$ rpki-client -vvf rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft File: 8dIEca4xiTbXk7RttEgiB9lyRYs.mft (raw, json) Hash identifier: vmRhfOKy7CAe+72hj5vrsZZLnl9kTisB2xfGoBPSomM= Subject key identifier: 13:DF:80:6B:00:2D:7F:4D:DB:FC:C2:97:05:98:60:36:71:F0:1A:0E Authority key identifier: F1:D2:04:71:AE:31:89:36:D7:93:B4:6D:B4:48:22:07:D9:72:45:8B Certificate issuer: /CN=A91D8EAF/serialNumber=F1D20471AE318936D793B46DB4482207D972458B Certificate serial: 0CB0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8dIEca4xiTbXk7RttEgiB9lyRYs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft Manifest number: 0C9D Signing time: Tue 28 Oct 2025 18:14:07 +0000 Manifest this update: Tue 28 Oct 2025 18:14:06 +0000 Manifest next update: Tue 04 Nov 2025 18:14:06 +0000 Files and hashes: 1: 8dIEca4xiTbXk7RttEgiB9lyRYs.crl (hash: xOjIoCFl4fFcq3lCYhpp3zzJEAEhWfOdvoxmzZaaUzA=) 2: F4C2F7F604FF11EABFF6E022C4F9AE02.roa (hash: hMRVZDPhI9uQhHlcLsQL6+B9hhuCOLqR+jjUlDn3sAQ=) 3: 168AD09A04EF11EA9060B76BC4F9AE02.roa (hash: s3U0q40HWyXJCTwtjWa8KKHr421/tnOx6JMPLRqROA8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.crl rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8dIEca4xiTbXk7RttEgiB9lyRYs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 04 Nov 2025 18:14:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3248 (0xcb0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D8EAF, serialNumber=F1D20471AE318936D793B46DB4482207D972458B Validity Not Before: Oct 28 18:14:06 2025 GMT Not After : Nov 4 18:14:06 2025 GMT Subject: CN=690107ef-375b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:8b:75:89:49:5a:79:7a:e2:c5:48:dc:06:d6: 59:ac:2c:1d:ba:6c:64:d4:4d:6b:33:50:d0:a5:0b: 5f:04:32:93:54:11:5d:cc:f7:dd:61:1f:35:a4:f4: 46:65:cb:53:c5:38:79:00:ff:36:76:db:1e:e3:77: 96:a0:bd:eb:30:f9:a9:58:54:69:55:e8:c8:13:43: 45:b9:53:32:80:40:71:47:56:0b:ac:7e:68:96:b2: 9b:fa:3c:22:a0:e6:0d:59:80:2f:7d:e7:6b:e8:b8: 7b:a8:9a:9c:76:e2:bb:b7:b9:67:6a:df:0c:b9:1f: 56:45:c0:84:dd:6f:2f:22:a3:c7:31:ef:10:8c:cc: d4:02:3e:34:8e:c6:87:65:88:7b:18:16:bc:77:6a: 1b:41:46:02:f6:e2:83:28:21:54:ef:11:94:de:93: f6:8a:fd:29:24:8a:5e:6d:d7:60:d3:59:b1:ac:4c: d5:8b:d2:d5:ea:a4:60:c7:39:9a:db:e3:98:c7:b4: 3b:b0:45:70:9e:72:d1:de:9e:60:67:de:db:3e:39: 59:4e:81:56:27:e0:08:5f:46:8f:a8:9b:3b:16:8d: 13:85:e2:b7:98:4f:1d:70:8a:2b:4a:d3:46:3d:20: 40:04:fc:bc:fe:69:df:f1:32:85:60:b6:0c:4d:28: c4:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:DF:80:6B:00:2D:7F:4D:DB:FC:C2:97:05:98:60:36:71:F0:1A:0E X509v3 Authority Key Identifier: keyid:F1:D2:04:71:AE:31:89:36:D7:93:B4:6D:B4:48:22:07:D9:72:45:8B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/8dIEca4xiTbXk7RttEgiB9lyRYs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D8EAF/10B0E3D004EA11EABEDC8161C4F9AE02/8dIEca4xiTbXk7RttEgiB9lyRYs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:97:1b:8e:96:30:e2:37:ee:8f:62:fd:34:88:8c:e4:59:5a: eb:16:e0:5a:ea:fe:b1:2c:ac:b9:4c:e6:54:c4:a2:d7:30:56: 73:31:67:16:ab:ab:b4:08:6e:06:75:aa:97:2e:52:80:4d:13: 36:6b:3f:db:c0:30:c0:8a:72:0d:d7:3e:90:e7:98:ab:4a:0a: 90:be:f7:47:ae:88:ed:02:b1:82:8e:0f:dc:73:5c:e4:22:d8: 9e:bf:f3:7e:a8:08:0b:22:8a:2e:5e:29:d5:0c:74:d4:1b:e9: f4:27:08:8c:9f:51:12:6e:90:c9:63:fa:91:76:a1:5e:0a:e9: 88:8b:df:89:f5:09:ae:1b:44:08:00:2a:1c:4e:a7:26:6e:44: 32:b9:e7:c6:18:41:d6:ee:6b:c5:9a:91:40:78:00:ef:1a:5d: 98:7c:c9:3f:eb:16:b2:ce:d3:a5:62:31:fb:63:de:bc:f6:ff: 59:64:23:2f:12:6a:3d:3a:0a:3b:0b:27:ad:1c:45:f2:e9:5a: 91:2e:80:09:1f:8a:b3:18:b0:f9:23:e6:21:c5:0e:97:4e:97: 95:f3:24:ff:4d:d8:1b:fb:71:9d:a1:39:12:61:92:7a:66:f5: 36:cf:38:81:67:51:9b:49:b2:b8:10:58:fa:7b:56:43:a5:b5: 90:cb:78:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDLAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDhFQUYxMTAvBgNVBAUTKEYxRDIwNDcxQUUzMTg5MzZENzkzQjQ2REI0NDgyMjA3 RDk3MjQ1OEIwHhcNMjUxMDI4MTgxNDA2WhcNMjUxMTA0MTgxNDA2WjAYMRYwFAYD VQQDEw02OTAxMDdlZi0zNzViMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtYt1iUlaeXrixUjcBtZZrCwdumxk1E1rM1DQpQtfBDKTVBFdzPfdYR81pPRG ZctTxTh5AP82dtse43eWoL3rMPmpWFRpVejIE0NFuVMygEBxR1YLrH5olrKb+jwi oOYNWYAvfedr6Lh7qJqcduK7t7lnat8MuR9WRcCE3W8vIqPHMe8QjMzUAj40jsaH ZYh7GBa8d2obQUYC9uKDKCFU7xGU3pP2iv0pJIpebddg01mxrEzVi9LV6qRgxzma 2+OYx7Q7sEVwnnLR3p5gZ97bPjlZToFWJ+AIX0aPqJs7Fo0TheK3mE8dcIorStNG PSBABPy8/mnf8TKFYLYMTSjEswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBPfgGsA LX9N2/zClwWYYDZx8BoOMB8GA1UdIwQYMBaAFPHSBHGuMYk215O0bbRIIgfZckWL MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOEVBRi8xMEIwRTNEMDA0 RUExMUVBQkVEQzgxNjFDNEY5QUUwMi84ZElFY2E0eGlUYlhrN1J0dEVnaUI5bHlS WXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzhkSUVjYTR4aVRiWGs3UnR0RWdpQjlseVJZcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OEVBRi8xMEIwRTNEMDA0RUExMUVBQkVEQzgxNjFDNEY5QUUwMi84ZElFY2E0eGlU YlhrN1J0dEVnaUI5bHlSWXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBSlxuOljDiN+6PYv00iIzkWVrrFuBa6v6xLKy5TOZUxKLXMFZzMWcW q6u0CG4GdaqXLlKATRM2az/bwDDAinIN1z6Q55irSgqQvvdHrojtArGCjg/cc1zk Itiev/N+qAgLIoouXinVDHTUG+n0JwiMn1ESbpDJY/qRdqFeCumIi9+J9QmuG0QI ACocTqcmbkQyuefGGEHW7mvFmpFAeADvGl2YfMk/6xayztOlYjH7Y9689v9ZZCMv Emo9Ogo7CyetHEXy6VqRLoAJH4qzGLD5I+YhxQ6XTpeV8yT/Tdgb+3GdoTkSYZJ6 ZvU2zziBZ1GbSbK4EFj6e1ZDpbWQy3gF -----END CERTIFICATE-----Generated at Wed Oct 29 23:00:11 2025 by rpki-client