$ rpki-client -vvf rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft File: lKlQswO0aQDdWjBhAwyJpIloA68.mft (raw, json) Hash identifier: VeJ3ShMZqSdbATIu9n0+x6DH/rHIY8YexAKYLZZ6W9g= Subject key identifier: 4D:C3:B0:6E:24:5D:C1:B4:E0:CD:D0:32:8E:04:CE:77:1B:70:C3:2F Authority key identifier: 94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF Certificate issuer: /CN=A91BAD2D/serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Certificate serial: 013F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft Manifest number: 0134 Signing time: Thu 23 Oct 2025 06:32:19 +0000 Manifest this update: Thu 23 Oct 2025 06:32:18 +0000 Manifest next update: Thu 30 Oct 2025 06:32:18 +0000 Files and hashes: 1: lKlQswO0aQDdWjBhAwyJpIloA68.crl (hash: dO3gF8Uu/AkuMIz8D0P5COGFdT1OvjxIj/7IyC23oeY=) 2: 10771E5497C211F0A9D40817C4F9AE02.roa (hash: saXUgFYFE88ebAmrp0hfBEAM07HUjSBQgX0rZpCJXb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 30 Oct 2025 06:32:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 319 (0x13f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BAD2D, serialNumber=94A950B303B46900DD5A3061030C89A4896803AF Validity Not Before: Oct 23 06:32:18 2025 GMT Not After : Oct 30 06:32:18 2025 GMT Subject: CN=68f9cbf3-78e7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:89:b4:e2:ad:42:15:24:d5:cc:c7:ab:4b:22: d3:e2:8c:fb:fa:72:bd:2c:33:37:8c:a5:59:e4:84: 70:8e:a4:5e:84:18:bf:25:f6:09:ae:f1:4d:76:8b: d1:aa:51:94:6b:ec:6c:f5:1a:16:90:c8:98:6f:d5: 03:26:24:fc:31:d9:36:3e:99:28:cd:97:e3:fa:40: 5c:41:2c:58:d6:52:5a:59:82:dd:e8:5d:01:3f:36: f5:04:01:bf:b7:30:cf:2e:18:f3:7e:c3:87:fb:60: 70:8a:66:e1:00:a5:ed:08:66:a3:45:66:ec:f0:39: 83:c9:87:9e:c8:6a:55:79:7c:55:0d:0b:1f:5a:e5: ba:31:fe:b6:54:80:f6:a0:0b:d8:42:af:6b:94:99: ff:50:9f:3d:3b:a4:b3:dc:ed:b9:fc:de:8b:09:2a: ae:f5:8d:e9:6e:37:65:7c:da:ff:d3:69:90:22:97: a6:a7:2f:45:c0:66:aa:dd:eb:a3:8c:33:eb:7a:5b: 41:af:f4:62:3e:b6:b2:c5:a3:f9:dc:d5:bb:c8:d8: d8:0a:e6:78:b4:8d:07:fd:a6:50:cb:76:89:25:93: 84:27:89:87:c9:ea:8c:84:80:c3:9f:aa:1d:4f:01: 6b:97:ab:49:f5:b0:99:0c:2f:6f:37:3a:58:d0:a4: 52:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:C3:B0:6E:24:5D:C1:B4:E0:CD:D0:32:8E:04:CE:77:1B:70:C3:2F X509v3 Authority Key Identifier: keyid:94:A9:50:B3:03:B4:69:00:DD:5A:30:61:03:0C:89:A4:89:68:03:AF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lKlQswO0aQDdWjBhAwyJpIloA68.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BAD2D/9088EE5AE80111EEAD6C5030C4F9AE02/lKlQswO0aQDdWjBhAwyJpIloA68.