$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft File: IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft (raw, json) Hash identifier: QeSd4JzLP162nyCwlIkzfteehOHQJtmSnGmzxzbAcaE= Subject key identifier: 9C:09:69:41:5A:3F:0F:22:25:24:74:44:56:E7:F4:97:3D:07:71:20 Authority key identifier: 22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 Certificate issuer: /CN=A91CFFCB/serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Certificate serial: 48 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft Manifest number: 47 Signing time: Fri 17 Oct 2025 11:04:10 +0000 Manifest this update: Fri 17 Oct 2025 11:04:09 +0000 Manifest next update: Fri 24 Oct 2025 11:04:09 +0000 Files and hashes: 1: IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl (hash: BKtSqTThBJu4YWxvPqEsHP0lacs0YWqaDxiwbmhgwo0=) 2: BAEA3A3C497B11F096DCA14EC4F9AE02.roa (hash: NGudT5ffYxQaLDuPITb3DSyOtSWSbubIZoe2i4vUMeU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 24 Oct 2025 11:04:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 72 (0x48) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFFCB, serialNumber=2224294416B8465706554B52CBC56F449BC46C89 Validity Not Before: Oct 17 11:04:09 2025 GMT Not After : Oct 24 11:04:09 2025 GMT Subject: CN=68f222aa-7d32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:e0:e0:a4:c6:3e:ca:4b:45:49:d1:f1:72:92: dc:83:3d:d6:f4:a4:e7:0f:14:b5:e8:f6:77:db:b5: dd:73:1d:40:ed:75:2f:69:62:db:27:ff:04:af:4e: bb:30:59:76:27:9c:7e:a3:e8:c2:0d:64:f3:2b:7d: e4:53:fd:41:c6:2e:0e:8b:e1:4b:02:35:81:bd:85: c2:db:5b:0c:e2:e5:c6:f9:a1:4e:44:9b:eb:06:9f: b4:13:77:11:4c:5c:02:72:06:8c:09:d1:4e:26:6e: 21:ab:2e:5f:cf:32:4b:11:0b:38:30:4c:7b:5f:92: 76:a2:16:50:2b:fd:10:b4:9c:04:1c:c6:ba:38:e3: c1:cb:bb:8e:30:de:13:97:7e:1a:35:a3:38:aa:7f: b3:98:fc:ca:98:77:8a:9f:7d:75:a3:d7:d7:6c:b8: 4a:2c:f5:92:b6:d0:10:da:5e:05:0f:95:24:28:54: 55:ac:80:5a:f8:bc:87:15:9d:32:82:93:20:65:96: cd:1c:aa:41:75:46:be:57:e0:64:bf:a5:14:a5:7c: f7:e5:0b:7f:df:96:61:4e:18:da:ee:bc:ac:ff:13: f6:8d:a6:61:b9:7e:ff:0f:dc:b1:b5:1b:0b:6c:a4: 62:94:e1:49:a6:d7:8d:27:37:fc:0c:61:87:76:9d: 36:d3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9C:09:69:41:5A:3F:0F:22:25:24:74:44:56:E7:F4:97:3D:07:71:20 X509v3 Authority Key Identifier: keyid:22:24:29:44:16:B8:46:57:06:55:4B:52:CB:C5:6F:44:9B:C4:6C:89 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IiQpRBa4RlcGVUtSy8VvRJvEbIk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFFCB/ED0F11F4420511F0BF7A8711C4F9AE02/IiQpRBa4RlcGVUtSy8VvRJvEbIk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:6f:00:59:31:0f:93:1b:d7:58:82:da:db:f3:8c:d6:b4:a1: 