$ rpki-client -vvf rpki.apnic.net/member_repository/A91B08F7/4714380AD59411E78E7C9143C4F9AE02/md4sN9GmK6i5e1oc_SzSlAsNTQ0.mft File: md4sN9GmK6i5e1oc_SzSlAsNTQ0.mft (raw, json) Hash identifier: hQJY9ntIgx5dTn+j+Oac0jXPVkby6wiJARBeAguB9Mg= Subject key identifier: 96:38:B7:E0:5E:06:7D:2F:F5:31:4B:50:40:AE:42:CB:9B:8B:8E:EC Authority key identifier: 99:DE:2C:37:D1:A6:2B:A8:B9:7B:5A:1C:FD:2C:D2:94:0B:0D:4D:0D Certificate issuer: /CN=A91B08F7/serialNumber=99DE2C37D1A62BA8B97B5A1CFD2CD2940B0D4D0D Certificate serial: 17BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md4sN9GmK6i5e1oc_SzSlAsNTQ0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B08F7/4714380AD59411E78E7C9143C4F9AE02/md4sN9GmK6i5e1oc_SzSlAsNTQ0.mft Manifest number: 1C11 Signing time: Tue 04 Nov 2025 16:39:30 +0000 Manifest this update: Tue 04 Nov 2025 16:39:30 +0000 Manifest next update: Tue 11 Nov 2025 16:39:29 +0000 Files and hashes: 1: md4sN9GmK6i5e1oc_SzSlAsNTQ0.crl (hash: zs1JhljbaDV7x8Sv+oIbcfnCcjWApQOd8JYjvccAlfE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B08F7/4714380AD59411E78E7C9143C4F9AE02/md4sN9GmK6i5e1oc_SzSlAsNTQ0.crl rsync://rpki.apnic.net/member_repository/A91B08F7/4714380AD59411E78E7C9143C4F9AE02/md4sN9GmK6i5e1oc_SzSlAsNTQ0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md4sN9GmK6i5e1oc_SzSlAsNTQ0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:39:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6077 (0x17bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B08F7, serialNumber=99DE2C37D1A62BA8B97B5A1CFD2CD2940B0D4D0D Validity Not Before: Nov 4 16:39:30 2025 GMT Not After : Nov 11 16:39:29 2025 GMT Subject: CN=690a2c42-235b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:8e:8f:60:06:d7:7b:15:df:b3:27:c6:f3:71: 19:16:81:d2:00:cc:9f:9c:b9:69:ce:62:4f:80:90: 3d:96:0c:80:8b:3e:82:1b:d9:88:05:63:9c:28:ec: e0:39:36:35:a4:d0:31:19:50:f1:78:4b:70:ab:b8: a9:b0:f9:30:ce:be:5c:23:8d:82:de:7f:5b:67:bd: 66:d4:13:5e:3e:36:c2:8c:1a:1e:b2:62:78:a7:76: c9:58:ca:ea:d3:7c:13:6f:4d:18:c5:82:cd:b2:13: 47:21:1a:e9:87:70:fb:b0:2a:41:88:f7:58:20:8c: 2c:dd:69:8f:d0:e3:06:77:a4:2a:84:01:33:d7:6b: 61:62:72:cf:db:d1:1d:92:ed:b4:a3:ca:03:88:c5: 32:53:a6:59:39:82:fe:b0:85:8f:f8:02:d1:7f:bc: ec:8f:a1:0d:2e:5b:0a:2f:57:46:d7:b8:d9:8b:b9: a7:22:eb:6c:5d:61:10:61:f0:da:fd:ac:07:a1:d8: ac:4c:1c:f9:55:4b:f4:63:78:8a:e0:cb:d4:89:9a: 27:b0:aa:cd:9f:3b:a7:6a:26:09:55:1b:fa:38:c5: 18:07:cd:d7:ef:fe:7e:81:d9:04:3d:16:c1:29:28: 20:72:ab:0b:e9:bc:e2:b6:79:8e:6b:df:49:28:15: 3e:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 96:38:B7:E0:5E:06:7D:2F:F5:31:4B:50:40:AE:42:CB:9B:8B:8E:EC X509v3 Authority Key Identifier: keyid:99:DE:2C:37:D1:A6:2B:A8:B9:7B:5A:1C:FD:2C:D2:94:0B:0D:4D:0D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B08F7/4714380AD59411E78E7C9143C4F9AE02/md4sN9GmK6i5e1oc_SzSlAsNTQ0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/md4sN9GmK6i5e1oc_SzSlAsNTQ0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B08F7/4714380AD59411E78E7C9143C4F9AE02/md4sN9GmK6i5e1oc_SzSlAsNTQ0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:f6:48:81:b2:5d:24:99:63:80:71:87:fb:6d:40:5a:9e:56: 05:48:5f:75:43:8c:0c:e8:ff:f4:b0:b8:e4:cf:a3:76:db:0f: f3:bd:61:91:bd:e9:cc:5d:29:a9:d6:d3:5d:93:f2:71:68:9c: 12:c5:18:d6:bc:1c:3c:9f:53:a6:aa:89:4c:a2:3d:3c:d2:19: d1:b6:e5:cd:e4:d5:61:f0:66:d9:a6:d4:c1:e8:88:ef:78:2f: 49:da:5b:f3:03:69:a1:6b:44:64:85:ac:81:be:63:7f:7f:95: 6a:d0:cc:e9:a5:5a:46:9c:e1:19:86:ee:04:ba:fe:3d:d6:5b: 38:9b:d7:b9:d3:4c:7a:d6:6e:3e:f5:9d:79:0f:8f:0c:2b:d1: 2b:04:91:46:76:93:ee:89:1f:a2:57:ef:a1:21:4b:a5:da:43: 84:97:d3:e4:e2:b7:81:5a:15:82:10:bf:d8:61:92:f0:fb:73: 34:37:6e:6a:ec:cf:b0:e6:90:73:33:79:b6:5d:0b:9c:1c:c7: 63:44:54:f3:b0:ed:66:4b:ff:7b:7a:c2:3f:13:2c:c7:e0:0e: da:32:14:8f:55:86:7d:6b:e5:23:1e:67:c3:e0:56:d6:87:9e: 24:da:70:88:23:67:fd:58:67:4d:03:34:51:bb:d3:8a:db:aa: 4e:0f:3a:4d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICF70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjA4RjcxMTAvBgNVBAUTKDk5REUyQzM3RDFBNjJCQThCOTdCNUExQ0ZEMkNEMjk0 MEIwRDREMEQwHhcNMjUxMTA0MTYzOTMwWhcNMjUxMTExMTYzOTI5WjAYMRYwFAYD VQQDEw02OTBhMmM0Mi0yMzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv46PYAbXexXfsyfG83EZFoHSAMyfnLlpzmJPgJA9lgyAiz6CG9mIBWOcKOzg OTY1pNAxGVDxeEtwq7ipsPkwzr5cI42C3n9bZ71m1BNePjbCjBoesmJ4p3bJWMrq 03wTb00YxYLNshNHIRrph3D7sCpBiPdYIIws3WmP0OMGd6QqhAEz12thYnLP29Ed ku20o8oDiMUyU6ZZOYL+sIWP+ALRf7zsj6ENLlsKL1dG17jZi7mnIutsXWEQYfDa /awHodisTBz5VUv0Y3iK4MvUiZonsKrNnzunaiYJVRv6OMUYB83X7/5+gdkEPRbB KSggcqsL6bzitnmOa99JKBU+MwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJY4t+Be Bn0v9TFLUECuQsubi47sMB8GA1UdIwQYMBaAFJneLDfRpiuouXtaHP0s0pQLDU0N MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMDhGNy80NzE0MzgwQUQ1 OTQxMUU3OEU3QzkxNDNDNEY5QUUwMi9tZDRzTjlHbUs2aTVlMW9jX1N6U2xBc05U UTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL21kNHNOOUdtSzZpNWUxb2NfU3pTbEFzTlRRMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MDhGNy80NzE0MzgwQUQ1OTQxMUU3OEU3QzkxNDNDNEY5QUUwMi9tZDRzTjlHbUs2 aTVlMW9jX1N6U2xBc05UUTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAg9kiBsl0kmWOAcYf7bUBanlYFSF91Q4wM6P/0sLjkz6N22w/zvWGR venMXSmp1tNdk/JxaJwSxRjWvBw8n1OmqolMoj080hnRtuXN5NVh8GbZptTB6Ijv eC9J2lvzA2mha0RkhayBvmN/f5Vq0MzppVpGnOEZhu4Euv491ls4m9e500x61m4+ 9Z15D48MK9ErBJFGdpPuiR+iV++hIUul2kOEl9Pk4reBWhWCEL/YYZLw+3M0N25q 7M+w5pBzM3m2XQucHMdjRFTzsO1mS/97esI/EyzH4A7aMhSPVYZ9a+UjHmfD4FbW h54k2nCII2f9WGdNAzRRu9OK26pODzpN -----END CERTIFICATE-----Generated at Wed Nov 5 16:40:52 2025 by rpki-client