$ rpki-client -vvf rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft File: pSAa7m9KXB64p-HHhTv7srp1y9I.mft (raw, json) Hash identifier: Bd2vtbURpfsps/0ykQ+8cv3C6cOdjwImUxRpDbOH7uY= Subject key identifier: 1C:38:FF:59:34:9B:33:80:BC:69:73:72:96:89:C8:19:7F:48:07:AA Authority key identifier: A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 Certificate issuer: /CN=A91D1003/serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Certificate serial: 0BB5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft Manifest number: 0BAA Signing time: Wed 22 Oct 2025 19:33:12 +0000 Manifest this update: Wed 22 Oct 2025 19:33:12 +0000 Manifest next update: Wed 29 Oct 2025 19:33:12 +0000 Files and hashes: 1: pSAa7m9KXB64p-HHhTv7srp1y9I.crl (hash: PpDhJ/GmkxYJDWhCRXHiD1w1nH2cNfaoCJuqP6xxSWE=) 2: 0DC2568E320511EA8CF6B72DC4F9AE02.roa (hash: dZqvR0xqd13+DRj0vsCnaFuawrKyEqpLXk81wck6o3Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 19:33:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2997 (0xbb5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D1003, serialNumber=A5201AEE6F4A5C1EB8A7E1C7853BFBB2BA75CBD2 Validity Not Before: Oct 22 19:33:12 2025 GMT Not After : Oct 29 19:33:12 2025 GMT Subject: CN=68f93178-5e8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:40:f0:6d:e4:a9:7f:39:c7:db:bd:70:68:ab: 48:de:84:f2:bc:0f:46:31:89:0f:49:56:9f:d9:d3: 72:2f:02:67:ef:16:d8:48:4a:ff:06:48:7c:0e:d4: 8d:9f:50:07:0a:0e:c5:6c:e7:d7:42:f9:43:9a:09: 6f:a8:65:04:74:67:3e:fa:60:10:bd:5c:25:82:61: f9:1b:1f:f4:9d:95:9f:b9:45:02:65:d1:df:85:ea: 11:de:ac:d7:a3:32:10:f8:5b:59:f0:2b:72:e9:81: 05:62:ab:84:5f:8c:1b:78:5b:f9:67:a1:53:c4:cf: 46:8b:2a:f0:eb:e7:f2:bd:f8:b8:06:a7:37:87:20: 2d:ef:73:3a:78:8c:25:16:ab:d6:60:ce:80:54:db: 8d:40:ec:c8:21:4a:7c:31:55:db:aa:51:a7:8b:f2: ab:e8:4c:5c:94:d3:c9:8b:3f:40:60:56:5f:58:af: fd:fc:01:b6:33:57:bb:e3:23:31:a3:a0:4a:43:8f: e5:d6:b5:03:33:54:06:15:7c:65:82:5e:ae:ad:c0: 17:c7:27:47:a2:e2:c7:f9:56:aa:23:4e:ce:05:08: be:ba:6c:2e:36:21:eb:60:3e:44:54:bb:32:16:c6: a1:a2:6a:4e:d5:4e:0d:46:46:2e:13:81:e4:4f:cf: af:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:38:FF:59:34:9B:33:80:BC:69:73:72:96:89:C8:19:7F:48:07:AA X509v3 Authority Key Identifier: keyid:A5:20:1A:EE:6F:4A:5C:1E:B8:A7:E1:C7:85:3B:FB:B2:BA:75:CB:D2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/pSAa7m9KXB64p-HHhTv7srp1y9I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D1003/AA4E95C8320311EA8D2A1B2BC4F9AE02/pSAa7m9KXB64p-HHhTv7srp1y9I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:06:c6:cf:19:5a:e7:a4:f2:ec:60:32:e9:d4:3c:65:ce:14: cc:c2:12:37:50:f0:b0:a5:04:12:b1:1a:51:e1:0a:3a:b2:76: cc:21:ce:37:70:b6:9a:09:01:aa:d7:ea:a9:74:1c:52:0c:24: 71:8e:5f:4b:d8:1d:ce:f9:1c:f9:53:d3:d2:a2:a6:79:84:e7: 5a:00:81:bf:6f:85:ab:af:d6:c3:f0:f4:38:b3:47:47:f7:0a: 35:bf:f9:5e:73:02:37:a1:32:8a:9c:b7:d4:81:d6:85:af:96: 27:78:70:2c:0f:89:26:af:14:02:5c:d9:ae:9e:f5:70:8f:3a: 82:7c:16:79:59:33:f3:22:e6:13:8b:3e:3d:a0:a0:4a:18:b8: 55:78:f4:4e:0a:74:9e:0f:67:8c:a5:9f:cf:ee:16:53:ec:3a: 66:84:ee:f2:fb:db:41:db:fc:2c:a8:0a:0b:06:b7:ea:9a:10: 2e:fc:38:3f:f1:9e:85:41:e4:17:bc:c5:0f:13:33:c8:76:57: e0:c9:1e:60:c3:56:08:34:11:7d:fe:32:f3:67:f8:ee:ec:d5: 8e:34:16:ee:aa:d4:a3:d9:da:f7:e3:95:44:46:65:20:03:52: 27:8f:41:1c:d1:c5:6f:f3:30:67:ac:da:cd:ae:ac:c7:ae:1b: d0:44:11:91 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC7UwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDEwMDMxMTAvBgNVBAUTKEE1MjAxQUVFNkY0QTVDMUVCOEE3RTFDNzg1M0JGQkIy QkE3NUNCRDIwHhcNMjUxMDIyMTkzMzEyWhcNMjUxMDI5MTkzMzEyWjAYMRYwFAYD VQQDEw02OGY5MzE3OC01ZThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw0DwbeSpfznH271waKtI3oTyvA9GMYkPSVaf2dNyLwJn7xbYSEr/Bkh8DtSN n1AHCg7FbOfXQvlDmglvqGUEdGc++mAQvVwlgmH5Gx/0nZWfuUUCZdHfheoR3qzX ozIQ+FtZ8Cty6YEFYquEX4wbeFv5Z6FTxM9Giyrw6+fyvfi4Bqc3hyAt73M6eIwl FqvWYM6AVNuNQOzIIUp8MVXbqlGni/Kr6ExclNPJiz9AYFZfWK/9/AG2M1e74yMx o6BKQ4/l1rUDM1QGFXxlgl6urcAXxydHouLH+VaqI07OBQi+umwuNiHrYD5EVLsy FsahompO1U4NRkYuE4HkT8+vnQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBw4/1k0 mzOAvGlzcpaJyBl/SAeqMB8GA1UdIwQYMBaAFKUgGu5vSlweuKfhx4U7+7K6dcvS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMTAwMy9BQTRFOTVDODMy MDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hCNjRwLUhIaFR2N3NycDF5 OUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BTQWE3bTlLWEI2NHAtSEhoVHY3c3JwMXk5SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MTAwMy9BQTRFOTVDODMyMDMxMUVBOEQyQTFCMkJDNEY5QUUwMi9wU0FhN205S1hC NjRwLUhIaFR2N3NycDF5OUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBABsbPGVrnpPLsYDLp1DxlzhTMwhI3UPCwpQQSsRpR4Qo6snbMIc43 cLaaCQGq1+qpdBxSDCRxjl9L2B3O+Rz5U9PSoqZ5hOdaAIG/b4Wrr9bD8PQ4s0dH 9wo1v/lecwI3oTKKnLfUgdaFr5YneHAsD4kmrxQCXNmunvVwjzqCfBZ5WTPzIuYT iz49oKBKGLhVePROCnSeD2eMpZ/P7hZT7DpmhO7y+9tB2/wsqAoLBrfqmhAu/Dg/ 8Z6FQeQXvMUPEzPIdlfgyR5gw1YINBF9/jLzZ/ju7NWONBbuqtSj2dr345VERmUg A1Inj0Ec0cVv8zBnrNrNrqzHrhvQRBGR -----END CERTIFICATE-----Generated at Fri Oct 24 08:30:29 2025 by rpki-client