$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft File: z4nWqxHn1Hqhe0MJxypytxy6R64.mft (raw, json) Hash identifier: rqq65pxIVFrgxKxVaKiRYWe7ZZQ1Nji1XgmTqt0lmPM= Subject key identifier: 74:6E:70:CF:AF:21:D0:B9:DB:EF:F9:2E:81:DD:6C:30:CD:8B:59:B4 Authority key identifier: CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE Certificate issuer: /CN=A91E4D9B/serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Certificate serial: 08BE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft Manifest number: 08B3 Signing time: Tue 04 Nov 2025 20:35:49 +0000 Manifest this update: Tue 04 Nov 2025 20:35:48 +0000 Manifest next update: Tue 11 Nov 2025 20:35:48 +0000 Files and hashes: 1: z4nWqxHn1Hqhe0MJxypytxy6R64.crl (hash: y16TsjGB/emTVqNL+jtLxpZwWawLIz9NRGutKHW8HqY=) 2: CCF7B8AA22B811ECAD21FB20C4F9AE02.roa (hash: G2foGf7uCgcEw+7JgUphjmWyB8lqa7VFa71ApGd5KNc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:35:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2238 (0x8be) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4D9B, serialNumber=CF89D6AB11E7D47AA17B4309C72A72B71CBA47AE Validity Not Before: Nov 4 20:35:48 2025 GMT Not After : Nov 11 20:35:48 2025 GMT Subject: CN=690a63a5-ce8a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:b7:f8:7b:b3:01:6e:c6:5b:85:2e:75:f7:1d: b6:92:8d:87:bf:df:bf:f5:eb:08:e6:5c:21:ba:45: 67:dd:21:8e:0f:fe:48:e9:c8:62:5e:91:f2:e6:59: ce:96:ce:d1:bb:80:b7:3f:6f:5a:5d:ad:97:d1:e5: 44:0f:30:89:25:21:49:cb:3c:c8:57:8a:d7:7a:fc: ea:78:be:93:03:7b:22:d7:2f:1c:2a:b0:a8:02:24: 1c:9e:c3:36:4f:cb:8b:54:24:8b:ef:52:d6:d9:1c: aa:b2:b0:1e:04:a8:87:5b:17:42:19:51:d7:f3:3b: 95:3b:22:50:57:15:bc:e6:a0:99:bd:92:e5:4f:82: 0f:56:6b:43:2d:fc:c6:58:76:d8:3b:7a:1a:6c:9e: ff:10:31:f6:98:96:b8:7c:0a:d3:0b:9e:b7:6a:99: 00:82:2b:1e:f9:72:42:9d:5e:fe:99:d9:5e:b9:49: 8f:5f:c8:4f:27:24:90:f7:cf:80:a8:8b:56:02:5f: 8d:a4:01:75:3c:c0:33:cb:19:33:3d:ac:35:7a:b1: 32:0e:a1:ef:7c:e8:6c:68:90:32:72:11:a0:00:6a: ec:0e:2f:99:f6:14:4f:bf:b2:22:66:60:fc:a7:89: aa:dc:bf:7c:e0:97:69:b4:24:01:d2:1a:50:77:85: b2:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 74:6E:70:CF:AF:21:D0:B9:DB:EF:F9:2E:81:DD:6C:30:CD:8B:59:B4 X509v3 Authority Key Identifier: keyid:CF:89:D6:AB:11:E7:D4:7A:A1:7B:43:09:C7:2A:72:B7:1C:BA:47:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/z4nWqxHn1Hqhe0MJxypytxy6R64.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4D9B/F5BAA3D8C80011EA87D44A78C4F9AE02/z4nWqxHn1Hqhe0MJxypytxy6R64.