$ rpki-client -vvf rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft File: ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft (raw, json) Hash identifier: n+ioVXn95dKyLx6LBmSWhZLXDVUENNFNMQKezEDz92s= Subject key identifier: 8D:56:3E:CE:CE:B4:85:4C:29:66:F0:F8:1B:62:81:42:78:8E:01:67 Authority key identifier: 64:CC:C1:66:C5:8C:38:FE:8C:C1:97:6F:5C:F0:7C:1D:D0:6F:68:14 Certificate issuer: /CN=A91F09FE/serialNumber=64CCC166C58C38FE8CC1976F5CF07C1DD06F6814 Certificate serial: BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft Manifest number: BB Signing time: Mon 03 Nov 2025 05:57:15 +0000 Manifest this update: Mon 03 Nov 2025 05:57:14 +0000 Manifest next update: Mon 10 Nov 2025 05:57:14 +0000 Files and hashes: 1: ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.crl (hash: J513Zv6JcRUkqdjTK4AsW6HCIj1oou5DoAUA1Ns8DXc=) 2: 841585749B1211EFBFBF913CC4F9AE02.roa (hash: 0M5YhxGhV5QHRGKOQlvw9XsWvMIjTk3A7Z1MV3xW494=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.crl rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:57:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 189 (0xbd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F09FE, serialNumber=64CCC166C58C38FE8CC1976F5CF07C1DD06F6814 Validity Not Before: Nov 3 05:57:14 2025 GMT Not After : Nov 10 05:57:14 2025 GMT Subject: CN=6908443a-af0c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:83:53:99:13:45:96:97:80:28:2a:49:48:6f: 9a:9c:ca:a8:b9:cb:5c:91:28:d1:01:3d:e0:fc:39: 25:fe:ab:a8:d1:8b:f9:ff:0f:66:64:b6:ce:26:f9: 7e:0d:ce:5c:73:6b:5d:42:b8:4c:7c:63:eb:54:0f: fb:a6:a3:6f:31:7a:0b:b8:6b:82:29:f7:eb:ba:02: 72:17:e8:43:df:d3:ce:cf:7d:0d:8f:79:b8:4c:1b: c9:c4:8e:74:d4:6c:a6:f4:03:bb:2c:9d:95:23:35: 16:b9:e2:b6:96:52:cc:fa:fb:79:5d:86:67:c4:a7: 99:37:91:37:1a:54:66:6d:97:e2:60:c1:9e:53:45: 24:cc:72:cc:48:d3:2b:87:94:2d:32:50:f2:60:59: 8e:cd:56:15:99:bb:f0:58:cd:d0:42:57:b6:1d:17: e0:8f:aa:32:08:02:f8:fa:57:0d:39:f5:cd:b6:9a: 83:40:4b:9a:e6:e2:ce:65:83:88:b3:92:91:c8:29: 2c:93:3c:22:b9:af:68:22:94:79:67:6d:91:d4:fc: 20:55:c0:24:64:48:41:91:71:43:3f:25:63:5d:d9: d6:07:01:a1:ae:4e:6c:6f:b0:5c:07:8e:38:51:9d: d3:cd:12:b7:a7:a9:ee:04:35:d9:22:05:3d:39:1f: e6:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8D:56:3E:CE:CE:B4:85:4C:29:66:F0:F8:1B:62:81:42:78:8E:01:67 X509v3 Authority Key Identifier: keyid:64:CC:C1:66:C5:8C:38:FE:8C:C1:97:6F:5C:F0:7C:1D:D0:6F:68:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F09FE/3803AA1C9B1211EFA87BB43BC4F9AE02/ZMzBZsWMOP6MwZdvXPB8HdBvaBQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:79:53:77:ff:1b:14:9d:a8:a6:fa:68:33:38:d8:fc:b2:fa: 