$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft File: 30fOzFfqiK65ajhlVgufImC6mQ4.mft (raw, json) Hash identifier: WScKmjGCYdmfFGv3s5AKautu9HWBxicVYVtne1rkWiA= Subject key identifier: 36:5D:0B:21:54:B4:F9:E5:34:0F:D3:0B:13:49:2B:37:75:2A:E0:DA Authority key identifier: DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E Certificate issuer: /CN=A91DBA5B/serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Certificate serial: D1 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft Manifest number: D0 Signing time: Sat 25 Oct 2025 09:25:28 +0000 Manifest this update: Sat 25 Oct 2025 09:25:27 +0000 Manifest next update: Sat 01 Nov 2025 09:25:27 +0000 Files and hashes: 1: 30fOzFfqiK65ajhlVgufImC6mQ4.crl (hash: No3oUmndET33gYyeZ/t6NihmJgKIOn90lGAzvK0cc4E=) 2: 02389B7670E811EFA8DBE571C4F9AE02.roa (hash: AxDsA8rt+K98y/uEnY4JUiHZ0XXqFDNJTlI0IgqxxqQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 01 Nov 2025 09:25:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 209 (0xd1) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBA5B, serialNumber=DF47CECC57EA88AEB96A3865560B9F2260BA990E Validity Not Before: Oct 25 09:25:27 2025 GMT Not After : Nov 1 09:25:27 2025 GMT Subject: CN=68fc9788-72b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:73:8a:af:12:52:dc:fb:7e:73:13:50:be:24: 42:da:7d:c0:c9:9c:8c:a0:bb:de:57:bd:2e:96:8b: 2f:c7:dd:94:bb:eb:c0:07:c3:2a:c8:ff:7f:e3:ba: a6:e9:41:6e:a3:88:e6:3b:60:f2:a5:41:55:f3:37: 98:bc:71:ad:cb:89:7e:0d:1e:f8:51:ad:5f:63:f3: 74:bb:f5:0c:11:ed:e7:2f:f3:f0:ad:af:39:4b:b7: 97:e2:ab:2e:84:94:2d:67:0d:d9:8e:b3:7d:72:a8: 24:85:72:44:9f:d0:1d:1d:d9:a7:f3:a7:8e:3c:c3: 90:23:d6:62:55:a5:91:5b:d4:3d:de:58:eb:28:c0: 4a:7e:7d:65:69:be:6a:28:2c:65:13:60:2b:ed:82: a3:bb:68:e4:1e:7a:1f:5d:f8:32:79:78:c7:28:64: 2d:57:a7:d5:f6:80:7d:54:4d:55:8c:80:51:75:92: e5:3b:4d:33:1b:a8:2c:7d:42:ee:98:d2:cc:2b:8a: f1:17:b7:75:bb:af:b8:f3:63:0a:8f:ff:0a:9e:a2: 70:3b:f0:46:c2:3b:83:72:a5:ef:0a:67:94:a1:1e: e6:4d:72:62:15:c0:6f:ae:02:a9:84:b3:54:d9:85: 22:39:9b:18:df:58:06:0d:a1:94:29:a8:37:55:63: 81:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:5D:0B:21:54:B4:F9:E5:34:0F:D3:0B:13:49:2B:37:75:2A:E0:DA X509v3 Authority Key Identifier: keyid:DF:47:CE:CC:57:EA:88:AE:B9:6A:38:65:56:0B:9F:22:60:BA:99:0E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/30fOzFfqiK65ajhlVgufImC6mQ4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBA5B/58004AAA70E711EFB444AF70C4F9AE02/30fOzFfqiK65ajhlVgufImC6mQ4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:8f:8c:ac:6f:56:9d:f5:cd:99:40:f6:45:39:38:83:7d:56: 