$ rpki-client -vvf rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft File: jYqA7HIK5-1T_SED6OachVWtD4Y.mft (raw, json) Hash identifier: twIekAiJVR3sHSoy3bNpZJAVsLRPtCl0SgAWcVtEObY= Subject key identifier: 9A:8B:D8:3B:E9:8F:44:BF:B5:72:97:50:1B:B5:24:15:0E:C9:B2:30 Authority key identifier: 8D:8A:80:EC:72:0A:E7:ED:53:FD:21:03:E8:E6:9C:85:55:AD:0F:86 Certificate issuer: /CN=A91BECBA/serialNumber=8D8A80EC720AE7ED53FD2103E8E69C8555AD0F86 Certificate serial: DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft Manifest number: DA Signing time: Mon 03 Nov 2025 05:34:18 +0000 Manifest this update: Mon 03 Nov 2025 05:34:18 +0000 Manifest next update: Mon 10 Nov 2025 05:34:18 +0000 Files and hashes: 1: jYqA7HIK5-1T_SED6OachVWtD4Y.crl (hash: Skk6JORE8YbuxcmQzpK84ru1wvB0JfaVMo7PFsdZtkE=) 2: A0142C706B6611EF88C61580C4F9AE02.roa (hash: WL6knuhT+IT7g3hW2IRpH1KnEWqyPmGpIe/IXLQK6so=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.crl rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:34:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 220 (0xdc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BECBA, serialNumber=8D8A80EC720AE7ED53FD2103E8E69C8555AD0F86 Validity Not Before: Nov 3 05:34:18 2025 GMT Not After : Nov 10 05:34:18 2025 GMT Subject: CN=69083eda-d312 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:b2:a0:7c:c9:65:dc:cf:e7:cf:9d:ec:cf:1e: 76:a4:02:83:72:c9:15:1b:c5:12:b5:07:6c:56:c4: 98:49:17:c1:e7:ae:44:be:35:72:90:88:89:d4:0d: 51:4c:3f:58:11:b1:31:3c:f5:f4:97:24:23:32:07: 17:cc:58:ba:31:aa:24:7a:9d:15:76:fa:2e:62:d0: d7:3f:72:bb:ac:6d:1c:4a:33:1f:37:2a:83:0a:2c: 9e:81:cd:6b:a7:5a:42:02:96:db:e8:69:56:e7:17: 73:b2:94:74:b6:a5:b0:a8:1c:cc:2c:e4:a7:19:1d: 80:c1:87:15:b2:79:cf:e6:9c:81:60:27:95:83:b2: 4f:3f:47:d1:d0:0e:7d:1e:a6:8e:6f:3d:81:a8:e1: be:db:7a:9a:87:26:65:59:06:1b:fe:7e:49:bd:3d: 80:8a:91:a3:5e:c6:62:83:e4:0d:3a:c2:f7:35:9c: 2a:49:c1:bf:20:61:5a:fd:78:24:04:cb:85:53:45: 9e:da:13:e8:a6:13:a3:9a:95:69:87:c5:95:8b:c2: 68:90:05:b4:82:e9:0c:41:6f:aa:1f:d7:a2:bb:ec: 8a:67:2f:bf:1e:5a:93:d0:8e:a9:50:23:b4:60:5e: 8d:0f:1e:e5:0f:b1:44:43:4e:02:06:8e:f3:9b:72: 6d:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:8B:D8:3B:E9:8F:44:BF:B5:72:97:50:1B:B5:24:15:0E:C9:B2:30 X509v3 Authority Key Identifier: keyid:8D:8A:80:EC:72:0A:E7:ED:53:FD:21:03:E8:E6:9C:85:55:AD:0F:86 