$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft File: TZAcNCU7ylsnTusQaZPe9yCiUqw.mft (raw, json) Hash identifier: 94ejdSe5uTPIvznM4jG+0wwZ33ZIf9zNPbBSFMbI8XE= Subject key identifier: 89:42:20:8C:5D:97:7F:C2:C5:11:C6:13:0A:35:91:2B:BE:B2:5E:5A Authority key identifier: 4D:90:1C:34:25:3B:CA:5B:27:4E:EB:10:69:93:DE:F7:20:A2:52:AC Certificate issuer: /CN=A91D6AB2/serialNumber=4D901C34253BCA5B274EEB106993DEF720A252AC Certificate serial: 046D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TZAcNCU7ylsnTusQaZPe9yCiUqw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft Manifest number: 0CE4 Signing time: Sun 02 Nov 2025 20:32:52 +0000 Manifest this update: Sun 02 Nov 2025 20:32:51 +0000 Manifest next update: Sun 09 Nov 2025 20:32:51 +0000 Files and hashes: 1: TZAcNCU7ylsnTusQaZPe9yCiUqw.crl (hash: Gx7Ew8CDd+VtYHjWZzT40iz9V/zFHUIsYBhng0NAxjo=) 2: 8E4BBF50F5C511EF89110646C4F9AE02.roa (hash: khC3NWIbwkvutKI6Vqs7kfio6cgD4nvnuDwfjQlSlpw=) 3: A1B8D10EF5C511EF83B21246C4F9AE02.roa (hash: R9z8+TOIkB2HShaZE8kZf0+7pw9G6s/c+bvTwVe027E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.crl rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TZAcNCU7ylsnTusQaZPe9yCiUqw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:32:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1133 (0x46d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6AB2, serialNumber=4D901C34253BCA5B274EEB106993DEF720A252AC Validity Not Before: Nov 2 20:32:51 2025 GMT Not After : Nov 9 20:32:51 2025 GMT Subject: CN=6907bff4-7e9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:64:99:d2:14:04:56:89:46:e2:0e:66:be:e3: 1f:45:73:6e:cf:71:ba:d4:e4:b4:00:a9:11:85:1e: e1:87:7d:a3:9d:72:92:17:36:d0:cf:e9:0e:cc:ac: ee:c7:56:5a:6b:e2:1f:4f:d1:2c:8f:38:cb:f9:59: 87:48:50:bd:aa:ec:fa:db:a6:28:43:04:96:f5:05: 23:1e:89:e9:1d:b9:75:e3:f4:1d:dc:3f:72:23:02: 3d:f7:fb:22:12:59:0e:d2:db:99:fc:c4:61:b9:e8: 97:ad:4b:ec:70:e8:c6:09:66:bb:05:fa:3b:09:c9: de:d4:77:9a:43:17:3a:13:71:06:d1:53:fd:f5:ab: b7:0b:54:7b:06:1b:c8:8b:0c:77:2a:75:50:90:75: 08:2b:71:dc:25:88:5e:74:53:37:55:6b:b9:c8:aa: 0d:48:bd:09:07:a9:0f:27:fa:2e:e0:e0:25:0a:28: e6:4e:8f:61:82:c4:d0:5f:95:34:ff:d6:07:70:f6: 3e:af:70:5e:78:9d:ca:74:7d:13:6d:c2:8d:ed:92: a0:67:01:be:d3:92:27:df:eb:29:65:53:d4:94:62: 84:78:68:8b:7a:30:f1:bc:b3:0b:af:1a:29:e0:49: 63:ef:b5:78:42:f8:87:ca:89:8d:d6:d3:0f:32:bc: e7:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:42:20:8C:5D:97:7F:C2:C5:11:C6:13:0A:35:91:2B:BE:B2:5E:5A X509v3 Authority Key Identifier: