$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9406/9868A9F0170911EDB6F80868C4F9AE02/40OEBUdkAqOqj5h8OvoGkNlu1HQ.mft File: 40OEBUdkAqOqj5h8OvoGkNlu1HQ.mft (raw, json) Hash identifier: XU/qYR50iUUBzwSx0muiq7iadwzZbGvmN7nFOoP0mV0= Subject key identifier: E5:F3:03:06:BF:CC:81:D0:0F:9F:7B:AD:A6:D1:BB:6D:56:63:9D:DB Authority key identifier: E3:43:84:05:47:64:02:A3:AA:8F:98:7C:3A:FA:06:90:D9:6E:D4:74 Certificate issuer: /CN=A91E9406/serialNumber=E3438405476402A3AA8F987C3AFA0690D96ED474 Certificate serial: 02B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/40OEBUdkAqOqj5h8OvoGkNlu1HQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9406/9868A9F0170911EDB6F80868C4F9AE02/40OEBUdkAqOqj5h8OvoGkNlu1HQ.mft Manifest number: 02B0 Signing time: Wed 05 Nov 2025 01:35:15 +0000 Manifest this update: Wed 05 Nov 2025 01:35:14 +0000 Manifest next update: Wed 12 Nov 2025 01:35:14 +0000 Files and hashes: 1: 40OEBUdkAqOqj5h8OvoGkNlu1HQ.crl (hash: avcHO9Xnhcm+Soifb/9if+A7WZQl8UD0eWCzqR024Ac=) 2: F76D8A5C170D11EDA7EC2F87C4F9AE02.roa (hash: NyO/WjiaEa7cdOFl5O0R3ch16GCk/x68oKBSzQpBSAo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9406/9868A9F0170911EDB6F80868C4F9AE02/40OEBUdkAqOqj5h8OvoGkNlu1HQ.crl rsync://rpki.apnic.net/member_repository/A91E9406/9868A9F0170911EDB6F80868C4F9AE02/40OEBUdkAqOqj5h8OvoGkNlu1HQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/40OEBUdkAqOqj5h8OvoGkNlu1HQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:35:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 694 (0x2b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9406, serialNumber=E3438405476402A3AA8F987C3AFA0690D96ED474 Validity Not Before: Nov 5 01:35:14 2025 GMT Not After : Nov 12 01:35:14 2025 GMT Subject: CN=690aa9d3-2349 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:93:e9:e7:37:fd:a2:fb:83:4c:e0:56:ab:45: 5a:f8:77:02:0b:e4:5f:20:ef:77:d3:9e:93:54:3d: e5:61:86:4b:56:38:06:da:d4:2e:26:7a:3a:6f:71: 56:33:a0:43:e4:18:de:e5:5d:f7:30:93:d3:b0:c0: aa:f0:f7:fd:1f:8f:57:33:a7:14:dd:38:3f:a6:7d: d0:a4:33:ca:8d:2d:4a:27:6e:84:e4:6b:c9:f0:77: 15:77:1a:8d:58:3e:a7:6b:86:35:ee:42:a6:a2:7a: 03:25:56:79:f5:33:b7:fa:80:bd:82:dd:3f:d9:39: d1:c2:a8:b8:ab:87:c3:12:3a:80:97:85:a1:c2:d6: 8a:94:eb:33:25:cf:96:3f:eb:78:25:12:43:34:45: 66:0a:a0:15:6a:cc:83:91:e0:64:26:54:1d:f7:c0: 8d:9b:2c:33:82:dc:92:f2:dd:78:5b:06:33:99:be: e5:f2:32:46:f1:5b:4d:1f:79:d3:7c:f4:7b:8b:22: 76:00:2c:c8:7e:c6:11:7a:cf:d6:95:dd:d7:51:54: 3d:75:e8:b1:32:14:1c:e3:03:3a:41:79:b2:c2:a0: c9:c9:df:e0:fa:e0:db:e3:36:57:38:e5:ea:67:bf: 88:ac:49:aa:4f:7f:a4:2f:47:d0:9c:dd:89:c6:14: fd:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E5:F3:03:06:BF:CC:81:D0:0F:9F:7B:AD:A6:D1:BB:6D:56:63:9D:DB X509v3 Authority Key Identifier: keyid:E3:43:84:05:47:64:02:A3:AA:8F:98:7C:3A:FA:06:90:D9:6E:D4:74 