$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft File: raiu0ysVuH5hElLSnR4dW95YFkY.mft (raw, json) Hash identifier: 0O7nq0a4TnVV9ynsgyybeR8FNYvIAgnoEJ9Euj7BtLo= Subject key identifier: D1:4C:47:C2:37:C8:55:C5:81:87:C2:9E:EB:E2:70:B5:49:38:8F:A2 Authority key identifier: AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 Certificate issuer: /CN=A91DC5BE/serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Certificate serial: 35C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft Manifest number: 3540 Signing time: Sun 26 Oct 2025 14:16:34 +0000 Manifest this update: Sun 26 Oct 2025 14:16:33 +0000 Manifest next update: Sun 02 Nov 2025 14:16:33 +0000 Files and hashes: 1: raiu0ysVuH5hElLSnR4dW95YFkY.crl (hash: aif032V230XNXWZQSyN4bupi3tA1bTD0hnuMOtAxqHI=) 2: C9B8A270483411ECA6C7C085C4F9AE02.roa (hash: nJvnNt0eJsmGuLUjItzV/NgJ7+2UZ1r5MhffEQ8w0sk=) 3: DB3F9CA4817B11F0BDC51985C4F9AE02.roa (hash: JAIKKCo9C8qw6fr8uLdaMchlj/iGB4GqwIN2CeXneAc=) 4: 7C836BA46C8E11EEA38B9554C4F9AE02.roa (hash: aQYfeFSthN9oof4UX3Yota3Vi8A1Xibnwm7ZRxMjljY=) 5: DCD41E8E98D511F0B3824663C4F9AE02.roa (hash: EWlSDhZJpxeihw3aeM/sQAa10hdfChLc1MQCCqHexiw=) 6: FC72B9529F0311EAB6B8EA87C4F9AE02.roa (hash: iJ1kB8ujNY3bRF9sFR+ioHj2q77p/d9prgJ8hOEg/Tw=) 7: E2446DD228AA11E79582F36BC4F9AE02.roa (hash: ZJSRmEu8ZSRqTlcPEDfX6hYX2fzOC+1QV4+V6A/VckU=) 8: 662A2F2286B411E6BAEB2614C4F9AE02.roa (hash: MRkFXSabw9acLO92YltXC7hoPQwJsDF6DX+Xsg12tnY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 14:16:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13767 (0x35c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC5BE, serialNumber=ADA8AED32B15B87E611252D29D1E1D5BDE581646 Validity Not Before: Oct 26 14:16:33 2025 GMT Not After : Nov 2 14:16:33 2025 GMT Subject: CN=68fe2d42-b732 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:e2:ad:55:03:83:d7:b1:8c:38:04:b0:b6:77: 88:bc:29:dc:25:b9:2c:10:93:b1:b6:d5:6a:dc:53: a5:35:b5:94:c0:45:da:14:f8:c7:a5:b0:fd:73:2d: 02:e9:34:25:90:1f:38:8f:1f:7a:7d:a9:a0:c3:1b: a6:90:d1:67:6c:64:bd:20:12:55:0b:bb:7d:59:22: f7:95:5d:2b:30:b4:a8:04:25:f6:39:b9:1d:cd:64: 84:c7:78:5b:96:61:f6:33:57:5d:57:b1:4a:27:13: ad:80:3c:52:fd:92:0b:7a:63:49:a1:ae:73:99:5f: bd:60:50:a0:cb:d0:0f:17:13:53:25:84:ef:08:8e: ce:21:14:b9:67:cc:a5:dc:17:86:8b:13:cf:de:7d: a9:27:bc:68:34:28:ed:fb:6c:e5:35:0d:3c:5f:78: 25:cd:01:c7:ee:7f:66:d9:9d:ab:b0:a3:87:36:c0: 4f:f6:2a:0f:d4:1d:67:b6:3e:a7:bc:6d:d4:89:8a: 71:39:99:82:b3:55:d4:b6:a1:a9:4f:0b:80:cd:7b: 3b:80:90:b5:d0:ce:77:24:d3:8e:5b:45:01:fc:1e: 72:65:27:e2:1d:a7:09:07:63:2b:61:3b:b5:c2:cd: 83:a6:20:2f:dc:5b:e2:c2:86:d3:45:38:f6:c7:86: 87:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:4C:47:C2:37:C8:55:C5:81:87:C2:9E:EB:E2:70:B5:49:38:8F:A2 