$ rpki-client -vvf rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft File: IAAAWsWhdEBL07_CmUMyPpYGJbk.mft (raw, json) Hash identifier: feXfxRYaqECePupiWPOMTwE02XRV6SbsQ8F9MX+Hxzk= Subject key identifier: C3:34:D0:BD:F3:66:D1:98:C3:82:5A:BD:04:51:4B:CD:2D:43:0C:14 Authority key identifier: 20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 Certificate issuer: /CN=A91DA590/serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Certificate serial: 039D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft Manifest number: 0394 Signing time: Wed 05 Nov 2025 00:52:36 +0000 Manifest this update: Wed 05 Nov 2025 00:52:35 +0000 Manifest next update: Wed 12 Nov 2025 00:52:35 +0000 Files and hashes: 1: IAAAWsWhdEBL07_CmUMyPpYGJbk.crl (hash: n3KI6wIX7ha2Qyn52nj4WZ5a+A5QQc7jnWzqB9Ci9KM=) 2: 09E46A74C07F11ECB0707F18C4F9AE02.roa (hash: eJqOfUXf9pyBvXqljah+FkA7bab4t5X+jzwwp1GzOds=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:52:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 925 (0x39d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DA590, serialNumber=2000005AC5A174404BD3BFC29943323E960625B9 Validity Not Before: Nov 5 00:52:35 2025 GMT Not After : Nov 12 00:52:35 2025 GMT Subject: CN=690a9fd3-cef2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:9c:f4:d9:6b:52:2c:79:3a:ac:a3:49:29:c7: 7b:2f:4c:db:7c:0c:af:5d:40:fe:c5:71:7b:85:93: 34:0d:5e:04:c3:18:ec:37:cb:98:81:48:10:85:49: 9e:5b:f0:c1:3a:6c:f6:d2:da:84:17:6f:f7:9e:7b: 77:40:da:3e:f6:4f:31:2b:5c:31:32:cf:7f:a7:9a: 33:27:0a:b9:20:c3:4c:fa:02:80:51:49:c8:c9:4d: 17:36:7b:ff:bf:0f:69:8a:5f:d0:e2:23:0e:7a:61: 33:4e:fa:ed:81:dd:d1:61:dd:dd:39:af:31:c6:a3: d7:c5:6a:b1:ea:60:52:55:51:08:ca:ca:d1:6e:dc: fc:bf:08:04:d5:15:f5:f8:44:ab:45:14:35:bd:d1: 25:c4:f0:81:47:ff:10:95:dc:01:88:24:94:93:73: d4:24:7f:51:9c:4c:04:cf:6d:a6:7d:fe:c5:1e:2c: 9b:63:1e:81:f9:a3:54:3e:09:a3:57:99:b9:4a:2a: ce:fa:f4:f3:12:e0:b4:66:43:20:df:59:1d:68:8a: 0e:e8:62:f4:d3:7e:f0:8c:1f:2f:a7:7e:06:d4:09: ae:5d:35:ca:f2:ea:0e:b7:51:c7:be:dd:fb:19:1e: 48:3c:99:04:1e:63:d3:b4:75:86:70:f5:88:d5:ff: 9f:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:34:D0:BD:F3:66:D1:98:C3:82:5A:BD:04:51:4B:CD:2D:43:0C:14 X509v3 Authority Key Identifier: keyid:20:00:00:5A:C5:A1:74:40:4B:D3:BF:C2:99:43:32:3E:96:06:25:B9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IAAAWsWhdEBL07_CmUMyPpYGJbk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DA590/9510E86AC07B11EC987B847FC4F9AE02/IAAAWsWhdEBL07_CmUMyPpYGJbk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 