$ rpki-client -vvf rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft File: 1RZ7lweHQQlX4l2fh1CFYPAFd24.mft (raw, json) Hash identifier: izxirZDQW2338fRzDcXhyZ/9Ii/35uXsxgFnE2q3vBM= Subject key identifier: 41:C5:DD:0A:BF:E7:FF:8A:0B:4F:CD:0A:DC:6F:AF:F4:E1:98:13:33 Authority key identifier: D5:16:7B:97:07:87:41:09:57:E2:5D:9F:87:50:85:60:F0:05:77:6E Certificate issuer: /CN=A91B9011/serialNumber=D5167B970787410957E25D9F87508560F005776E Certificate serial: 060A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft Manifest number: 0605 Signing time: Tue 04 Nov 2025 22:57:58 +0000 Manifest this update: Tue 04 Nov 2025 22:57:57 +0000 Manifest next update: Tue 11 Nov 2025 22:57:57 +0000 Files and hashes: 1: 1RZ7lweHQQlX4l2fh1CFYPAFd24.crl (hash: oW0h+38r456/hWelsHOT9kkMyV6T6qivH+zhTC6Aaeg=) 2: 438893AC55BE11EDBDE51983C4F9AE02.roa (hash: Y1Hqc3CucW1MGNfTEVOgwuu3xdmSB7zSj6HU8UBJr7c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.crl rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:57:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1546 (0x60a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B9011, serialNumber=D5167B970787410957E25D9F87508560F005776E Validity Not Before: Nov 4 22:57:57 2025 GMT Not After : Nov 11 22:57:57 2025 GMT Subject: CN=690a84f6-de83 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:49:3c:68:1c:7b:68:ad:bc:4d:2a:51:e6:50: ed:4c:dd:fe:2a:ea:7b:8a:e1:32:b7:3a:e4:39:c0: c3:f6:f5:08:a9:50:01:e7:e7:55:4a:d8:c7:23:94: 86:ab:c2:bc:e9:ac:e8:9f:70:f9:29:ff:2a:57:77: 19:c7:bb:3e:e9:d5:6e:de:e5:77:95:97:36:c9:39: d2:b8:7a:96:0c:49:21:76:0b:4b:2e:17:63:74:8a: dc:24:05:64:dc:a2:be:f4:50:bf:38:f1:bf:89:18: 95:b6:8f:2d:c8:5d:03:0f:a8:69:50:51:ac:73:cc: 29:4f:c5:9d:18:0b:8e:ba:14:1d:e6:19:6f:8c:1b: 36:4c:3c:52:40:04:3c:cd:6c:4b:81:8e:2d:d7:09: 6a:a3:da:1d:e6:f9:c6:e6:37:64:75:1c:fd:13:8f: 98:35:6e:da:a1:5c:fc:81:d4:7d:30:ca:79:c3:44: ce:e8:98:e4:46:8f:38:88:18:09:59:25:99:0b:0c: 59:43:2e:f2:c1:d9:38:95:76:9b:bf:c2:79:1b:84: c7:ef:92:9a:a1:39:64:d9:df:5d:50:1c:ee:12:2f: 63:27:a3:0c:60:e9:65:3e:85:4f:b2:d6:71:f2:f4: 5e:69:c0:f5:3d:0c:b8:f7:c1:d7:56:aa:46:f7:89: cf:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:C5:DD:0A:BF:E7:FF:8A:0B:4F:CD:0A:DC:6F:AF:F4:E1:98:13:33 X509v3 Authority Key Identifier: keyid:D5:16:7B:97:07:87:41:09:57:E2:5D:9F:87:50:85:60:F0:05:77:6E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1RZ7lweHQQlX4l2fh1CFYPAFd24.