$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft File: 3dzECt5nfyP4p5ukFo729r7wZcc.mft (raw, json) Hash identifier: LByC6B0t5gwVAWQJgKlZR5rT280yANZBe0npqj0B2f0= Subject key identifier: 02:8B:A1:1B:CD:E0:79:9B:D3:89:58:86:9E:2F:F6:C5:F3:D9:06:22 Authority key identifier: DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7 Certificate issuer: /CN=A91CB2E2/serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7 Certificate serial: 20 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft Manifest number: 1F Signing time: Mon 03 Nov 2025 07:46:11 +0000 Manifest this update: Mon 03 Nov 2025 07:46:10 +0000 Manifest next update: Mon 10 Nov 2025 07:46:10 +0000 Files and hashes: 1: 3dzECt5nfyP4p5ukFo729r7wZcc.crl (hash: 0ZewN1tg9rie8bQQplQTmxhW+To46llYAt3JwEoDupk=) 2: 240EF95E896311F0B911053BC4F9AE02.roa (hash: l/wARrq1lISnaNIca31Ucy5U5vcCEK4kZC3D4iFHaJ4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:46:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 32 (0x20) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB2E2, serialNumber=DDDCC40ADE677F23F8A79BA4168EF6F6BEF065C7 Validity Not Before: Nov 3 07:46:10 2025 GMT Not After : Nov 10 07:46:10 2025 GMT Subject: CN=69085dc2-9d09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:d6:38:da:e0:cb:f3:26:ee:a9:6b:6c:8e:c4: ec:82:e7:15:7f:8d:c8:d2:73:fd:ec:e1:47:d9:2b: 9e:5c:ed:ca:2b:a9:cc:9d:23:3a:b5:f7:b4:27:88: 97:18:ac:c9:e4:20:4c:f9:64:cd:09:cd:f5:04:ee: 7f:cf:7e:9b:63:b9:bd:00:1f:60:88:86:8f:c0:f0: 3f:b2:78:2b:42:f9:9c:82:e9:30:4b:12:f4:83:ed: 73:bb:97:e2:72:bd:c0:f2:3c:74:7c:de:fe:b9:7f: b6:ef:e3:72:0b:be:eb:18:14:61:74:9d:e2:40:27: 70:3f:97:c2:11:c6:9f:51:d7:d7:38:ea:91:46:2c: 9d:9f:0a:5f:5b:4f:31:db:c8:4c:df:b8:b2:e2:65: 28:25:a9:80:e2:43:9e:a9:de:48:88:d4:3c:c7:77: 06:03:e7:c2:fb:02:e6:ef:82:6b:cd:45:ef:b1:bc: ab:f4:ce:da:f8:88:c5:ba:87:6c:09:ff:8b:b1:d4: 06:9c:6c:65:55:6b:36:04:a3:7b:6a:4c:53:65:a5: aa:74:47:97:5e:1f:1d:54:fb:c8:8b:a7:56:5d:75: 10:7e:f2:60:55:cc:9c:97:f2:1c:48:8c:2f:e0:21: 0f:82:7b:e1:94:9d:a2:35:49:1f:65:d7:db:21:cf: c1:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:8B:A1:1B:CD:E0:79:9B:D3:89:58:86:9E:2F:F6:C5:F3:D9:06:22 X509v3 Authority Key Identifier: keyid:DD:DC:C4:0A:DE:67:7F:23:F8:A7:9B:A4:16:8E:F6:F6:BE:F0:65:C7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3dzECt5nfyP4p5ukFo729r7wZcc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB2E2/411C63B0895911F0BA65345DC4F9AE02/3dzECt5nfyP4p5ukFo729r7wZcc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 