$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft File: JD5IKavy-QnBLdoET-XTa4IQU5I.mft (raw, json) Hash identifier: s7UtLK/aU3O/A1BcLLM8uhQXBYl4cydoJ2iMiF8Djww= Subject key identifier: 1C:6B:7D:62:BA:20:A6:91:A3:50:53:4A:CE:39:F7:8A:B8:71:FD:56 Authority key identifier: 24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 Certificate issuer: /CN=A91F2152/serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Certificate serial: 0CAE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft Manifest number: 0C9D Signing time: Sun 02 Nov 2025 18:23:09 +0000 Manifest this update: Sun 02 Nov 2025 18:23:09 +0000 Manifest next update: Sun 09 Nov 2025 18:23:09 +0000 Files and hashes: 1: JD5IKavy-QnBLdoET-XTa4IQU5I.crl (hash: J3O/GgAdVsNbc6VTG6SYZRwJSs5x1/dcXjj7x+JsRtw=) 2: 2CF214DC93A611F0B9B44571C4F9AE02.roa (hash: gDTlO8JdKBOhrYpdJ9YbTAbJbDClxcUd9QV6sNxI620=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:23:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3246 (0xcae) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2152, serialNumber=243E4829ABF2F909C12DDA044FE5D36B82105392 Validity Not Before: Nov 2 18:23:09 2025 GMT Not After : Nov 9 18:23:09 2025 GMT Subject: CN=6907a18d-8079 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:92:df:5b:d6:df:8a:95:a0:60:6e:83:9c:64:a6: 20:66:b2:af:b3:9b:5a:45:c6:89:48:e6:3c:0b:76: eb:7c:f0:59:60:ba:8d:d7:4b:4d:17:94:dd:fe:9f: 74:83:17:37:9c:b5:d8:2b:06:fe:f0:cb:ed:57:38: 20:c9:c3:8e:dd:f2:0f:3e:bc:84:af:a1:d6:67:43: be:88:0c:9b:b7:24:3c:8a:d0:40:6e:31:be:75:da: eb:84:ee:82:d4:58:ce:e9:c2:6f:f9:4a:17:ac:f3: d6:41:a5:5d:78:3d:0f:42:63:1d:fd:68:16:65:7a: be:99:52:43:d3:ee:1b:ef:03:90:2c:44:6d:f2:33: ec:9a:a8:a7:ef:9a:b0:73:0a:81:5e:34:dd:65:7a: a8:dc:e8:43:a0:4a:38:ae:bb:97:20:65:67:c9:8f: 0a:89:c4:2c:90:7b:04:56:cb:07:5b:fb:0c:4f:1d: 06:0f:ab:36:ab:c0:30:5c:59:b4:5b:c2:07:7c:43: e9:9f:0e:6d:0e:c0:b3:64:31:38:29:a1:78:56:60: 5e:e1:35:db:17:28:13:36:44:fa:b3:ff:ec:f5:02: 95:2b:4f:a1:3e:5e:a4:b8:f7:8c:93:73:3b:aa:dd: 46:f2:3f:b4:80:c0:c5:25:83:0f:ba:f4:0e:e3:1e: 55:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:6B:7D:62:BA:20:A6:91:A3:50:53:4A:CE:39:F7:8A:B8:71:FD:56 X509v3 Authority Key Identifier: keyid:24:3E:48:29:AB:F2:F9:09:C1:2D:DA:04:4F:E5:D3:6B:82:10:53:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/JD5IKavy-QnBLdoET-XTa4IQU5I.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2152/B7C6C60006D211EA8AAC9344C4F9AE02/JD5IKavy-QnBLdoET-XTa4IQU5I.