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/jYqA7HIK5-1T_SED6OachVWtD4Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BECBA/583E2B9A6B6511EFA857E80CC4F9AE02/jYqA7HIK5-1T_SED6OachVWtD4Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:01:33:67:44:04:a8:0b:c4:f3:ea:7a:bb:a1:8f:40:68:47: 1a:10:03:ef:de:10:cc:d4:84:eb:62:8a:bf:cf:de:70:8d:5c: b3:06:31:19:01:29:e1:09:db:74:a9:3c:fa:18:4a:87:f4:c0: fa:4c:c6:1f:22:d6:79:0f:6e:aa:ac:5c:54:1d:0c:56:a2:f5: fc:ff:8c:22:b9:54:35:94:ae:34:29:0b:61:3d:a6:dc:19:79: 6a:0e:32:ce:25:5f:0d:34:19:d5:97:e7:7e:60:d4:17:98:39: e5:f3:29:c7:03:09:3f:72:da:8f:db:3a:6c:80:bf:2e:eb:d5: 68:8c:d5:94:80:d2:c5:3e:61:cf:d1:00:d2:f9:fe:3a:a3:a0: 08:f0:01:46:56:ff:c2:9d:a6:70:c1:d8:8a:72:52:32:f6:1e: 50:32:8f:ff:05:d0:60:68:cd:05:56:c9:12:46:12:e3:fc:05: 71:15:ad:7e:df:ae:05:8e:e5:9b:d2:2b:f5:d7:8c:9a:bc:d4: 37:20:76:f3:b0:88:44:33:3c:d3:30:3c:a3:28:8f:ba:3e:25: 43:21:ff:10:0d:2c:20:47:98:00:33:fb:be:33:89:56:af:50: e8:f4:67:bf:15:43:be:e9:7e:e1:e6:c7:79:6d:e8:85:35:fd: 13:b6:24:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVDQkExMTAvBgNVBAUTKDhEOEE4MEVDNzIwQUU3RUQ1M0ZEMjEwM0U4RTY5Qzg1 NTVBRDBGODYwHhcNMjUxMTAzMDUzNDE4WhcNMjUxMTEwMDUzNDE4WjAYMRYwFAYD VQQDEw02OTA4M2VkYS1kMzEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt7KgfMll3M/nz53szx52pAKDcskVG8UStQdsVsSYSRfB565EvjVykIiJ1A1R TD9YEbExPPX0lyQjMgcXzFi6Maokep0VdvouYtDXP3K7rG0cSjMfNyqDCiyegc1r p1pCApbb6GlW5xdzspR0tqWwqBzMLOSnGR2AwYcVsnnP5pyBYCeVg7JPP0fR0A59 HqaObz2BqOG+23qahyZlWQYb/n5JvT2AipGjXsZig+QNOsL3NZwqScG/IGFa/Xgk BMuFU0We2hPophOjmpVph8WVi8JokAW0gukMQW+qH9eiu+yKZy+/HlqT0I6pUCO0 YF6NDx7lD7FEQ04CBo7zm3JtJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJqL2Dvp j0S/tXKXUBu1JBUOybIwMB8GA1UdIwQYMBaAFI2KgOxyCuftU/0hA+jmnIVVrQ+G MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUNCQS81ODNFMkI5QTZC NjUxMUVGQTg1N0U4MENDNEY5QUUwMi9qWXFBN0hJSzUtMVRfU0VENk9hY2hWV3RE NFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2pZcUE3SElLNS0xVF9TRUQ2T2FjaFZXdEQ0WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RUNCQS81ODNFMkI5QTZCNjUxMUVGQTg1N0U4MENDNEY5QUUwMi9qWXFBN0hJSzUt MVRfU0VENk9hY2hWV3RENFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKATNnRASoC8Tz6nq7oY9AaEcaEAPv3hDM1ITrYoq/z95wjVyzBjEZ ASnhCdt0qTz6GEqH9MD6TMYfItZ5D26qrFxUHQxWovX8/4wiuVQ1lK40KQthPabc GXlqDjLOJV8NNBnVl+d+YNQXmDnl8ynHAwk/ctqP2zpsgL8u69VojNWUgNLFPmHP 0QDS+f46o6AI8AFGVv/CnaZwwdiKclIy9h5QMo//BdBgaM0FVskSRhLj/AVxFa1+ 364FjuWb0iv114yavNQ3IHbzsIhEMzzTMDyjKI+6PiVDIf8QDSwgR5gAM/u+M4lW r1Do9Ge/FUO+6X7h5sd5beiFNf0TtiT2 -----END CERTIFICATE-----Generated at Mon Nov 3 18:15:07 2025 by rpki-client