$ rpki-client -vvf rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft File: kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft (raw, json) Hash identifier: C/DBumdQwRW+ooYbwekCiNulM5nAMSxRq79+1F2HFRA= Subject key identifier: 14:6A:E1:5D:91:48:96:73:4E:31:A4:AB:A3:57:EF:05:3E:8B:AA:AA Authority key identifier: 90:D9:9A:A8:D7:91:31:40:AF:AE:9E:E2:BF:EB:CD:A3:7B:A1:CD:28 Certificate issuer: /CN=A91C2875/serialNumber=90D99AA8D7913140AFAE9EE2BFEBCDA37BA1CD28 Certificate serial: 03B4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kNmaqNeRMUCvrp7iv-vNo3uhzSg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft Manifest number: 03AA Signing time: Mon 03 Nov 2025 00:40:25 +0000 Manifest this update: Mon 03 Nov 2025 00:40:24 +0000 Manifest next update: Mon 10 Nov 2025 00:40:24 +0000 Files and hashes: 1: kNmaqNeRMUCvrp7iv-vNo3uhzSg.crl (hash: F+9fApOiNP6X08k0lEEsekoXcmPQZuF7vh10kez8V6Y=) 2: ABB1EE64B4ED11ECBA3D016FC4F9AE02.roa (hash: xHLevAzZuis8NnrBHZLDJf2yx7IF05dGBA1riYkWutY=) 3: 0E9CF77EBA6811EC8058A213C4F9AE02.roa (hash: /NRpEcDAXrkS/YDBwDOng+rHtIrpT7sCWxlP3Tbbtb4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.crl rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kNmaqNeRMUCvrp7iv-vNo3uhzSg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:40:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 948 (0x3b4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C2875, serialNumber=90D99AA8D7913140AFAE9EE2BFEBCDA37BA1CD28 Validity Not Before: Nov 3 00:40:24 2025 GMT Not After : Nov 10 00:40:24 2025 GMT Subject: CN=6907f9f8-211b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:66:e2:b0:00:37:b7:61:68:73:e5:2d:62:d8: ee:4e:ed:22:be:06:ed:9f:b0:a3:b7:bb:5e:32:2e: 82:b1:23:92:81:a0:be:39:6b:7d:93:2c:2c:f3:bc: 2d:71:03:c2:88:92:7b:f4:1b:29:98:5e:d8:7e:22: 9e:02:54:85:6a:d3:4d:f9:03:5f:7b:34:56:9e:fa: 12:db:9c:b9:01:f7:9b:b4:d7:2e:cf:8a:74:d6:13: e3:13:26:84:34:24:0f:ec:9a:52:30:ba:58:90:c0: 2d:93:c5:4c:38:73:24:b3:b8:8e:ca:c3:c7:11:10: fe:0b:cc:39:8c:a2:eb:ce:17:4d:2c:51:33:1b:c2: b1:aa:dc:34:ec:e5:d9:bb:26:dc:69:04:1c:19:9a: b5:01:c0:b7:44:0e:82:c5:22:f0:22:af:4d:b1:4f: f0:51:01:ab:74:3a:d6:01:77:64:bf:44:2c:16:13: 77:91:c8:c1:85:2b:71:36:58:08:b4:08:0c:b6:55: 04:7b:80:ea:c5:a2:1e:6f:60:fb:1c:ce:5a:2f:56: a3:07:9a:52:37:16:b2:3c:21:e7:76:c7:34:35:45: 4d:92:28:e1:aa:3f:ab:0b:c0:e1:35:99:a8:1d:6c: 1c:b9:53:7d:ff:77:fc:3f:52:f2:5d:86:92:fc:4b: fa:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 14:6A:E1:5D:91:48:96:73:4E:31:A4:AB:A3:57:EF:05:3E:8B:AA:AA X509v3 Authority Key Identifier: