$ rpki-client -vvf rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft File: NSX5xUTpmw5jRgCZyS39lNSb9so.mft (raw, json) Hash identifier: P5IrUhlNJqaW16x4kUlyv4ySWUM8Gc5xqNTzksXLX7c= Subject key identifier: 63:F2:D9:C6:DC:87:22:BC:80:A6:0D:A9:0D:3F:D5:F9:F9:74:62:1C Authority key identifier: 35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA Certificate issuer: /CN=A91D9D7A/serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Certificate serial: 0289 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft Manifest number: 0285 Signing time: Mon 03 Nov 2025 01:33:49 +0000 Manifest this update: Mon 03 Nov 2025 01:33:49 +0000 Manifest next update: Mon 10 Nov 2025 01:33:49 +0000 Files and hashes: 1: NSX5xUTpmw5jRgCZyS39lNSb9so.crl (hash: c88Qi6oxntJF+PetMHCuLl2sW4fWkPD/AgueawZR+to=) 2: 81B7763C280211ED93948C10C4F9AE02.roa (hash: EUxX4jfQlcU/1uY0IOylmxYMPcoOQVgae213RHQG1Xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:33:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 649 (0x289) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D9D7A, serialNumber=3525F9C544E99B0E63460099C92DFD94D49BF6CA Validity Not Before: Nov 3 01:33:49 2025 GMT Not After : Nov 10 01:33:49 2025 GMT Subject: CN=6908067d-0238 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:e9:99:ba:03:cd:4a:e1:3b:67:7c:d2:78:ff: 99:1b:d1:3e:92:02:49:f1:ca:b0:eb:45:df:21:c2: 38:c0:09:a6:dc:d9:bf:e1:83:9a:51:96:87:08:2f: 29:f8:05:de:97:be:4e:bc:66:57:bd:b7:95:6d:ed: 3e:7d:fc:16:fd:d8:17:4b:3d:81:7c:d0:67:1a:f1: da:df:12:59:f9:77:ab:43:b4:ab:14:0b:89:31:39: f2:b5:e8:06:4d:96:5a:7f:12:8f:bd:6a:7f:ca:eb: 3a:27:10:e8:c4:30:9c:d0:be:a7:1d:49:6a:d1:0b: 88:7b:4f:d1:65:04:52:31:f6:4c:95:43:3d:7f:02: 38:56:c3:e8:3f:b9:62:8b:7e:f1:2f:10:86:89:39: 22:b7:2d:a2:e6:7d:70:58:24:65:22:53:cc:45:fa: b2:10:cc:84:8d:5e:9a:ff:af:f4:a8:48:95:ea:42: 70:94:09:18:ff:4e:22:b8:b5:56:b0:81:b7:27:42: a1:28:ef:07:b3:62:6c:b5:16:aa:70:f6:36:17:8c: e7:d0:77:8d:d2:d0:8f:84:88:09:7f:10:57:f8:f3: a9:b8:71:15:1f:38:4f:ae:1a:9f:c2:85:33:b6:60: f7:78:99:9b:4b:e0:c1:1a:82:96:85:8e:84:3f:0e: 20:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:F2:D9:C6:DC:87:22:BC:80:A6:0D:A9:0D:3F:D5:F9:F9:74:62:1C X509v3 Authority Key Identifier: keyid:35:25:F9:C5:44:E9:9B:0E:63:46:00:99:C9:2D:FD:94:D4:9B:F6:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NSX5xUTpmw5jRgCZyS39lNSb9so.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D9D7A/89A9AA24278311ED9BA02450C4F9AE02/NSX5xUTpmw5jRgCZyS39lNSb9so.