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9406/9868A9F0170911EDB6F80868C4F9AE02/40OEBUdkAqOqj5h8OvoGkNlu1HQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/40OEBUdkAqOqj5h8OvoGkNlu1HQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9406/9868A9F0170911EDB6F80868C4F9AE02/40OEBUdkAqOqj5h8OvoGkNlu1HQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 59:0a:12:8c:9f:9d:fc:41:5f:9a:8d:46:04:ec:4e:33:e3:34: 30:5c:e4:4a:62:47:96:22:e9:8e:b4:b1:58:fd:8e:e0:b4:bf: 95:76:c2:76:1d:89:c5:52:9c:37:d8:76:44:07:8d:79:90:96: 33:7b:e0:57:e3:2d:f2:4c:70:80:f2:52:0b:46:8e:8e:65:e0: ee:ac:a2:43:ed:10:00:30:87:6b:0c:bd:98:4d:db:46:5a:25: 4b:e5:80:f3:93:bc:65:43:6a:eb:71:5c:b3:4b:61:90:d5:f2: cf:b7:cc:c1:88:33:65:07:4c:7b:04:62:63:dc:dc:8e:c6:a3: 5b:bd:ec:5c:ee:bd:d8:11:98:c4:5a:36:b5:03:72:90:1b:1e: d9:2c:c2:a6:fa:46:d5:f0:3b:06:49:0d:da:e1:57:c6:25:2b: ef:c6:b5:7a:9e:12:24:2b:48:26:cd:7b:29:ba:92:3c:50:da: d2:fe:6d:a4:11:f7:f2:43:81:15:f3:88:c3:dc:a2:df:77:e3: 37:8d:f8:9a:d3:f1:57:1f:6f:5e:d9:46:05:0e:6f:d8:26:e1: 2c:b4:eb:65:0a:0b:4a:20:03:3d:05:ad:71:39:d9:39:f1:79: 4f:aa:3c:36:98:84:71:22:f2:86:71:07:f7:9a:54:fd:12:a6: 55:0f:cd:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTk0MDYxMTAvBgNVBAUTKEUzNDM4NDA1NDc2NDAyQTNBQThGOTg3QzNBRkEwNjkw RDk2RUQ0NzQwHhcNMjUxMTA1MDEzNTE0WhcNMjUxMTEyMDEzNTE0WjAYMRYwFAYD VQQDEw02OTBhYTlkMy0yMzQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAupPp5zf9ovuDTOBWq0Va+HcCC+RfIO93056TVD3lYYZLVjgG2tQuJno6b3FW M6BD5Bje5V33MJPTsMCq8Pf9H49XM6cU3Tg/pn3QpDPKjS1KJ26E5GvJ8HcVdxqN WD6na4Y17kKmonoDJVZ59TO3+oC9gt0/2TnRwqi4q4fDEjqAl4WhwtaKlOszJc+W P+t4JRJDNEVmCqAVasyDkeBkJlQd98CNmywzgtyS8t14WwYzmb7l8jJG8VtNH3nT fPR7iyJ2ACzIfsYRes/Wld3XUVQ9deixMhQc4wM6QXmywqDJyd/g+uDb4zZXOOXq Z7+IrEmqT3+kL0fQnN2JxhT9SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOXzAwa/ zIHQD597rabRu21WY53bMB8GA1UdIwQYMBaAFONDhAVHZAKjqo+YfDr6BpDZbtR0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOTQwNi85ODY4QTlGMDE3 MDkxMUVEQjZGODA4NjhDNEY5QUUwMi80ME9FQlVka0FxT3FqNWg4T3ZvR2tObHUx SFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzQwT0VCVWRrQXFPcWo1aDhPdm9Ha05sdTFIUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OTQwNi85ODY4QTlGMDE3MDkxMUVEQjZGODA4NjhDNEY5QUUwMi80ME9FQlVka0Fx T3FqNWg4T3ZvR2tObHUxSFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBZChKMn538QV+ajUYE7E4z4zQwXORKYkeWIumOtLFY/Y7gtL+VdsJ2 HYnFUpw32HZEB415kJYze+BX4y3yTHCA8lILRo6OZeDurKJD7RAAMIdrDL2YTdtG WiVL5YDzk7xlQ2rrcVyzS2GQ1fLPt8zBiDNlB0x7BGJj3NyOxqNbvexc7r3YEZjE Wja1A3KQGx7ZLMKm+kbV8DsGSQ3a4VfGJSvvxrV6nhIkK0gmzXspupI8UNrS/m2k EffyQ4EV84jD3KLfd+M3jfia0/FXH29e2UYFDm/YJuEstOtlCgtKIAM9Ba1xOdk5 8XlPqjw2mIRxIvKGcQf3mlT9EqZVD80+ -----END CERTIFICATE-----Generated at Wed Nov 5 13:29:44 2025 by rpki-client