keyid:90:D9:9A:A8:D7:91:31:40:AF:AE:9E:E2:BF:EB:CD:A3:7B:A1:CD:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kNmaqNeRMUCvrp7iv-vNo3uhzSg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C2875/C25DE0E6B4E811EC980C4471C4F9AE02/kNmaqNeRMUCvrp7iv-vNo3uhzSg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:f9:07:02:4e:45:08:53:08:b8:7a:bf:11:d0:0a:ee:fd:49: 7e:35:aa:ea:6d:34:58:e1:c5:31:21:ec:5d:00:5a:7f:ce:62: 3b:bd:14:3f:98:d7:68:3b:ad:11:06:24:d4:5f:a7:cc:96:22: 65:a4:2b:c3:e9:a8:26:e1:9b:0e:74:14:4f:c3:7d:e9:3d:43: 5b:a8:93:0b:81:5d:6d:88:06:2d:0c:1e:03:d2:04:87:6f:bd: e2:6e:32:1e:0b:b7:48:80:25:c0:21:b5:a6:8b:68:a4:c5:21: 28:95:2a:d6:2d:7a:1f:c9:1f:13:80:1e:5f:94:65:a4:64:f7: 28:93:a4:0b:94:72:b8:01:4e:92:69:7e:30:05:e8:63:8a:ea: 50:d7:59:b4:2d:fb:fe:e6:b0:c4:4a:19:60:6c:99:e9:71:f4: f7:d4:29:4b:1f:1d:72:2f:c6:1a:e0:01:6b:77:06:fe:4d:0d: b9:f7:61:e8:c8:44:9d:d6:f2:f0:c0:b3:d3:8a:04:b0:a9:85: 6e:1f:0a:c3:de:24:25:3d:0e:16:31:1c:b9:95:4f:23:00:26: d6:26:4e:45:4e:1d:a0:6c:35:ed:dd:ff:c6:cf:48:10:cd:24: 2f:cd:1c:dc:56:a8:d3:ad:41:20:37:48:af:ac:79:27:06:9b: 75:0b:c9:94 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzI4NzUxMTAvBgNVBAUTKDkwRDk5QUE4RDc5MTMxNDBBRkFFOUVFMkJGRUJDREEz N0JBMUNEMjgwHhcNMjUxMTAzMDA0MDI0WhcNMjUxMTEwMDA0MDI0WjAYMRYwFAYD VQQDEw02OTA3ZjlmOC0yMTFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAombisAA3t2Foc+UtYtjuTu0ivgbtn7Cjt7teMi6CsSOSgaC+OWt9kyws87wt cQPCiJJ79BspmF7YfiKeAlSFatNN+QNfezRWnvoS25y5AfebtNcuz4p01hPjEyaE NCQP7JpSMLpYkMAtk8VMOHMks7iOysPHERD+C8w5jKLrzhdNLFEzG8Kxqtw07OXZ uybcaQQcGZq1AcC3RA6CxSLwIq9NsU/wUQGrdDrWAXdkv0QsFhN3kcjBhStxNlgI tAgMtlUEe4DqxaIeb2D7HM5aL1ajB5pSNxayPCHndsc0NUVNkijhqj+rC8DhNZmo HWwcuVN9/3f8P1LyXYaS/Ev6KQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBRq4V2R SJZzTjGkq6NX7wU+i6qqMB8GA1UdIwQYMBaAFJDZmqjXkTFAr66e4r/rzaN7oc0o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDMjg3NS9DMjVERTBFNkI0 RTgxMUVDOTgwQzQ0NzFDNEY5QUUwMi9rTm1hcU5lUk1VQ3ZycDdpdi12Tm8zdWh6 U2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tObWFxTmVSTVVDdnJwN2l2LXZObzN1aHpTZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Mjg3NS9DMjVERTBFNkI0RTgxMUVDOTgwQzQ0NzFDNEY5QUUwMi9rTm1hcU5lUk1V Q3ZycDdpdi12Tm8zdWh6U2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCn+QcCTkUIUwi4er8R0Aru/Ul+NarqbTRY4cUxIexdAFp/zmI7vRQ/ mNdoO60RBiTUX6fMliJlpCvD6agm4ZsOdBRPw33pPUNbqJMLgV1tiAYtDB4D0gSH b73ibjIeC7dIgCXAIbWmi2ikxSEolSrWLXofyR8TgB5flGWkZPcok6QLlHK4AU6S aX4wBehjiupQ11m0Lfv+5rDEShlgbJnpcfT31ClLHx1yL8Ya4AFrdwb+TQ2592Ho yESd1vLwwLPTigSwqYVuHwrD3iQlPQ4WMRy5lU8jACbWJk5FTh2gbDXt3f/Gz0gQ zSQvzRzcVqjTrUEgN0ivrHknBpt1C8mU -----END CERTIFICATE-----Generated at Tue Nov 4 04:12:48 2025 by rpki-client