$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft File: i0hqzK8SpnqVaI6NEb1ljAQcElo.mft (raw, json) Hash identifier: XF1ljWsNnGuz75IXQXlhCdnrtlHKqjA81ME8gcWD2zM= Subject key identifier: 7E:9C:3C:D0:D9:86:BC:98:19:84:D2:BF:F9:F0:4B:E0:4F:ED:54:A1 Authority key identifier: 8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A Certificate issuer: /CN=A91DBA5B/serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft Manifest number: D0 Signing time: Sat 25 Oct 2025 09:25:25 +0000 Manifest this update: Sat 25 Oct 2025 09:25:25 +0000 Manifest next update: Sat 01 Nov 2025 09:25:25 +0000 Files and hashes: 1: i0hqzK8SpnqVaI6NEb1ljAQcElo.crl (hash: 4knYNItamizMtYLcHhXAHpCrsaBtJjm2SgaYXjX2lr8=) 2: F305F43270E711EF8573CF71C4F9AE02.roa (hash: aci5Spv/e6z609EwzRrCe3VebaHTH23V/kyd6t5TMtw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Nov 2025 09:19:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=8B486ACCAF12A67A95688E8D11BD658C041C125A Validity Not Before: Oct 25 09:25:25 2025 GMT Not After : Nov 1 09:25:25 2025 GMT Subject: CN=68fc9785-cf12 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:9b:a5:a8:99:a5:f5:cf:6f:5e:9a:d8:67:9a: f9:9a:6e:55:13:a4:d7:7d:f7:24:d3:b5:c8:49:14: 6f:b6:38:3d:eb:ac:73:03:ae:98:02:9c:5c:b6:7e: 34:ba:c7:24:7d:3d:9b:ec:37:ab:f8:45:c8:71:c5: d2:41:7a:e1:d9:e8:9b:44:fa:bb:f4:5c:00:da:20: 54:a4:a1:51:1d:98:c9:5f:e2:7d:85:c4:fc:58:d0: bf:76:2a:f6:fc:12:a8:8c:5c:a3:bb:aa:17:02:8e: 42:ab:2f:76:cd:8f:7e:fa:84:74:80:57:d0:54:c4: c3:50:7f:2d:6a:81:61:9b:59:8a:53:89:dc:05:63: af:56:0f:f8:02:ac:1d:5b:76:3e:e7:88:2b:67:d9: b9:da:7c:fd:ee:24:2b:07:fd:c1:c8:9d:ce:9e:9d: eb:d3:8d:44:1f:dd:4f:fc:09:27:7e:8c:35:fe:94: 5c:dc:3e:8a:a5:ca:6c:b7:18:ca:86:1f:e7:74:f7: 45:94:35:bc:2d:a6:08:05:79:bc:8a:e5:39:e0:a6: a5:19:da:98:aa:b9:ee:93:a4:0b:94:59:d7:ab:97: 84:36:c2:aa:df:00:0d:cc:5d:df:4a:55:c9:7a:3d: c5:83:42:d6:19:5b:5a:fc:d1:a3:d0:2d:39:a1:fc: 89:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:9C:3C:D0:D9:86:BC:98:19:84:D2:BF:F9:F0:4B:E0:4F:ED:54:A1 X509v3 Authority Key Identifier: keyid:8B:48:6A:CC:AF:12:A6:7A:95:68:8E:8D:11:BD:65:8C:04:1C:12:5A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/i0hqzK8SpnqVaI6NEb1ljAQcElo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/4D7CE66A70E711EFB444AF70C4F9AE02/i0hqzK8SpnqVaI6NEb1ljAQcElo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:0b:50:2b:7a:08:35:79:79:fd:fd:2f:36:f5:23:f6:0c:23: 