$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft File: nEKLhAc-vngu7TP5LkDdc2GgnKo.mft (raw, json) Hash identifier: lVwe2+Zl0yfUyaKJ9PxS2Qtc2X8hrTKnPjn7Jsl9z7E= Subject key identifier: AF:A7:87:43:2C:F3:9C:01:6F:A8:CF:04:15:EB:1A:65:5A:94:61:AF Authority key identifier: 9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA Certificate issuer: /CN=A91D8B6F/serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Certificate serial: 08BC Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft Manifest number: 08B6 Signing time: Tue 28 Oct 2025 20:21:19 +0000 Manifest this update: Tue 28 Oct 2025 20:21:19 +0000 Manifest next update: Tue 04 Nov 2025 20:21:19 +0000 Files and hashes: 1: nEKLhAc-vngu7TP5LkDdc2GgnKo.crl (hash: iqa+WAqJHcpmpAD1mjskIsRobX33R3ufHuDPypQZOUM=) 2: FE60ECB0879311EB84047577C4F9AE02.roa (hash: iVH3rhTgtUSo/JF63FQElE1NqUIp2qYoI3iOuK+LB04=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 20:21:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2236 (0x8bc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8B6F, serialNumber=9C428B84073EBE782EED33F92E40DD7361A09CAA Validity Not Before: Oct 28 20:21:19 2025 GMT Not After : Nov 4 20:21:19 2025 GMT Subject: CN=690125bf-3668 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e3:3a:43:45:a4:af:49:5c:56:9d:4a:0d:77:1b: 66:79:66:a0:07:6a:3b:bf:96:c3:f3:83:0a:ba:d5: f8:cb:bf:d7:af:ca:ea:27:0c:8c:99:91:5b:48:f4: b8:d1:95:f1:f4:d5:c5:f4:bb:13:9d:1d:45:fb:e6: 4b:b2:8b:bc:a9:5c:4b:47:44:fd:6c:a1:1b:ad:04: 02:00:7b:df:ed:20:93:3b:e9:16:1c:6b:e7:d3:86: 3f:f0:15:13:71:76:45:fa:15:bf:ef:b6:e4:58:3d: e1:0c:82:b1:b1:3d:d2:d6:ae:d5:da:f5:d6:db:04: 95:5c:65:c6:ba:fe:b2:50:60:57:8e:30:eb:71:e9: b7:e3:1a:6b:ef:c7:60:d0:2a:96:9f:a0:e6:99:c4: fd:3e:83:72:f0:38:51:c5:a3:7b:06:f4:de:52:bd: a4:08:e7:c7:9e:98:77:27:61:af:73:e3:fe:b0:80: 82:e3:b3:1b:4f:4c:b0:72:48:67:a6:9b:54:72:f3: b5:90:b2:90:2f:af:92:d4:78:60:83:05:d6:f8:96: d0:a4:f5:46:02:bc:11:c5:05:9b:f0:90:b2:ac:86: b6:bb:8c:5a:36:8f:52:14:b3:95:25:f6:97:9a:a1: 85:59:d2:e8:00:10:ba:f5:85:63:90:87:08:e8:07: 29:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:A7:87:43:2C:F3:9C:01:6F:A8:CF:04:15:EB:1A:65:5A:94:61:AF X509v3 Authority Key Identifier: keyid:9C:42:8B:84:07:3E:BE:78:2E:ED:33:F9:2E:40:DD:73:61:A0:9C:AA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nEKLhAc-vngu7TP5LkDdc2GgnKo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8B6F/E448BF18C4EF11EA87F43810C4F9AE02/nEKLhAc-vngu7TP5LkDdc2GgnKo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:11:0b:d4:81:6c:2c:2f:bf:b7:8f:c2:96:a3:4e:c5:14:84: 