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3e:0c:3c:80:48:b0:07:17:d7:0c:27:38:ab:8d:db:c6:a6:18: 12:3b:12:ec:89:40:62:ec:ff:8e:26:d1:8e:7b:ab:96:13:d2: e7:96:a1:84:ef:c0:35:9d:9c:b5:43:d7:8a:c5:a9:a8:4f:2a: c3:33:de:48:16:fe:41:e4:bb:b8:93:b6:7d:3a:70:9d:dc:3d: c2:1c:1b:b4:34:5d:8c:26:6c:5b:de:4e:ee:86:b0:f6:b9:e0: 1a:34:83:43:2f:53:bf:d5:72:bf:6a:87:83:5d:e0:d8:7e:04: 15:04:b2:f7:33:3e:2d:6c:c4:12:ca:25:ed:c3:0d:4f:c8:ec: 0c:2e:ec:ec:70:8b:ef:0a:6f:3f:90:87:d3:95:ae:13:0d:65: 3f:af:52:c7:c7:dc:29:6e:cc:ce:b8:ad:c5:6f:42:81:42:e9: 76:a1:c4:fe:4d:ea:0a:a8:4f:92:c2:75:82:22:f0:e6:da:92: b0:e3:41:68:92:b3:39:e9:4a:1b:fc:8b:66:74:b5:e7:6a:e0: 9f:fb:31:81:8b:e0:c4:1b:fc:4a:91:3f:b5:ba:a5:74:fd:cc: b2:0d:0e:50:ce:3f:86:da:9f:a1:4b:b0:39:c6:94:2c:3c:55: 70:3a:75:e6:bb:90:62:ec:a9:a8:ea:b1:14:0c:2d:7c:70:2c: f1:8a:bd:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCL4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTREOUIxMTAvBgNVBAUTKENGODlENkFCMTFFN0Q0N0FBMTdCNDMwOUM3MkE3MkI3 MUNCQTQ3QUUwHhcNMjUxMTA0MjAzNTQ4WhcNMjUxMTExMjAzNTQ4WjAYMRYwFAYD VQQDEw02OTBhNjNhNS1jZThhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAubf4e7MBbsZbhS519x22ko2Hv9+/9esI5lwhukVn3SGOD/5I6chiXpHy5lnO ls7Ru4C3P29aXa2X0eVEDzCJJSFJyzzIV4rXevzqeL6TA3si1y8cKrCoAiQcnsM2 T8uLVCSL71LW2RyqsrAeBKiHWxdCGVHX8zuVOyJQVxW85qCZvZLlT4IPVmtDLfzG WHbYO3oabJ7/EDH2mJa4fArTC563apkAgise+XJCnV7+mdleuUmPX8hPJySQ98+A qItWAl+NpAF1PMAzyxkzPaw1erEyDqHvfOhsaJAychGgAGrsDi+Z9hRPv7IiZmD8 p4mq3L984JdptCQB0hpQd4WyMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHRucM+v IdC52+/5LoHdbDDNi1m0MB8GA1UdIwQYMBaAFM+J1qsR59R6oXtDCccqcrccukeu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNEQ5Qi9GNUJBQTNEOEM4 MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFIcWhlME1KeHlweXR4eTZS NjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3o0bldxeEhuMUhxaGUwTUp4eXB5dHh5NlI2NC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NEQ5Qi9GNUJBQTNEOEM4MDAxMUVBODdENDRBNzhDNEY5QUUwMi96NG5XcXhIbjFI cWhlME1KeHlweXR4eTZSNjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA+DDyASLAHF9cMJzirjdvGphgSOxLsiUBi7P+OJtGOe6uWE9LnlqGE 78A1nZy1Q9eKxamoTyrDM95IFv5B5Lu4k7Z9OnCd3D3CHBu0NF2MJmxb3k7uhrD2 ueAaNINDL1O/1XK/aoeDXeDYfgQVBLL3Mz4tbMQSyiXtww1PyOwMLuzscIvvCm8/ kIfTla4TDWU/r1LHx9wpbszOuK3Fb0KBQul2ocT+TeoKqE+SwnWCIvDm2pKw40Fo krM56Uob/ItmdLXnauCf+zGBi+DEG/xKkT+1uqV0/cyyDQ5Qzj+G2p+hS7A5xpQs PFVwOnXmu5Bi7Kmo6rEUDC18cCzxir1T -----END CERTIFICATE-----Generated at Wed Nov 5 05:26:38 2025 by rpki-client