$ rpki-client -vvf rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft File: 3af4p0oKdM_262MEKLbJ1w1XvXY.mft (raw, json) Hash identifier: DtiTzxrHVObvQn860xUy/mvZFqYwapVtF5Q/fDaSCck= Subject key identifier: 24:E8:C7:AF:26:87:57:C9:FF:E6:F6:12:0E:C1:59:E1:12:A5:15:C0 Authority key identifier: DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 Certificate issuer: /CN=A91E7BC4/serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Certificate serial: 0DFA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft Manifest number: 0DBF Signing time: Sun 02 Nov 2025 17:56:59 +0000 Manifest this update: Sun 02 Nov 2025 17:56:59 +0000 Manifest next update: Sun 09 Nov 2025 17:56:59 +0000 Files and hashes: 1: 3af4p0oKdM_262MEKLbJ1w1XvXY.crl (hash: T7kZpS5ENdPrsYC6ScC6yrgfwFtwoIPG9SwGey/jRcE=) 2: CE3FCE34AF1611F0B50BFF7AC4F9AE02.roa (hash: DtVrkChmZWRD5+fP2Qn5fAqp1kmHQeghAdi18ignO50=) 3: CE83F0E6F0E411EAA47C3968C4F9AE02.roa (hash: ZQBdoWyO873LcT1vKoBchR3Mc6PGkjTHNlXwZK5KBUA=) 4: E69AF38AB11C11EAACC28D2EC4F9AE02.roa (hash: vmjmVmXjdkD0vxVvLQigcrFyWXDcETievw8r2QIVv8s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:56:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3578 (0xdfa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E7BC4, serialNumber=DDA7F8A74A0A74CFF6EB630428B6C9D70D57BD76 Validity Not Before: Nov 2 17:56:59 2025 GMT Not After : Nov 9 17:56:59 2025 GMT Subject: CN=69079b6b-d3c8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:44:11:ae:68:e4:6b:66:a3:5d:9c:0b:4c:0d: fe:a0:11:9e:37:3a:34:54:f2:8d:74:01:70:52:e1: 18:ef:67:75:a9:36:bf:f0:30:6b:a9:4a:57:41:42: e6:1c:7c:17:db:70:c5:5b:2b:6f:86:6d:cd:a6:76: c5:ac:25:dc:e8:3e:b3:a6:52:97:3d:8a:2b:08:8a: b4:c3:ef:87:fa:f5:e0:05:cd:db:d6:f6:96:1f:e6: 29:c8:73:b9:64:12:43:b2:79:f4:3d:39:6e:ee:e2: da:4f:2b:49:55:ec:00:b0:a7:1c:8f:ad:25:c0:68: 37:9c:06:42:b1:b6:e7:dc:61:97:08:de:13:1d:08: 6f:8f:77:7c:fa:8a:62:8d:ac:3f:85:3f:48:72:79: d9:05:c8:1c:e9:37:c2:eb:6d:9a:57:21:0c:db:88: 8c:22:f7:ab:32:c6:a7:e1:f5:b7:e4:c5:5e:af:12: e2:b5:e4:2f:f0:ca:a4:bb:53:ff:0f:94:6f:a9:2d: 80:c8:d9:b1:8d:1d:03:4d:59:bc:c0:e7:eb:19:0c: 76:33:7d:a1:7f:db:bb:1b:4e:08:9c:5f:71:07:2a: 4b:cf:8a:70:a8:b6:4f:e3:7e:c0:7b:af:34:e2:bf: 43:de:9c:f4:80:f6:db:c4:e5:03:1b:7c:da:88:a5: 3b:7b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:E8:C7:AF:26:87:57:C9:FF:E6:F6:12:0E:C1:59:E1:12:A5:15:C0 X509v3 Authority Key Identifier: keyid:DD:A7:F8:A7:4A:0A:74:CF:F6:EB:63:04:28:B6:C9:D7:0D:57:BD:76 