42:b0:04:03:22:96:fa:0d:11:92:cd:49:d2:0e:38:4f:bd:a4: 13:6f:23:1e:f1:23:c5:05:3e:7a:36:11:18:11:e2:8f:fd:a1: a0:8b:75:6d:aa:ec:bf:cf:82:af:98:e0:9e:68:31:98:48:39: 9d:35:87:d4:aa:ac:29:94:23:4a:05:7c:ca:7a:6a:44:cf:ad: fc:7c:d0:7c:94:0e:1b:84:9e:99:22:31:10:0e:81:6b:b4:52: 07:95:ac:78:af:55:e6:c4:b9:4a:4d:07:0f:1a:46:60:eb:5f: 67:7c:00:96:1c:ac:87:b6:73:e5:94:67:6d:37:fa:0f:b8:d8: 1b:5e:9f:8c:5c:2f:49:9b:3d:21:39:23:27:49:f1:0e:6c:44: eb:a6:39:19:3d:1a:db:b9:fc:b0:39:55:ed:7b:d5:81:c4:08: 8d:c7:34:46:f4:49:bd:2d:1c:14:80:d0:c3:11:e4:d9:cd:ab: 7e:4e:2f:cc:10:3d:24:8b:8d:59:43:fa:44:a4:ef:7f:b6:1c: fe:6c:2f:69:5b:d8:3d:f0:a8:39:9f:35:95:db:9a:06:50:8f: 07:c2:34:d5:88:6c:28:8b:73:4d:1b:7f:27:39:c6:06:81:f3: 17:94:9f:ed -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REJBNUIxMTAvBgNVBAUTKERGNDdDRUNDNTdFQTg4QUVCOTZBMzg2NTU2MEI5RjIy NjBCQTk5MEUwHhcNMjUxMDI1MDkyNTI3WhcNMjUxMTAxMDkyNTI3WjAYMRYwFAYD VQQDEw02OGZjOTc4OC03MmIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv3OKrxJS3Pt+cxNQviRC2n3AyZyMoLveV70ulosvx92Uu+vAB8MqyP9/47qm 6UFuo4jmO2DypUFV8zeYvHGty4l+DR74Ua1fY/N0u/UMEe3nL/Pwra85S7eX4qsu hJQtZw3ZjrN9cqgkhXJEn9AdHdmn86eOPMOQI9ZiVaWRW9Q93ljrKMBKfn1lab5q KCxlE2Ar7YKju2jkHnofXfgyeXjHKGQtV6fV9oB9VE1VjIBRdZLlO00zG6gsfULu mNLMK4rxF7d1u6+482MKj/8KnqJwO/BGwjuDcqXvCmeUoR7mTXJiFcBvrgKphLNU 2YUiOZsY31gGDaGUKag3VWOBaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDZdCyFU tPnlNA/TCxNJKzd1KuDaMB8GA1UdIwQYMBaAFN9HzsxX6oiuuWo4ZVYLnyJgupkO MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQkE1Qi81ODAwNEFBQTcw RTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi8zMGZPekZmcWlLNjVhamhsVmd1ZkltQzZt UTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzMwZk96RmZxaUs2NWFqaGxWZ3VmSW1DNm1RNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QkE1Qi81ODAwNEFBQTcwRTcxMUVGQjQ0NEFGNzBDNEY5QUUwMi8zMGZPekZmcWlL NjVhamhsVmd1ZkltQzZtUTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBAj4ysb1ad9c2ZQPZFOTiDfVZCsAQDIpb6DRGSzUnSDjhPvaQTbyMe 8SPFBT56NhEYEeKP/aGgi3Vtquy/z4KvmOCeaDGYSDmdNYfUqqwplCNKBXzKempE z638fNB8lA4bhJ6ZIjEQDoFrtFIHlax4r1XmxLlKTQcPGkZg619nfACWHKyHtnPl lGdtN/oPuNgbXp+MXC9Jmz0hOSMnSfEObETrpjkZPRrbufywOVXte9WBxAiNxzRG 9Em9LRwUgNDDEeTZzat+Ti/MED0ki41ZQ/pEpO9/thz+bC9pW9g98Kg5nzWV25oG UI8HwjTViGwoi3NNG38nOcYGgfMXlJ/t -----END CERTIFICATE-----Generated at Sat Oct 25 20:03:04 2025 by rpki-client