ad:f6:29:9d:1a: 08:59:6f:5f:2a:56:52:f9:52:80:a4:26:b4:4f:30:ac:ea:bf: b5:fd:ad:e3:95:6c:73:7a:7e:b4:ed:df:f8:34:fc:d3:73:49: 14:fb:b6:a5:3c:be:58:cc:6b:41:48:a3:e6:b4:28:b4:c5:b8: b1:96:db:fc:13:e0:7d:f1:5e:82:a8:e8:ab:5e:b2:59:10:87: 90:24:58:00:3d:ed:49:b8:95:f5:9d:d5:87:2b:7f:a2:4b:c0: e3:8a:36:9e:89:93:15:66:7a:3d:5d:fd:dd:5c:94:a5:ce:41: 3c:14:03:64:64:73:9d:ef:39:00:a6:a4:e9:bc:78:8f:c3:7e: 5c:e4:50:dc:72:57:d1:79:58:9e:2c:4e:94:5d:6a:29:de:ef: 52:a9:f1:07 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCOMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUUwOEUxMTAvBgNVBAUTKEQyOTBERDE2NzIyMkMzOUIxMzRGODFFNTI3RjAyMkQ4 NUVERjIzRjQwHhcNMjUxMDI0MjExMzI4WhcNMjUxMDMxMjExMzI4WjAYMRYwFAYD VQQDEw02OGZiZWJmOC04NzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwpl0S8w/BTcCe2IOFzMr+7XneZmP7G0oKS0/3rC+NPcJe+feSwaXRGp2FBak 9wyijAINkSkerD5O+B38HChfx1T9IGtXF+fnWEb/qNVrKOvEsRIYaujmoq723vkI JDQjxqzUkopDPUOhLwITWAKfTZV9MYbzqHWzjc8gcJuavLptvkMsmSG0dQSXgH87 s8unvCFNUNGRzSva/9pxARvhZ/vr0cw8KNQB/lNCruSFy4sovHb9CM6dlHA9o8w6 AxolONONSzsnycSXazHzBP3MlSgyijaOVD1L7UzbOa7Eykd32vrtOfe++JboV0iY y8aOQwWWxExILuU0JpcSna1NTQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEvdm3Hg 0pmSsM7AhJisU8p1W1XtMB8GA1UdIwQYMBaAFNKQ3RZyIsObE0+B5SfwIthe3yP0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRTA4RS9CMkEzQzIzQ0JG NEExMUVBOEMzMTVEMzFDNEY5QUUwMi8wcERkRm5JaXc1c1RUNEhsSl9BaTJGN2ZJ X1EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBwRGRGbklpdzVzVFQ0SGxKX0FpMkY3ZklfUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RTA4RS9CMkEzQzIzQ0JGNEExMUVBOEMzMTVEMzFDNEY5QUUwMi8wcERkRm5JaXc1 c1RUNEhsSl9BaTJGN2ZJX1EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYf/lcx15mLlr37ereW1R8tbYvnuGorgwyPqHHU8a53ioIpWHnKO3G szjCnFtvcWyrZGvtSuPLd/B/KsCnyAgw5P1n6CLqBrlUqCBRdCSi/30aBNAAJXPM 883fpEr3riQX2qwoX4ewrfYpnRoIWW9fKlZS+VKApCa0TzCs6r+1/a3jlWxzen60 7d/4NPzTc0kU+7alPL5YzGtBSKPmtCi0xbixltv8E+B98V6CqOirXrJZEIeQJFgA Pe1JuJX1ndWHK3+iS8DjijaeiZMVZno9Xf3dXJSlzkE8FANkZHOd7zkApqTpvHiP w35c5FDcclfReVieLE6UXWop3u9SqfEH -----END CERTIFICATE-----Generated at Sat Oct 25 13:06:04 2025 by rpki-client