$ rpki-client -vvf rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft File: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft (raw, json) Hash identifier: m04IGSd43uREIRBSh6s7rbdy5ZirAWyWzSnVKANpvfw= Subject key identifier: 1A:E2:93:85:87:19:C0:91:E5:95:F5:CB:89:A1:49:17:9F:03:7F:80 Authority key identifier: 66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A Certificate issuer: /CN=A91C146D/serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Certificate serial: 85 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft Manifest number: 7F Signing time: Fri 07 Nov 2025 02:08:16 +0000 Manifest this update: Fri 07 Nov 2025 02:08:15 +0000 Manifest next update: Fri 14 Nov 2025 02:08:15 +0000 Files and hashes: 1: Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl (hash: SATvuVMp9nApO1YpTxeOgnS21hTJ8SMdGHBKie7SHL0=) 2: 992A7358004211F0AC90656CC4F9AE02.roa (hash: 6uK19EDHQqPyaVVXXtHQJXfGGnOJLngyIEFvwQHYfKo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 14 Nov 2025 02:08:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 133 (0x85) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C146D, serialNumber=664E59A000B91E72F803E6D86841154C8056B88A Validity Not Before: Nov 7 02:08:15 2025 GMT Not After : Nov 14 02:08:15 2025 GMT Subject: CN=690d5490-cd2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9b:04:34:c3:fa:3f:77:24:40:2b:ab:c7:15:7c: 0a:97:15:d7:78:ea:cb:d1:c5:2a:03:5a:db:c4:0f: 23:75:86:73:b1:33:fe:93:b1:67:66:07:32:da:2d: 46:c0:40:62:f3:f3:7f:69:54:34:c1:c9:e8:20:09: dd:46:15:65:68:71:31:24:f5:14:7c:1e:72:ca:c1: e2:21:c7:a0:ec:02:4d:f8:6b:e2:42:7a:3e:c2:d3: ab:ed:ff:17:a2:d8:d1:86:87:01:29:71:84:0e:c4: 42:73:34:05:81:e8:4e:e8:25:30:86:f7:62:5e:0c: bb:c9:03:4c:54:c0:06:47:d5:10:dd:e0:45:52:00: dd:ba:86:76:cf:3b:84:33:9a:bd:4b:cc:4f:87:13: 1a:d5:27:75:16:1a:20:d8:39:58:c3:6d:9f:49:24: e6:04:4c:b6:cf:3e:e9:3e:64:e7:69:00:9e:6d:f8: dd:ce:93:d6:f1:17:00:fb:c1:7d:96:6b:f1:8a:39: db:be:db:2c:c5:43:bd:54:31:8f:30:04:03:52:60: ad:d7:12:32:bd:df:0c:ac:7c:40:31:1f:aa:62:36: 95:6b:32:0f:ae:53:11:34:6b:68:78:d4:44:be:91: 93:74:72:d5:c1:98:3a:b1:13:22:17:ba:ae:2f:e5: c8:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1A:E2:93:85:87:19:C0:91:E5:95:F5:CB:89:A1:49:17:9F:03:7F:80 X509v3 Authority Key Identifier: keyid:66:4E:59:A0:00:B9:1E:72:F8:03:E6:D8:68:41:15:4C:80:56:B8:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C146D/ECB00B42003711F0BBD72475C4F9AE02/Zk5ZoAC5HnL4A-bYaEEVTIBWuIo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:ba:9e:d6:18:6c:93:f9:a2:6e:26:fa:66:69:5f:f0:85:eb: 