$ rpki-client -vvf rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft File: 5bsti54YaXwBWe2BMuXzS4axN7E.mft (raw, json) Hash identifier: WKlfxBy8OBDxy8n3jcOX4sJrUjaZFQ9xdzqomUXrpQw= Subject key identifier: 13:B4:D6:C8:A8:6A:A4:C8:B2:63:02:B7:25:E8:E1:A2:1C:29:83:8F Authority key identifier: E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 Certificate issuer: /CN=A91E0C2B/serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Certificate serial: 01EE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft Manifest number: 01EA Signing time: Mon 03 Nov 2025 02:35:04 +0000 Manifest this update: Mon 03 Nov 2025 02:35:03 +0000 Manifest next update: Mon 10 Nov 2025 02:35:03 +0000 Files and hashes: 1: 5bsti54YaXwBWe2BMuXzS4axN7E.crl (hash: xQXdy1IxvDk5gu1mRaGq7+8qqKISiFuK/yEhBngayJQ=) 2: 12B9A5DECBC211EDB6F09516C4F9AE02.roa (hash: GC2+Qt2m2cOxU2MSwTfp+OhWSqEwAQ14izm/J1/ZU5o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:35:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 494 (0x1ee) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E0C2B, serialNumber=E5BB2D8B9E18697C0159ED8132E5F34B86B137B1 Validity Not Before: Nov 3 02:35:03 2025 GMT Not After : Nov 10 02:35:03 2025 GMT Subject: CN=690814d7-b74c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:5c:90:64:46:38:59:47:31:37:61:d2:29:97: 28:2b:c7:24:6f:0f:a4:b2:fb:7a:8a:77:9f:ab:ae: 0d:b4:90:57:67:8b:27:c9:4e:f7:a5:bc:74:ea:c1: 99:a7:2c:60:5f:47:da:cb:90:8d:6e:d4:36:d1:8a: 27:c3:ad:ca:20:86:1e:c4:3c:47:05:a6:f6:3c:84: 8e:04:30:1b:9b:a7:5d:37:ee:bd:9f:85:c0:89:ab: f9:3f:a5:6c:aa:56:fb:27:c6:30:fe:d0:63:d0:25: 29:14:03:10:bc:a2:26:d4:90:35:c5:2a:90:50:7b: e9:64:f5:68:4a:55:6f:45:45:65:b9:47:35:8c:f2: 60:fc:75:91:26:e0:12:1f:a7:79:8a:7b:ed:af:ac: 9d:be:8d:39:78:e9:1c:81:26:e9:25:6a:9e:c1:a3: a5:7f:32:00:71:15:f5:2b:2a:98:ff:de:ad:0d:87: d1:d3:90:eb:fc:36:12:d1:34:2d:ec:a0:f5:83:81: a0:f5:5a:0f:ff:c7:50:51:e4:b6:a4:9d:d9:e4:26: 76:ed:16:d8:20:08:56:58:83:8b:46:04:c9:97:5d: ac:4b:53:3d:b5:cf:79:0e:d1:61:54:54:af:2d:44: 0b:05:f9:7e:4f:c9:fe:3b:47:91:cd:a0:18:8d:3a: 80:95 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:B4:D6:C8:A8:6A:A4:C8:B2:63:02:B7:25:E8:E1:A2:1C:29:83:8F X509v3 Authority Key Identifier: keyid:E5:BB:2D:8B:9E:18:69:7C:01:59:ED:81:32:E5:F3:4B:86:B1:37:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/5bsti54YaXwBWe2BMuXzS4axN7E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E0C2B/D27E6ED0CB9611EDAC349B79C4F9AE02/5bsti54YaXwBWe2BMuXzS4axN7E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2e:78:84:d5:08:27:2e:c9:8d:33:14:c8:a5:a4:80:e0:be:3f: