$ rpki-client -vvf rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft File: xOTw2gEK9YY3zFlihHHpmLckPFI.mft (raw, json) Hash identifier: YW0lE/AFFt0YQvPnSL2tqHc8Uv1gDWI9sUxqoL0IU3Y= Subject key identifier: 22:69:BD:B3:66:46:D7:EE:9A:89:FF:EB:41:AD:DD:D2:00:5C:DE:0E Authority key identifier: C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 Certificate issuer: /CN=A91D83D0/serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Certificate serial: 094D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft Manifest number: 0933 Signing time: Fri 24 Oct 2025 21:02:27 +0000 Manifest this update: Fri 24 Oct 2025 21:02:26 +0000 Manifest next update: Fri 31 Oct 2025 21:02:26 +0000 Files and hashes: 1: xOTw2gEK9YY3zFlihHHpmLckPFI.crl (hash: PZchDkQdEA5O0bdARqhw/36oMQ5SljWhNshAZuWph24=) 2: 5353EA28781F11EEBA05B17FC4F9AE02.roa (hash: Del+9YrkACA6yrhYJeSPVVuh01l/16gJ82iy69S9BRo=) 3: 863670328FD011EEB6FFC636C4F9AE02.roa (hash: PnqDvM4vjQdsVy80UhznbWoKhp/dlqh33E+GG+RU+dk=) 4: 03706138786411EC8624EB12C4F9AE02.roa (hash: qKXv165pzdK/WBxXfxqKy/V+953i+G1rFbe37yvanHk=) 5: F4E74AA8B99911EF9A0C3B63C4F9AE02.roa (hash: Ci305f1V47fRIRqmqjLy+EIi8DLnLoGCGpVVZ48v10E=) 6: 6A6E4770A10F11EF840C2548C4F9AE02.roa (hash: lvX9qWs0U9FJpaiKhdFBFudNcs3mWD37dbOmEs33Njk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 21:02:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2381 (0x94d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D83D0, serialNumber=C4E4F0DA010AF58637CC59628471E998B7243C52 Validity Not Before: Oct 24 21:02:26 2025 GMT Not After : Oct 31 21:02:26 2025 GMT Subject: CN=68fbe963-29d2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:14:6e:2d:f7:13:ec:d2:08:f2:80:a6:5b:d5: eb:d3:ae:a7:e6:ac:fb:45:f8:bf:a3:1f:43:70:33: 67:ac:1c:4c:d0:69:65:83:57:87:cf:c7:cf:57:1b: 70:7e:85:c8:b5:6e:0a:0a:b5:21:84:28:8d:b4:9c: e2:be:19:1c:33:41:32:b2:90:0e:c5:03:92:d4:21: 1b:79:75:13:4d:9c:68:99:f6:41:9e:f2:2f:f1:2d: 2f:9e:b1:40:a3:98:7b:f6:36:ec:ff:e3:03:7a:5b: 87:29:a6:83:36:7b:90:d7:d6:16:95:39:5a:0b:61: b8:5b:d0:c7:fe:a3:ff:1f:88:17:5c:76:70:1e:d4: 55:ae:9f:cf:22:ae:16:b5:88:19:73:e0:0d:f2:49: f2:c0:3f:1e:9f:82:74:49:8b:ad:91:a5:88:10:7d: d9:69:a6:f7:f9:2f:f6:fe:8d:a5:70:10:9f:52:6d: 60:b6:d9:c6:64:f0:9f:3b:63:e8:fc:32:5c:ac:9e: 14:0f:ce:e9:9d:fc:af:c1:bc:0e:e7:cb:88:23:1a: eb:08:3a:c7:36:82:97:07:30:e9:c8:0c:bc:cc:02: 54:e8:9a:ee:d0:6d:f9:5d:b9:c3:2b:db:39:4b:ab: a0:4a:55:e7:8e:05:6f:79:40:62:89:f0:9d:53:99: cc:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:69:BD:B3:66:46:D7:EE:9A:89:FF:EB:41:AD:DD:D2:00:5C:DE:0E X509v3 Authority Key Identifier: