$ rpki-client -vvf rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft File: CUoNzYAqBb91c_96buCnqXIFUNE.mft (raw, json) Hash identifier: r9kv/0Dca2B0vzYJcBoExRALJOLvtKqx059dHXpWF6k= Subject key identifier: 9A:DD:63:12:FC:3D:DE:9C:90:D8:40:F2:0A:D8:B0:2F:6B:C4:32:9D Authority key identifier: 09:4A:0D:CD:80:2A:05:BF:75:73:FF:7A:6E:E0:A7:A9:72:05:50:D1 Certificate issuer: /CN=A91EC93F/serialNumber=094A0DCD802A05BF7573FF7A6EE0A7A9720550D1 Certificate serial: 01DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUoNzYAqBb91c_96buCnqXIFUNE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft Manifest number: 01DB Signing time: Mon 03 Nov 2025 02:42:21 +0000 Manifest this update: Mon 03 Nov 2025 02:42:20 +0000 Manifest next update: Mon 10 Nov 2025 02:42:20 +0000 Files and hashes: 1: CUoNzYAqBb91c_96buCnqXIFUNE.crl (hash: MhutYrN1ZFDsDN1YLV6l5kZbUHbQ8QU1ZrNs+z2HR/E=) 2: 5BA557A6DEB011EDB7B0C04EC4F9AE02.roa (hash: SAjkukJRb4ZF5aM/fUJAbMY1lnAEeXzzgnRTsvAlM7Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.crl rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUoNzYAqBb91c_96buCnqXIFUNE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:42:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 478 (0x1de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EC93F, serialNumber=094A0DCD802A05BF7573FF7A6EE0A7A9720550D1 Validity Not Before: Nov 3 02:42:20 2025 GMT Not After : Nov 10 02:42:20 2025 GMT Subject: CN=6908168d-cca6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e4:2b:7b:68:22:61:31:79:6d:21:01:8c:d9:01: b1:0d:1f:24:5c:a4:98:95:64:75:7f:ae:82:b9:25: dc:57:ee:ba:eb:39:05:25:68:b7:28:98:06:94:88: 7c:a9:53:7d:29:52:5a:7b:de:8e:48:04:bc:4c:23: 7e:99:51:5d:98:a5:1c:9d:57:9f:40:04:42:82:f9: 16:58:ff:1f:e0:7d:c0:c1:d2:24:01:46:b7:f6:7a: e6:56:c0:ac:37:97:6a:21:15:8d:4e:f5:b0:cb:71: d7:6b:8c:44:60:e0:db:9d:4c:05:61:a3:5d:ca:cf: fe:a6:14:d1:0a:c3:24:b4:5e:91:d9:e8:93:fb:3d: 56:c2:f1:3a:30:3b:44:d6:94:e3:54:ca:10:7f:21: a5:00:af:b3:d2:03:7e:27:e2:0f:f2:32:f7:5b:83: 79:bc:15:05:c8:2a:3d:fe:e6:77:bb:08:f0:10:12: 6d:06:93:e2:b9:ec:b8:13:b0:03:b3:be:9d:3b:fb: 77:86:3f:3e:b3:5d:60:62:09:14:90:83:ef:c5:8c: 6c:2a:8b:92:e4:25:54:d1:56:c8:8e:d1:f5:eb:b2: 46:d5:ca:3b:24:1e:bd:55:da:a1:ce:90:33:64:6a: d2:3a:c3:a6:f1:2d:d4:5b:73:25:01:b9:bd:dd:c2: 56:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9A:DD:63:12:FC:3D:DE:9C:90:D8:40:F2:0A:D8:B0:2F:6B:C4:32:9D X509v3 Authority Key Identifier: keyid:09:4A:0D:CD:80:2A:05:BF:75:73:FF:7A:6E:E0:A7:A9:72:05:50:D1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CUoNzYAqBb91c_96buCnqXIFUNE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EC93F/60A8F88CDEAD11ED8A6DF14DC4F9AE02/CUoNzYAqBb91c_96buCnqXIFUNE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 61:b2:17:e5:68:c0:0d:a0:46:d2:f8:58:18:70:b1:8e:5d:70: b5:5b:de:d5:1a:5d:4f:5c:cb:4b:ca:9e:b3:cb:19:4c:97:f0: 83:70:b7:90:25:2c:26:37:38:aa:b4:17:67:b2:f8:f4:c1:5e: 02:3f:d7:37:f7:88:68:6b:3d:59:f7:fe:84:61:dc:f3:ef:d3: 30:76:6b:c4:a8:18:38:21:f8:ae:17:09:3e:f2:60:7b:9d:10: f5:65:63:69:b0:b3:a1:4e:92:58:24:f9:a5:bb:34:7c:56:93: 3e:f7:59:98:5a:89:81:44:1a:92:43:24:54:d7:92:1c:bf:21: 3d:18:91:88:89:b0:ac:98:a8:2a:90:1f:72:4e:3c:21:dc:14: 39:a1:73:66:18:a7:02:16:f8:6f:df:12:b4:c9:a1:ba:f7:55: 3b:4d:73:bc:30:90:13:7f:55:5b:4d:5c:72:87:9c:cc:71:e6: e5:ad:3a:32:42:fc:48:ee:fb:1f:9e:00:52:71:bb:68:fb:68: 92:1f:d1:9f:3b:62:08:52:fd:31:3c:5a:7a:1c:e0:8d:4b:d7: c5:33:89:10:a0:59:05:98:4b:34:12:d5:de:5e:38:48:b5:20: 62:6c:2f:48:87:ee:ac:20:e7:b7:73:85:1c:34:ba:c5:ce:5b: be:08:87:d9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUM5M0YxMTAvBgNVBAUTKDA5NEEwRENEODAyQTA1QkY3NTczRkY3QTZFRTBBN0E5 NzIwNTUwRDEwHhcNMjUxMTAzMDI0MjIwWhcNMjUxMTEwMDI0MjIwWjAYMRYwFAYD VQQDEw02OTA4MTY4ZC1jY2E2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5Ct7aCJhMXltIQGM2QGxDR8kXKSYlWR1f66CuSXcV+666zkFJWi3KJgGlIh8 qVN9KVJae96OSAS8TCN+mVFdmKUcnVefQARCgvkWWP8f4H3AwdIkAUa39nrmVsCs N5dqIRWNTvWwy3HXa4xEYODbnUwFYaNdys/+phTRCsMktF6R2eiT+z1WwvE6MDtE 1pTjVMoQfyGlAK+z0gN+J+IP8jL3W4N5vBUFyCo9/uZ3uwjwEBJtBpPiuey4E7AD s76dO/t3hj8+s11gYgkUkIPvxYxsKouS5CVU0VbIjtH167JG1co7JB69VdqhzpAz ZGrSOsOm8S3UW3MlAbm93cJW6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJrdYxL8 Pd6ckNhA8grYsC9rxDKdMB8GA1UdIwQYMBaAFAlKDc2AKgW/dXP/em7gp6lyBVDR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQzkzRi82MEE4Rjg4Q0RF QUQxMUVEOEE2REYxNERDNEY5QUUwMi9DVW9OellBcUJiOTFjXzk2YnVDbnFYSUZV TkUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NVb056WUFxQmI5MWNfOTZidUNucVhJRlVORS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QzkzRi82MEE4Rjg4Q0RFQUQxMUVEOEE2REYxNERDNEY5QUUwMi9DVW9OellBcUJi OTFjXzk2YnVDbnFYSUZVTkUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBhshflaMANoEbS+FgYcLGOXXC1W97VGl1PXMtLyp6zyxlMl/CDcLeQ JSwmNziqtBdnsvj0wV4CP9c394hoaz1Z9/6EYdzz79MwdmvEqBg4IfiuFwk+8mB7 nRD1ZWNpsLOhTpJYJPmluzR8VpM+91mYWomBRBqSQyRU15IcvyE9GJGIibCsmKgq kB9yTjwh3BQ5oXNmGKcCFvhv3xK0yaG691U7TXO8MJATf1VbTVxyh5zMceblrToy QvxI7vsfngBScbto+2iSH9GfO2IIUv0xPFp6HOCNS9fFM4kQoFkFmEs0EtXeXjhI tSBibC9Ih+6sIOe3c4UcNLrFzlu+CIfZ -----END CERTIFICATE-----Generated at Mon Nov 3 18:10:26 2025 by rpki-client