$ rpki-client -vvf rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft File: IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft (raw, json) Hash identifier: SKNXK99859TlOhDziHA1oufqJRl8TBoUad92E2gMwzA= Subject key identifier: DC:0D:EB:2D:93:26:AE:1F:7A:A8:AB:58:59:63:01:90:69:D9:90:7F Authority key identifier: 21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 Certificate issuer: /CN=A91C53FD/serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Certificate serial: 0123 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft Manifest number: 0120 Signing time: Mon 03 Nov 2025 04:44:27 +0000 Manifest this update: Mon 03 Nov 2025 04:44:26 +0000 Manifest next update: Mon 10 Nov 2025 04:44:26 +0000 Files and hashes: 1: IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl (hash: g46iFmiy/PpgtMf+AwhdXExsBkOpWJCKKTKPgip/GKM=) 2: B15E8BECFF3211EEA8607454C4F9AE02.roa (hash: rdcsVeSD/0uRXsupB+gdsyd8ZZ4QY82jQKGKV8TuBBs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 04:44:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 291 (0x123) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C53FD, serialNumber=21934198E8331061D275B8CFC79458D32FABD6C9 Validity Not Before: Nov 3 04:44:26 2025 GMT Not After : Nov 10 04:44:26 2025 GMT Subject: CN=6908332a-e349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3d:69:09:83:36:66:ae:cd:0f:95:b0:21:ba: 7e:07:4d:7e:80:a8:80:47:71:3e:0d:bf:83:7d:01: a0:86:a6:1a:ec:b7:81:e8:0e:66:bb:32:bc:74:e4: 04:28:13:1f:ab:35:ed:bf:c8:76:f2:94:c4:01:32: f8:c2:c8:80:64:b1:42:d6:32:c8:c9:00:e9:ac:8d: f6:7b:4a:8b:79:d6:34:44:80:d6:ed:dc:ca:1d:54: e8:45:4c:89:bb:57:d4:48:1b:e7:e1:b8:9a:9f:5b: 24:48:70:e0:f8:e1:b1:df:2b:87:e6:d6:d1:12:c4: a1:97:00:ae:e5:aa:77:75:71:ea:1a:3f:1d:3b:35: a0:3e:9e:4a:00:27:a1:5b:e9:f1:ea:9e:b6:ad:ae: 78:70:34:ef:83:0f:46:2a:13:86:9c:1a:7e:95:97: c6:69:6c:0b:6e:30:75:db:d6:6b:79:c3:89:c4:62: ec:d3:8b:cd:64:1d:5c:1a:a6:35:93:4b:f2:4d:33: f2:03:98:80:91:a4:4d:5a:c7:ed:82:6f:c0:b1:3e: 4e:c6:41:e3:f2:2f:ec:b1:3a:28:f9:4d:a8:04:5a: 45:94:f7:34:32:44:88:03:45:9e:03:6d:78:da:dc: 39:6c:d2:cb:55:69:8c:3b:3c:1e:6a:39:8e:8f:6a: a8:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:0D:EB:2D:93:26:AE:1F:7A:A8:AB:58:59:63:01:90:69:D9:90:7F X509v3 Authority Key Identifier: keyid:21:93:41:98:E8:33:10:61:D2:75:B8:CF:C7:94:58:D3:2F:AB:D6:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IZNBmOgzEGHSdbjPx5RY0y-r1sk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C53FD/688E57EEFF3211EEA55D8E53C4F9AE02/IZNBmOgzEGHSdbjPx5RY0y-r1sk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:0f:8b:fd:2f:c6:c6:b1:76:c1:19:62:50:51:62:88:38:ce: e8:e3:b3:a7:77:02:11:c6:24:82:f1:f6:cc:7c:45:58:77:4b: 23:88:92:9d:5a:8a:c8:a1:19:ad:aa:a0:cf:57:ac:c8:67:a8: 7f:3e:bc:4f:e4:37:61:6d:29:cd:10:c5:b4:96:c5:ba:07:16: ce:44:8a:e2:9e:df:a1:3d:84:32:7d:69:80:af:c6:64:cb:96: 4b:3c:c1:84:64:0b:74:fc:e5:91:6f:d8:25:28:e3:5f:33:82: 16:a3:1f:09:94:e3:c1:a8:a0:48:5f:a7:cd:a0:3f:3e:52:0e: 2f:2a:aa:c6:24:8f:61:70:d8:b2:05:43:f6:f9:07:cc:27:58: 92:b1:c9:cf:a9:52:33:18:4a:5a:8b:42:8b:5f:59:a5:ad:08: 71:bd:be:7f:e7:c4:93:44:63:d5:da:ae:af:53:ee:0e:48:5c: 2e:9a:8a:78:55:49:d2:d6:9a:4c:24:de:34:d0:26:fa:ea:33: 19:18:0f:2a:90:cc:fe:6e:d3:ac:96:08:e5:c5:c9:ef:7b:e3: 19:da:5d:14:7d:e9:77:06:6a:f3:15:29:9b:3a:86:6d:03:73: 5d:7e:5e:0e:05:f0:5d:d8:4c:e0:b6:f5:22:26:3c:fb:a1:8d: c7:c7:0f:57 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUzRkQxMTAvBgNVBAUTKDIxOTM0MTk4RTgzMzEwNjFEMjc1QjhDRkM3OTQ1OEQz MkZBQkQ2QzkwHhcNMjUxMTAzMDQ0NDI2WhcNMjUxMTEwMDQ0NDI2WjAYMRYwFAYD VQQDEw02OTA4MzMyYS1lMzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvT1pCYM2Zq7ND5WwIbp+B01+gKiAR3E+Db+DfQGghqYa7LeB6A5muzK8dOQE KBMfqzXtv8h28pTEATL4wsiAZLFC1jLIyQDprI32e0qLedY0RIDW7dzKHVToRUyJ u1fUSBvn4bian1skSHDg+OGx3yuH5tbREsShlwCu5ap3dXHqGj8dOzWgPp5KACeh W+nx6p62ra54cDTvgw9GKhOGnBp+lZfGaWwLbjB129ZrecOJxGLs04vNZB1cGqY1 k0vyTTPyA5iAkaRNWsftgm/AsT5OxkHj8i/ssToo+U2oBFpFlPc0MkSIA0WeA214 2tw5bNLLVWmMOzweajmOj2qo3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNwN6y2T Jq4feqirWFljAZBp2ZB/MB8GA1UdIwQYMBaAFCGTQZjoMxBh0nW4z8eUWNMvq9bJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTNGRC82ODhFNTdFRUZG MzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVHSFNkYmpQeDVSWTB5LXIx c2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0laTkJtT2d6RUdIU2RialB4NVJZMHktcjFzay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTNGRC82ODhFNTdFRUZGMzIxMUVFQTU1RDhFNTNDNEY5QUUwMi9JWk5CbU9nekVH SFNkYmpQeDVSWTB5LXIxc2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCD4v9L8bGsXbBGWJQUWKIOM7o47OndwIRxiSC8fbMfEVYd0sjiJKd WorIoRmtqqDPV6zIZ6h/PrxP5DdhbSnNEMW0lsW6BxbORIrint+hPYQyfWmAr8Zk y5ZLPMGEZAt0/OWRb9glKONfM4IWox8JlOPBqKBIX6fNoD8+Ug4vKqrGJI9hcNiy BUP2+QfMJ1iSscnPqVIzGEpai0KLX1mlrQhxvb5/58STRGPV2q6vU+4OSFwumop4 VUnS1ppMJN400Cb66jMZGA8qkMz+btOslgjlxcnve+MZ2l0Ufel3BmrzFSmbOoZt A3Ndfl4OBfBd2EzgtvUiJjz7oY3Hxw9X -----END CERTIFICATE-----Generated at Mon Nov 3 18:19:28 2025 by rpki-client