$ rpki-client -vvf rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft File: tkP-swMnQhSPOvnDU5M41VSTcig.mft (raw, json) Hash identifier: 1E8hUfpi+m2V6bqUS5hDyK5IXNG2TqEd4TUROAhvhsI= Subject key identifier: BF:6F:CE:E6:F5:FA:3A:97:08:7D:72:25:2E:25:74:AA:17:92:56:6B Authority key identifier: B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 Certificate issuer: /CN=A91CD0DE/serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Certificate serial: 04 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft Manifest number: 03 Signing time: Fri 17 Oct 2025 11:58:56 +0000 Manifest this update: Fri 17 Oct 2025 11:58:56 +0000 Manifest next update: Fri 24 Oct 2025 11:58:56 +0000 Files and hashes: 1: tkP-swMnQhSPOvnDU5M41VSTcig.crl (hash: Qth6779WuHQJLKWLzBPVzEbq5gikMPHo2AsGp206TxA=) 2: 341BBBECA99411F093BBAA15C4F9AE02.roa (hash: TNOMyUTzIQDmtZMNg4RAepXI8EHziIAFioU9/cJC+ek=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 11:58:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4 (0x4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CD0DE, serialNumber=B643FEB3032742148F3AF9C3539338D554937228 Validity Not Before: Oct 17 11:58:56 2025 GMT Not After : Oct 24 11:58:56 2025 GMT Subject: CN=68f22f80-59ad Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:d3:e2:b7:5c:fe:0c:b9:60:3a:d2:ec:23:bf: fa:ad:72:8a:6a:60:6d:e8:a5:ab:ae:19:dc:c3:c2: 11:7d:7f:02:67:e5:79:3d:4d:5e:b6:00:81:e0:46: 49:2a:bc:03:ad:1b:44:7a:d5:b0:af:60:be:18:76: dd:fa:40:24:bf:93:89:6c:f4:03:6a:16:69:df:65: 62:eb:ec:bf:b9:1f:05:b4:cb:d2:eb:8e:15:97:d3: f9:4b:f6:61:ea:32:cc:ad:4d:57:77:c3:20:15:7f: 51:f3:18:3e:1e:98:04:9f:c1:9b:01:41:e8:ec:95: 5f:3e:77:d3:0d:4b:44:bd:ce:af:fb:dd:98:a8:97: 8b:05:84:52:d7:46:10:ad:1c:2a:78:de:ec:71:a0: b8:28:de:a1:17:02:93:ad:f3:b5:d2:35:81:c9:fe: ef:b0:87:c2:ca:62:58:8b:ec:31:bc:42:37:27:a7: a6:b9:a7:fa:f7:ac:97:ac:61:83:6b:e0:76:1c:f9: 3e:d1:81:b1:e2:f7:cc:0d:c3:a4:24:22:e1:c6:14: 59:9b:d1:75:5b:30:bb:f3:f5:03:a5:b7:a7:86:92: 03:26:6a:a6:81:e7:77:fd:c3:ba:4a:0b:61:47:90: 04:df:dd:ef:11:51:f2:09:aa:dc:5e:88:08:b5:b3: 36:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:6F:CE:E6:F5:FA:3A:97:08:7D:72:25:2E:25:74:AA:17:92:56:6B X509v3 Authority Key Identifier: keyid:B6:43:FE:B3:03:27:42:14:8F:3A:F9:C3:53:93:38:D5:54:93:72:28 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/tkP-swMnQhSPOvnDU5M41VSTcig.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CD0DE/4F769D58A98F11F0B1FA5066C4F9AE02/tkP-swMnQhSPOvnDU5M41VSTcig.