$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft File: IsfsPNntTFDolKEbzXDQMQzV-Fk.mft (raw, json) Hash identifier: 5J9y+zg5zefiftrqeGqhH2Kd0fbGAldjtImOxom2Tio= Subject key identifier: FA:79:6D:8A:21:FB:B5:99:A5:41:7E:E3:B5:13:CF:8D:4C:50:DE:B9 Authority key identifier: 22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 Certificate issuer: /CN=A91EC225/serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Certificate serial: A8 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft Manifest number: A7 Signing time: Thu 06 Nov 2025 16:59:52 +0000 Manifest this update: Thu 06 Nov 2025 16:59:51 +0000 Manifest next update: Thu 13 Nov 2025 16:59:51 +0000 Files and hashes: 1: IsfsPNntTFDolKEbzXDQMQzV-Fk.crl (hash: SWER8un57d0ZPIz24oE4iXouvdwynDWMom6bxXb7WrM=) 2: 25D2B94CDECD11EFA79E4065C4F9AE02.roa (hash: AoCtdlkJJmrM0z3AC3jCQKm47jbQAWLBDnBBfT5EtYM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Nov 2025 16:59:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 168 (0xa8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC225, serialNumber=22C7EC3CD9ED4C50E894A11BCD70D0310CD5F859 Validity Not Before: Nov 6 16:59:51 2025 GMT Not After : Nov 13 16:59:51 2025 GMT Subject: CN=690cd407-7d00 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7f:fa:1c:d5:8c:fc:8e:72:5c:0c:28:3d:c8: 10:88:c0:7f:0d:b3:6c:65:95:51:2d:e3:61:50:fe: 29:7f:15:7b:ca:bd:cf:ad:5d:4f:74:db:f7:b0:09: 64:ab:cc:5e:0d:3a:80:61:e8:5e:e3:20:b7:b8:32: ee:19:87:91:89:6a:a8:a7:b7:fc:80:7e:9a:0a:68: 71:cc:3e:e5:ba:20:08:03:2a:80:04:ed:a0:c1:79: f9:e2:5b:df:89:c7:24:2d:ab:f1:d0:41:2f:fd:ef: bd:d0:20:74:f1:d5:3f:b1:ba:7f:59:2f:d1:e3:79: d5:fc:f5:ca:0e:9a:fb:35:32:7c:b9:37:a8:a2:20: 1a:1d:0f:6a:ae:61:f1:4b:97:24:3d:ab:b2:fd:29: 02:c8:ce:1f:ae:67:ff:36:d0:b3:24:14:8c:18:e7: a6:73:7f:80:c3:6a:16:52:f9:22:22:eb:69:e9:fb: 46:cc:4a:8f:b0:14:cb:8c:4c:09:22:41:f9:ee:85: 53:dd:44:a8:2d:da:b0:d9:60:8b:77:a7:29:6f:39: a5:35:67:84:09:e8:39:32:5a:01:6c:e5:2f:93:9d: 0c:2f:e6:32:af:c6:4c:c6:bd:b0:94:ea:fe:9b:10: 3c:a5:4a:75:14:09:08:99:39:5f:3d:c1:6e:bd:f4: 6a:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:79:6D:8A:21:FB:B5:99:A5:41:7E:E3:B5:13:CF:8D:4C:50:DE:B9 X509v3 Authority Key Identifier: keyid:22:C7:EC:3C:D9:ED:4C:50:E8:94:A1:1B:CD:70:D0:31:0C:D5:F8:59 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/IsfsPNntTFDolKEbzXDQMQzV-Fk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC225/C9447FF0BEF911EFBCF68944C4F9AE02/IsfsPNntTFDolKEbzXDQMQzV-Fk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:d8:fc:5b:2b:55:ce:bf:23:35:42:40:ad:82:b3:ee:c9:c8: a1:7d:d5:91:45:71:79:d0:39:da:e8:5b:9b:8a:b1:87:71:f8: b5:ec:77:84:01:06:56:43:23:ac:d1:ed:53:05:2e:a4:37:4f: 61:40:b9:99:fe:f1:d0:44:7f:08:a3:2a:66:ce:35:eb:e4:9d: 0d:13:90:09:a7:d7:11:21:43:26:41:4d:84:69:3e:51:b9:e7: e0:31:00:41:9b:e6:5a:76:9d:af:db:30:8e:54:c9:4e:ae:37: 02:48:18:a7:f9:e5:c0:f9:2b:dd:5f:14:17:2f:61:74:dd:2d: b7:6b:07:eb:fa:d3:27:a3:97:64:1d:ae:a2:64:c0:d0:67:2f: 7b:c7:b8:3e:c4:a5:fa:a8:80:e7:4b:4b:95:ab:eb:86:5c:2e: 75:fc:f5:32:99:4d:fb:6f:90:36:96:8b:ab:da:60:7f:84:73: 3b:10:9a:68:a8:3a:c9:5d:62:e5:a0:58:30:4f:e3:6b:b3:75: 29:df:7d:38:88:41:c2:d1:c5:fa:f0:c9:6c:40:ae:bb:9d:7c: 76:fb:88:53:61:3f:72:fb:35:a7:ba:f3:46:ba:d1:1f:4e:e5: 28:44:bc:2b:7f:57:8a:b1:f7:d2:c6:c8:e3:6e:77:a0:e1:5c: ff:14:a1:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUMyMjUxMTAvBgNVBAUTKDIyQzdFQzNDRDlFRDRDNTBFODk0QTExQkNENzBEMDMx MENENUY4NTkwHhcNMjUxMTA2MTY1OTUxWhcNMjUxMTEzMTY1OTUxWjAYMRYwFAYD VQQDEw02OTBjZDQwNy03ZDAwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnH/6HNWM/I5yXAwoPcgQiMB/DbNsZZVRLeNhUP4pfxV7yr3PrV1PdNv3sAlk q8xeDTqAYehe4yC3uDLuGYeRiWqop7f8gH6aCmhxzD7luiAIAyqABO2gwXn54lvf icckLavx0EEv/e+90CB08dU/sbp/WS/R43nV/PXKDpr7NTJ8uTeooiAaHQ9qrmHx S5ckPauy/SkCyM4frmf/NtCzJBSMGOemc3+Aw2oWUvkiIutp6ftGzEqPsBTLjEwJ IkH57oVT3USoLdqw2WCLd6cpbzmlNWeECeg5MloBbOUvk50ML+Yyr8ZMxr2wlOr+ mxA8pUp1FAkImTlfPcFuvfRqhwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPp5bYoh +7WZpUF+47UTz41MUN65MB8GA1UdIwQYMBaAFCLH7DzZ7UxQ6JShG81w0DEM1fhZ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzIyNS9DOTQ0N0ZGMEJF RjkxMUVGQkNGNjg5NDRDNEY5QUUwMi9Jc2ZzUE5udFRGRG9sS0VielhEUU1RelYt RmsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0lzZnNQTm50VEZEb2xLRWJ6WERRTVF6Vi1Gay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzIyNS9DOTQ0N0ZGMEJFRjkxMUVGQkNGNjg5NDRDNEY5QUUwMi9Jc2ZzUE5udFRG RG9sS0VielhEUU1RelYtRmsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA32PxbK1XOvyM1QkCtgrPuycihfdWRRXF50Dna6FubirGHcfi17HeE AQZWQyOs0e1TBS6kN09hQLmZ/vHQRH8IoypmzjXr5J0NE5AJp9cRIUMmQU2EaT5R uefgMQBBm+Zadp2v2zCOVMlOrjcCSBin+eXA+SvdXxQXL2F03S23awfr+tMno5dk Ha6iZMDQZy97x7g+xKX6qIDnS0uVq+uGXC51/PUymU37b5A2lour2mB/hHM7EJpo qDrJXWLloFgwT+Nrs3Up3304iEHC0cX68MlsQK67nXx2+4hTYT9y+zWnuvNGutEf TuUoRLwrf1eKsffSxsjjbneg4Vz/FKGv -----END CERTIFICATE-----Generated at Fri Nov 7 11:48:24 2025 by rpki-client