09:00:36:6c:f5:5d:b4:05:69:6b:b0:3c:13:f7:ff:92:c8:c9: b5:33:21:7e:cc:8f:5a:a1:e2:fe:58:76:5f:74:57:63:65:3d: 66:ca:88:cc:e2:e5:66:39:ca:7d:9d:48:e6:d4:cb:a2:c9:06: 3e:de:fb:8f:cb:93:04:4b:79:c5:77:98:81:d4:20:d5:2c:49: 13:b0:be:dc:93:d3:fe:02:1e:09:79:06:c8:34:da:98:99:51: 1a:fa:d1:e9:d4:3c:c6:87:6b:71:74:e9:8f:02:4f:63:c2:af: 93:9c:8d:1d:86:fe:e6:7f:9d:c3:53:85:be:4a:6f:05:f3:50: 02:02:bd:16:1e:44:f8:c2:3a:b4:be:d5:68:d0:a4:57:19:6d: f0:50:9e:81:a8:1a:f9:f4:04:54:19:9f:2f:15:61:91:34:5e: da:fd:d5:e2:02:43:c0:f0:a9:b5:9d:c8:a0:45:ce:ae:e3:d2: 60:8f:68:70:7b:92:7f:96:e8:73:73:91:14:29:19:26:58:c0: a8:1b:01:17:fd:c6:eb:64:c7:0d:d4:23:89:2b:db:a7:ed:56: 2c:ef:1c:ef:6c:d9:64:c4:62:1e:dd:94:15:81:e7:5a:b8:a7: 38:29:6b:5e:01:db:0b:6f:1c:05:64:d0:6c:7b:80:86:37:94: 06:eb:3b:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA50wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REE1OTAxMTAvBgNVBAUTKDIwMDAwMDVBQzVBMTc0NDA0QkQzQkZDMjk5NDMzMjNF OTYwNjI1QjkwHhcNMjUxMTA1MDA1MjM1WhcNMjUxMTEyMDA1MjM1WjAYMRYwFAYD VQQDEw02OTBhOWZkMy1jZWYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1pz02WtSLHk6rKNJKcd7L0zbfAyvXUD+xXF7hZM0DV4EwxjsN8uYgUgQhUme W/DBOmz20tqEF2/3nnt3QNo+9k8xK1wxMs9/p5ozJwq5IMNM+gKAUUnIyU0XNnv/ vw9pil/Q4iMOemEzTvrtgd3RYd3dOa8xxqPXxWqx6mBSVVEIysrRbtz8vwgE1RX1 +ESrRRQ1vdElxPCBR/8QldwBiCSUk3PUJH9RnEwEz22mff7FHiybYx6B+aNUPgmj V5m5SirO+vTzEuC0ZkMg31kdaIoO6GL0037wjB8vp34G1AmuXTXK8uoOt1HHvt37 GR5IPJkEHmPTtHWGcPWI1f+f0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMM00L3z ZtGYw4JavQRRS80tQwwUMB8GA1UdIwQYMBaAFCAAAFrFoXRAS9O/wplDMj6WBiW5 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQTU5MC85NTEwRTg2QUMw N0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRFQkwwN19DbVVNeVBwWUdK YmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lBQUFXc1doZEVCTDA3X0NtVU15UHBZR0piay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QTU5MC85NTEwRTg2QUMwN0IxMUVDOTg3Qjg0N0ZDNEY5QUUwMi9JQUFBV3NXaGRF QkwwN19DbVVNeVBwWUdKYmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAJADZs9V20BWlrsDwT9/+SyMm1MyF+zI9aoeL+WHZfdFdjZT1myojM 4uVmOcp9nUjm1MuiyQY+3vuPy5MES3nFd5iB1CDVLEkTsL7ck9P+Ah4JeQbINNqY mVEa+tHp1DzGh2txdOmPAk9jwq+TnI0dhv7mf53DU4W+Sm8F81ACAr0WHkT4wjq0 vtVo0KRXGW3wUJ6BqBr59ARUGZ8vFWGRNF7a/dXiAkPA8Km1ncigRc6u49Jgj2hw e5J/luhzc5EUKRkmWMCoGwEX/cbrZMcN1COJK9un7VYs7xzvbNlkxGIe3ZQVgeda uKc4KWteAdsLbxwFZNBse4CGN5QG6ztO -----END CERTIFICATE-----Generated at Wed Nov 5 19:28:21 2025 by rpki-client