$ rpki-client -vvf rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft File: oPojd21UTId5RsrHxId0ZRmTfbg.mft (raw, json) Hash identifier: hxJVxkEA9wC80+LH8IYLR4Snt1+t86ACX9f5rFN4BWc= Subject key identifier: B1:1E:1C:37:C2:36:DF:78:EC:99:53:C8:C5:D4:04:17:13:9F:EF:D9 Authority key identifier: A0:FA:23:77:6D:54:4C:87:79:46:CA:C7:C4:87:74:65:19:93:7D:B8 Certificate issuer: /CN=A91DD584/serialNumber=A0FA23776D544C877946CAC7C487746519937DB8 Certificate serial: BF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPojd21UTId5RsrHxId0ZRmTfbg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft Manifest number: BC Signing time: Mon 03 Nov 2025 05:58:37 +0000 Manifest this update: Mon 03 Nov 2025 05:58:37 +0000 Manifest next update: Mon 10 Nov 2025 05:58:37 +0000 Files and hashes: 1: oPojd21UTId5RsrHxId0ZRmTfbg.crl (hash: QChNaFPrqPgfWvBeYNB5QH96CnD0IsoAsl6O82EJnK8=) 2: B4C685B09CB111EFA6F8E627C4F9AE02.roa (hash: GuNo7IUV7Thwoh9B3txt8mnx9fY3g5B8M+APQokJxqg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.crl rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPojd21UTId5RsrHxId0ZRmTfbg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:58:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 191 (0xbf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DD584, serialNumber=A0FA23776D544C877946CAC7C487746519937DB8 Validity Not Before: Nov 3 05:58:37 2025 GMT Not After : Nov 10 05:58:37 2025 GMT Subject: CN=6908448d-37c0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:3c:c5:20:cb:93:31:4e:6d:de:90:2d:74:3f: ba:f5:03:f7:2d:28:02:f2:9e:8f:a4:a9:9e:21:cb: 11:f5:4c:ee:4c:11:66:c3:e2:92:8c:5d:88:bb:6e: 17:9b:d4:65:10:5e:9f:24:31:b0:e1:56:95:03:98: 0d:d0:67:de:71:1e:c0:64:3a:01:6c:a8:75:e9:af: a3:ea:d0:2c:53:ca:af:14:b4:f2:17:70:5c:e0:4e: af:df:de:a3:91:6c:ee:47:12:27:d5:d1:30:70:ff: 08:41:fa:b9:41:25:6d:f2:a6:bd:67:67:45:7e:07: 29:ff:83:15:4e:4a:78:87:18:17:02:f1:fb:1a:7c: 2a:82:12:43:0c:c8:c0:72:8d:f9:69:c9:28:98:4c: b4:7d:1d:ee:f4:a3:d0:14:a8:6e:7b:a5:b1:a6:e4: 92:57:09:44:a8:3c:80:d4:7d:4b:dd:8a:53:1c:c0: 98:06:34:38:6f:7b:61:ea:88:ac:0f:37:db:4c:1c: e5:02:d4:13:18:65:03:b9:a3:3b:bd:73:0b:01:e3: 9e:09:ba:15:a1:2c:db:12:68:29:7a:07:33:58:39: 27:97:28:77:38:4e:64:f4:57:bc:5c:f7:30:f2:3d: 48:e5:58:fd:ae:f5:2e:10:81:b8:58:f3:94:e2:fe: 18:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:1E:1C:37:C2:36:DF:78:EC:99:53:C8:C5:D4:04:17:13:9F:EF:D9 X509v3 Authority Key Identifier: