$ rpki-client -vvf rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft File: XDlbosoKv2WIhyaHTHgktpt4mZU.mft (raw, json) Hash identifier: 8RhoS1vQW+8ZQuB7yVcM8VVa/cAEkh/RWwMsHwjUiiA= Subject key identifier: 7D:92:D7:29:7D:64:BF:D6:BB:C6:FA:91:95:ED:BC:11:F8:29:E4:99 Authority key identifier: 5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 Certificate issuer: /CN=A91E66E5/serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Certificate serial: 0E90 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft Manifest number: 0E83 Signing time: Mon 20 Oct 2025 18:13:33 +0000 Manifest this update: Mon 20 Oct 2025 18:13:33 +0000 Manifest next update: Mon 27 Oct 2025 18:13:33 +0000 Files and hashes: 1: XDlbosoKv2WIhyaHTHgktpt4mZU.crl (hash: Rs9vAa5c1lJnSMxb0/bH+ZfYjKNSpFVTM9Tzyp4NSAQ=) 2: AECDA1B0448F11EDACC30815C4F9AE02.roa (hash: xirIMjuaHIPZj6jpdJVKaFKfHlsVW3gI4qvEhU2Je88=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:13:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3728 (0xe90) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E66E5, serialNumber=5C395BA2CA0ABF65888726874C7824B69B789995 Validity Not Before: Oct 20 18:13:33 2025 GMT Not After : Oct 27 18:13:33 2025 GMT Subject: CN=68f67bcd-e3da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d4:b3:aa:f1:5c:5c:ad:f3:88:b8:23:46:2e:29: a4:e2:b1:2e:31:53:a2:04:ef:ad:67:ce:c4:9f:7d: 93:d9:2e:cc:e3:2f:c9:ea:9a:2c:1d:22:67:69:4a: 44:25:fe:ec:07:91:31:e5:08:2e:80:47:43:59:84: 1d:3c:7f:db:d6:ed:56:07:37:5f:80:c6:4f:e1:1a: fb:62:e5:81:57:8f:ef:63:f9:35:d6:be:3f:70:8d: 6f:aa:c5:a0:52:f9:21:29:7e:b8:af:a3:2b:c5:36: a1:7d:7c:7c:1a:0f:af:3b:f1:d0:c0:61:cf:51:1e: 8c:30:bd:ae:96:4c:50:7b:28:60:3e:27:11:6d:45: db:53:7e:b2:31:8d:66:1a:0b:41:1e:dd:80:a5:76: 68:00:61:bf:fd:7c:54:b2:fd:e1:8e:62:8f:84:ce: 27:a7:08:a6:03:9d:46:6c:6b:3e:5e:1d:3a:31:65: f6:1a:5d:c1:8c:c0:01:81:02:1a:ee:f5:99:86:a5: ef:46:6c:a2:a1:3a:ec:a8:60:c5:c2:20:e3:86:fe: ba:4e:ee:cb:c8:41:59:0c:e9:af:c1:a4:b6:2a:cd: b4:e6:33:a2:25:7a:f1:b2:3a:b8:e7:e2:a1:26:d4: 83:5b:b6:73:31:54:73:1e:7e:c0:81:b2:7c:8a:cc: 47:73 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7D:92:D7:29:7D:64:BF:D6:BB:C6:FA:91:95:ED:BC:11:F8:29:E4:99 X509v3 Authority Key Identifier: keyid:5C:39:5B:A2:CA:0A:BF:65:88:87:26:87:4C:78:24:B6:9B:78:99:95 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XDlbosoKv2WIhyaHTHgktpt4mZU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E66E5/56430586A27511E9A74D4E82C4F9AE02/XDlbosoKv2WIhyaHTHgktpt4mZU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 