$ rpki-client -vvf rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft File: RITQfaaNUwUM3PaxPAwFReZFfOU.mft (raw, json) Hash identifier: Tc6izHOAxAzlXQfSHqahjAZSN+mGi+pxC/scCW0F3xs= Subject key identifier: 92:08:B8:A5:27:6E:86:C1:5E:58:A3:F7:C9:ED:84:CA:E5:45:04:1A Authority key identifier: 44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 Certificate issuer: /CN=A91B5CEA/serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Certificate serial: 0233 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft Manifest number: 022F Signing time: Wed 05 Nov 2025 02:04:23 +0000 Manifest this update: Wed 05 Nov 2025 02:04:22 +0000 Manifest next update: Wed 12 Nov 2025 02:04:22 +0000 Files and hashes: 1: RITQfaaNUwUM3PaxPAwFReZFfOU.crl (hash: ofqbTfYqozIQFhHqomIt5IALtowYXmhFKHEOdJZ/MX4=) 2: B3795CBC64F211ED9AEC046FC4F9AE02.roa (hash: tX50rThQWeAbKIESIwrC0zdSKgD+i4OgX2qNIGi6fqk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:04:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 563 (0x233) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B5CEA, serialNumber=4484D07DA68D53050CDCF6B13C0C0545E6457CE5 Validity Not Before: Nov 5 02:04:22 2025 GMT Not After : Nov 12 02:04:22 2025 GMT Subject: CN=690ab0a7-87b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:73:bf:3f:96:45:58:b7:a9:01:51:9d:aa:bd: 1c:e0:b8:68:25:1a:78:bc:78:e6:a8:f0:07:73:65: f3:8f:72:de:fa:c5:32:3b:4e:2f:bc:17:39:2d:9a: 1a:a9:8a:c2:89:22:50:cc:c7:5e:c0:9b:c6:ce:8b: 83:6c:ff:a7:72:16:0b:6c:fd:67:c6:3d:1e:32:5b: 46:a3:d0:3e:86:cd:d4:c9:50:c3:94:12:ae:2f:aa: 7e:31:8e:fe:dc:1f:88:b1:93:ad:a0:0f:e8:51:77: 5e:7e:71:91:69:c0:97:3a:fa:df:61:79:2c:d5:cd: d9:d0:e7:f3:d8:ee:9f:93:ae:7b:db:c7:fb:e1:ce: 2d:26:f5:16:f6:21:a6:4e:87:01:df:e5:9b:95:78: 2a:d7:ad:47:d8:c2:76:6d:34:ef:e3:65:c3:a4:36: a2:39:1a:a6:bc:1c:69:8d:df:0d:78:3e:c2:04:03: e0:2a:eb:24:eb:3f:c5:bd:f9:19:6f:bb:9f:b2:c2: 28:2d:4d:4b:97:51:ff:74:7c:18:01:ae:55:1c:8c: 80:70:74:02:c6:09:c4:77:f0:82:b1:6e:09:48:ed: f9:9a:35:62:c6:3f:1f:05:77:72:96:db:1e:da:23: 61:5a:d4:ce:5c:83:14:1c:b0:37:ba:fa:d9:53:4f: 2b:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:08:B8:A5:27:6E:86:C1:5E:58:A3:F7:C9:ED:84:CA:E5:45:04:1A X509v3 Authority Key Identifier: keyid:44:84:D0:7D:A6:8D:53:05:0C:DC:F6:B1:3C:0C:05:45:E6:45:7C:E5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/RITQfaaNUwUM3PaxPAwFReZFfOU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B5CEA/1F63A56864EE11EDA4A34513C4F9AE02/RITQfaaNUwUM3PaxPAwFReZFfOU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:e7:d1:16:00:81:a4:7b:3c:56:7b:42:1f:4f:b3:c3:16:65: 