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b6:aa:70:59:7d:7b:2c:a8:e1:ba:a9:45:ee:47:12:f6:14:d5: c7:ac:c7:fd:31:1f:b1:8b:54:1f:07:ee:5c:f4:8a:7e:b8:0f: 9b:54:ea:01:8b:47:03:af:5d:27:66:57:51:13:4e:4a:1a:86: d2:c3:d6:e9:20:cb:f2:31:c8:08:65:eb:d7:e1:ef:4a:7d:7d: ac:46:d3:ca:65:18:44:55:a7:96:21:e1:f2:7a:9d:86:46:bd: fb:20:44:4d:b6:6a:a3:aa:d0:c8:55:eb:7d:d5:64:96:85:23: 9f:b7:21:e7:d6:81:01:c5:d5:d9:b1:0c:da:e0:06:c6:04:1c: f9:fb:b8:56:55:74:79:82:bb:a2:b8:37:c1:c5:bd:b8:b8:49: f2:37:39:5c:d1:cd:bf:9c:f9:17:b4:25:4e:22:64:33:60:38: 39:08:1b:20:64:81:58:4b:91:d1:82:d0:0f:d7:53:4d:0d:27: 26:df:92:1a:3a:3d:2d:1b:ea:7d:db:d5:0a:be:f5:06:c9:c5: f1:e7:ff:25:4a:c2:40:5a:df:e4:7e:dd:a2:82:57:12:92:c1: a5:1f:cb:e8:44:b5:91:93:9b:7e:da:66:16:f9:4c:e8:6f:f5: 62:30:1a:a7:cf:20:e1:57:2b:15:4f:f3:56:ab:5c:e5:d1:bc: 59:4b:b3:72 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBBDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RDBERTExMC8GA1UEBRMoQjY0M0ZFQjMwMzI3NDIxNDhGM0FGOUMzNTM5MzM4RDU1 NDkzNzIyODAeFw0yNTEwMTcxMTU4NTZaFw0yNTEwMjQxMTU4NTZaMBgxFjAUBgNV BAMTDTY4ZjIyZjgwLTU5YWQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC70+K3XP4MuWA60uwjv/qtcopqYG3opauuGdzDwhF9fwJn5Xk9TV62AIHgRkkq vAOtG0R61bCvYL4Ydt36QCS/k4ls9ANqFmnfZWLr7L+5HwW0y9LrjhWX0/lL9mHq MsytTVd3wyAVf1HzGD4emASfwZsBQejslV8+d9MNS0S9zq/73Ziol4sFhFLXRhCt HCp43uxxoLgo3qEXApOt87XSNYHJ/u+wh8LKYliL7DG8Qjcnp6a5p/r3rJesYYNr 4HYc+T7RgbHi98wNw6QkIuHGFFmb0XVbMLvz9QOlt6eGkgMmaqaB53f9w7pKC2FH kATf3e8RUfIJqtxeiAi1szY9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUv2/O5vX6 OpcIfXIlLiV0qheSVmswHwYDVR0jBBgwFoAUtkP+swMnQhSPOvnDU5M41VSTcigw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNEMERFLzRGNzY5RDU4QTk4 RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhTUE92bkRVNU00MVZTVGNp Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvdGtQLXN3TW5RaFNQT3ZuRFU1TTQxVlNUY2lnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNE MERFLzRGNzY5RDU4QTk4RjExRjBCMUZBNTA2NkM0RjlBRTAyL3RrUC1zd01uUWhT UE92bkRVNU00MVZTVGNpZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBALaqcFl9eyyo4bqpRe5HEvYU1cesx/0xH7GLVB8H7lz0in64D5tU6gGL RwOvXSdmV1ETTkoahtLD1ukgy/IxyAhl69fh70p9faxG08plGERVp5Yh4fJ6nYZG vfsgRE22aqOq0MhV633VZJaFI5+3IefWgQHF1dmxDNrgBsYEHPn7uFZVdHmCu6K4 N8HFvbi4SfI3OVzRzb+c+Re0JU4iZDNgODkIGyBkgVhLkdGC0A/XU00NJybfkho6 PS0b6n3b1Qq+9QbJxfHn/yVKwkBa3+R+3aKCVxKSwaUfy+hEtZGTm37aZhb5TOhv 9WIwGqfPIOFXKxVP81arXOXRvFlLs3I= -----END CERTIFICATE-----Generated at Sat Oct 18 18:01:16 2025 by rpki-client