$ rpki-client -vvf rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft File: x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft (raw, json) Hash identifier: DStn6ssNbp+7A5KWzuOaiHs3TcrZIgsOApUjzk1cYJM= Subject key identifier: D4:78:A8:5C:FC:A6:B1:3C:F7:EF:F4:C5:FA:B6:9D:DF:2D:B1:0E:2D Authority key identifier: C7:CF:94:3E:3A:76:4F:37:C0:03:CD:43:5A:2B:85:43:BC:E4:76:09 Certificate issuer: /CN=A91C85E9/serialNumber=C7CF943E3A764F37C003CD435A2B8543BCE47609 Certificate serial: 11EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft Manifest number: 11E5 Signing time: Tue 04 Nov 2025 17:15:25 +0000 Manifest this update: Tue 04 Nov 2025 17:15:24 +0000 Manifest next update: Tue 11 Nov 2025 17:15:24 +0000 Files and hashes: 1: x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl (hash: HTH50oMapLxWzmNryX+lzVcJWFxJvxeZXVYGIgMibW0=) 2: 8446564EF96611E8BE431B17C4F9AE02.roa (hash: S4PonvpkLuqmrbtgnv8T9QMFORQi4oK8GF7Qf1Ow3ok=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:15:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4591 (0x11ef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C85E9, serialNumber=C7CF943E3A764F37C003CD435A2B8543BCE47609 Validity Not Before: Nov 4 17:15:24 2025 GMT Not After : Nov 11 17:15:24 2025 GMT Subject: CN=690a34ad-bb41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:b5:d1:37:9a:4f:4b:95:c3:4f:e5:da:dc:5f: 45:93:4d:fc:be:79:ea:ed:d2:b1:90:ef:87:92:1d: 21:62:f2:61:49:db:ba:60:68:b4:50:6c:13:78:d5: 3e:44:75:83:59:e0:f6:74:cf:43:f0:40:58:bd:fa: da:f2:de:e9:cf:7c:9c:be:52:0d:c2:a4:95:fe:23: b1:33:e4:f5:8b:21:da:a4:69:1a:46:2c:93:12:55: fd:d9:92:ab:86:69:a5:82:a1:75:07:d9:fd:c7:a8: 88:9a:79:57:a7:7b:9f:73:17:59:82:7c:10:d6:a2: aa:64:b7:ce:ba:be:52:80:1e:7c:c7:5c:c7:92:a6: b6:5c:b4:c9:c0:d6:cd:4c:10:4f:ae:af:eb:b1:5d: 29:8b:3c:e5:9c:fe:14:23:44:d9:47:4e:53:da:03: 8f:e0:79:2a:90:0d:d1:17:7c:da:20:a9:86:01:15: 0d:fb:77:6f:23:0d:93:7f:2a:e0:f5:13:de:4b:92: 66:b2:18:e9:11:8d:ab:c2:a9:54:ad:62:87:c0:de: 3b:d9:ce:6b:44:1a:6e:45:5a:c9:fa:31:ae:e1:cb: d0:32:9b:d5:8f:61:08:c5:32:b1:0c:7f:f0:0c:9c: 64:ed:fa:40:0b:3e:25:5e:f7:74:f7:92:e6:3e:88: 77:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:78:A8:5C:FC:A6:B1:3C:F7:EF:F4:C5:FA:B6:9D:DF:2D:B1:0E:2D X509v3 Authority Key Identifier: keyid:C7:CF:94:3E:3A:76:4F:37:C0:03:CD:43:5A:2B:85:43:BC:E4:76:09 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/x8-UPjp2TzfAA81DWiuFQ7zkdgk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C85E9/082538ECF96511E8BC052411C4F9AE02/x8-UPjp2TzfAA81DWiuFQ7zkdgk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 