61:76:6d:c1:bb:31:c5:2d:04:ba:40:b0:9e:e5:9c:85:5b:66: 92:b5:43:f1:8f:b6:95:c4:9b:5f:ab:1b:52:5d:c8:5a:b4:40: ab:28:d0:3c:87:69:48:be:b0:6d:ee:fe:32:09:ef:df:49:89: de:8d:8d:23:3c:1a:b6:36:80:ae:e3:0a:2b:b3:4a:d8:d4:b2: 6b:8b:c2:c3:2e:23:48:58:fd:cc:84:e6:1f:e8:4e:a6:59:97: 9f:e3:45:b9:78:d5:ae:68:b1:d4:d3:63:f3:b2:f6:9b:f5:f1: 56:58:9e:a7:91:ec:b2:4f:da:90:72:93:34:89:75:25:13:a8: a7:fa:80:b7:85:b1:d3:c2:72:31:16:a8:7a:ed:11:ae:78:47: 2c:5e:4f:49:9c:d3:f6:02:40:b3:d3:f8:1b:8b:97:32:68:2c: 8a:01:72:d3:93:fe:6f:2d:a3:f7:1a:8c:3d:95:e5:ff:10:94: 47:f1:c5:90:30:8f:7b:69:4a:cb:70:b6:dc:58:2f:3f:c4:cf: 8f:d9:52:28:7e:6a:ef:bc:77:43:55:25:37:0f:1b:3d:0d:41: d4:bf:2b:eb:e4:93:30:ec:a6:24:7c:aa:27:6e:da:1f:57:95: fd:73:5b:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAjMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjVDRUExMTAvBgNVBAUTKDQ0ODREMDdEQTY4RDUzMDUwQ0RDRjZCMTNDMEMwNTQ1 RTY0NTdDRTUwHhcNMjUxMTA1MDIwNDIyWhcNMjUxMTEyMDIwNDIyWjAYMRYwFAYD VQQDEw02OTBhYjBhNy04N2I5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8nO/P5ZFWLepAVGdqr0c4LhoJRp4vHjmqPAHc2Xzj3Le+sUyO04vvBc5LZoa qYrCiSJQzMdewJvGzouDbP+nchYLbP1nxj0eMltGo9A+hs3UyVDDlBKuL6p+MY7+ 3B+IsZOtoA/oUXdefnGRacCXOvrfYXks1c3Z0Ofz2O6fk65728f74c4tJvUW9iGm TocB3+WblXgq161H2MJ2bTTv42XDpDaiORqmvBxpjd8NeD7CBAPgKusk6z/FvfkZ b7ufssIoLU1Ll1H/dHwYAa5VHIyAcHQCxgnEd/CCsW4JSO35mjVixj8fBXdyltse 2iNhWtTOXIMUHLA3uvrZU08rwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJIIuKUn bobBXlij98nthMrlRQQaMB8GA1UdIwQYMBaAFESE0H2mjVMFDNz2sTwMBUXmRXzl MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNUNFQS8xRjYzQTU2ODY0 RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3VU0zUGF4UEF3RlJlWkZm T1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL1JJVFFmYWFOVXdVTTNQYXhQQXdGUmVaRmZPVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NUNFQS8xRjYzQTU2ODY0RUUxMUVEQTRBMzQ1MTNDNEY5QUUwMi9SSVRRZmFhTlV3 VU0zUGF4UEF3RlJlWkZmT1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBb59EWAIGkezxWe0IfT7PDFmVhdm3BuzHFLQS6QLCe5ZyFW2aStUPx j7aVxJtfqxtSXchatECrKNA8h2lIvrBt7v4yCe/fSYnejY0jPBq2NoCu4wors0rY 1LJri8LDLiNIWP3MhOYf6E6mWZef40W5eNWuaLHU02Pzsvab9fFWWJ6nkeyyT9qQ cpM0iXUlE6in+oC3hbHTwnIxFqh67RGueEcsXk9JnNP2AkCz0/gbi5cyaCyKAXLT k/5vLaP3Gow9leX/EJRH8cWQMI97aUrLcLbcWC8/xM+P2VIofmrvvHdDVSU3Dxs9 DUHUvyvr5JMw7KYkfKonbtofV5X9c1sC -----END CERTIFICATE-----Generated at Wed Nov 5 06:11:16 2025 by rpki-client