$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft File: 3XyND0ePm-ar9znAT1tb5NyfYfg.mft (raw, json) Hash identifier: UuyrqLTpod/LQ0REwi8fXwra1/Sfsl3MvcOUMgDqe/Q= Subject key identifier: EE:F6:6D:57:F9:13:CF:E2:B0:B9:8D:3B:EC:18:12:66:14:68:B3:42 Authority key identifier: DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 Certificate issuer: /CN=A91B1E55/serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Certificate serial: D2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft Manifest number: D0 Signing time: Wed 05 Nov 2025 05:49:41 +0000 Manifest this update: Wed 05 Nov 2025 05:49:41 +0000 Manifest next update: Wed 12 Nov 2025 05:49:41 +0000 Files and hashes: 1: 3XyND0ePm-ar9znAT1tb5NyfYfg.crl (hash: ierkxbfOwRfO+PFf/LZZ+dwuQ+CWnSb3Vp6jwFmC1Fk=) 2: EAF1E48478FA11EF9043060AC4F9AE02.roa (hash: Y94sd9E5GlcMt+lxymyuqjd3AEApdFlcMVQYEZaGYA0=) 3: EA810E6278FA11EF9043060AC4F9AE02.roa (hash: jUEy/iUbesTw/bKzIqKbuM3aQtOsfpKNSiK5hvDoL0g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 05:49:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 210 (0xd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1E55, serialNumber=DD7C8D0F478F9BE6ABF739C04F5B5BE4DC9F61F8 Validity Not Before: Nov 5 05:49:41 2025 GMT Not After : Nov 12 05:49:41 2025 GMT Subject: CN=690ae575-a699 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:3e:08:a7:c4:07:24:84:bf:6f:8d:22:14:d2: 4b:3d:a1:bd:3b:45:22:5d:0b:f4:26:bc:64:16:a3: 8d:08:5c:b2:04:4b:cb:8d:2c:12:c2:0c:8a:6d:6b: 5b:b5:86:bb:55:6a:f1:06:ae:65:f9:67:b4:b5:f5: 56:e2:29:5c:9a:9a:cb:ca:7b:d9:00:17:5f:1d:13: 1b:46:2c:e4:81:0d:a6:a9:5a:8a:7c:57:73:0b:85: a3:05:7a:11:86:5e:25:70:30:84:fa:6c:00:9b:df: ba:8d:4a:ff:83:ab:c9:ea:a9:1e:e0:fe:54:16:88: 15:22:25:7e:b4:75:7a:f3:2c:cd:4d:95:19:0d:81: a7:58:27:85:21:e5:17:86:b5:fe:bc:df:6d:59:7b: ab:53:3c:54:a3:50:0e:69:47:a4:3b:8b:64:ff:a1: 3f:ea:dd:08:2a:dd:73:d0:45:52:f2:e8:c9:0f:29: 36:a3:67:fc:ec:c2:ed:16:3e:80:52:8e:8c:e1:26: 73:7b:1e:d1:3e:0c:7c:b1:49:72:ed:13:6d:c9:b5: e9:45:2f:8c:49:b7:88:20:b1:a1:3c:e8:2d:26:43: 83:24:ac:cd:a4:94:e2:49:08:55:87:ed:9d:0d:ad: 15:66:85:59:fb:55:d3:9a:5c:55:9c:1e:af:8d:94: bc:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:F6:6D:57:F9:13:CF:E2:B0:B9:8D:3B:EC:18:12:66:14:68:B3:42 X509v3 Authority Key Identifier: keyid:DD:7C:8D:0F:47:8F:9B:E6:AB:F7:39:C0:4F:5B:5B:E4:DC:9F:61:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/3XyND0ePm-ar9znAT1tb5NyfYfg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1E55/4C09862E78FA11EFA44FE586C4F9AE02/3XyND0ePm-ar9znAT1tb5NyfYfg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 