$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft File: kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft (raw, json) Hash identifier: G8Sdu4R6xa2oY0s0SbUepiyIEkbjMKz4dWLccS+T7hA= Subject key identifier: 3A:CF:19:3F:7A:2D:A2:8B:3B:20:F8:37:9A:2D:89:C0:97:85:56:D5 Authority key identifier: 91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 Certificate issuer: /CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Certificate serial: 0218 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft Manifest number: 0203 Signing time: Mon 03 Nov 2025 02:31:18 +0000 Manifest this update: Mon 03 Nov 2025 02:31:17 +0000 Manifest next update: Mon 10 Nov 2025 02:31:17 +0000 Files and hashes: 1: kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl (hash: MZhY8Az5xVJT7FI993ore1rbWdm1ATGmlVzZz3pLlL0=) 2: F96174ECC27D11EDB8226F2DC4F9AE02.roa (hash: kXeNIsHETQcXUic6LYufG6XvgVMVgH9sGtHQdmkZT90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:31:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 536 (0x218) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB6E3, serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Validity Not Before: Nov 3 02:31:17 2025 GMT Not After : Nov 10 02:31:17 2025 GMT Subject: CN=690813f5-ec29 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d8:2c:11:a0:80:54:ec:55:d2:af:44:62:7b:24: 18:db:8b:b6:28:1e:c0:8e:db:42:03:b9:b5:e3:1c: db:0f:b3:05:e9:e8:b0:d2:8e:37:cb:b2:df:f7:82: 2a:be:4b:86:2d:87:d4:72:96:23:a9:a7:7e:a3:df: 93:ae:8a:b4:cb:31:af:9f:6d:cf:03:96:3b:9b:55: 26:d2:f7:1c:00:69:a3:f7:1b:a3:43:ad:e2:72:74: b3:fc:64:b6:d9:da:d6:b6:91:a0:f8:af:3e:b9:80: ef:07:22:6f:64:f9:b4:df:15:f5:1f:e7:15:a0:44: dd:d5:c8:6c:07:d1:92:1f:c3:3b:64:37:8f:09:a2: 7c:7b:d3:5d:b1:a6:4a:7a:ea:28:85:d5:32:5b:bf: 9b:b3:51:60:c4:98:4e:de:fe:f8:5d:59:a4:a1:b1: 2a:8a:1b:86:73:3c:e6:a3:fb:5a:07:72:fd:f5:a6: 62:8a:87:18:42:f1:e3:98:29:6a:22:12:9b:22:52: 32:30:e0:5f:1f:95:70:89:5e:a3:fe:c2:d7:ae:02: 30:73:a7:d5:90:54:2b:a1:47:4b:df:0d:4d:46:cc: 30:11:93:5d:56:7d:b7:4e:11:87:02:11:72:29:67: 3b:88:b3:a4:be:1e:f3:12:1e:82:54:82:bb:56:2a: 10:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:CF:19:3F:7A:2D:A2:8B:3B:20:F8:37:9A:2D:89:C0:97:85:56:D5 X509v3 Authority Key Identifier: keyid:91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:43:9b:bb:9f:40:ef:01:8d:fe:4d:3c:4e:54:73:4a:f1:5f: 99:4d:74:b0:4b:19:c1:d9:77:6d:89:c6:c4:b9:b5:b0:e2:53: f6:3b:7e:87:0a:61:6d:1f:46:7e:50:11:f1:22:d6:ad:7d:8d: c0:0e:58:17:55:5b:90:9d:87:6c:a6:b5:5b:51:35:af:d1:4a: ba:7f:9a:16:0d:1d:72:cc:0e:e6:03:74:78:40:79:fa:d6:ec: 87:6a:78:e5:d2:5e:5c:58:78:8e:ab:53:6c:a9:2b:e6:ef:b7: d6:e9:ea:b0:10:f4:a6:52:c8:3d:be:96:ed:79:eb:c6:f6:bb: 3a:98:2e:31:f5:9e:71:05:08:09:c6:70:86:41:4a:57:9a:58: ba:27:22:c6:5a:51:70:8b:0c:05:90:4e:c9:9a:d4:b4:8c:04: 06:f5:8b:41:9c:b4:66:c0:36:ad:3f:0a:0d:27:f9:ed:b6:7f: fd:cf:af:2c:a2:37:f4:78:96:36:5f:71:fc:ba:13:d2:be:a6: 6e:bc:9a:da:e9:1d:bb:aa:28:77:83:e0:9b:b7:1b:e8:9d:40: 4f:35:b8:38:52:5e:33:17:74:98:70:d3:dc:41:b7:cb:3c:3f: 3f:7b:95:95:3e:3f:e7:dd:76:d1:92:73:a9:a5:d5:be:7f:4d: b0:d4:9c:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI2RTMxMTAvBgNVBAUTKDkxOUZBODE5QjJGRkYxNDU1MjFBRjY2NDAzNTI3OEU3 RTc5MTRBNDkwHhcNMjUxMTAzMDIzMTE3WhcNMjUxMTEwMDIzMTE3WjAYMRYwFAYD VQQDEw02OTA4MTNmNS1lYzI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2CwRoIBU7FXSr0RieyQY24u2KB7AjttCA7m14xzbD7MF6eiw0o43y7Lf94Iq vkuGLYfUcpYjqad+o9+Troq0yzGvn23PA5Y7m1Um0vccAGmj9xujQ63icnSz/GS2 2drWtpGg+K8+uYDvByJvZPm03xX1H+cVoETd1chsB9GSH8M7ZDePCaJ8e9NdsaZK euoohdUyW7+bs1FgxJhO3v74XVmkobEqihuGczzmo/taB3L99aZiiocYQvHjmClq IhKbIlIyMOBfH5VwiV6j/sLXrgIwc6fVkFQroUdL3w1NRswwEZNdVn23ThGHAhFy KWc7iLOkvh7zEh6CVIK7VioQQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDrPGT96 LaKLOyD4N5oticCXhVbVMB8GA1UdIwQYMBaAFJGfqBmy//FFUhr2ZANSeOfnkUpJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZFMy9BMjJDODE0Q0My NzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhVVlNHdlprQTFKNDUtZVJT a2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2taLW9HYkxfOFVWU0d2WmtBMUo0NS1lUlNray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjZFMy9BMjJDODE0Q0MyNzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhV VlNHdlprQTFKNDUtZVJTa2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgQ5u7n0DvAY3+TTxOVHNK8V+ZTXSwSxnB2XdticbEubWw4lP2O36H CmFtH0Z+UBHxItatfY3ADlgXVVuQnYdsprVbUTWv0Uq6f5oWDR1yzA7mA3R4QHn6 1uyHanjl0l5cWHiOq1NsqSvm77fW6eqwEPSmUsg9vpbteevG9rs6mC4x9Z5xBQgJ xnCGQUpXmli6JyLGWlFwiwwFkE7JmtS0jAQG9YtBnLRmwDatPwoNJ/nttn/9z68s ojf0eJY2X3H8uhPSvqZuvJra6R27qih3g+CbtxvonUBPNbg4Ul4zF3SYcNPcQbfL PD8/e5WVPj/n3XbRknOppdW+f02w1Jzh -----END CERTIFICATE-----Generated at Tue Nov 4 08:29:01 2025 by rpki-client