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3af4p0oKdM_262MEKLbJ1w1XvXY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E7BC4/2D1A595AD50D11E9BAD6C226C4F9AE02/3af4p0oKdM_262MEKLbJ1w1XvXY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:32:c9:ed:d4:7a:22:9d:ad:8d:c8:d1:24:7c:78:ef:84:30: ad:76:1e:7b:bf:1e:b5:f7:f0:cc:5a:e9:af:c4:72:f5:c7:b3: b3:54:7c:bb:94:98:25:43:cf:5e:ca:36:19:34:f9:9c:62:49: 63:cc:ac:cb:3e:bb:3b:69:6e:8c:40:52:7a:11:4a:46:7b:ff: 71:83:14:d9:9a:33:43:c9:bd:2b:94:d9:7c:e7:5d:c7:8c:43: 8d:a2:e9:bd:0b:93:26:19:1d:0a:11:9a:31:aa:fc:92:7f:cc: 64:51:a9:58:83:19:25:b1:a9:8b:99:cf:1d:5e:45:ad:41:a1: 35:17:22:69:b6:5e:40:e3:6c:85:70:83:63:7e:af:0c:2d:09: 9f:7e:8a:6a:57:de:29:5a:ee:05:b4:b7:1c:92:4b:25:2e:a5: 1e:32:65:ba:c3:0e:a2:64:8c:14:c2:17:27:d4:14:36:34:42: 2d:cc:1e:ce:22:2b:9f:01:fc:81:60:25:5c:d9:25:85:86:e9: 3a:01:32:38:57:53:be:32:70:91:3e:f3:13:b2:50:cc:3e:19: fe:b9:c4:7c:ac:c0:14:f3:8b:76:55:1f:f4:6d:59:0a:92:3a: f8:30:c2:2f:a9:0b:60:e3:65:5c:2b:a1:60:35:35:05:a0:57: 7f:4a:b6:ae -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTdCQzQxMTAvBgNVBAUTKEREQTdGOEE3NEEwQTc0Q0ZGNkVCNjMwNDI4QjZDOUQ3 MEQ1N0JENzYwHhcNMjUxMTAyMTc1NjU5WhcNMjUxMTA5MTc1NjU5WjAYMRYwFAYD VQQDEw02OTA3OWI2Yi1kM2M4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvEQRrmjka2ajXZwLTA3+oBGeNzo0VPKNdAFwUuEY72d1qTa/8DBrqUpXQULm HHwX23DFWytvhm3NpnbFrCXc6D6zplKXPYorCIq0w++H+vXgBc3b1vaWH+YpyHO5 ZBJDsnn0PTlu7uLaTytJVewAsKccj60lwGg3nAZCsbbn3GGXCN4THQhvj3d8+opi jaw/hT9IcnnZBcgc6TfC622aVyEM24iMIverMsan4fW35MVerxLiteQv8Mqku1P/ D5RvqS2AyNmxjR0DTVm8wOfrGQx2M32hf9u7G04InF9xBypLz4pwqLZP437Ae680 4r9D3pz0gPbbxOUDG3zaiKU7ewIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCTox68m h1fJ/+b2Eg7BWeESpRXAMB8GA1UdIwQYMBaAFN2n+KdKCnTP9utjBCi2ydcNV712 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFN0JDNC8yRDFBNTk1QUQ1 MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RNXzI2Mk1FS0xiSjF3MVh2 WFkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNhZjRwMG9LZE1fMjYyTUVLTGJKMXcxWHZYWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF N0JDNC8yRDFBNTk1QUQ1MEQxMUU5QkFENkMyMjZDNEY5QUUwMi8zYWY0cDBvS2RN XzI2Mk1FS0xiSjF3MVh2WFkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtMsnt1Hoina2NyNEkfHjvhDCtdh57vx619/DMWumvxHL1x7OzVHy7 lJglQ89eyjYZNPmcYkljzKzLPrs7aW6MQFJ6EUpGe/9xgxTZmjNDyb0rlNl8513H jEONoum9C5MmGR0KEZoxqvySf8xkUalYgxklsamLmc8dXkWtQaE1FyJptl5A42yF cINjfq8MLQmffopqV94pWu4FtLcckkslLqUeMmW6ww6iZIwUwhcn1BQ2NEItzB7O IiufAfyBYCVc2SWFhuk6ATI4V1O+MnCRPvMTslDMPhn+ucR8rMAU84t2VR/0bVkK kjr4MMIvqQtg42VcK6FgNTUFoFd/Srau -----END CERTIFICATE-----Generated at Tue Nov 4 16:04:16 2025 by rpki-client