$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft File: -qIKGvsgkct_URR4g_NkpFMJQTE.mft (raw, json) Hash identifier: fu0TAW1GYKqO0CzSE+dUii192nX0y62mlkzSi/vfqyA= Subject key identifier: 2A:72:89:A9:4D:E1:B9:13:39:D9:67:F2:74:63:64:66:D9:34:0F:0A Authority key identifier: FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 Certificate issuer: /CN=A91AF0E8/serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Certificate serial: 34E9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft Manifest number: 34DE Signing time: Sun 02 Nov 2025 15:08:41 +0000 Manifest this update: Sun 02 Nov 2025 15:08:40 +0000 Manifest next update: Sun 09 Nov 2025 15:08:40 +0000 Files and hashes: 1: -qIKGvsgkct_URR4g_NkpFMJQTE.crl (hash: 3/Qbe1r3UnUhJ/hqnvVpFFcxQEurz/cpn7NtkZAMPxI=) 2: 0A956A80B48711EC83327546C4F9AE02.roa (hash: QTUVJsweaVnNBbhlnpDHj+5m7Q6KujtkGNOkASm6SsM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:08:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13545 (0x34e9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF0E8, serialNumber=FAA20A1AFB2091CB7F51147883F364A453094131 Validity Not Before: Nov 2 15:08:40 2025 GMT Not After : Nov 9 15:08:40 2025 GMT Subject: CN=690773f9-7965 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:9a:ab:c5:ec:ef:da:ef:44:ca:7e:ad:cd:cf: 7c:c9:59:1e:64:c3:85:42:31:3d:d2:5d:33:56:d4: 62:fc:92:bf:cc:b3:50:8e:c1:1b:86:0e:e8:b7:ad: c1:2b:58:a4:5d:64:64:4f:71:15:5b:1b:7a:e2:08: d5:3d:2f:6a:28:4d:50:6a:7e:a3:12:1e:f6:6b:e7: 08:26:88:38:99:04:3d:a8:83:ee:90:18:ef:22:a6: 99:c4:1f:a3:73:27:e1:10:64:2d:f5:0f:6e:f2:da: b4:b8:c7:45:65:e7:8a:b2:f5:c1:53:14:4f:ca:db: 4e:87:9c:41:16:85:52:11:9b:8a:23:8e:48:f8:de: d3:3e:54:7c:0f:54:e9:31:82:1c:ae:55:7f:93:f8: 83:ed:24:92:06:1b:9b:15:7d:c6:b8:1b:99:cc:74: a8:84:3b:7e:dd:a1:4e:4a:05:cd:31:f4:d7:7e:3d: 54:07:87:07:84:4d:3d:13:0a:fe:8f:dc:8e:49:f7: ef:43:96:4d:55:b6:b7:b1:b2:18:4c:49:b2:87:ca: e2:18:be:8d:7d:0d:87:bd:f8:69:85:95:8b:91:11: a3:b6:83:b3:44:98:29:f3:53:29:59:a4:20:48:52: f5:72:cb:a3:af:85:63:d9:71:b1:9f:08:87:14:b7: a6:1d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:72:89:A9:4D:E1:B9:13:39:D9:67:F2:74:63:64:66:D9:34:0F:0A X509v3 Authority Key Identifier: keyid:FA:A2:0A:1A:FB:20:91:CB:7F:51:14:78:83:F3:64:A4:53:09:41:31 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-qIKGvsgkct_URR4g_NkpFMJQTE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF0E8/45796AD21DA311E29FFB8C9808B02CD2/-qIKGvsgkct_URR4g_NkpFMJQTE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:50:a7:b5:21:3c:5a:65:03:47:57:13:49:fc:08:70:cb:e2: 