$ rpki-client -vvf rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft File: zIQ-FAouPvvguUneDtgDg5BgVB0.mft (raw, json) Hash identifier: TgBMGM7o4NBjdMqPBbAs4+B4DKtIaKiL8VrXnw1Hkbg= Subject key identifier: B5:02:51:C6:C6:3D:39:13:EB:F7:FE:D6:66:8B:19:ED:ED:FE:A1:15 Authority key identifier: CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D Certificate issuer: /CN=A91C1A37/serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Certificate serial: 30FD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft Manifest number: 30E4 Signing time: Sun 02 Nov 2025 15:26:04 +0000 Manifest this update: Sun 02 Nov 2025 15:26:04 +0000 Manifest next update: Sun 09 Nov 2025 15:26:04 +0000 Files and hashes: 1: zIQ-FAouPvvguUneDtgDg5BgVB0.crl (hash: Vm4Mv9lCIXxeVbhj+to07Rx3HG/Eauawl7vLbd/AV18=) 2: C3F53A0654F011E7BE4A6431C4F9AE02.roa (hash: 54WI7bxOwof+H1Cz8+uPiLZ+tzpprbk2GuCnR0w5MUY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:26:03 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 12541 (0x30fd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C1A37, serialNumber=CC843E140A2E3EFBE0B949DE0ED803839060541D Validity Not Before: Nov 2 15:26:04 2025 GMT Not After : Nov 9 15:26:04 2025 GMT Subject: CN=6907780c-34fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:18:f1:22:a2:aa:3e:bb:7f:68:ea:04:92:00: d1:2e:3f:46:c5:d6:63:a9:fc:45:66:62:33:19:38: b0:61:19:68:ed:ae:25:21:48:50:b9:45:b5:6a:00: e6:9d:d1:24:6e:a4:49:1b:59:ad:1d:a5:72:17:0f: 8e:54:80:b5:d8:35:cf:5e:ef:92:ca:80:78:27:84: fd:bd:60:d6:11:c4:ca:04:f3:31:08:b4:98:ca:8d: ad:32:8e:83:43:7a:33:fb:a4:09:ca:21:1e:b2:6a: f5:09:6b:ed:85:75:33:d1:2c:44:68:9f:bc:51:57: ed:1e:7f:91:5a:55:87:b8:29:84:7c:7e:48:7c:15: 49:9b:03:6e:fa:b2:03:da:6e:85:01:1e:63:52:84: 18:0f:46:23:77:f8:7a:cc:03:27:3f:5d:db:c2:02: 9d:53:c0:4c:ac:4b:22:b6:84:5b:ba:4f:e3:8d:3d: 1d:17:b8:21:d0:fe:b3:83:b0:95:70:db:a8:63:4e: 73:17:52:e2:24:b9:57:12:94:e4:39:7d:10:79:10: b0:df:15:6d:d8:5a:a4:1a:dd:d0:7d:3c:12:ef:74: 04:b6:4d:f0:b8:4d:34:98:b0:c6:e4:35:c1:21:16: 30:09:f3:13:ec:7f:f2:2f:80:e6:0f:a4:00:50:b9: 53:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:02:51:C6:C6:3D:39:13:EB:F7:FE:D6:66:8B:19:ED:ED:FE:A1:15 X509v3 Authority Key Identifier: keyid:CC:84:3E:14:0A:2E:3E:FB:E0:B9:49:DE:0E:D8:03:83:90:60:54:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/zIQ-FAouPvvguUneDtgDg5BgVB0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C1A37/6868E028E7F011E28C2805845911EA32/zIQ-FAouPvvguUneDtgDg5BgVB0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:38:a9:9b:69:c8:a0:37:96:91:e8:4f:9b:de:53:4e:f9:c6: ce:82:39:f2:64:75:0e:4d:b8:16:22:71:20:fa:24:9c:41:59: 41:d4:2e:bd:c7:4b:f8:69:85:ff:bf:80:7a:b3:06:46:d5:a8: 9d:65:6f:94:cb:01:bd:74:db:a3:16:81:fd:08:4e:d3:a1:b6: 31:f7:f1:99:78:3a:99:c4:a3:0d:eb:4b:c9:54:ce:56:a9:bd: 7c:78:13:f9:c1:fa:de:fa:11:b9:ad:9a:a5:e5:c1:51:4e:65: 9a:5a:eb:16:c0:dd:c8:43:bf:a9:f2:12:b1:70:db:30:1d:79: 7e:b4:7a:86:d0:ad:41:82:91:e2:5b:90:cf:13:7a:c2:55:b2: 8f:59:b7:2d:88:a7:fc:64:22:97:fc:c6:55:30:65:46:e8:a3: 28:d8:5f:9f:96:43:89:cb:8d:f1:1b:98:50:7c:0a:00:d0:ba: f4:fc:25:68:33:44:58:2a:69:9e:41:c6:dd:8f:74:7e:0e:f1: 9e:7f:98:0c:2c:c9:d3:8a:ae:4c:bc:45:73:1b:25:c0:c8:6f: fa:ab:16:a6:3b:0f:8e:b3:21:b1:ed:77:9f:15:24:4f:c4:7c: 52:f0:64:16:28:da:1e:f9:08:0f:a0:bb:d0:3d:37:a3:3f:74: 55:ad:1a:29 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICMP0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzFBMzcxMTAvBgNVBAUTKENDODQzRTE0MEEyRTNFRkJFMEI5NDlERTBFRDgwMzgz OTA2MDU0MUQwHhcNMjUxMTAyMTUyNjA0WhcNMjUxMTA5MTUyNjA0WjAYMRYwFAYD VQQDEw02OTA3NzgwYy0zNGZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApxjxIqKqPrt/aOoEkgDRLj9GxdZjqfxFZmIzGTiwYRlo7a4lIUhQuUW1agDm ndEkbqRJG1mtHaVyFw+OVIC12DXPXu+SyoB4J4T9vWDWEcTKBPMxCLSYyo2tMo6D Q3oz+6QJyiEesmr1CWvthXUz0SxEaJ+8UVftHn+RWlWHuCmEfH5IfBVJmwNu+rID 2m6FAR5jUoQYD0Yjd/h6zAMnP13bwgKdU8BMrEsitoRbuk/jjT0dF7gh0P6zg7CV cNuoY05zF1LiJLlXEpTkOX0QeRCw3xVt2FqkGt3QfTwS73QEtk3wuE00mLDG5DXB IRYwCfMT7H/yL4DmD6QAULlTVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLUCUcbG PTkT6/f+1maLGe3t/qEVMB8GA1UdIwQYMBaAFMyEPhQKLj774LlJ3g7YA4OQYFQd MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMUEzNy82ODY4RTAyOEU3 RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2dmd1VW5lRHRnRGc1QmdW QjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3pJUS1GQW91UHZ2Z3VVbmVEdGdEZzVCZ1ZCMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD MUEzNy82ODY4RTAyOEU3RjAxMUUyOEMyODA1ODQ1OTExRUEzMi96SVEtRkFvdVB2 dmd1VW5lRHRnRGc1QmdWQjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHOKmbacigN5aR6E+b3lNO+cbOgjnyZHUOTbgWInEg+iScQVlB1C69 x0v4aYX/v4B6swZG1aidZW+UywG9dNujFoH9CE7TobYx9/GZeDqZxKMN60vJVM5W qb18eBP5wfre+hG5rZql5cFRTmWaWusWwN3IQ7+p8hKxcNswHXl+tHqG0K1BgpHi W5DPE3rCVbKPWbctiKf8ZCKX/MZVMGVG6KMo2F+flkOJy43xG5hQfAoA0Lr0/CVo M0RYKmmeQcbdj3R+DvGef5gMLMnTiq5MvEVzGyXAyG/6qxamOw+OsyGx7XefFSRP xHxS8GQWKNoe+QgPoLvQPTejP3RVrRop -----END CERTIFICATE-----Generated at Mon Nov 3 18:19:18 2025 by rpki-client