10:79:05:29:f7:a5:cf:ad:ad:ce:31:c6:b2:dc:16:ff:d0:0e: 4d:fa:6d:57:25:6f:e5:91:ae:f9:25:77:9a:f5:64:2a:a1:cc: d2:21:51:1e:58:db:9f:1a:35:eb:c9:46:c8:5c:ff:27:be:b0: 8d:22:0b:e1:68:6d:f7:17:9a:52:e1:3a:a7:07:be:c6:7b:b8: 42:0e:ee:fc:b1:d6:eb:96:f1:ee:54:0f:9a:18:ae:b4:f2:04: 4a:61:81:b1:1d:8c:76:a7:07:47:de:46:82:c4:ed:06:69:79: 97:5a:91:a6:44:ae:83:2f:06:06:ad:dc:5f:6a:8b:6a:fe:cb: 73:8a:1a:3b:52:07:f7:97:7b:53:58:e0:d0:36:21:ab:95:48: f8:80:63:54:35:4a:1e:19:70:14:d5:6a:91:f8:29:ab:da:7e: db:74:61:42:d5:3d:11:1e:64:64:0f:92:5f:46:7d:da:d3:e6: 04:4a:75:1f:5c:d4:8b:0c:a2:cf:87:d7:d6:ec:aa:59:a8:13: 06:09:11:4b:c3:30:d8:6a:4d:8b:e7:59:18:94:ca:ac:60:64: ca:6f:4f:13:6c:3d:13:30:b1:1e:3b:cd:31:06:08:c1:f5:d9: d3:0f:77:d1:b4:e3:f7:8c:9e:79:da:ac:79:c9:08:00:b8:ad: 43:e9:3a:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFFNTUxMTAvBgNVBAUTKEREN0M4RDBGNDc4RjlCRTZBQkY3MzlDMDRGNUI1QkU0 REM5RjYxRjgwHhcNMjUxMTA1MDU0OTQxWhcNMjUxMTEyMDU0OTQxWjAYMRYwFAYD VQQDEw02OTBhZTU3NS1hNjk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApD4Ip8QHJIS/b40iFNJLPaG9O0UiXQv0JrxkFqONCFyyBEvLjSwSwgyKbWtb tYa7VWrxBq5l+We0tfVW4ilcmprLynvZABdfHRMbRizkgQ2mqVqKfFdzC4WjBXoR hl4lcDCE+mwAm9+6jUr/g6vJ6qke4P5UFogVIiV+tHV68yzNTZUZDYGnWCeFIeUX hrX+vN9tWXurUzxUo1AOaUekO4tk/6E/6t0IKt1z0EVS8ujJDyk2o2f87MLtFj6A Uo6M4SZzex7RPgx8sUly7RNtybXpRS+MSbeIILGhPOgtJkODJKzNpJTiSQhVh+2d Da0VZoVZ+1XTmlxVnB6vjZS81wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO72bVf5 E8/isLmNO+wYEmYUaLNCMB8GA1UdIwQYMBaAFN18jQ9Hj5vmq/c5wE9bW+Tcn2H4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUU1NS80QzA5ODYyRTc4 RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0tYXI5em5BVDF0YjVOeWZZ ZmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLzNYeU5EMGVQbS1hcjl6bkFUMXRiNU55ZllmZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUU1NS80QzA5ODYyRTc4RkExMUVGQTQ0RkU1ODZDNEY5QUUwMi8zWHlORDBlUG0t YXI5em5BVDF0YjVOeWZZZmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAQeQUp96XPra3OMcay3Bb/0A5N+m1XJW/lka75JXea9WQqoczSIVEe WNufGjXryUbIXP8nvrCNIgvhaG33F5pS4TqnB77Ge7hCDu78sdbrlvHuVA+aGK60 8gRKYYGxHYx2pwdH3kaCxO0GaXmXWpGmRK6DLwYGrdxfaotq/stziho7Ugf3l3tT WODQNiGrlUj4gGNUNUoeGXAU1WqR+Cmr2n7bdGFC1T0RHmRkD5JfRn3a0+YESnUf XNSLDKLPh9fW7KpZqBMGCRFLwzDYak2L51kYlMqsYGTKb08TbD0TMLEeO80xBgjB 9dnTD3fRtOP3jJ552qx5yQgAuK1D6TpJ -----END CERTIFICATE-----Generated at Wed Nov 5 19:29:51 2025 by rpki-client