X509v3 Authority Key Identifier: keyid:AD:A8:AE:D3:2B:15:B8:7E:61:12:52:D2:9D:1E:1D:5B:DE:58:16:46 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/raiu0ysVuH5hElLSnR4dW95YFkY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC5BE/D401619A1D6911E2AFB64EA708B02CD2/raiu0ysVuH5hElLSnR4dW95YFkY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:c4:1b:d1:95:ec:3e:5e:80:91:cb:1f:13:37:a4:76:ff:ba: 1d:2e:e3:fd:d8:34:12:87:cd:0f:8a:bb:96:f4:ae:eb:5b:99: a0:47:dd:0c:96:cc:1c:4e:01:b4:19:c6:b0:5a:e5:f4:97:9d: 77:1d:4b:50:ac:bc:d3:94:2e:b4:9b:f1:30:c7:9a:b9:9b:fe: 7e:36:71:4f:a0:6d:f9:6c:6c:bd:6f:d9:3c:ae:b6:db:27:48: 31:ba:63:f1:ec:96:4a:a0:90:b1:d8:e1:f3:3c:81:bb:fa:66: f8:f8:a5:ea:a0:08:1f:e0:5f:86:7d:8c:b9:d3:24:63:5c:ae: 7d:09:7c:f2:52:a1:8c:89:e0:09:24:0f:ac:85:35:36:2e:a6: b3:73:2a:c2:0b:a9:a2:bc:b8:d5:20:b9:ca:b5:58:6b:1e:11: 1c:3b:b3:48:de:59:dd:e3:9e:6b:1a:b2:c0:fe:de:ba:17:55: 38:16:87:bf:88:3c:c3:a8:c0:70:15:f4:ba:f3:5e:a2:35:c5: fe:4f:01:4c:bd:0f:64:23:2a:da:3a:c8:df:ae:bf:ea:74:17: ad:c1:99:63:7b:de:f0:4e:34:01:56:0f:85:c7:7e:ca:d8:a0: fc:02:b2:4e:6a:a0:55:c1:8b:65:64:d9:63:17:53:8e:bc:8a: a8:af:55:12 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM1QkUxMTAvBgNVBAUTKEFEQThBRUQzMkIxNUI4N0U2MTEyNTJEMjlEMUUxRDVC REU1ODE2NDYwHhcNMjUxMDI2MTQxNjMzWhcNMjUxMTAyMTQxNjMzWjAYMRYwFAYD VQQDEw02OGZlMmQ0Mi1iNzMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvuKtVQOD17GMOASwtneIvCncJbksEJOxttVq3FOlNbWUwEXaFPjHpbD9cy0C 6TQlkB84jx96famgwxumkNFnbGS9IBJVC7t9WSL3lV0rMLSoBCX2ObkdzWSEx3hb lmH2M1ddV7FKJxOtgDxS/ZILemNJoa5zmV+9YFCgy9APFxNTJYTvCI7OIRS5Z8yl 3BeGixPP3n2pJ7xoNCjt+2zlNQ08X3glzQHH7n9m2Z2rsKOHNsBP9ioP1B1ntj6n vG3UiYpxOZmCs1XUtqGpTwuAzXs7gJC10M53JNOOW0UB/B5yZSfiHacJB2MrYTu1 ws2DpiAv3FviwobTRTj2x4aHAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNFMR8I3 yFXFgYfCnuvicLVJOI+iMB8GA1UdIwQYMBaAFK2ortMrFbh+YRJS0p0eHVveWBZG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzVCRS9ENDAxNjE5QTFE NjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVINWhFbExTblI0ZFc5NVlG a1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3JhaXUweXNWdUg1aEVsTFNuUjRkVzk1WUZrWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzVCRS9ENDAxNjE5QTFENjkxMUUyQUZCNjRFQTcwOEIwMkNEMi9yYWl1MHlzVnVI NWhFbExTblI0ZFc5NVlGa1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfxBvRlew+XoCRyx8TN6R2/7odLuP92DQSh80PiruW9K7rW5mgR90M lswcTgG0GcawWuX0l513HUtQrLzTlC60m/Ewx5q5m/5+NnFPoG35bGy9b9k8rrbb J0gxumPx7JZKoJCx2OHzPIG7+mb4+KXqoAgf4F+GfYy50yRjXK59CXzyUqGMieAJ JA+shTU2LqazcyrCC6mivLjVILnKtVhrHhEcO7NI3lnd455rGrLA/t66F1U4Foe/ iDzDqMBwFfS6816iNcX+TwFMvQ9kIyraOsjfrr/qdBetwZlje97wTjQBVg+Fx37K 2KD8ArJOaqBVwYtlZNljF1OOvIqor1US -----END CERTIFICATE-----Generated at Mon Oct 27 14:15:26 2025 by rpki-client