$ rpki-client -vvf rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft File: tkuBBCq0EWB9hgdv78nllia7iBY.mft (raw, json) Hash identifier: p3XkO6lN9sudFuuS6rZWnOuZ3bFEedEUrP4s6MMrCrg= Subject key identifier: 6F:62:2E:FF:27:17:99:CF:59:49:35:03:1C:24:09:FB:E1:3E:B1:BE Authority key identifier: B6:4B:81:04:2A:B4:11:60:7D:86:07:6F:EF:C9:E5:96:26:BB:88:16 Certificate issuer: /CN=A91D3037/serialNumber=B64B81042AB411607D86076FEFC9E59626BB8816 Certificate serial: 28 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft Manifest number: 22 Signing time: Wed 05 Nov 2025 07:59:58 +0000 Manifest this update: Wed 05 Nov 2025 07:59:58 +0000 Manifest next update: Wed 12 Nov 2025 07:59:58 +0000 Files and hashes: 1: tkuBBCq0EWB9hgdv78nllia7iBY.crl (hash: xkcZ/l1J/eleG9VabRW3CcMSBlHWFrGzGtEYcMRdt1Y=) 2: 0A16B10E8EE011F09A1AE72BC4F9AE02.roa (hash: 49rBi75NWLedbZFV/zCs/LhYwYBaC9SkJOjaSAzVrHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.crl rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:59:57 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 40 (0x28) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D3037, serialNumber=B64B81042AB411607D86076FEFC9E59626BB8816 Validity Not Before: Nov 5 07:59:58 2025 GMT Not After : Nov 12 07:59:58 2025 GMT Subject: CN=690b03fe-bb12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:e5:5c:b8:62:18:51:5f:1d:97:2a:97:56:84: d2:18:17:5c:f9:3a:c2:21:6a:1f:bd:06:f6:f3:85: 2e:0c:b6:1d:4e:7d:6b:24:14:1e:57:51:db:c7:64: e1:14:40:5e:65:db:86:c1:61:d2:dc:a5:b4:c1:c2: fd:05:71:78:36:e2:de:b6:c1:02:d6:5f:7a:2a:28: ff:79:05:e5:c5:d7:c8:63:3a:cf:89:bc:4c:45:9f: 4f:60:77:2b:2c:bd:08:b0:28:c2:49:85:f1:23:fa: 9f:2e:57:c7:11:4a:c0:4a:3c:3d:71:a1:98:93:8f: 75:a1:7d:79:21:72:6d:09:33:a9:a4:79:3c:f0:e7: f1:02:8c:3f:c1:d0:6f:81:15:a8:99:07:f4:e2:ee: 1f:b9:8d:64:b0:4b:19:57:60:3d:e9:a0:da:b3:2a: 3f:96:14:1f:60:4a:ca:b5:af:fe:9e:22:3c:0c:07: e7:73:59:6d:d7:cc:ae:87:1e:6e:45:2a:4f:7e:13: 6f:ef:16:3a:97:f5:23:0f:d3:11:ef:ed:60:45:4f: eb:8c:74:7e:39:c5:5b:6d:c0:3b:21:75:ec:cc:be: 3e:ad:d8:2e:30:62:62:c3:24:d5:ca:07:86:84:36: 1f:68:37:02:94:e8:e0:86:0d:cd:3a:33:a4:b6:29: 5e:a3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:62:2E:FF:27:17:99:CF:59:49:35:03:1C:24:09:FB:E1:3E:B1:BE X509v3 Authority Key Identifier: keyid:B6:4B:81:04:2A:B4:11:60:7D:86:07:6F:EF:C9:E5:96:26:BB:88:16 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tkuBBCq0EWB9hgdv78nllia7iBY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D3037/8B8DE27E8EDC11F09880C478C4F9AE02/tkuBBCq0EWB9hgdv78nllia7iBY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 