keyid:4D:90:1C:34:25:3B:CA:5B:27:4E:EB:10:69:93:DE:F7:20:A2:52:AC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TZAcNCU7ylsnTusQaZPe9yCiUqw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/TZAcNCU7ylsnTusQaZPe9yCiUqw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2f:62:9c:60:68:32:48:d0:a7:36:9f:7b:99:13:d5:6b:8d:3b: 18:49:e8:c9:06:05:a9:04:13:0b:80:8c:ab:6b:7d:6e:00:84: 1f:ed:8c:e2:5b:25:45:e7:14:94:fe:75:e8:e0:63:d0:0b:d5: 7b:ac:09:13:e6:fa:84:1a:38:01:18:ea:3c:a6:75:ac:06:ed: 07:6e:e5:84:18:a9:a1:df:fb:03:f5:1c:cb:37:3e:e6:1a:f8: a8:ae:85:8f:0f:86:86:ad:c4:5e:43:fd:1d:94:8a:8c:18:15: f0:80:1c:dc:c1:b8:57:09:e9:72:1c:27:20:0f:b2:de:d2:d3: 0b:e0:48:09:99:94:3d:bb:24:75:58:3c:7b:28:22:4c:08:1d: 7f:60:22:2d:63:3a:20:d6:bb:31:da:73:88:9a:6f:00:2f:b9: d8:20:ba:e0:5f:2b:6c:42:2a:cf:78:88:e6:9a:21:ae:c1:80: 40:80:23:ad:2a:cd:35:45:aa:80:fc:e1:52:8c:44:19:d5:3d: 38:bd:53:d7:3c:5d:58:65:ef:2c:b1:c0:91:5e:d2:41:6d:57: 1f:9e:0b:67:57:0e:b5:39:ce:74:b5:3e:18:36:24:78:9a:35: 42:29:5b:28:a1:43:0f:9f:bc:e7:09:64:48:a2:c6:a8:ed:7e: 98:e9:cd:23 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBG0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDZBQjIxMTAvBgNVBAUTKDREOTAxQzM0MjUzQkNBNUIyNzRFRUIxMDY5OTNERUY3 MjBBMjUyQUMwHhcNMjUxMTAyMjAzMjUxWhcNMjUxMTA5MjAzMjUxWjAYMRYwFAYD VQQDEw02OTA3YmZmNC03ZTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtGSZ0hQEVolG4g5mvuMfRXNuz3G61OS0AKkRhR7hh32jnXKSFzbQz+kOzKzu x1Zaa+IfT9EsjzjL+VmHSFC9quz626YoQwSW9QUjHonpHbl14/Qd3D9yIwI99/si ElkO0tuZ/MRhueiXrUvscOjGCWa7Bfo7Ccne1HeaQxc6E3EG0VP99au3C1R7BhvI iwx3KnVQkHUIK3HcJYhedFM3VWu5yKoNSL0JB6kPJ/ou4OAlCijmTo9hgsTQX5U0 /9YHcPY+r3BeeJ3KdH0TbcKN7ZKgZwG+05In3+spZVPUlGKEeGiLejDxvLMLrxop 4Elj77V4QviHyomN1tMPMrzn7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlCIIxd l3/CxRHGEwo1kSu+sl5aMB8GA1UdIwQYMBaAFE2QHDQlO8pbJ07rEGmT3vcgolKs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENkFCMi8wQUYyRUFBQUNG NzAxMUVBOEFFNTVENDhDNEY5QUUwMi9UWkFjTkNVN3lsc25UdXNRYVpQZTl5Q2lV cXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RaQWNOQ1U3eWxzblR1c1FhWlBlOXlDaVVxdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NkFCMi8wQUYyRUFBQUNGNzAxMUVBOEFFNTVENDhDNEY5QUUwMi9UWkFjTkNVN3ls c25UdXNRYVpQZTl5Q2lVcXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAvYpxgaDJI0Kc2n3uZE9VrjTsYSejJBgWpBBMLgIyra31uAIQf7Yzi WyVF5xSU/nXo4GPQC9V7rAkT5vqEGjgBGOo8pnWsBu0HbuWEGKmh3/sD9RzLNz7m GvioroWPD4aGrcReQ/0dlIqMGBXwgBzcwbhXCelyHCcgD7Le0tML4EgJmZQ9uyR1 WDx7KCJMCB1/YCItYzog1rsx2nOImm8AL7nYILrgXytsQirPeIjmmiGuwYBAgCOt Ks01RaqA/OFSjEQZ1T04vVPXPF1YZe8sscCRXtJBbVcfngtnVw61Oc50tT4YNiR4 mjVCKVsooUMPn7znCWRIosao7X6Y6c0j -----END CERTIFICATE-----Generated at Tue Nov 4 19:10:50 2025 by rpki-client