$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft File: kBUoySF5F9lWch0caFZlNFvrVv0.mft (raw, json) Hash identifier: R3OyMDJ0oylcP1YeF9QaW5Z7QKLsrJ9Y2UtXPpKVRJM= Subject key identifier: C5:E7:9C:8E:03:BA:2B:DA:73:7A:BF:86:45:6A:EA:19:BF:C8:25:C0 Authority key identifier: 90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD Certificate issuer: /CN=A91CFAB9/serialNumber=901528C9217917D956721D1C685665345BEB56FD Certificate serial: 037F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft Manifest number: 037B Signing time: Tue 04 Nov 2025 01:41:33 +0000 Manifest this update: Tue 04 Nov 2025 01:41:32 +0000 Manifest next update: Tue 11 Nov 2025 01:41:32 +0000 Files and hashes: 1: kBUoySF5F9lWch0caFZlNFvrVv0.crl (hash: Gj472zclvpNPmQNRuu2Rhn0CR/1eYNghlKxF9ccj57w=) 2: 39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa (hash: NmvW/sg0pEXjTHBegEg6TihBwGGc4JodMMQnzVosHvc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 01:41:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 895 (0x37f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=901528C9217917D956721D1C685665345BEB56FD Validity Not Before: Nov 4 01:41:32 2025 GMT Not After : Nov 11 01:41:32 2025 GMT Subject: CN=690959cd-20ac Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ce:80:6a:b5:08:19:08:2d:ce:38:7c:95:e2: 9b:aa:75:5c:10:6d:c7:28:ed:cf:e6:3b:ce:26:fb: 5d:f1:f4:e3:88:0a:a8:b5:27:f0:e7:45:4d:74:17: 6e:47:b0:a4:93:40:5d:76:41:97:54:c1:ac:d4:a8: a8:06:f5:19:ef:cf:9d:63:ea:69:f0:e9:21:e9:22: 13:fa:41:90:5f:9c:be:5f:d7:d7:c2:df:8b:35:97: 14:5e:ba:ac:f6:f6:26:4f:77:43:f2:f3:97:7a:76: 23:92:af:32:e6:af:fa:12:97:74:d6:51:80:2c:4f: 02:f5:81:b2:c4:62:15:e3:9d:23:0b:71:c1:21:42: 12:4b:41:b2:08:5c:51:9b:60:5a:9c:02:59:c2:8e: b0:f0:e1:49:9b:07:19:a3:1e:dc:8a:fb:ec:88:ff: 1b:83:8f:9f:d7:10:5e:5d:11:a5:29:6e:f3:9a:e6: ef:6a:a5:65:a9:24:b7:e9:60:64:f5:db:2a:07:64: 9d:71:ef:f9:74:35:19:ce:fe:ae:65:1a:25:25:06: e7:66:f0:36:47:1f:b9:5d:84:a8:e0:ea:ab:ee:f5: 48:ab:99:54:e3:b8:7d:2c:9b:65:88:40:c3:2f:42: 8e:c4:53:6a:19:2b:16:0e:f1:71:1d:d0:6e:9f:00: c7:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C5:E7:9C:8E:03:BA:2B:DA:73:7A:BF:86:45:6A:EA:19:BF:C8:25:C0 X509v3 Authority Key Identifier: keyid:90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:c3:e1:33:da:ad:f7:b2:5e:76:0f:d1:12:94:35:4b:92:20: f0:e0:b2:32:93:0c:33:8d:a0:dc:56:f4:45:23:cd:6e:6c:b4: 1e:c6:7c:d3:7b:2b:48:48:7a:8f:5c:52:f0:d1:cf:9e:03:c3: 94:ed:7c:1e:bd:1c:99:fc:72:cd:b6:d8:41:8b:31:8f:de:b3: e5:de:4f:7d:d9:43:6c:10:b1:9b:75:92:03:ff:97:39:e7:20: af:fb:d9:e8:08:a6:70:9b:77:ae:6d:30:45:68:39:cd:8e:55: 2f:68:04:00:b7:5d:5d:59:ec:f6:9c:91:dc:84:d4:08:77:6f: ad:a1:32:0c:c7:4e:17:cc:e7:46:53:c5:57:e5:e4:f0:38:2c: 0d:b9:70:c2:0d:46:4e:9f:a1:98:f7:c3:5c:c0:22:c1:b9:2d: 4b:01:ae:08:39:6d:c7:50:dd:92:9e:c9:98:ab:1f:46:63:3e: c0:d3:38:06:f6:75:35:de:57:bb:49:21:33:75:6e:d8:bd:3d: 33:8c:e0:d1:85:d7:e2:ca:09:7f:94:3a:00:98:7e:65:9e:7f: 71:60:b6:fe:90:c0:f6:3e:c0:f5:c5:13:da:54:83:71:8c:46: c7:8c:b6:3a:c1:06:24:e2:5e:ce:ec:e0:ec:14:4e:97:4d:31: 27:01:dd:34 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA38wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKDkwMTUyOEM5MjE3OTE3RDk1NjcyMUQxQzY4NTY2NTM0 NUJFQjU2RkQwHhcNMjUxMTA0MDE0MTMyWhcNMjUxMTExMDE0MTMyWjAYMRYwFAYD VQQDEw02OTA5NTljZC0yMGFjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArc6AarUIGQgtzjh8leKbqnVcEG3HKO3P5jvOJvtd8fTjiAqotSfw50VNdBdu R7Ckk0BddkGXVMGs1KioBvUZ78+dY+pp8Okh6SIT+kGQX5y+X9fXwt+LNZcUXrqs 9vYmT3dD8vOXenYjkq8y5q/6Epd01lGALE8C9YGyxGIV450jC3HBIUISS0GyCFxR m2BanAJZwo6w8OFJmwcZox7civvsiP8bg4+f1xBeXRGlKW7zmubvaqVlqSS36WBk 9dsqB2Sdce/5dDUZzv6uZRolJQbnZvA2Rx+5XYSo4Oqr7vVIq5lU47h9LJtliEDD L0KOxFNqGSsWDvFxHdBunwDHyQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMXnnI4D uivac3q/hkVq6hm/yCXAMB8GA1UdIwQYMBaAFJAVKMkheRfZVnIdHGhWZTRb61b9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS8xQ0Q0NEY5RUM3 N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5bFdjaDBjYUZabE5GdnJW djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tCVW95U0Y1RjlsV2NoMGNhRlpsTkZ2clZ2MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkFCOS8xQ0Q0NEY5RUM3N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5 bFdjaDBjYUZabE5GdnJWdjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFw+Ez2q33sl52D9ESlDVLkiDw4LIykwwzjaDcVvRFI81ubLQexnzT eytISHqPXFLw0c+eA8OU7XwevRyZ/HLNtthBizGP3rPl3k992UNsELGbdZID/5c5 5yCv+9noCKZwm3eubTBFaDnNjlUvaAQAt11dWez2nJHchNQId2+toTIMx04XzOdG U8VX5eTwOCwNuXDCDUZOn6GY98NcwCLBuS1LAa4IOW3HUN2SnsmYqx9GYz7A0zgG 9nU13le7SSEzdW7YvT0zjODRhdfiygl/lDoAmH5lnn9xYLb+kMD2PsD1xRPaVINx jEbHjLY6wQYk4l7O7ODsFE6XTTEnAd00 -----END CERTIFICATE-----Generated at Tue Nov 4 14:10:56 2025 by rpki-client