14:dc:84:b2:f6:3a:a3:54:29:26:84:87:cf:e4:00:bb:7d:a6: 86:e6:1f:08:a4:b1:f0:01:8a:9e:d9:88:a3:1f:be:4c:cd:47: a0:d4:70:3e:83:0b:8d:a7:ad:24:07:32:ff:fe:87:af:24:90: 58:48:40:03:f6:d9:5d:40:03:b9:eb:e8:74:61:ee:7e:40:6f: bb:65:5e:42:96:99:3e:7f:6f:9a:18:e9:04:47:9b:10:6e:56: f5:6d:7c:f2:a5:df:73:af:11:c4:95:97:2f:0e:23:3d:e8:55: 50:ea:0f:29:0f:82:dc:9b:37:0d:27:9a:e9:68:58:48:3d:57: ce:76:f1:0f:70:cd:fb:a7:3d:0b:20:2d:ea:28:5c:75:30:a9: 7d:97:28:3d:8c:28:f1:b8:0b:d2:e4:cd:18:ff:75:a4:4b:6c: 8c:29:d6:33:50:a1:c4:00:6b:38:74:66:50:b2:b1:f8:e9:b5: af:66:47:53:93:5c:9b:12:ff:04:95:b2:f9:4e:cc:21:be:02: b2:cc:b2:48:a3:a0:fa:11:ff:f6:8a:46:3c:57:71:b4:15:56: b9:c2:01:f3:68:ce:17:06:1d:e3:a7:ac:d4:64:48:80:96:ca: d6:dc:b0:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKDhCNDg2QUNDQUYxMkE2N0E5NTY4OEU4RDExQkQ2NThD MDQxQzEyNUEwHhcNMjUxMDI1MDkyNTI1WhcNMjUxMTAxMDkyNTI1WjAYMRYwFAYD VQQDEw02OGZjOTc4NS1jZjEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt5ulqJml9c9vXprYZ5r5mm5VE6TXffck07XISRRvtjg966xzA66YApxctn40 usckfT2b7Der+EXIccXSQXrh2eibRPq79FwA2iBUpKFRHZjJX+J9hcT8WNC/dir2 /BKojFyju6oXAo5Cqy92zY9++oR0gFfQVMTDUH8taoFhm1mKU4ncBWOvVg/4Aqwd W3Y+54grZ9m52nz97iQrB/3ByJ3Onp3r041EH91P/Aknfow1/pRc3D6KpcpstxjK hh/ndPdFlDW8LaYIBXm8iuU54KalGdqYqrnuk6QLlFnXq5eENsKq3wANzF3fSlXJ ej3Fg0LWGVta/NGj0C05ofyJZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH6cPNDZ hryYGYTSv/nwS+BP7VShMB8GA1UdIwQYMBaAFItIasyvEqZ6lWiOjRG9ZYwEHBJa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi80RDdDRTY2QTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3BucVZhSTZORWIxbGpBUWNF bG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2kwaHF6SzhTcG5xVmFJNk5FYjFsakFRY0Vsby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi80RDdDRTY2QTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi9pMGhxeks4U3Bu cVZhSTZORWIxbGpBUWNFbG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOC1Aregg1eXn9/S829SP2DCMU3ISy9jqjVCkmhIfP5AC7faaG5h8I pLHwAYqe2YijH75MzUeg1HA+gwuNp60kBzL//oevJJBYSEAD9tldQAO56+h0Ye5+ QG+7ZV5Clpk+f2+aGOkER5sQblb1bXzypd9zrxHElZcvDiM96FVQ6g8pD4LcmzcN J5rpaFhIPVfOdvEPcM37pz0LIC3qKFx1MKl9lyg9jCjxuAvS5M0Y/3WkS2yMKdYz UKHEAGs4dGZQsrH46bWvZkdTk1ybEv8ElbL5TswhvgKyzLJIo6D6Ef/2ikY8V3G0 FVa5wgHzaM4XBh3jp6zUZEiAlsrW3LBp -----END CERTIFICATE-----Generated at Sat Oct 25 11:27:17 2025 by rpki-client