43:05:06:14:87:a6:bb:67:6f:28:b6:df:13:65:e9:93:66:f3: 2e:6c:dd:3e:7a:24:3b:7d:62:ff:38:c9:3a:24:eb:64:6d:61: 3c:58:36:da:ab:2c:d2:74:bf:55:4e:d9:f4:2d:19:b0:84:e4: 67:d9:82:89:be:2c:7b:81:54:72:1c:f0:4a:31:13:40:26:0e: 8b:dd:d5:cd:dc:a5:f3:0f:43:0a:10:d8:96:a2:37:13:93:47: a0:ee:fc:77:58:aa:d9:27:69:86:65:d2:29:a0:c0:99:83:72: cf:4b:94:d1:bf:df:44:d1:b3:6e:d1:d8:aa:6c:0a:e0:e0:bf: a8:8f:79:35:01:26:a4:86:39:a2:b5:c1:e9:c6:84:b0:3d:b3: ef:be:e3:f1:05:45:d5:28:69:1b:92:de:58:57:89:8c:65:03: 7e:94:97:1a:79:79:38:5d:7e:d8:79:96:83:fd:4a:b2:5e:69: 39:4c:cb:2e:cc:9e:c5:16:4b:64:20:09:29:28:4d:3b:e0:84: 57:ce:da:e0:90:85:6e:56:38:a2:ec:89:2e:94:2e:e5:3a:d1: 99:b1:eb:29:f7:e0:0d:e8:80:c3:7f:a7:9b:fb:99:ac:0f:50: 04:b8:ce:6b:25:d2:ff:44:1c:ba:17:b6:dc:ec:4f:1a:e2:65: be:57:1e:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTY2RTUxMTAvBgNVBAUTKDVDMzk1QkEyQ0EwQUJGNjU4ODg3MjY4NzRDNzgyNEI2 OUI3ODk5OTUwHhcNMjUxMDIwMTgxMzMzWhcNMjUxMDI3MTgxMzMzWjAYMRYwFAYD VQQDEw02OGY2N2JjZC1lM2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1LOq8VxcrfOIuCNGLimk4rEuMVOiBO+tZ87En32T2S7M4y/J6posHSJnaUpE Jf7sB5Ex5QgugEdDWYQdPH/b1u1WBzdfgMZP4Rr7YuWBV4/vY/k11r4/cI1vqsWg UvkhKX64r6MrxTahfXx8Gg+vO/HQwGHPUR6MML2ulkxQeyhgPicRbUXbU36yMY1m GgtBHt2ApXZoAGG//XxUsv3hjmKPhM4npwimA51GbGs+Xh06MWX2Gl3BjMABgQIa 7vWZhqXvRmyioTrsqGDFwiDjhv66Tu7LyEFZDOmvwaS2Ks205jOiJXrxsjq45+Kh JtSDW7ZzMVRzHn7AgbJ8isxHcwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH2S1yl9 ZL/Wu8b6kZXtvBH4KeSZMB8GA1UdIwQYMBaAFFw5W6LKCr9liIcmh0x4JLabeJmV MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNjZFNS81NjQzMDU4NkEy NzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3YyV0loeWFIVEhna3RwdDRt WlUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hEbGJvc29LdjJXSWh5YUhUSGdrdHB0NG1aVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NjZFNS81NjQzMDU4NkEyNzUxMUU5QTc0RDRFODJDNEY5QUUwMi9YRGxib3NvS3Yy V0loeWFIVEhna3RwdDRtWlUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBDBQYUh6a7Z28ott8TZemTZvMubN0+eiQ7fWL/OMk6JOtkbWE8WDba qyzSdL9VTtn0LRmwhORn2YKJvix7gVRyHPBKMRNAJg6L3dXN3KXzD0MKENiWojcT k0eg7vx3WKrZJ2mGZdIpoMCZg3LPS5TRv99E0bNu0diqbArg4L+oj3k1ASakhjmi tcHpxoSwPbPvvuPxBUXVKGkbkt5YV4mMZQN+lJcaeXk4XX7YeZaD/UqyXmk5TMsu zJ7FFktkIAkpKE074IRXztrgkIVuVjii7IkulC7lOtGZsesp9+AN6IDDf6eb+5ms D1AEuM5rJdL/RBy6F7bc7E8a4mW+Vx5a -----END CERTIFICATE-----Generated at Tue Oct 21 18:17:27 2025 by rpki-client