$ rpki-client -vvf rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft File: 2QDd8konYiv5ZDdX7byv-u4yHDc.mft (raw, json) Hash identifier: rRrHzYhbq004HoJje2Xe82qoROPUWGXWykw6FalrWgw= Subject key identifier: 4C:4E:57:57:D3:6C:6E:B7:AD:EE:E2:9C:11:B7:4C:BF:39:D5:C5:05 Authority key identifier: D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 Certificate issuer: /CN=A91C7773/serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Certificate serial: 0EB7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft Manifest number: 0E9C Signing time: Sun 02 Nov 2025 17:43:33 +0000 Manifest this update: Sun 02 Nov 2025 17:43:32 +0000 Manifest next update: Sun 09 Nov 2025 17:43:32 +0000 Files and hashes: 1: 2QDd8konYiv5ZDdX7byv-u4yHDc.crl (hash: LqYgza86YuhdQgdTo0atjM+PsThcSVYxodls7MPdvAw=) 2: A47D2EC84C1E11EEBA8CDB4BC4F9AE02.roa (hash: k08HrzQA4orJaDMpNJ4cYiGD96bVzWAF2REZWm3ObQ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:43:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3767 (0xeb7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C7773, serialNumber=D900DDF24A27622BF9643757EDBCAFFAEE321C37 Validity Not Before: Nov 2 17:43:32 2025 GMT Not After : Nov 9 17:43:32 2025 GMT Subject: CN=69079845-8590 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:6d:bd:c0:7a:fb:03:80:5c:39:ad:a8:37:8c: d9:9f:de:5f:12:db:fa:44:0d:9d:99:d7:a7:88:1b: 2d:aa:6a:c2:b8:dc:73:4b:f0:3c:a7:c2:4f:1e:b2: b5:b7:ee:a4:b1:04:c4:35:13:b2:6a:ca:9a:b2:cb: 04:18:26:60:e8:1a:a2:10:62:68:c0:47:cd:17:c9: fd:55:1e:4b:dc:1c:60:d8:90:ce:82:7e:75:cb:c0: 02:c8:e3:df:7b:ba:09:51:59:8c:f0:45:ec:2c:c6: 01:95:cf:00:a4:a6:48:0b:0a:28:be:7d:ec:bf:09: 9f:10:62:e6:1d:3c:0a:38:a4:f7:08:b5:c4:da:c2: 18:36:7d:ba:f5:d6:6e:20:6d:58:d2:25:b4:86:aa: 41:2c:22:a7:cc:37:e4:91:82:b7:49:a0:3b:4f:92: 92:04:d7:45:4f:1c:5f:f1:26:3c:c5:7a:71:4b:3b: 2d:61:82:53:63:31:8f:97:38:47:4b:12:91:1e:b4: d0:90:3a:66:fa:2d:cd:4b:e1:96:b0:84:57:72:35: b7:49:f2:8d:c5:c8:20:f1:2f:56:e8:75:58:84:02: be:c4:fe:08:ff:c1:18:f5:c8:71:8d:16:c8:f8:bb: 4e:00:c6:d0:84:d5:74:30:5a:50:ec:69:a5:dd:9f: b7:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4C:4E:57:57:D3:6C:6E:B7:AD:EE:E2:9C:11:B7:4C:BF:39:D5:C5:05 X509v3 Authority Key Identifier: keyid:D9:00:DD:F2:4A:27:62:2B:F9:64:37:57:ED:BC:AF:FA:EE:32:1C:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QDd8konYiv5ZDdX7byv-u4yHDc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C7773/AD32237CA2E811E9BAE78D47C4F9AE02/2QDd8konYiv5ZDdX7byv-u4yHDc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:c8:2d:eb:27:79:74:ef:d7:d2:88:54:0a:d0:4c:6f:5e:94: 