a5:90:ac:73:08:49:aa:f0:b3:0f:49:75:87:e9:58:00:eb:da: 7b:fd:94:24:62:5e:47:35:4c:8f:40:18:7a:2b:83:4f:45:1d: 29:55:7d:ca:a4:9a:c4:ac:8d:ea:62:3f:a7:49:1a:6c:62:a3: cd:1a:56:2c:57:73:2b:37:fe:c3:db:c7:d5:e4:d1:b3:d8:64: da:2a:38:31:81:25:47:e8:34:7e:55:b9:a4:21:89:ff:d7:70: b8:c0:bd:33:c7:f9:3a:03:ba:d4:cb:89:39:ae:17:29:9d:2c: 76:4e:02:8e:df:de:79:20:40:b9:3c:49:6f:f0:0f:0f:2d:ba: 7d:e0:4d:34:27:f6:ce:d6:7b:37:dd:af:82:73:16:88:eb:c2: 68:ea:27:64:e1:a1:7b:b4:89:fe:5a:f1:52:63:42:63:35:ea: 0b:c7:b1:23:c7:33:91:72:f0:15:ce:85:c2:38:03:47:ce:f6: 3f:51:57:eb:bb:18:d7:f3:70:2e:4e:3b:54:12:1b:6b:24:8f: b4:89:13:76:9a:a5:b8:c5:97:1d:5d:24:89:65:b4:9b:a4:1a: aa:87:b9:a5:86:1a:33:80:fd:0d:40:11:30:eb:59:52:46:4d: 3c:bf:e2:0f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAe4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTBDMkIxMTAvBgNVBAUTKEU1QkIyRDhCOUUxODY5N0MwMTU5RUQ4MTMyRTVGMzRC ODZCMTM3QjEwHhcNMjUxMTAzMDIzNTAzWhcNMjUxMTEwMDIzNTAzWjAYMRYwFAYD VQQDEw02OTA4MTRkNy1iNzRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArlyQZEY4WUcxN2HSKZcoK8ckbw+ksvt6inefq64NtJBXZ4snyU73pbx06sGZ pyxgX0fay5CNbtQ20Yonw63KIIYexDxHBab2PISOBDAbm6ddN+69n4XAiav5P6Vs qlb7J8Yw/tBj0CUpFAMQvKIm1JA1xSqQUHvpZPVoSlVvRUVluUc1jPJg/HWRJuAS H6d5invtr6ydvo05eOkcgSbpJWqewaOlfzIAcRX1KyqY/96tDYfR05Dr/DYS0TQt 7KD1g4Gg9VoP/8dQUeS2pJ3Z5CZ27RbYIAhWWIOLRgTJl12sS1M9tc95DtFhVFSv LUQLBfl+T8n+O0eRzaAYjTqAlQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBO01sio aqTIsmMCtyXo4aIcKYOPMB8GA1UdIwQYMBaAFOW7LYueGGl8AVntgTLl80uGsTex MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMEMyQi9EMjdFNkVEMENC OTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFYd0JXZTJCTXVYelM0YXhO N0UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzVic3RpNTRZYVh3QldlMkJNdVh6UzRheE43RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MEMyQi9EMjdFNkVEMENCOTYxMUVEQUMzNDlCNzlDNEY5QUUwMi81YnN0aTU0WWFY d0JXZTJCTXVYelM0YXhON0UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAueITVCCcuyY0zFMilpIDgvj+lkKxzCEmq8LMPSXWH6VgA69p7/ZQk Yl5HNUyPQBh6K4NPRR0pVX3KpJrErI3qYj+nSRpsYqPNGlYsV3MrN/7D28fV5NGz 2GTaKjgxgSVH6DR+VbmkIYn/13C4wL0zx/k6A7rUy4k5rhcpnSx2TgKO3955IEC5 PElv8A8PLbp94E00J/bO1ns33a+CcxaI68Jo6idk4aF7tIn+WvFSY0JjNeoLx7Ej xzORcvAVzoXCOANHzvY/UVfruxjX83AuTjtUEhtrJI+0iRN2mqW4xZcdXSSJZbSb pBqqh7mlhhozgP0NQBEw61lSRk08v+IP -----END CERTIFICATE-----Generated at Mon Nov 3 18:13:40 2025 by rpki-client