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:d7:b7:87:57:8a:c3:dc:b6:32:8a:65:d8:bc:79:fc:4a:20: bc:53:08:c8:d4:95:da:01:97:e1:d0:1f:cb:21:5e:12:e0:02: 4b:5b:16:01:c7:48:b1:3a:af:22:f8:3b:ac:e2:5c:a6:c5:a7: 69:b7:3a:de:dc:c3:37:5e:99:fc:ef:7b:cf:b9:67:89:b2:61: 45:b9:f1:d0:f5:2f:69:57:00:b3:e2:a4:7d:e7:75:bf:23:e2: 92:42:c1:15:97:c5:fa:bd:23:6b:a7:de:2b:b5:38:d5:51:33: f7:6c:05:c8:31:1b:20:80:07:49:4b:d6:89:f2:2c:9e:cb:4d: ea:17:77:25:1a:45:bf:72:9f:21:ef:4a:e6:9a:d2:ef:47:56: 5b:52:ae:90:60:11:86:77:27:fa:56:3a:e3:41:58:32:86:29: 61:a9:c5:51:82:a5:9a:08:a3:e9:98:6d:81:59:27:e7:0a:90: 9d:d0:3a:b6:32:0c:f7:4f:18:39:66:bb:c6:b4:2a:f9:e1:6f: f4:32:18:c9:63:cf:5b:f2:16:88:7d:12:cf:69:39:4e:cf:20: 9c:6b:92:30:ce:51:72:7e:34:67:c0:91:96:b8:0f:30:e6:2c: 2f:71:9f:ee:01:b6:0b:28:e7:56:9c:43:5f:28:75:70:6f:36: 61:bb:f7:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDK4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjIxNTIxMTAvBgNVBAUTKDI0M0U0ODI5QUJGMkY5MDlDMTJEREEwNDRGRTVEMzZC ODIxMDUzOTIwHhcNMjUxMTAyMTgyMzA5WhcNMjUxMTA5MTgyMzA5WjAYMRYwFAYD VQQDEw02OTA3YTE4ZC04MDc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAkt9b1t+KlaBgboOcZKYgZrKvs5taRcaJSOY8C3brfPBZYLqN10tNF5Td/p90 gxc3nLXYKwb+8MvtVzggycOO3fIPPryEr6HWZ0O+iAybtyQ8itBAbjG+ddrrhO6C 1FjO6cJv+UoXrPPWQaVdeD0PQmMd/WgWZXq+mVJD0+4b7wOQLERt8jPsmqin75qw cwqBXjTdZXqo3OhDoEo4rruXIGVnyY8KicQskHsEVssHW/sMTx0GD6s2q8AwXFm0 W8IHfEPpnw5tDsCzZDE4KaF4VmBe4TXbFygTNkT6s//s9QKVK0+hPl6kuPeMk3M7 qt1G8j+0gMDFJYMPuvQO4x5VtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBxrfWK6 IKaRo1BTSs4594q4cf1WMB8GA1UdIwQYMBaAFCQ+SCmr8vkJwS3aBE/l02uCEFOS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMjE1Mi9CN0M2QzYwMDA2 RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1RbkJMZG9FVC1YVGE0SVFV NUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0pENUlLYXZ5LVFuQkxkb0VULVhUYTRJUVU1SS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MjE1Mi9CN0M2QzYwMDA2RDIxMUVBOEFBQzkzNDRDNEY5QUUwMi9KRDVJS2F2eS1R bkJMZG9FVC1YVGE0SVFVNUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB917eHV4rD3LYyimXYvHn8SiC8UwjI1JXaAZfh0B/LIV4S4AJLWxYB x0ixOq8i+Dus4lymxadptzre3MM3Xpn873vPuWeJsmFFufHQ9S9pVwCz4qR953W/ I+KSQsEVl8X6vSNrp94rtTjVUTP3bAXIMRsggAdJS9aJ8iyey03qF3clGkW/cp8h 70rmmtLvR1ZbUq6QYBGGdyf6VjrjQVgyhilhqcVRgqWaCKPpmG2BWSfnCpCd0Dq2 Mgz3Txg5ZrvGtCr54W/0MhjJY89b8haIfRLPaTlOzyCca5IwzlFyfjRnwJGWuA8w 5iwvcZ/uAbYLKOdWnENfKHVwbzZhu/eb -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:48 2025 by rpki-client