51:e7:75:7a:30:94:0d:10:83:8c:0e:df:88:0c:4a:a3:28:aa: 9d:41:79:69:d5:a1:9e:2a:c9:52:57:ba:f0:46:d1:20:25:93: dd:f8:87:0c:b0:f5:4f:6a:6f:4e:09:92:38:00:0c:4e:d5:b6: 1d:10:57:99:6d:4d:92:cf:14:09:ee:ea:a1:e5:d0:91:19:ee: 86:37:8b:1e:14:0e:21:de:e5:8c:4e:b1:c2:6b:65:8d:b0:b5: a9:9b:9c:c2:72:f2:11:22:40:1f:8a:55:fc:e2:90:04:e5:f8: 25:83:f2:79:6f:83:20:59:e3:77:c2:55:58:16:e6:a1:9f:2b: 63:13:8e:5d:67:e2:fe:5d:b6:75:93:93:a9:1d:3b:8e:a3:fe: d5:4d:ff:10:22:02:ff:2f:9e:3a:b4:b7:ad:3b:bf:f8:db:e3: 9d:cf:70:fb:d7:dd:16:b8:a2:94:8d:6f:1b:f0:c7:70:a8:df: 70:43:ba:f6:44:59:59:0f:e2:f6:ee:48:39:2e:b2:99:ac:e8: 15:60:6a:c9:8a:04:53:7c:f3:29:32:1d:1c:2e:ae:b0:32:c5: 42:17:2e:66:1e:95:a7:3d:d9:4a:4f:c0:6a:0a:59:5e:77:c7: 0b:8e:17:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCLwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhCNkYxMTAvBgNVBAUTKDlDNDI4Qjg0MDczRUJFNzgyRUVEMzNGOTJFNDBERDcz NjFBMDlDQUEwHhcNMjUxMDI4MjAyMTE5WhcNMjUxMTA0MjAyMTE5WjAYMRYwFAYD VQQDEw02OTAxMjViZi0zNjY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4zpDRaSvSVxWnUoNdxtmeWagB2o7v5bD84MKutX4y7/Xr8rqJwyMmZFbSPS4 0ZXx9NXF9LsTnR1F++ZLsou8qVxLR0T9bKEbrQQCAHvf7SCTO+kWHGvn04Y/8BUT cXZF+hW/77bkWD3hDIKxsT3S1q7V2vXW2wSVXGXGuv6yUGBXjjDrcem34xpr78dg 0CqWn6DmmcT9PoNy8DhRxaN7BvTeUr2kCOfHnph3J2Gvc+P+sICC47MbT0ywckhn pptUcvO1kLKQL6+S1HhggwXW+JbQpPVGArwRxQWb8JCyrIa2u4xaNo9SFLOVJfaX mqGFWdLoABC69YVjkIcI6AcpPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK+nh0Ms 85wBb6jPBBXrGmValGGvMB8GA1UdIwQYMBaAFJxCi4QHPr54Lu0z+S5A3XNhoJyq MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEI2Ri9FNDQ4QkYxOEM0 RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZuZ3U3VFA1TGtEZGMyR2du S28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25FS0xoQWMtdm5ndTdUUDVMa0RkYzJHZ25Lby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEI2Ri9FNDQ4QkYxOEM0RUYxMUVBODdGNDM4MTBDNEY5QUUwMi9uRUtMaEFjLXZu Z3U3VFA1TGtEZGMyR2duS28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqEQvUgWwsL7+3j8KWo07FFIRR53V6MJQNEIOMDt+IDEqjKKqdQXlp 1aGeKslSV7rwRtEgJZPd+IcMsPVPam9OCZI4AAxO1bYdEFeZbU2SzxQJ7uqh5dCR Ge6GN4seFA4h3uWMTrHCa2WNsLWpm5zCcvIRIkAfilX84pAE5fglg/J5b4MgWeN3 wlVYFuahnytjE45dZ+L+XbZ1k5OpHTuOo/7VTf8QIgL/L546tLetO7/42+Odz3D7 190WuKKUjW8b8MdwqN9wQ7r2RFlZD+L27kg5LrKZrOgVYGrJigRTfPMpMh0cLq6w MsVCFy5mHpWnPdlKT8BqClled8cLjhf0 -----END CERTIFICATE-----Generated at Thu Oct 30 17:57:40 2025 by rpki-client