39:a3:06:0e:78:96:c3:90:bb:2f:61:2d:f3:73:dc:3d:2e:7c: 50:b4:06:b7:eb:e8:2e:e2:de:06:64:72:12:44:a8:86:85:c0: 37:58:5d:7b:29:a9:44:ff:ce:53:0d:8a:7b:f2:3f:c3:d8:d0: a3:e8:37:d9:33:f2:f9:42:d1:97:04:f6:59:16:c4:9f:89:c0: 65:18:99:60:05:30:3a:bf:78:ae:c6:7e:66:96:5a:56:8d:78: 11:9d:1c:bb:f3:9f:23:51:d7:b6:f1:77:ab:99:1a:cc:eb:f9: ab:90:82:52:27:3b:e8:b0:f6:47:74:af:ed:15:84:8d:d1:e4: 17:77:e0:b6:66:be:b1:8e:44:d7:f9:43:d9:22:ea:a5:5e:9e: dc:b2:7a:75:dc:90:9b:70:82:36:30:ba:c2:f3:f2:85:e4:75: 7a:96:1f:f5:05:f1:cb:53:5e:fb:9e:40:94:9f:bf:4d:ca:80: 9a:db:9a:37:4d:05:af:70:ef:69:ef:8b:ec:7e:38:82:0c:67: df:21:98:4b:48:d6:a9:04:77:cf:0f:9c:a3:1f:97:bd:ae:7c: 1a:26:55:17:36:7d:17:fe:c4:e5:72:15:e9:23:6a:60:29:7b: de:88:80:d6 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD RkZDQjExMC8GA1UEBRMoMjIyNDI5NDQxNkI4NDY1NzA2NTU0QjUyQ0JDNTZGNDQ5 QkM0NkM4OTAeFw0yNTEwMTcxMTA0MDlaFw0yNTEwMjQxMTA0MDlaMBgxFjAUBgNV BAMTDTY4ZjIyMmFhLTdkMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCx4OCkxj7KS0VJ0fFyktyDPdb0pOcPFLXo9nfbtd1zHUDtdS9pYtsn/wSvTrsw WXYnnH6j6MINZPMrfeRT/UHGLg6L4UsCNYG9hcLbWwzi5cb5oU5Em+sGn7QTdxFM XAJyBowJ0U4mbiGrLl/PMksRCzgwTHtfknaiFlAr/RC0nAQcxro448HLu44w3hOX fho1oziqf7OY/MqYd4qffXWj19dsuEos9ZK20BDaXgUPlSQoVFWsgFr4vIcVnTKC kyBlls0cqkF1Rr5X4GS/pRSlfPflC3/flmFOGNruvKz/E/aNpmG5fv8P3LG1Gwts pGKU4Umm140nN/wMYYd2nTbTAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUnAlpQVo/ DyIlJHREVuf0lz0HcSAwHwYDVR0jBBgwFoAUIiQpRBa4RlcGVUtSy8VvRJvEbIkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNGRkNCL0VEMEYxMUY0NDIw NTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0UmxjR1ZVdFN5OFZ2Ukp2RWJJ ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvSWlRcFJCYTRSbGNHVlV0U3k4VnZSSnZFYklrLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNG RkNCL0VEMEYxMUY0NDIwNTExRjBCRjdBODcxMUM0RjlBRTAyL0lpUXBSQmE0Umxj R1ZVdFN5OFZ2Ukp2RWJJay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHpvAFkxD5Mb11iC2tvzjNa0oTmjBg54lsOQuy9hLfNz3D0ufFC0Brfr 6C7i3gZkchJEqIaFwDdYXXspqUT/zlMNinvyP8PY0KPoN9kz8vlC0ZcE9lkWxJ+J wGUYmWAFMDq/eK7GfmaWWlaNeBGdHLvznyNR17bxd6uZGszr+auQglInO+iw9kd0 r+0VhI3R5Bd34LZmvrGORNf5Q9ki6qVentyyenXckJtwgjYwusLz8oXkdXqWH/UF 8ctTXvueQJSfv03KgJrbmjdNBa9w72nvi+x+OIIMZ98hmEtI1qkEd88PnKMfl72u fBomVRc2fRf+xOVyFekjamApe96IgNY= -----END CERTIFICATE-----Generated at Sat Oct 18 23:32:50 2025 by rpki-client