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B9011/3888E0C4C73A11EB90075510C4F9AE02/1RZ7lweHQQlX4l2fh1CFYPAFd24.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:19:cc:42:13:29:3d:bd:f3:67:38:08:df:5a:6a:85:cc:f8: f2:05:a7:fb:a0:3a:70:b2:77:7b:6a:75:3c:b0:c3:ca:e7:ce: cc:a0:7c:18:c7:3f:1f:28:99:20:b9:32:9d:1a:e7:9d:ca:fb: 03:30:b4:2b:f6:67:4c:8f:30:14:e8:41:86:11:7f:df:b1:98: 5e:1e:9c:24:ec:dd:f4:8d:67:70:07:bf:c3:48:14:a0:5f:2d: c5:19:34:f5:e6:57:3b:70:06:5d:18:d9:5b:fc:5c:46:b5:c8: 5b:64:21:b0:a8:bc:ba:f7:cd:30:24:08:c6:72:d4:20:c5:0e: 57:be:98:1a:2c:7e:0e:06:6f:76:b5:c3:5a:1f:d9:a3:a0:be: 68:3d:46:9c:01:39:1a:9a:02:8b:85:cb:c2:0c:f2:23:98:4d: 77:4b:d2:6a:67:5e:5d:68:7c:c1:e2:47:a3:d4:63:eb:d2:c7: 41:a1:24:6b:82:18:08:41:33:56:3d:78:06:7e:7e:e3:73:54: fa:a7:c0:47:e2:b6:3e:0d:06:06:ab:df:2e:59:46:f1:7f:76: 7a:05:7d:bd:1f:d7:1a:99:a2:fc:03:b3:ab:43:7f:81:d0:8b: 43:a6:9e:7c:5d:ad:64:b8:ca:c2:c3:a8:2e:70:0f:58:24:e7: dd:c5:c5:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjkwMTExMTAvBgNVBAUTKEQ1MTY3Qjk3MDc4NzQxMDk1N0UyNUQ5Rjg3NTA4NTYw RjAwNTc3NkUwHhcNMjUxMTA0MjI1NzU3WhcNMjUxMTExMjI1NzU3WjAYMRYwFAYD VQQDEw02OTBhODRmNi1kZTgzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp0k8aBx7aK28TSpR5lDtTN3+Kup7iuEytzrkOcDD9vUIqVAB5+dVStjHI5SG q8K86azon3D5Kf8qV3cZx7s+6dVu3uV3lZc2yTnSuHqWDEkhdgtLLhdjdIrcJAVk 3KK+9FC/OPG/iRiVto8tyF0DD6hpUFGsc8wpT8WdGAuOuhQd5hlvjBs2TDxSQAQ8 zWxLgY4t1wlqo9od5vnG5jdkdRz9E4+YNW7aoVz8gdR9MMp5w0TO6JjkRo84iBgJ WSWZCwxZQy7ywdk4lXabv8J5G4TH75KaoTlk2d9dUBzuEi9jJ6MMYOllPoVPstZx 8vReacD1PQy498HXVqpG94nPXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEHF3Qq/ 5/+KC0/NCtxvr/ThmBMzMB8GA1UdIwQYMBaAFNUWe5cHh0EJV+Jdn4dQhWDwBXdu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCOTAxMS8zODg4RTBDNEM3 M0ExMUVCOTAwNzU1MTBDNEY5QUUwMi8xUlo3bHdlSFFRbFg0bDJmaDFDRllQQUZk MjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFSWjdsd2VIUVFsWDRsMmZoMUNGWVBBRmQyNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC OTAxMS8zODg4RTBDNEM3M0ExMUVCOTAwNzU1MTBDNEY5QUUwMi8xUlo3bHdlSFFR bFg0bDJmaDFDRllQQUZkMjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzGcxCEyk9vfNnOAjfWmqFzPjyBaf7oDpwsnd7anU8sMPK587MoHwY xz8fKJkguTKdGuedyvsDMLQr9mdMjzAU6EGGEX/fsZheHpwk7N30jWdwB7/DSBSg Xy3FGTT15lc7cAZdGNlb/FxGtchbZCGwqLy6980wJAjGctQgxQ5XvpgaLH4OBm92 tcNaH9mjoL5oPUacATkamgKLhcvCDPIjmE13S9JqZ15daHzB4kej1GPr0sdBoSRr ghgIQTNWPXgGfn7jc1T6p8BH4rY+DQYGq98uWUbxf3Z6BX29H9camaL8A7OrQ3+B 0ItDpp58Xa1kuMrCw6gucA9YJOfdxcUC -----END CERTIFICATE-----Generated at Wed Nov 5 08:09:59 2025 by rpki-client