06:a1:3d:47:9b:ac:7c:81:53:8f:68:72:84:84:13:df:1c:e7: 91:d9:05:58:31:c7:1e:1b:79:a8:5b:b8:28:73:51:27:f7:f9: d2:28:f8:66:91:28:b7:fb:d9:e9:64:27:c6:31:aa:b4:91:3d: 0d:54:f5:1c:e7:ee:27:12:f0:05:bd:ca:56:a4:a6:da:46:3e: fd:69:5c:a3:d0:e0:c3:17:ab:f8:0c:b1:5b:8d:48:b2:a3:6d: a8:34:24:08:e1:ea:6b:71:2c:1a:9d:40:50:ec:ed:6e:df:a4: a2:62:cb:0c:e0:12:2b:1c:cf:4a:d2:d7:b2:7e:12:e1:f4:d4: 10:e2:0b:7e:7f:14:b1:47:b5:92:28:6a:61:9e:8c:93:c1:ae: 32:d8:0e:f9:2a:e1:69:d7:6d:5d:c5:5f:b4:b6:70:d6:65:b7: 33:72:83:f6:c8:7d:de:0f:ee:bc:bd:10:31:05:46:da:b9:53: 41:83:94:d4:b2:1c:0e:2c:2e:a5:7e:e2:f0:99:4b:98:90:c4: e3:d9:b2:75:ca:99:b9:1a:77:1c:63:ef:81:c5:af:a3:79:f5: 0c:f7:44:b0:e3:98:2b:5b:08:c4:0b:dc:e1:de:0c:59:0a:db: 9e:19:13:5d:b2:b5:16:23:8d:72:d2:f8:50:c1:0b:78:72:93: df:f7:0e:83 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEe8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qzg1RTkxMTAvBgNVBAUTKEM3Q0Y5NDNFM0E3NjRGMzdDMDAzQ0Q0MzVBMkI4NTQz QkNFNDc2MDkwHhcNMjUxMTA0MTcxNTI0WhcNMjUxMTExMTcxNTI0WjAYMRYwFAYD VQQDEw02OTBhMzRhZC1iYjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtLXRN5pPS5XDT+Xa3F9Fk038vnnq7dKxkO+Hkh0hYvJhSdu6YGi0UGwTeNU+ RHWDWeD2dM9D8EBYvfra8t7pz3ycvlINwqSV/iOxM+T1iyHapGkaRiyTElX92ZKr hmmlgqF1B9n9x6iImnlXp3ufcxdZgnwQ1qKqZLfOur5SgB58x1zHkqa2XLTJwNbN TBBPrq/rsV0pizzlnP4UI0TZR05T2gOP4HkqkA3RF3zaIKmGARUN+3dvIw2Tfyrg 9RPeS5JmshjpEY2rwqlUrWKHwN472c5rRBpuRVrJ+jGu4cvQMpvVj2EIxTKxDH/w DJxk7fpACz4lXvd095LmPoh3FwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNR4qFz8 prE89+/0xfq2nd8tsQ4tMB8GA1UdIwQYMBaAFMfPlD46dk83wAPNQ1orhUO85HYJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDODVFOS8wODI1MzhFQ0Y5 NjUxMUU4QkMwNTI0MTFDNEY5QUUwMi94OC1VUGpwMlR6ZkFBODFEV2l1RlE3emtk Z2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3g4LVVQanAyVHpmQUE4MURXaXVGUTd6a2Rnay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD ODVFOS8wODI1MzhFQ0Y5NjUxMUU4QkMwNTI0MTFDNEY5QUUwMi94OC1VUGpwMlR6 ZkFBODFEV2l1RlE3emtkZ2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAGoT1Hm6x8gVOPaHKEhBPfHOeR2QVYMcceG3moW7goc1En9/nSKPhm kSi3+9npZCfGMaq0kT0NVPUc5+4nEvAFvcpWpKbaRj79aVyj0ODDF6v4DLFbjUiy o22oNCQI4eprcSwanUBQ7O1u36SiYssM4BIrHM9K0teyfhLh9NQQ4gt+fxSxR7WS KGphnoyTwa4y2A75KuFp121dxV+0tnDWZbczcoP2yH3eD+68vRAxBUbauVNBg5TU shwOLC6lfuLwmUuYkMTj2bJ1ypm5GnccY++Bxa+jefUM90Sw45grWwjEC9zh3gxZ CtueGRNdsrUWI41y0vhQwQt4cpPf9w6D -----END CERTIFICATE-----Generated at Wed Nov 5 17:02:23 2025 by rpki-client