keyid:C4:E4:F0:DA:01:0A:F5:86:37:CC:59:62:84:71:E9:98:B7:24:3C:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/xOTw2gEK9YY3zFlihHHpmLckPFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D83D0/0A16208AAFBC11EAA961CB86C4F9AE02/xOTw2gEK9YY3zFlihHHpmLckPFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2a:85:6c:aa:e8:ec:c6:a4:b3:cc:17:fa:c8:65:06:43:fb:6a: 16:17:4a:11:5d:7a:c8:78:c0:b1:ca:fa:77:26:02:fd:7d:34: f1:31:23:fb:3f:b9:67:eb:4d:77:d7:c3:de:92:38:98:04:8e: a1:98:b5:71:34:6a:41:f4:3b:5c:fb:bd:08:35:c9:0f:74:0c: cf:22:75:b8:1a:1d:df:41:8e:e0:59:a6:ba:57:f0:27:b9:62: a7:aa:8c:44:15:52:9f:7b:36:36:3e:83:74:22:90:44:81:0c: 84:c8:34:d8:bf:3b:32:1d:1a:04:f4:19:ff:0f:2e:61:31:10: f6:30:17:34:f1:0d:48:06:50:d0:08:57:99:34:55:ce:8e:d0: ff:2b:b6:54:85:64:1c:76:df:61:33:cf:eb:49:98:5f:f7:9f: d0:b6:e0:87:8a:49:f8:71:fe:ff:fd:ec:91:e6:1d:13:50:d3: bb:10:eb:37:d7:3d:ae:93:d6:21:75:09:00:23:de:d5:22:62: 0b:3a:86:68:cb:83:45:46:6e:09:54:21:be:9b:e8:be:f8:96: 76:d7:e5:6a:e4:58:5c:b7:59:f5:95:81:f1:83:e1:f2:4c:15: ee:97:a2:82:78:9c:4d:c0:97:e6:24:16:b3:84:90:58:f0:e3: f0:a3:5d:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCU0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgzRDAxMTAvBgNVBAUTKEM0RTRGMERBMDEwQUY1ODYzN0NDNTk2Mjg0NzFFOTk4 QjcyNDNDNTIwHhcNMjUxMDI0MjEwMjI2WhcNMjUxMDMxMjEwMjI2WjAYMRYwFAYD VQQDEw02OGZiZTk2My0yOWQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1RRuLfcT7NII8oCmW9Xr066n5qz7Rfi/ox9DcDNnrBxM0Gllg1eHz8fPVxtw foXItW4KCrUhhCiNtJzivhkcM0EyspAOxQOS1CEbeXUTTZxomfZBnvIv8S0vnrFA o5h79jbs/+MDeluHKaaDNnuQ19YWlTlaC2G4W9DH/qP/H4gXXHZwHtRVrp/PIq4W tYgZc+AN8knywD8en4J0SYutkaWIEH3Zaab3+S/2/o2lcBCfUm1gttnGZPCfO2Po /DJcrJ4UD87pnfyvwbwO58uIIxrrCDrHNoKXBzDpyAy8zAJU6Jru0G35XbnDK9s5 S6ugSlXnjgVveUBiifCdU5nM4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCJpvbNm Rtfumon/60Gt3dIAXN4OMB8GA1UdIwQYMBaAFMTk8NoBCvWGN8xZYoRx6Zi3JDxS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODNEMC8wQTE2MjA4QUFG QkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZWTN6RmxpaEhIcG1MY2tQ RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3hPVHcyZ0VLOVlZM3pGbGloSEhwbUxja1BGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODNEMC8wQTE2MjA4QUFGQkMxMUVBQTk2MUNCODZDNEY5QUUwMi94T1R3MmdFSzlZ WTN6RmxpaEhIcG1MY2tQRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAqhWyq6OzGpLPMF/rIZQZD+2oWF0oRXXrIeMCxyvp3JgL9fTTxMSP7 P7ln601318PekjiYBI6hmLVxNGpB9Dtc+70INckPdAzPInW4Gh3fQY7gWaa6V/An uWKnqoxEFVKfezY2PoN0IpBEgQyEyDTYvzsyHRoE9Bn/Dy5hMRD2MBc08Q1IBlDQ CFeZNFXOjtD/K7ZUhWQcdt9hM8/rSZhf95/QtuCHikn4cf7//eyR5h0TUNO7EOs3 1z2uk9YhdQkAI97VImILOoZoy4NFRm4JVCG+m+i++JZ21+Vq5Fhct1n1lYHxg+Hy TBXul6KCeJxNwJfmJBazhJBY8OPwo10R -----END CERTIFICATE-----Generated at Sat Oct 25 22:52:55 2025 by rpki-client