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:53:e5:7b:46:da:45:ef:4d:50:1e:f1:10:bf:35:a4:2a:f3: ae:b9:6c:16:41:c3:81:15:d8:36:93:80:3f:fe:f1:fc:83:c3: 18:1a:ed:43:cd:72:29:82:ce:72:6c:fe:6b:58:20:c1:34:30: 29:35:ab:bb:dc:d7:4c:79:e1:bd:c8:69:0d:3b:56:fa:0f:bc: 98:f6:61:ef:f7:91:4e:64:14:29:0e:bd:1e:af:5a:d9:3f:16: d8:a5:5c:1e:3c:f5:84:a4:d0:29:43:68:a5:40:d4:8b:90:3a: 7b:c2:72:f6:8d:58:13:bf:15:89:83:81:f7:f9:58:e2:42:b9: 4a:ec:4d:a1:d6:f4:f3:75:ee:84:ae:b6:7d:ee:cc:58:af:99: 57:4d:dc:0e:70:a5:7a:65:cc:61:a4:ef:d6:f7:6b:b7:78:23: 31:63:30:00:26:75:a4:d5:54:c3:db:2e:2a:73:60:bb:f0:56: 17:bc:b7:31:bd:62:17:1b:f4:ed:77:54:52:22:f9:61:a6:3e: 99:d9:e9:56:e9:78:09:4a:84:bc:98:5b:60:02:03:db:e5:8b: 53:df:d1:97:a4:5d:3e:59:bf:39:34:36:fc:94:2f:32:cc:93: ca:fd:fa:84:78:ca:8a:6a:8d:57:b6:2a:b5:56:a8:b1:24:9f: 01:76:f3:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAT8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkFEMkQxMTAvBgNVBAUTKDk0QTk1MEIzMDNCNDY5MDBERDVBMzA2MTAzMEM4OUE0 ODk2ODAzQUYwHhcNMjUxMDIzMDYzMjE4WhcNMjUxMDMwMDYzMjE4WjAYMRYwFAYD VQQDEw02OGY5Y2JmMy03OGU3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqom04q1CFSTVzMerSyLT4oz7+nK9LDM3jKVZ5IRwjqRehBi/JfYJrvFNdovR qlGUa+xs9RoWkMiYb9UDJiT8Mdk2PpkozZfj+kBcQSxY1lJaWYLd6F0BPzb1BAG/ tzDPLhjzfsOH+2BwimbhAKXtCGajRWbs8DmDyYeeyGpVeXxVDQsfWuW6Mf62VID2 oAvYQq9rlJn/UJ89O6Sz3O25/N6LCSqu9Y3pbjdlfNr/02mQIpempy9FwGaq3euj jDPreltBr/RiPrayxaP53NW7yNjYCuZ4tI0H/aZQy3aJJZOEJ4mHyeqMhIDDn6od TwFrl6tJ9bCZDC9vNzpY0KRSPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE3DsG4k XcG04M3QMo4EzncbcMMvMB8GA1UdIwQYMBaAFJSpULMDtGkA3VowYQMMiaSJaAOv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQUQyRC85MDg4RUU1QUU4 MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFRRGRXakJoQXd5SnBJbG9B NjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xLbFFzd08wYVFEZFdqQmhBd3lKcElsb0E2OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QUQyRC85MDg4RUU1QUU4MDExMUVFQUQ2QzUwMzBDNEY5QUUwMi9sS2xRc3dPMGFR RGRXakJoQXd5SnBJbG9BNjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlU+V7RtpF701QHvEQvzWkKvOuuWwWQcOBFdg2k4A//vH8g8MYGu1D zXIpgs5ybP5rWCDBNDApNau73NdMeeG9yGkNO1b6D7yY9mHv95FOZBQpDr0er1rZ PxbYpVwePPWEpNApQ2ilQNSLkDp7wnL2jVgTvxWJg4H3+VjiQrlK7E2h1vTzde6E rrZ97sxYr5lXTdwOcKV6ZcxhpO/W92u3eCMxYzAAJnWk1VTD2y4qc2C78FYXvLcx vWIXG/Ttd1RSIvlhpj6Z2elW6XgJSoS8mFtgAgPb5YtT39GXpF0+Wb85NDb8lC8y zJPK/fqEeMqKao1Xtiq1VqixJJ8BdvNA -----END CERTIFICATE-----Generated at Sat Oct 25 06:39:07 2025 by rpki-client