70:8d:90:8e:f5:9f:21:ec:cd:7d:c0:6f:82:73:86:1f:f1:85: 75:6a:34:8a:ab:ef:c3:d6:a2:fb:57:e9:75:c5:d1:0e:35:7a: 7e:67:f0:36:5d:50:a0:8f:47:99:68:3d:af:c7:fe:d1:48:9e: 8d:60:6e:f1:84:27:59:e7:89:15:18:b4:02:5c:a3:2d:20:18: 48:b6:23:ba:75:3d:41:8d:13:a5:01:fb:3c:de:bb:a7:73:f0: 8f:60:cb:b8:84:88:20:dc:7a:3f:c4:f5:a2:46:f8:7f:d5:9a: f9:f9:4a:8c:53:9b:a9:06:b0:b7:e0:27:f9:e9:2e:55:16:c8: 1a:c0:c7:ad:57:ff:1d:07:b1:35:58:3b:6b:4e:32:de:ce:da: a0:e8:d4:23:2d:0e:d5:ca:00:a1:5d:85:96:dd:7c:e1:0b:66: cd:ce:15:64:e5:63:9d:10:1b:dd:49:cc:51:1d:69:13:5b:f5: bd:08:9b:23:43:50:00:ec:03:b9:87:30:9c:07:a8:3e:e0:d8: ca:c7:9d:6e:3d:72:d2:6b:0c:e0:d4:72:d1:13:fd:aa:71:e1: 6d:bd:47:ad:c5:36:e8:64:ea:12:c8:6e:1c:1d:62:eb:91:64: fb:3e:a7:01:84:ac:52:35:34:45:cb:eb:53:ba:8e:ec:d9:78: ad:b8:49:7f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjJFMjExMC8GA1UEBRMoREREQ0M0MEFERTY3N0YyM0Y4QTc5QkE0MTY4RUY2RjZC RUYwNjVDNzAeFw0yNTExMDMwNzQ2MTBaFw0yNTExMTAwNzQ2MTBaMBgxFjAUBgNV BAMTDTY5MDg1ZGMyLTlkMDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCh1jja4MvzJu6pa2yOxOyC5xV/jcjSc/3s4UfZK55c7corqcydIzq197QniJcY rMnkIEz5ZM0JzfUE7n/Pfptjub0AH2CIho/A8D+yeCtC+ZyC6TBLEvSD7XO7l+Jy vcDyPHR83v65f7bv43ILvusYFGF0neJAJ3A/l8IRxp9R19c46pFGLJ2fCl9bTzHb yEzfuLLiZSglqYDiQ56p3kiI1DzHdwYD58L7AubvgmvNRe+xvKv0ztr4iMW6h2wJ /4ux1AacbGVVazYEo3tqTFNlpap0R5deHx1U+8iLp1ZddRB+8mBVzJyX8hxIjC/g IQ+Ce+GUnaI1SR9l19shz8FHAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAouhG83g eZvTiViGni/2xfPZBiIwHwYDVR0jBBgwFoAU3dzECt5nfyP4p5ukFo729r7wZccw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCMkUyLzQxMUM2M0IwODk1 OTExRjBCQTY1MzQ1REM0RjlBRTAyLzNkekVDdDVuZnlQNHA1dWtGbzcyOXI3d1pj Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvM2R6RUN0NW5meVA0cDV1a0ZvNzI5cjd3WmNjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC MkUyLzQxMUM2M0IwODk1OTExRjBCQTY1MzQ1REM0RjlBRTAyLzNkekVDdDVuZnlQ NHA1dWtGbzcyOXI3d1pjYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHCNkI71nyHszX3Ab4Jzhh/xhXVqNIqr78PWovtX6XXF0Q41en5n8DZd UKCPR5loPa/H/tFIno1gbvGEJ1nniRUYtAJcoy0gGEi2I7p1PUGNE6UB+zzeu6dz 8I9gy7iEiCDcej/E9aJG+H/Vmvn5SoxTm6kGsLfgJ/npLlUWyBrAx61X/x0HsTVY O2tOMt7O2qDo1CMtDtXKAKFdhZbdfOELZs3OFWTlY50QG91JzFEdaRNb9b0ImyND UADsA7mHMJwHqD7g2MrHnW49ctJrDODUctET/apx4W29R63FNuhk6hLIbhwdYuuR ZPs+pwGErFI1NEXL61O6juzZeK24SX8= -----END CERTIFICATE-----Generated at Mon Nov 3 18:06:57 2025 by rpki-client