69:ab:3f:cb:03:13:ef:b9:a9:52:6b:d8:fa:72:3f:89:9d:01: 3e:40:f9:5e:76:2c:c7:32:71:1e:b9:d5:0d:7d:5e:11:d1:90: 0d:71:dc:7f:87:30:84:f7:4a:0f:f4:ea:5f:a0:bf:f1:c1:31: 5f:e6:71:49:ca:af:df:7c:69:68:24:8a:24:03:e3:66:4b:75: da:75:05:79:f3:be:0a:17:0a:ea:2f:b6:46:0a:8b:23:7f:3c: 24:03:59:07:a0:1a:64:6d:de:d7:9b:57:0e:48:d7:ce:b5:87: a5:78:da:cd:94:dd:73:0c:4f:68:6e:e6:f8:25:a1:a1:8a:be: 93:8f:43:f6:05:a1:00:cb:d1:56:b2:5b:b3:27:98:9c:af:2d: 6b:71:9c:b6:4d:1b:43:3a:88:56:0e:5d:66:1e:1b:3d:47:23: 16:53:74:f3:27:de:b6:18:a6:3c:ba:14:af:9c:2a:a4:ec:f3: b9:b4:0f:e2:5a:1f:9c:c6:f7:e3:c3:b3:d3:a5:2f:7d:7d:68: b0:1f:7d:7c:a7:0d:82:63:36:75:2b:41:d5:8d:cd:64:b6:85: 50:07:33:1e:d9:46:65:ca:62:cb:a9:d5:5b:92:42:ec:51:8a: 20:6c:59:b8:8c:69:ec:6e:ea:fd:9f:2f:1c:5e:e3:ae:f0:d1: c6:59:1e:7c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE MzAzNzExMC8GA1UEBRMoQjY0QjgxMDQyQUI0MTE2MDdEODYwNzZGRUZDOUU1OTYy NkJCODgxNjAeFw0yNTExMDUwNzU5NThaFw0yNTExMTIwNzU5NThaMBgxFjAUBgNV BAMTDTY5MGIwM2ZlLWJiMTIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDF5Vy4YhhRXx2XKpdWhNIYF1z5OsIhah+9BvbzhS4Mth1OfWskFB5XUdvHZOEU QF5l24bBYdLcpbTBwv0FcXg24t62wQLWX3oqKP95BeXF18hjOs+JvExFn09gdyss vQiwKMJJhfEj+p8uV8cRSsBKPD1xoZiTj3WhfXkhcm0JM6mkeTzw5/ECjD/B0G+B FaiZB/Ti7h+5jWSwSxlXYD3poNqzKj+WFB9gSsq1r/6eIjwMB+dzWW3XzK6HHm5F Kk9+E2/vFjqX9SMP0xHv7WBFT+uMdH45xVttwDshdezMvj6t2C4wYmLDJNXKB4aE Nh9oNwKU6OCGDc06M6S2KV6jAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUb2Iu/ycX mc9ZSTUDHCQJ++E+sb4wHwYDVR0jBBgwFoAUtkuBBCq0EWB9hgdv78nllia7iBYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQzMDM3LzhCOERFMjdFOEVE QzExRjA5ODgwQzQ3OEM0RjlBRTAyL3RrdUJCQ3EwRVdCOWhnZHY3OG5sbGlhN2lC WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvdGt1QkJDcTBFV0I5aGdkdjc4bmxsaWE3aUJZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUQz MDM3LzhCOERFMjdFOEVEQzExRjA5ODgwQzQ3OEM0RjlBRTAyL3RrdUJCQ3EwRVdC OWhnZHY3OG5sbGlhN2lCWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGmrP8sDE++5qVJr2PpyP4mdAT5A+V52LMcycR651Q19XhHRkA1x3H+H MIT3Sg/06l+gv/HBMV/mcUnKr998aWgkiiQD42ZLddp1BXnzvgoXCuovtkYKiyN/ PCQDWQegGmRt3tebVw5I1861h6V42s2U3XMMT2hu5vgloaGKvpOPQ/YFoQDL0Vay W7MnmJyvLWtxnLZNG0M6iFYOXWYeGz1HIxZTdPMn3rYYpjy6FK+cKqTs87m0D+Ja H5zG9+PDs9OlL319aLAffXynDYJjNnUrQdWNzWS2hVAHMx7ZRmXKYsup1VuSQuxR iiBsWbiMaexu6v2fLxxe467w0cZZHnw= -----END CERTIFICATE-----Generated at Wed Nov 5 21:00:46 2025 by rpki-client