$ rpki-client -vvf rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft File: 4Y0K0YMT4gIg3qG4cW37310JzPg.mft (raw, json) Hash identifier: 1OnT5Uo9EhdS3/c0JaTeAexlixbYy7eQ6A5c/021g/g= Subject key identifier: 1E:7F:C9:2C:64:3E:FC:FD:18:A6:35:FE:B6:33:E1:F9:76:8B:E7:87 Authority key identifier: E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 Certificate issuer: /CN=A91DBB66/serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Certificate serial: 5D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft Manifest number: 5B Signing time: Mon 03 Nov 2025 07:08:11 +0000 Manifest this update: Mon 03 Nov 2025 07:08:11 +0000 Manifest next update: Mon 10 Nov 2025 07:08:11 +0000 Files and hashes: 1: 4Y0K0YMT4gIg3qG4cW37310JzPg.crl (hash: JjAnHZKpv2sgfRzfTQB4o+1KgMr0rewxhbIN+UV8Sos=) 2: 099A56FE2FB311F09E3A9373C4F9AE02.roa (hash: c58CHJdQfloT8cjooayoSNCaLkxE9yxaVBgoB9VE0Hs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:08:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 93 (0x5d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DBB66, serialNumber=E18D0AD18313E20220DEA1B8716DFBDF5D09CCF8 Validity Not Before: Nov 3 07:08:11 2025 GMT Not After : Nov 10 07:08:11 2025 GMT Subject: CN=690854db-1e9a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ce:68:fb:32:39:28:34:0e:7d:e6:06:86:86: c4:2e:07:66:a9:9a:24:22:27:58:49:21:95:b6:fd: b0:94:f8:aa:e1:ba:a0:e5:fb:48:16:0c:79:c9:66: d7:ab:79:36:7c:03:2b:e0:1b:29:7b:b4:90:c4:35: 86:1c:7f:ff:dc:6d:b7:59:11:a0:e2:27:07:e6:18: d6:77:d3:b3:6f:17:3b:36:87:80:f4:99:a8:1d:67: 19:46:6f:26:3f:d1:97:b4:0f:09:7c:7b:93:17:f3: b9:92:e1:21:57:51:a4:49:5f:bb:ae:3e:88:aa:9e: 0d:95:00:1b:a3:8f:7c:2f:1e:68:3c:c0:8c:6e:a5: ec:de:10:91:2c:68:a2:f0:16:e5:c6:8d:55:87:71: 29:56:c3:a1:0b:9a:e1:58:7e:9a:73:7f:73:51:af: f9:f8:b1:8b:af:cf:3c:e9:b9:bb:80:a5:27:83:8b: 52:a9:1c:19:a5:6e:a7:92:3d:0c:cd:11:db:75:b2: c1:83:e5:50:36:64:bb:14:4b:e6:47:db:d2:29:5f: a9:f3:cf:02:58:24:04:e0:f7:79:3d:b0:e9:39:ba: f8:b5:d4:0a:31:d4:82:dc:1b:79:c8:1f:36:77:00: f4:fc:88:c7:88:a7:92:d2:b2:f3:7a:c6:80:44:a3: b2:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1E:7F:C9:2C:64:3E:FC:FD:18:A6:35:FE:B6:33:E1:F9:76:8B:E7:87 X509v3 Authority Key Identifier: keyid:E1:8D:0A:D1:83:13:E2:02:20:DE:A1:B8:71:6D:FB:DF:5D:09:CC:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4Y0K0YMT4gIg3qG4cW37310JzPg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DBB66/0C0D80DE2FAC11F08CEA0A71C4F9AE02/4Y0K0YMT4gIg3qG4cW37310JzPg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:68:8b:fb:96:8a:c1:48:ff:b0:3f:74:fb:af:5c:64:ed:8d: 