$ rpki-client -vvf rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft File: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft (raw, json) Hash identifier: I2SpYQ0Nhe3bR9sYrPxbjnAR7EZYtFXVEQLUXDvyEks= Subject key identifier: 68:BA:D2:78:FF:FB:90:D9:EE:3A:D2:A9:FE:2E:74:E0:3F:8E:C4:5A Authority key identifier: A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 Certificate issuer: /CN=A91CE6EC/serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Certificate serial: 25D6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft Manifest number: 25CA Signing time: Sun 02 Nov 2025 15:44:32 +0000 Manifest this update: Sun 02 Nov 2025 15:44:32 +0000 Manifest next update: Sun 09 Nov 2025 15:44:32 +0000 Files and hashes: 1: ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl (hash: z8jbYVfXb50T4clLusKyZVNIHtSzUNn+QJOVx/8jrE4=) 2: 96F26DD8E4A511EF8259C769C4F9AE02.roa (hash: 106BmLtTyVCv8aiEyQESyMsMUTUgBCG4YPN0EmuEMYs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:44:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9686 (0x25d6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CE6EC, serialNumber=A1C2396570401772429EB8CBB0DF6653F1678CF6 Validity Not Before: Nov 2 15:44:32 2025 GMT Not After : Nov 9 15:44:32 2025 GMT Subject: CN=69077c60-2875 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:35:c2:1e:3d:1c:b1:7f:27:c3:bd:81:1d:5a: b9:8c:2e:1f:22:3c:d8:39:72:9e:e5:8e:c2:71:31: 9e:41:13:21:5d:2a:b3:c9:a1:af:90:24:2e:10:08: cd:cc:ea:01:b4:94:73:76:1c:31:03:3c:61:a4:b2: 94:29:b8:fe:32:46:f5:91:ca:40:60:30:67:2f:bc: d0:29:3a:ef:06:05:6c:64:c6:e3:1e:22:c8:ed:73: 79:09:ac:a4:cc:3e:fb:0a:12:8f:89:aa:1a:33:b2: c0:dd:6d:95:ed:18:54:48:87:98:51:af:fe:db:41: a1:b9:55:30:aa:ab:4a:05:0a:53:ad:17:23:5b:77: 6c:1f:a3:00:16:ff:17:56:73:19:5e:6a:99:1b:9c: 7b:92:ed:1e:ee:ab:2b:1a:73:2a:4e:b5:02:29:16: c8:78:6e:73:e1:5f:cc:74:e6:bd:45:68:e5:9b:98: 69:61:82:e0:32:87:83:49:29:9c:24:3f:60:f2:18: 3c:10:c3:01:a4:ac:3e:1e:ff:8b:b1:f6:70:84:a9: 50:93:7f:4b:4f:e5:0f:1e:d9:80:a7:12:18:b2:84: 3a:4f:57:9c:ff:92:b8:d4:d3:bd:58:e1:0e:05:98: 76:05:76:7c:65:bd:43:fb:73:df:2e:5a:b6:a3:14: aa:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:BA:D2:78:FF:FB:90:D9:EE:3A:D2:A9:FE:2E:74:E0:3F:8E:C4:5A X509v3 Authority Key Identifier: keyid:A1:C2:39:65:70:40:17:72:42:9E:B8:CB:B0:DF:66:53:F1:67:8C:F6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CE6EC/D3AB601614C811E5A2FCEF15C4F9AE02/ocI5ZXBAF3JCnrjLsN9mU_FnjPY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:0b:ba:69:40:46:eb:22:86:b5:f6:46:0c:77:0a:c9:d5:3e: dc:9c:3a:3e:ab:f0:7c:db:78:5d:a1:7d:30:56:e1:19:fc:0d: d0:bc:d6:68:12:de:8e:81:97:65:fc:fd:4d:1d:ac:23:e9:27: e3:df:6f:49:70:e6:48:16:62:4a:63:c0:b6:7d:f2:ee:d3:f0: fc:56:6b:de:ad:99:72:95:3b:91:ff:54:b0:a3:9c:88:e7:ad: b5:23:ad:0b:71:87:20:81:d2:95:9d:74:67:4a:63:a0:06:24: 77:ce:2d:7b:b6:a7:c6:78:29:73:3e:5d:2e:86:43:be:7d:5d: d0:95:d7:d8:7e:94:dc:57:63:e0:85:b9:34:75:b1:72:f8:83: 1e:3e:b0:2b:45:ca:72:ba:42:61:6e:86:99:4d:47:f9:a0:31: 99:4c:a8:81:d0:99:fd:46:1d:b2:f6:63:ee:7d:f0:2e:a7:a9: 25:c2:3a:fb:33:73:02:4f:a8:86:3a:e7:66:17:de:3f:df:39: 7a:9f:a2:28:ed:77:4b:3d:9e:2c:e9:67:b9:61:28:e3:8d:45: b2:ab:86:87:ce:d4:26:19:8e:a8:88:ae:db:79:c0:1f:f5:89: f3:9f:3d:56:d0:d5:56:3a:df:20:e4:6b:4f:eb:a1:54:eb:6d: 9b:7d:36:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJdYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0U2RUMxMTAvBgNVBAUTKEExQzIzOTY1NzA0MDE3NzI0MjlFQjhDQkIwREY2NjUz RjE2NzhDRjYwHhcNMjUxMTAyMTU0NDMyWhcNMjUxMTA5MTU0NDMyWjAYMRYwFAYD VQQDEw02OTA3N2M2MC0yODc1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6zXCHj0csX8nw72BHVq5jC4fIjzYOXKe5Y7CcTGeQRMhXSqzyaGvkCQuEAjN zOoBtJRzdhwxAzxhpLKUKbj+Mkb1kcpAYDBnL7zQKTrvBgVsZMbjHiLI7XN5Cayk zD77ChKPiaoaM7LA3W2V7RhUSIeYUa/+20GhuVUwqqtKBQpTrRcjW3dsH6MAFv8X VnMZXmqZG5x7ku0e7qsrGnMqTrUCKRbIeG5z4V/MdOa9RWjlm5hpYYLgMoeDSSmc JD9g8hg8EMMBpKw+Hv+LsfZwhKlQk39LT+UPHtmApxIYsoQ6T1ec/5K41NO9WOEO BZh2BXZ8Zb1D+3PfLlq2oxSqHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGi60nj/ +5DZ7jrSqf4udOA/jsRaMB8GA1UdIwQYMBaAFKHCOWVwQBdyQp64y7DfZlPxZ4z2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRTZFQy9EM0FCNjAxNjE0 QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYzSkNucmpMc045bVVfRm5q UFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29jSTVaWEJBRjNKQ25yakxzTjltVV9GbmpQWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RTZFQy9EM0FCNjAxNjE0QzgxMUU1QTJGQ0VGMTVDNEY5QUUwMi9vY0k1WlhCQUYz SkNucmpMc045bVVfRm5qUFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlC7ppQEbrIoa19kYMdwrJ1T7cnDo+q/B823hdoX0wVuEZ/A3QvNZo Et6OgZdl/P1NHawj6Sfj329JcOZIFmJKY8C2ffLu0/D8VmverZlylTuR/1Swo5yI 5621I60LcYcggdKVnXRnSmOgBiR3zi17tqfGeClzPl0uhkO+fV3QldfYfpTcV2Pg hbk0dbFy+IMePrArRcpyukJhboaZTUf5oDGZTKiB0Jn9Rh2y9mPuffAup6klwjr7 M3MCT6iGOudmF94/3zl6n6Io7XdLPZ4s6We5YSjjjUWyq4aHztQmGY6oiK7becAf 9Ynznz1W0NVWOt8g5GtP66FU622bfTZA -----END CERTIFICATE-----Generated at Mon Nov 3 18:16:46 2025 by rpki-client