6c:9a:60:db:94:96:ca:02:f1:9f:d1:b4:10:a3:7e:b1:3f:68: 5a:15:cd:aa:fd:13:0a:06:ac:ad:89:12:7f:f2:f2:59:61:07: e5:fd:3b:37:dd:f8:65:27:73:ad:86:60:01:84:f2:3e:32:1b: cb:1b:58:6c:aa:8d:bc:4a:7b:fb:6e:a1:8e:6b:50:1e:bc:8b: 50:e4:1c:ac:00:e0:da:ef:50:dc:b0:1f:3e:59:08:aa:ea:ab: 53:94:fb:c7:58:49:1a:ff:de:21:75:75:13:30:5a:47:6c:f0: 99:b5:2d:f8:12:bd:d0:bd:f5:cd:10:ad:d4:6e:fe:21:0c:9b: 59:c0:78:18:b3:bb:fb:a4:1f:cf:a0:af:e9:8e:a5:f9:34:7e: 66:d0:f9:55:58:a5:85:37:82:bc:fa:e6:6d:49:01:23:3f:2b: a5:03:03:6c:9a:fd:52:d6:1d:b0:fe:6c:aa:6c:e7:35:bb:b7: 56:55:cf:8a:ec:19:3b:6f:6a:d6:63:00:ce:d4:11:b0:4a:0c: d3:85:10:02:28:d2:34:b5:25:1c:ad:81:89:e5:b7:cd:86:52: 8c:87:89:98:57:dd:93:2d:59:82:0e:4a:ba:fa:b6:01:75:1d: f6:b5:7d:ca -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDrcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzc3NzMxMTAvBgNVBAUTKEQ5MDBEREYyNEEyNzYyMkJGOTY0Mzc1N0VEQkNBRkZB RUUzMjFDMzcwHhcNMjUxMTAyMTc0MzMyWhcNMjUxMTA5MTc0MzMyWjAYMRYwFAYD VQQDEw02OTA3OTg0NS04NTkwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtW29wHr7A4BcOa2oN4zZn95fEtv6RA2dmdeniBstqmrCuNxzS/A8p8JPHrK1 t+6ksQTENROyasqasssEGCZg6BqiEGJowEfNF8n9VR5L3Bxg2JDOgn51y8ACyOPf e7oJUVmM8EXsLMYBlc8ApKZICwoovn3svwmfEGLmHTwKOKT3CLXE2sIYNn269dZu IG1Y0iW0hqpBLCKnzDfkkYK3SaA7T5KSBNdFTxxf8SY8xXpxSzstYYJTYzGPlzhH SxKRHrTQkDpm+i3NS+GWsIRXcjW3SfKNxcgg8S9W6HVYhAK+xP4I/8EY9chxjRbI +LtOAMbQhNV0MFpQ7Gml3Z+3YwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFExOV1fT bG63re7inBG3TL851cUFMB8GA1UdIwQYMBaAFNkA3fJKJ2Ir+WQ3V+28r/ruMhw3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNzc3My9BRDMyMjM3Q0Ey RTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllpdjVaRGRYN2J5di11NHlI RGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRRGQ4a29uWWl2NVpEZFg3Ynl2LXU0eUhEYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Nzc3My9BRDMyMjM3Q0EyRTgxMUU5QkFFNzhENDdDNEY5QUUwMi8yUURkOGtvbllp djVaRGRYN2J5di11NHlIRGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFyC3rJ3l079fSiFQK0ExvXpRsmmDblJbKAvGf0bQQo36xP2haFc2q /RMKBqytiRJ/8vJZYQfl/Ts33fhlJ3OthmABhPI+MhvLG1hsqo28Snv7bqGOa1Ae vItQ5BysAODa71DcsB8+WQiq6qtTlPvHWEka/94hdXUTMFpHbPCZtS34Er3QvfXN EK3Ubv4hDJtZwHgYs7v7pB/PoK/pjqX5NH5m0PlVWKWFN4K8+uZtSQEjPyulAwNs mv1S1h2w/myqbOc1u7dWVc+K7Bk7b2rWYwDO1BGwSgzThRACKNI0tSUcrYGJ5bfN hlKMh4mYV92TLVmCDkq6+rYBdR32tX3K -----END CERTIFICATE-----Generated at Mon Nov 3 18:19:57 2025 by rpki-client