1f:3c:51:1d:c7:e4:2b:97:bb:00:11:24:16:01:f5:95:2a:fd: d4:27:18:a9:b6:b2:b5:b3:a3:f8:62:4d:c8:2b:76:5a:1f:26: 40:56:1c:4c:90:c8:c8:db:2b:93:14:9b:bc:49:63:7b:b9:78: 3e:fc:20:0d:01:f4:b8:44:0f:52:dc:be:f7:60:45:cc:ad:da: da:4f:a1:ec:33:19:a0:0b:0f:77:7b:46:20:02:45:9e:fb:6c: 91:51:e7:8f:e2:9e:68:5c:8b:4c:c3:0c:36:1d:c0:5b:46:c7: 94:05:c8:45:03:44:62:21:b7:51:18:72:6e:d5:45:f2:b4:2c: 8d:28:a8:79:90:75:31:6c:26:ff:93:4a:01:d1:c5:17:00:fa: c8:b5:21:cb:27:d0:8b:df:b3:e9:f7:60:d6:ef:82:99:70:bc: fc:72:ad:0b:57:a8:94:64:62:35:5d:48:da:0e:32:a1:6d:02: 2d:e0:f0:17:dd:2e:b1:ab:8d:7b:86:ba:7d:3e:a5:5d:76:6b: 7b:35:66:76:82:c6:74:7b:71:35:2a:2b:fe:01:01:b4:be:38: ae:1e:8a:6f:46:27:9d:df:95:20:41:63:ae:89:4c:d9:05:71: de:7e:49:8c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFE QkI2NjExMC8GA1UEBRMoRTE4RDBBRDE4MzEzRTIwMjIwREVBMUI4NzE2REZCREY1 RDA5Q0NGODAeFw0yNTExMDMwNzA4MTFaFw0yNTExMTAwNzA4MTFaMBgxFjAUBgNV BAMTDTY5MDg1NGRiLTFlOWEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6zmj7MjkoNA595gaGhsQuB2apmiQiJ1hJIZW2/bCU+KrhuqDl+0gWDHnJZter eTZ8AyvgGyl7tJDENYYcf//cbbdZEaDiJwfmGNZ307NvFzs2h4D0magdZxlGbyY/ 0Ze0Dwl8e5MX87mS4SFXUaRJX7uuPoiqng2VABujj3wvHmg8wIxupezeEJEsaKLw FuXGjVWHcSlWw6ELmuFYfppzf3NRr/n4sYuvzzzpubuApSeDi1KpHBmlbqeSPQzN Edt1ssGD5VA2ZLsUS+ZH29IpX6nzzwJYJATg93k9sOk5uvi11Aox1ILcG3nIHzZ3 APT8iMeIp5LSsvN6xoBEo7IRAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUHn/JLGQ+ /P0YpjX+tjPh+XaL54cwHwYDVR0jBBgwFoAU4Y0K0YMT4gIg3qG4cW37310JzPgw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURCQjY2LzBDMEQ4MERFMkZB QzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJZzNxRzRjVzM3MzEwSnpQ Zy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvNFkwSzBZTVQ0Z0lnM3FHNGNXMzczMTBKelBnLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MURC QjY2LzBDMEQ4MERFMkZBQzExRjA4Q0VBMEE3MUM0RjlBRTAyLzRZMEswWU1UNGdJ ZzNxRzRjVzM3MzEwSnpQZy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABtoi/uWisFI/7A/dPuvXGTtjR88UR3H5CuXuwARJBYB9ZUq/dQnGKm2 srWzo/hiTcgrdlofJkBWHEyQyMjbK5MUm7xJY3u5eD78IA0B9LhED1LcvvdgRcyt 2tpPoewzGaALD3d7RiACRZ77bJFR54/inmhci0zDDDYdwFtGx5QFyEUDRGIht1EY cm7VRfK0LI0oqHmQdTFsJv+TSgHRxRcA+si1Icsn0Ivfs+n3YNbvgplwvPxyrQtX qJRkYjVdSNoOMqFtAi3g8BfdLrGrjXuGun0+pV12a3s1ZnaCxnR7cTUqK/4BAbS+ OK4eim9GJ53flSBBY66JTNkFcd5+SYw= -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:02 2025 by rpki-client