87:9b:8b:87:54:83:a2:37:51:29:3e:79:89:09:23:99:e4:36: 04:bf:83:f6:97:91:cf:82:cc:23:44:81:bd:21:ca:e0:8b:ba: f8:44:00:ff:c8:30:d3:4d:d1:c5:9d:0d:5f:88:1e:ef:35:ea: e1:c3:fb:9d:c0:ce:29:bb:56:42:2b:33:4b:d9:a2:b8:66:cd: 26:74:df:74:31:4c:98:ce:f1:ff:08:3c:d6:d7:8f:c5:e9:68: 3e:4b:7d:c3:04:7a:05:0e:5a:e2:bd:9a:3d:b7:7b:56:4a:db: 12:2d:63:83:72:9a:06:cf:e0:e1:13:b1:ea:84:1f:26:11:a9: c3:a3:65:8f:ff:a4:02:f8:58:3c:af:67:00:d5:14:45:88:2a: 93:0b:96:25:6a:8e:ea:63:a0:48:11:05:97:09:07:99:66:0f: 54:51:e9:f0:8f:f6:1a:f0:1b:5c:cb:02:62:20:d8:65:44:a3: 94:57:55:66:21:5a:5a:10:f2:04:4c:31:1e:ff:cb:5d:fe:2c: c5:4a:7e:01:fc:13:00:70:e3:cf:3a:a6:21:0c:78:75:50:02: af:61:30:dd:a1:8e:20:2c:b7:5a:05:8d:8a:e5:dc:63:91:28: ce:f4:45:5e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAL0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjA5RkUxMTAvBgNVBAUTKDY0Q0NDMTY2QzU4QzM4RkU4Q0MxOTc2RjVDRjA3QzFE RDA2RjY4MTQwHhcNMjUxMTAzMDU1NzE0WhcNMjUxMTEwMDU1NzE0WjAYMRYwFAYD VQQDEw02OTA4NDQzYS1hZjBjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyoNTmRNFlpeAKCpJSG+anMqouctckSjRAT3g/Dkl/quo0Yv5/w9mZLbOJvl+ Dc5cc2tdQrhMfGPrVA/7pqNvMXoLuGuCKffrugJyF+hD39POz30Nj3m4TBvJxI50 1Gym9AO7LJ2VIzUWueK2llLM+vt5XYZnxKeZN5E3GlRmbZfiYMGeU0UkzHLMSNMr h5QtMlDyYFmOzVYVmbvwWM3QQle2HRfgj6oyCAL4+lcNOfXNtpqDQEua5uLOZYOI s5KRyCkskzwiua9oIpR5Z22R1PwgVcAkZEhBkXFDPyVjXdnWBwGhrk5sb7BcB444 UZ3TzRK3p6nuBDXZIgU9OR/mYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI1WPs7O tIVMKWbw+BtigUJ4jgFnMB8GA1UdIwQYMBaAFGTMwWbFjDj+jMGXb1zwfB3Qb2gU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMDlGRS8zODAzQUExQzlC MTIxMUVGQTg3QkI0M0JDNEY5QUUwMi9aTXpCWnNXTU9QNk13WmR2WFBCOEhkQnZh QlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1pNekJac1dNT1A2TXdaZHZYUEI4SGRCdmFCUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MDlGRS8zODAzQUExQzlCMTIxMUVGQTg3QkI0M0JDNEY5QUUwMi9aTXpCWnNXTU9Q Nk13WmR2WFBCOEhkQnZhQlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaeVN3/xsUnaim+mgzONj8svqHm4uHVIOiN1EpPnmJCSOZ5DYEv4P2 l5HPgswjRIG9Icrgi7r4RAD/yDDTTdHFnQ1fiB7vNerhw/udwM4pu1ZCKzNL2aK4 Zs0mdN90MUyYzvH/CDzW14/F6Wg+S33DBHoFDlrivZo9t3tWStsSLWODcpoGz+Dh E7HqhB8mEanDo2WP/6QC+Fg8r2cA1RRFiCqTC5Ylao7qY6BIEQWXCQeZZg9UUenw j/Ya8BtcywJiINhlRKOUV1VmIVpaEPIETDEe/8td/izFSn4B/BMAcOPPOqYhDHh1 UAKvYTDdoY4gLLdaBY2K5dxjkSjO9EVe -----END CERTIFICATE-----Generated at Mon Nov 3 18:19:58 2025 by rpki-client