$ rpki-client -vvf rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft File: -iKAHFKuKl_EkbfL6-aO_KLI0dk.mft (raw, json) Hash identifier: +cHQLMy9CbzumJjZAHwxkGRfFoSiCuuPIDMj0k3cnCE= Subject key identifier: 9D:A9:C3:8A:94:73:DD:D0:F9:AF:0C:28:B9:4A:6F:D2:8A:90:00:9A Authority key identifier: FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 Certificate issuer: /CN=A91D837B/serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Certificate serial: A8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft Manifest number: A7 Signing time: Mon 03 Nov 2025 06:16:13 +0000 Manifest this update: Mon 03 Nov 2025 06:16:12 +0000 Manifest next update: Mon 10 Nov 2025 06:16:12 +0000 Files and hashes: 1: -iKAHFKuKl_EkbfL6-aO_KLI0dk.crl (hash: 3wrv7uQ6DJpMwUz8tReSWCP8gGN83PYOcNnJ8EzQErY=) 2: 8F7DFE66C96E11EF98B64E15C4F9AE02.roa (hash: NJttL+qjjIMKQduatRuB9wCf9GQJviKk9JlU07XKUgE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 06:16:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 168 (0xa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D837B, serialNumber=FA22801C52AE2A5FC491B7CBEBE68EFCA2C8D1D9 Validity Not Before: Nov 3 06:16:12 2025 GMT Not After : Nov 10 06:16:12 2025 GMT Subject: CN=690848ad-d8be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:93:03:bd:a9:ed:37:d5:bc:74:6c:12:00:18: 7f:16:c0:97:30:3d:b2:40:a6:d4:1a:66:75:08:ed: 3f:5e:7e:67:ce:67:a0:c2:45:b9:7b:69:59:c0:65: 3b:65:c6:ad:c9:03:78:7f:06:94:72:04:d2:c1:c4: cc:5c:f0:98:0d:b5:c1:cc:19:bc:33:37:24:0d:88: fb:08:7b:ac:4b:70:e4:3e:54:4b:5d:94:d0:c3:4d: e3:4b:a6:40:17:52:24:c8:58:c9:64:e5:8f:48:bf: d6:18:9c:b0:54:bd:01:7f:c0:99:14:9b:03:70:4c: d2:50:c3:b6:41:c1:a1:56:61:1e:19:5e:f2:bb:58: 9d:a6:65:47:e3:a4:1d:f2:55:95:9c:01:fb:33:0a: 62:b2:35:bb:f5:19:23:a1:04:9e:1a:01:7b:58:79: a7:4b:44:b7:be:ae:64:30:16:32:aa:31:85:35:62: ef:06:fb:f6:4a:6b:dd:98:d2:9c:ac:db:b3:a6:e5: be:40:38:95:7e:81:84:20:b6:44:62:ae:aa:66:e3: f8:df:f6:02:87:e3:df:e4:da:83:5e:11:b8:5c:10: 5a:ad:70:7b:4a:5d:90:c3:56:bd:c9:20:86:bb:63: 1c:87:24:25:86:00:5d:43:73:b7:3e:f6:9a:79:59: 30:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:A9:C3:8A:94:73:DD:D0:F9:AF:0C:28:B9:4A:6F:D2:8A:90:00:9A X509v3 Authority Key Identifier: keyid:FA:22:80:1C:52:AE:2A:5F:C4:91:B7:CB:EB:E6:8E:FC:A2:C8:D1:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/-iKAHFKuKl_EkbfL6-aO_KLI0dk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D837B/158D7F3CB99C11EF9638F769C4F9AE02/-iKAHFKuKl_EkbfL6-aO_KLI0dk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:03:7c:7d:15:31:13:7b:8d:26:91:be:f5:2f:ae:1a:36:7a: d8:19:d2:7e:11:68:dd:2e:df:b1:c8:ac:7d:a1:f7:92:28:0e: 54:c7:97:4b:aa:76:fc:db:9e:fc:1e:7d:92:e6:f4:be:7b:68: e5:47:ea:d9:f4:ff:22:18:0c:e7:14:0c:cf:1f:8d:63:8b:38: d8:8a:75:a1:18:64:90:6b:ba:f3:73:9e:c2:54:4b:55:98:7b: 9a:8f:39:b7:c6:55:c6:f0:67:f8:44:19:6f:bb:f2:7d:25:8e: 2b:3f:c1:0e:bc:82:60:dc:89:5d:74:c6:b0:bf:a7:89:eb:70: 14:f8:f4:fe:99:e4:63:d8:ec:d3:8a:85:ce:b1:69:5e:15:79: 72:eb:be:f8:02:21:f6:9b:94:34:5d:84:45:09:02:9b:90:1b: 3b:84:39:f1:30:83:62:a4:75:64:f9:55:b9:f9:ff:b4:d6:1c: 12:53:e0:19:0f:8e:6c:b2:5e:89:27:f4:6f:64:b6:80:39:8e: 9b:3d:02:56:61:2e:be:38:a9:0d:86:db:59:17:4a:ad:57:c8: ce:20:ad:97:c7:00:00:86:76:1f:fe:f0:6c:88:91:5f:69:db: 23:df:e9:d8:c7:18:53:7d:30:f9:c3:a5:05:89:c6:b2:48:e2: a5:fb:ab:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzN0IxMTAvBgNVBAUTKEZBMjI4MDFDNTJBRTJBNUZDNDkxQjdDQkVCRTY4RUZD QTJDOEQxRDkwHhcNMjUxMTAzMDYxNjEyWhcNMjUxMTEwMDYxNjEyWjAYMRYwFAYD VQQDEw02OTA4NDhhZC1kOGJlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwZMDvantN9W8dGwSABh/FsCXMD2yQKbUGmZ1CO0/Xn5nzmegwkW5e2lZwGU7 ZcatyQN4fwaUcgTSwcTMXPCYDbXBzBm8MzckDYj7CHusS3DkPlRLXZTQw03jS6ZA F1IkyFjJZOWPSL/WGJywVL0Bf8CZFJsDcEzSUMO2QcGhVmEeGV7yu1idpmVH46Qd 8lWVnAH7MwpisjW79RkjoQSeGgF7WHmnS0S3vq5kMBYyqjGFNWLvBvv2SmvdmNKc rNuzpuW+QDiVfoGEILZEYq6qZuP43/YCh+Pf5NqDXhG4XBBarXB7Sl2Qw1a9ySCG u2MchyQlhgBdQ3O3PvaaeVkwMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ2pw4qU c93Q+a8MKLlKb9KKkACaMB8GA1UdIwQYMBaAFPoigBxSripfxJG3y+vmjvyiyNHZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODM3Qi8xNThEN0YzQ0I5 OUMxMUVGOTYzOEY3NjlDNEY5QUUwMi8taUtBSEZLdUtsX0VrYmZMNi1hT19LTEkw ZGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyLy1pS0FIRkt1S2xfRWtiZkw2LWFPX0tMSTBkay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODM3Qi8xNThEN0YzQ0I5OUMxMUVGOTYzOEY3NjlDNEY5QUUwMi8taUtBSEZLdUts X0VrYmZMNi1hT19LTEkwZGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB8A3x9FTETe40mkb71L64aNnrYGdJ+EWjdLt+xyKx9ofeSKA5Ux5dL qnb82578Hn2S5vS+e2jlR+rZ9P8iGAznFAzPH41jizjYinWhGGSQa7rzc57CVEtV mHuajzm3xlXG8Gf4RBlvu/J9JY4rP8EOvIJg3IlddMawv6eJ63AU+PT+meRj2OzT ioXOsWleFXly6774AiH2m5Q0XYRFCQKbkBs7hDnxMINipHVk+VW5+f+01hwSU+AZ D45ssl6JJ/RvZLaAOY6bPQJWYS6+OKkNhttZF0qtV8jOIK2XxwAAhnYf/vBsiJFf adsj3+nYxxhTfTD5w6UFicaySOKl+6sE -----END CERTIFICATE-----Generated at Tue Nov 4 17:18:24 2025 by rpki-client