keyid:A0:FA:23:77:6D:54:4C:87:79:46:CA:C7:C4:87:74:65:19:93:7D:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/oPojd21UTId5RsrHxId0ZRmTfbg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DD584/327073829CB111EFAEA00D25C4F9AE02/oPojd21UTId5RsrHxId0ZRmTfbg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 36:eb:46:5b:39:d4:4f:93:ff:17:30:50:88:2c:a7:6f:70:f4: d4:58:32:ca:9f:58:58:7f:3c:e5:f2:e4:32:3e:c9:ca:bd:8e: dc:b6:f3:dd:17:48:61:24:46:85:0e:80:02:c9:a2:f0:b7:cf: b6:f3:d1:a9:f7:6e:fe:d9:c4:fb:95:0c:93:a9:6b:d6:3f:b5: fd:5c:6f:d2:9d:01:92:40:e7:7f:35:92:f4:60:fd:d2:48:31: c3:8b:45:fd:7c:68:30:2c:f9:31:83:bf:a1:c6:18:0d:ca:58: 3f:01:57:6e:84:6d:7d:24:4d:ec:3b:47:d1:94:49:19:cd:fa: 0c:2b:c8:07:3a:2e:1f:29:98:af:8d:12:20:b0:1c:ae:d9:70: 21:ed:e4:35:6c:3e:fc:1c:17:1b:6f:c3:dc:5e:f1:5c:fc:ab: a7:b7:62:ac:ae:83:9f:85:7b:59:74:10:fd:6b:0a:d6:9c:27: c6:d7:cc:49:1b:15:7e:fd:f8:44:67:97:d2:3a:86:8d:cd:45: 89:b1:b3:79:83:f8:68:3f:bc:ce:36:2e:18:e5:59:9b:3b:34: 81:68:26:68:c6:db:22:f7:61:1c:44:ab:51:32:cb:4c:61:bc: cc:c8:74:a5:bb:40:f6:e9:91:8b:62:af:6f:c8:54:05:1f:ae: 78:63:5e:2c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REQ1ODQxMTAvBgNVBAUTKEEwRkEyMzc3NkQ1NDRDODc3OTQ2Q0FDN0M0ODc3NDY1 MTk5MzdEQjgwHhcNMjUxMTAzMDU1ODM3WhcNMjUxMTEwMDU1ODM3WjAYMRYwFAYD VQQDEw02OTA4NDQ4ZC0zN2MwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsTzFIMuTMU5t3pAtdD+69QP3LSgC8p6PpKmeIcsR9UzuTBFmw+KSjF2Iu24X m9RlEF6fJDGw4VaVA5gN0GfecR7AZDoBbKh16a+j6tAsU8qvFLTyF3Bc4E6v396j kWzuRxIn1dEwcP8IQfq5QSVt8qa9Z2dFfgcp/4MVTkp4hxgXAvH7GnwqghJDDMjA co35ackomEy0fR3u9KPQFKhue6WxpuSSVwlEqDyA1H1L3YpTHMCYBjQ4b3th6ois DzfbTBzlAtQTGGUDuaM7vXMLAeOeCboVoSzbEmgpegczWDknlyh3OE5k9Fe8XPcw 8j1I5Vj9rvUuEIG4WPOU4v4Y4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLEeHDfC Nt947JlTyMXUBBcTn+/ZMB8GA1UdIwQYMBaAFKD6I3dtVEyHeUbKx8SHdGUZk324 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFERDU4NC8zMjcwNzM4MjlD QjExMUVGQUVBMDBEMjVDNEY5QUUwMi9vUG9qZDIxVVRJZDVSc3JIeElkMFpSbVRm YmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL29Qb2pkMjFVVElkNVJzckh4SWQwWlJtVGZiZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE RDU4NC8zMjcwNzM4MjlDQjExMUVGQUVBMDBEMjVDNEY5QUUwMi9vUG9qZDIxVVRJ ZDVSc3JIeElkMFpSbVRmYmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA260ZbOdRPk/8XMFCILKdvcPTUWDLKn1hYfzzl8uQyPsnKvY7ctvPd F0hhJEaFDoACyaLwt8+289Gp927+2cT7lQyTqWvWP7X9XG/SnQGSQOd/NZL0YP3S SDHDi0X9fGgwLPkxg7+hxhgNylg/AVduhG19JE3sO0fRlEkZzfoMK8gHOi4fKZiv jRIgsByu2XAh7eQ1bD78HBcbb8PcXvFc/Kunt2KsroOfhXtZdBD9awrWnCfG18xJ GxV+/fhEZ5fSOoaNzUWJsbN5g/hoP7zONi4Y5VmbOzSBaCZoxtsi92EcRKtRMstM YbzMyHSlu0D26ZGLYq9vyFQFH654Y14s -----END CERTIFICATE-----Generated at Tue Nov 4 01:11:56 2025 by rpki-client