34:bb:f2:2b:f6:bc:80:40:d8:45:9d:6e:bf:36:b5:24:c0:0a: 20:11:95:f4:f7:95:e2:36:17:3a:bb:a7:36:4f:64:75:40:f2: 17:d4:ac:00:cc:18:c6:99:1a:40:99:ea:21:66:a6:12:4c:98: b1:e3:8b:94:0e:a2:83:34:97:ef:6e:60:b6:e4:1e:75:5f:79: a8:ef:ab:7c:2f:86:10:23:3e:dd:37:b7:84:b1:8e:b3:47:c6: 33:48:b6:f7:e2:ca:95:05:69:db:f8:89:fb:0f:aa:09:32:49: 8b:6c:77:8e:23:3e:d8:f8:54:b7:6f:1c:08:a5:18:ff:e6:39: 60:bb:62:4f:22:2a:35:56:af:70:14:48:0a:b3:bb:57:ac:ac: 06:3d:ba:9d:d1:1b:78:5a:79:c6:87:3a:a0:bc:f0:70:ab:e2: c0:88:90:4c:dd:01:18:94:c2:ad:d7:7f:53:99:73:39:d8:f9: 81:a6:b4:f9:2e:6d:a6:1d:66:2c:1c:5e:6f:7a:55:7d:a1:77: ba:47:af:ed:6a:d4:46:9f:b1:76:d3:0a:b6:e1:49:a9:70:79: 02:78:ab:2b:92:d7:f6:45:2c:a5:81:74:a0:10:6d:e6:5d:e9: d9:da:fa:8f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzE0NkQxMTAvBgNVBAUTKDY2NEU1OUEwMDBCOTFFNzJGODAzRTZEODY4NDExNTRD ODA1NkI4OEEwHhcNMjUxMTA3MDIwODE1WhcNMjUxMTE0MDIwODE1WjAYMRYwFAYD VQQDEw02OTBkNTQ5MC1jZDJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAmwQ0w/o/dyRAK6vHFXwKlxXXeOrL0cUqA1rbxA8jdYZzsTP+k7FnZgcy2i1G wEBi8/N/aVQ0wcnoIAndRhVlaHExJPUUfB5yysHiIceg7AJN+GviQno+wtOr7f8X otjRhocBKXGEDsRCczQFgehO6CUwhvdiXgy7yQNMVMAGR9UQ3eBFUgDduoZ2zzuE M5q9S8xPhxMa1Sd1Fhog2DlYw22fSSTmBEy2zz7pPmTnaQCebfjdzpPW8RcA+8F9 lmvxijnbvtssxUO9VDGPMAQDUmCt1xIyvd8MrHxAMR+qYjaVazIPrlMRNGtoeNRE vpGTdHLVwZg6sRMiF7quL+XIQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBrik4WH GcCR5ZX1y4mhSRefA3+AMB8GA1UdIwQYMBaAFGZOWaAAuR5y+APm2GhBFUyAVriK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMTQ2RC9FQ0IwMEI0MjAw MzcxMUYwQkJENzI0NzVDNEY5QUUwMi9aazVab0FDNUhuTDRBLWJZYUVFVlRJQld1 SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1prNVpvQUM1SG5MNEEtYllhRUVWVElCV3VJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MTQ2RC9FQ0IwMEI0MjAwMzcxMUYwQkJENzI0NzVDNEY5QUUwMi9aazVab0FDNUhu TDRBLWJZYUVFVlRJQld1SW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACup7WGGyT+aJuJvpmaV/whes0u/Ir9ryAQNhFnW6/NrUkwAogEZX0 95XiNhc6u6c2T2R1QPIX1KwAzBjGmRpAmeohZqYSTJix44uUDqKDNJfvbmC25B51 X3mo76t8L4YQIz7dN7eEsY6zR8YzSLb34sqVBWnb+In7D6oJMkmLbHeOIz7Y+FS3 bxwIpRj/5jlgu2JPIio1Vq9wFEgKs7tXrKwGPbqd0Rt4WnnGhzqgvPBwq+LAiJBM 3QEYlMKt139TmXM52PmBprT5Lm2mHWYsHF5velV9oXe6R6/tatRGn7F20wq24Ump cHkCeKsrktf2RSylgXSgEG3mXenZ2vqP -----END CERTIFICATE-----Generated at Fri Nov 7 17:04:54 2025 by rpki-client