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:b5:e9:d3:3d:53:46:aa:4d:15:1e:f5:de:13:b5:4f:91:51: e1:f4:d8:83:6c:da:28:13:3d:1a:de:43:04:29:7d:0a:87:cb: fb:f0:ff:2a:f5:33:87:79:93:00:7d:4e:82:d3:d9:8a:a3:ab: c7:c1:dc:e3:38:f4:ac:b5:48:a4:45:9f:0e:94:9f:26:8b:b7: c8:f2:04:5d:36:05:83:d2:9c:7f:59:7e:c6:fc:a8:a2:43:a1: 1d:5d:19:45:94:78:7a:80:b2:98:51:db:88:bc:ab:ac:cd:79: d1:a1:a6:cb:e1:56:4d:a9:c1:bd:a0:fe:66:21:c4:21:0f:d2: 33:3f:85:c6:27:c5:82:91:e9:64:dc:78:83:b4:81:65:d6:ed: 79:46:02:4f:a5:8d:fa:5a:6d:0d:f3:e8:13:39:89:a4:c3:6e: 79:9a:04:72:15:5a:85:78:8f:58:77:48:8f:44:ee:81:6f:1d: ff:44:77:5a:c9:fb:e3:0e:bd:c5:cb:df:e4:7c:da:46:0f:15: a8:0e:7c:63:b2:81:3d:81:3c:64:ed:4c:df:bf:dc:a6:e6:0a: db:89:57:1d:b9:c1:04:3f:5c:17:81:a3:94:1e:5f:b0:8f:9f: 5f:2d:3e:bf:fc:68:2f:0f:39:b1:32:8b:5b:4f:9f:8e:0e:9e: 63:72:a9:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAokwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDlEN0ExMTAvBgNVBAUTKDM1MjVGOUM1NDRFOTlCMEU2MzQ2MDA5OUM5MkRGRDk0 RDQ5QkY2Q0EwHhcNMjUxMTAzMDEzMzQ5WhcNMjUxMTEwMDEzMzQ5WjAYMRYwFAYD VQQDEw02OTA4MDY3ZC0wMjM4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzemZugPNSuE7Z3zSeP+ZG9E+kgJJ8cqw60XfIcI4wAmm3Nm/4YOaUZaHCC8p +AXel75OvGZXvbeVbe0+ffwW/dgXSz2BfNBnGvHa3xJZ+XerQ7SrFAuJMTnytegG TZZafxKPvWp/yus6JxDoxDCc0L6nHUlq0QuIe0/RZQRSMfZMlUM9fwI4VsPoP7li i37xLxCGiTkity2i5n1wWCRlIlPMRfqyEMyEjV6a/6/0qEiV6kJwlAkY/04iuLVW sIG3J0KhKO8Hs2JstRaqcPY2F4zn0HeN0tCPhIgJfxBX+POpuHEVHzhPrhqfwoUz tmD3eJmbS+DBGoKWhY6EPw4gMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGPy2cbc hyK8gKYNqQ0/1fn5dGIcMB8GA1UdIwQYMBaAFDUl+cVE6ZsOY0YAmckt/ZTUm/bK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEOUQ3QS84OUE5QUEyNDI3 ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13NWpSZ0NaeVMzOWxOU2I5 c28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05TWDV4VVRwbXc1alJnQ1p5UzM5bE5TYjlzby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE OUQ3QS84OUE5QUEyNDI3ODMxMUVEOUJBMDI0NTBDNEY5QUUwMi9OU1g1eFVUcG13 NWpSZ0NaeVMzOWxOU2I5c28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKtenTPVNGqk0VHvXeE7VPkVHh9NiDbNooEz0a3kMEKX0Kh8v78P8q 9TOHeZMAfU6C09mKo6vHwdzjOPSstUikRZ8OlJ8mi7fI8gRdNgWD0px/WX7G/Kii Q6EdXRlFlHh6gLKYUduIvKuszXnRoabL4VZNqcG9oP5mIcQhD9IzP4XGJ8WCkelk 3HiDtIFl1u15RgJPpY36Wm0N8+gTOYmkw255mgRyFVqFeI9Yd0iPRO6Bbx3/RHda yfvjDr3Fy9/kfNpGDxWoDnxjsoE9gTxk7Uzfv9ym5grbiVcducEEP1wXgaOUHl+w j59fLT6//GgvDzmxMotbT5+ODp5jcqmg -----END CERTIFICATE-----Generated at Mon Nov 3 18:13:17 2025 by rpki-client