8a:c3:65:88:0c:6d:82:ef:7d:be:c9:fa:86:76:01:4d:92:06: 94:32:bb:39:02:0b:57:dd:e8:36:63:38:17:4e:75:23:1d:43: 80:5c:7c:85:da:85:75:2e:f9:3f:20:4e:24:8d:a3:4b:cd:2a: a6:28:2b:7f:97:50:74:be:f2:72:bc:da:24:3a:b4:bc:bf:35: 33:ce:f4:18:9e:5d:7a:70:7a:07:a2:d5:0b:80:7a:74:7b:e7: 1c:9d:d0:da:f6:0a:7e:80:e9:47:77:7b:f2:be:75:32:b7:aa: 9a:b6:7b:b4:5f:64:db:11:44:f2:bd:6e:24:4b:20:a3:d0:aa: a2:02:fe:d6:61:8b:55:97:54:e3:74:6e:38:fd:7c:70:26:4f: 97:f1:0d:d6:86:33:f5:52:3c:77:c4:06:63:68:f8:3b:ab:60: e7:4c:fb:b9:a6:a1:0e:f8:42:9d:42:07:be:d8:bd:42:2d:94: 58:06:df:0c:0e:c8:cd:32:76:66:37:e4:a3:ea:a1:80:66:56: b0:15:a7:60:56:e1:63:e9:34:36:dc:81:ea:06:aa:00:19:eb: cb:f2:cd:92:cf:13:96:63:e0:1a:ff:e6:27:22:f1:39:10:18: 02:4d:95:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUYwRTgxMTAvBgNVBAUTKEZBQTIwQTFBRkIyMDkxQ0I3RjUxMTQ3ODgzRjM2NEE0 NTMwOTQxMzEwHhcNMjUxMTAyMTUwODQwWhcNMjUxMTA5MTUwODQwWjAYMRYwFAYD VQQDEw02OTA3NzNmOS03OTY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAm5qrxezv2u9Eyn6tzc98yVkeZMOFQjE90l0zVtRi/JK/zLNQjsEbhg7ot63B K1ikXWRkT3EVWxt64gjVPS9qKE1Qan6jEh72a+cIJog4mQQ9qIPukBjvIqaZxB+j cyfhEGQt9Q9u8tq0uMdFZeeKsvXBUxRPyttOh5xBFoVSEZuKI45I+N7TPlR8D1Tp MYIcrlV/k/iD7SSSBhubFX3GuBuZzHSohDt+3aFOSgXNMfTXfj1UB4cHhE09Ewr+ j9yOSffvQ5ZNVba3sbIYTEmyh8riGL6NfQ2HvfhphZWLkRGjtoOzRJgp81MpWaQg SFL1csujr4Vj2XGxnwiHFLemHQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCpyialN 4bkTOdln8nRjZGbZNA8KMB8GA1UdIwQYMBaAFPqiChr7IJHLf1EUeIPzZKRTCUEx MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjBFOC80NTc5NkFEMjFE QTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tjdF9VUlI0Z19Oa3BGTUpR VEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1xSUtHdnNna2N0X1VSUjRnX05rcEZNSlFURS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjBFOC80NTc5NkFEMjFEQTMxMUUyOUZGQjhDOTgwOEIwMkNEMi8tcUlLR3ZzZ2tj dF9VUlI0Z19Oa3BGTUpRVEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWUKe1ITxaZQNHVxNJ/Ahwy+KKw2WIDG2C732+yfqGdgFNkgaUMrs5 AgtX3eg2YzgXTnUjHUOAXHyF2oV1Lvk/IE4kjaNLzSqmKCt/l1B0vvJyvNokOrS8 vzUzzvQYnl16cHoHotULgHp0e+ccndDa9gp+gOlHd3vyvnUyt6qatnu0X2TbEUTy vW4kSyCj0KqiAv7WYYtVl1TjdG44/XxwJk+X8Q3WhjP1Ujx3xAZjaPg7q2DnTPu5 pqEO+EKdQge+2L1CLZRYBt8MDsjNMnZmN+Sj6qGAZlawFadgVuFj6TQ23IHqBqoA GevL8s2SzxOWY+Aa/+YnIvE5EBgCTZUT -----END CERTIFICATE-----Generated at Mon Nov 3 18:15:05 2025 by rpki-client