$ rpki-client -vvf rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft File: KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft (raw, json) Hash identifier: QmRrVYN6nboFCKreX9HuBq2cg1gM0+uQ8u95lkzQr+k= Subject key identifier: D9:3A:8D:E4:E1:58:2E:4A:C6:F4:B5:CD:DC:CE:26:7D:60:5B:31:D4 Authority key identifier: 28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 Certificate issuer: /CN=A91E868C/serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Certificate serial: 0EF4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft Manifest number: 0EA4 Signing time: Tue 04 Nov 2025 17:50:06 +0000 Manifest this update: Tue 04 Nov 2025 17:50:05 +0000 Manifest next update: Tue 11 Nov 2025 17:50:05 +0000 Files and hashes: 1: KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl (hash: BMsravOQ/SNwJk1+F3Nh918BEz1wuk/TCr5Dcqp5i7o=) 2: 433917A83D8211EEA0E4DD46C4F9AE02.roa (hash: h1piDIbFbu2D+AHr+FNeuVa8V0LAf8dUKVxZfkw96aI=) 3: 5915642864AB11EEBFD54F2EC4F9AE02.roa (hash: wbUo+m2N2pVjNOlqoJ9Ve/RDUUkR0+GFezmtrgOfh+0=) 4: 40BA3F5C3D8211EEA0E4DD46C4F9AE02.roa (hash: DsQ8k2r18shy7gg+hUBL2SO8HUEFyNSKHtxB+WEbNG4=) 5: 41A09C683D8211EEA0E4DD46C4F9AE02.roa (hash: hPUFimj9BE3+BwwQ7RyTBe4Kb4UDlyO5v1n1M99BRDE=) 6: DED77BB2FA2F11EF98728875C4F9AE02.roa (hash: uul2CdaEoquPtSKMLPmrjkbQbRp1WUkF6rtkLx9zg64=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:50:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3828 (0xef4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E868C, serialNumber=28E670C2E37012F05C63BB566E203C51DC45E2B2 Validity Not Before: Nov 4 17:50:05 2025 GMT Not After : Nov 11 17:50:05 2025 GMT Subject: CN=690a3ccd-f321 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:cc:f6:e7:29:41:3b:18:2b:ad:a8:4f:b1:1b: ee:6f:52:fe:44:19:b1:7e:6c:b0:85:18:59:6b:92: a2:a4:fe:d6:fd:64:8b:4b:96:3b:86:04:e3:a1:b0: 54:16:b8:89:9f:1d:ee:29:f0:d5:91:fd:a7:82:c8: 2c:ce:d7:12:c9:df:38:67:40:27:4a:29:68:ec:ae: da:83:b9:82:d1:ba:c5:95:2c:f5:d3:1d:fa:c6:03: 24:09:90:9c:d6:7c:cc:8a:3a:12:9a:1a:d3:18:37: a7:2d:3e:18:95:03:d3:1a:72:2a:d8:7e:11:a1:92: 80:0e:c1:67:53:eb:7c:1d:0b:e6:f3:58:c2:82:d1: 7a:9a:5e:b7:2d:eb:3e:90:5f:28:76:24:52:fe:a4: 64:fb:55:57:22:98:c0:90:ec:19:4b:80:f0:d2:04: 37:b9:48:a2:df:39:69:44:e0:88:b4:a8:16:d8:62: b3:c8:cc:41:04:02:16:fb:83:07:b0:d1:30:ba:96: af:57:48:f1:a7:7f:0b:e3:b9:9e:99:a2:bf:36:a0: 90:1e:df:59:ab:e8:28:4f:24:5e:35:75:22:cd:27: 41:11:3c:2d:6f:8f:83:77:62:da:92:18:14:a7:6e: 97:01:e5:a4:f9:dd:ce:40:88:0a:15:b8:79:1f:06: 56:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:3A:8D:E4:E1:58:2E:4A:C6:F4:B5:CD:DC:CE:26:7D:60:5B:31:D4 X509v3 Authority Key Identifier: keyid:28:E6:70:C2:E3:70:12:F0:5C:63:BB:56:6E:20:3C:51:DC:45:E2:B2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOZwwuNwEvBcY7tWbiA8UdxF4rI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E868C/3FB93368A9DB11E984285286C4F9AE02/KOZwwuNwEvBcY7tWbiA8UdxF4rI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:57:5e:e1:6f:86:15:bd:e0:2e:08:06:c4:0c:59:b7:96:ce: 45:59:25:d3:98:bf:b2:e8:21:b7:88:88:11:6d:61:28:c6:3d: 54:d7:a9:9d:dc:15:22:cf:c7:3b:e1:89:1d:ef:c2:11:5f:46: 6d:2a:30:12:0a:68:8e:f5:7e:de:3c:93:3b:06:7f:cb:93:78: 89:1a:b1:e6:26:ec:ef:72:43:6b:2b:25:52:b1:bc:b0:e7:b6: 21:ed:63:13:10:56:dc:7d:7b:cf:45:b1:3c:58:84:c2:53:c4: 6d:ca:a2:3b:a4:4c:c2:f3:9a:f9:be:39:26:59:51:d7:7b:9d: 21:a3:f0:44:71:b2:8b:78:d6:84:e9:72:b3:6a:42:77:94:00: 16:ac:df:f9:34:53:f4:68:25:d7:e4:1d:1e:ed:c6:f8:88:b6: e9:6e:de:ca:70:76:d8:1e:ff:e4:2a:8c:98:ec:c0:a6:f3:4f: b2:d0:9c:18:d5:2f:06:b6:8e:fe:56:05:68:a3:76:6b:83:bb: c5:83:64:16:77:43:b8:6a:51:fd:f9:5e:1b:ec:fe:c4:48:e6: 92:fb:a1:5e:2f:a4:79:23:1c:8c:0f:2d:67:c4:04:60:55:c6: fc:36:13:ba:16:c6:3d:68:2a:d7:a3:fd:7c:80:d2:34:e0:1e: 06:9e:0e:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDvQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg2OEMxMTAvBgNVBAUTKDI4RTY3MEMyRTM3MDEyRjA1QzYzQkI1NjZFMjAzQzUx REM0NUUyQjIwHhcNMjUxMTA0MTc1MDA1WhcNMjUxMTExMTc1MDA1WjAYMRYwFAYD VQQDEw02OTBhM2NjZC1mMzIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3Mz25ylBOxgrrahPsRvub1L+RBmxfmywhRhZa5KipP7W/WSLS5Y7hgTjobBU FriJnx3uKfDVkf2ngsgsztcSyd84Z0AnSilo7K7ag7mC0brFlSz10x36xgMkCZCc 1nzMijoSmhrTGDenLT4YlQPTGnIq2H4RoZKADsFnU+t8HQvm81jCgtF6ml63Les+ kF8odiRS/qRk+1VXIpjAkOwZS4Dw0gQ3uUii3zlpROCItKgW2GKzyMxBBAIW+4MH sNEwupavV0jxp38L47memaK/NqCQHt9Zq+goTyReNXUizSdBETwtb4+Dd2LakhgU p26XAeWk+d3OQIgKFbh5HwZWDQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNk6jeTh WC5KxvS1zdzOJn1gWzHUMB8GA1UdIwQYMBaAFCjmcMLjcBLwXGO7Vm4gPFHcReKy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODY4Qy8zRkI5MzM2OEE5 REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2QmNZN3RXYmlBOFVkeEY0 ckkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPWnd3dU53RXZCY1k3dFdiaUE4VWR4RjRySS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODY4Qy8zRkI5MzM2OEE5REIxMUU5ODQyODUyODZDNEY5QUUwMi9LT1p3d3VOd0V2 QmNZN3RXYmlBOFVkeEY0ckkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCV17hb4YVveAuCAbEDFm3ls5FWSXTmL+y6CG3iIgRbWEoxj1U16md 3BUiz8c74Ykd78IRX0ZtKjASCmiO9X7ePJM7Bn/Lk3iJGrHmJuzvckNrKyVSsbyw 57Yh7WMTEFbcfXvPRbE8WITCU8RtyqI7pEzC85r5vjkmWVHXe50ho/BEcbKLeNaE 6XKzakJ3lAAWrN/5NFP0aCXX5B0e7cb4iLbpbt7KcHbYHv/kKoyY7MCm80+y0JwY 1S8Gto7+VgVoo3Zrg7vFg2QWd0O4alH9+V4b7P7ESOaS+6FeL6R5IxyMDy1nxARg Vcb8NhO6FsY9aCrXo/18gNI04B4Gng4G -----END CERTIFICATE-----Generated at Wed Nov 5 05:25:32 2025 by rpki-client