$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: LcCqy4dYTx30yuNKe1yc6RwZZO8ozqcs46vYwgjE+0o= Subject key identifier: 99:40:2C:2D:24:C5:DC:49:C3:35:3A:9C:3D:F0:1C:6A:0E:67:3C:E4 Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: E6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: E3 Signing time: Mon 27 Oct 2025 07:35:14 +0000 Manifest this update: Mon 27 Oct 2025 07:35:13 +0000 Manifest next update: Mon 03 Nov 2025 07:35:13 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: boq4v0LflJLyEB61gA57Ewe2+22tx05E63K9QOR+kt8=) 2: 4C738434ABD011F08EDDF110C4F9AE02.roa (hash: QzMQcl79jMhK/zyugK+WK4417ANs7GPPe+ng/DcUaGM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Nov 2025 07:35:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 230 (0xe6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7, serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: Oct 27 07:35:13 2025 GMT Not After : Nov 3 07:35:13 2025 GMT Subject: CN=68ff20b1-69f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:20:44:bb:f2:a0:87:75:59:bc:04:74:93:76: 27:ce:93:ed:4a:a6:16:91:e7:03:55:8e:e4:81:26: 5e:ff:8d:1a:82:5e:2e:7e:e2:41:59:7a:01:55:65: e8:94:c5:88:1f:af:f1:51:d3:03:fc:73:25:88:d4: 15:0f:f3:09:5d:15:a0:82:92:c4:d5:dd:73:da:dc: f9:98:21:5c:a7:06:c7:5d:03:6a:7d:d9:f3:80:68: 80:84:69:b9:da:f8:d7:bd:c4:4f:94:a4:f1:e4:fa: 29:26:52:19:d8:24:5c:cc:42:8a:0a:90:4b:48:1a: 8a:0f:18:0c:fe:1c:c7:ca:6f:ed:8f:82:5c:99:a6: b7:4e:74:09:76:97:f4:c6:0b:7d:b0:dd:8b:15:6d: 5c:f8:83:07:fc:e6:5e:67:6f:ce:45:8e:aa:2c:50: c9:ac:66:d8:ed:4f:af:7b:4b:c0:ca:50:82:cc:2c: 7d:7d:75:61:d3:6b:fb:dc:f5:fb:36:87:c1:e9:7c: b8:13:44:f3:19:4f:0a:ea:8f:2a:2e:19:07:af:d6: 9f:c2:36:f3:ad:da:e1:82:48:f9:de:ff:49:55:86: 34:1c:7d:4d:d3:5c:3f:52:be:c2:09:c7:a7:51:0c: f3:80:44:e8:2c:66:ab:6a:d4:9c:e0:4b:3a:9e:5d: 24:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:40:2C:2D:24:C5:DC:49:C3:35:3A:9C:3D:F0:1C:6A:0E:67:3C:E4 X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 89:56:b9:17:4c:d4:28:4a:4f:1e:7f:c4:00:10:26:36:66:c6: 07:31:ea:e3:ed:f2:68:38:53:76:16:7b:92:6b:86:86:de:eb: 4a:6a:a4:f1:63:be:23:c9:e7:08:10:cf:60:fe:b9:d2:be:57: c5:1c:5b:3c:c7:b3:30:60:aa:2c:3c:3c:5d:35:ad:ba:ad:4e: 27:f8:df:5a:94:f8:fa:9e:0d:78:65:31:1e:4e:c7:29:b6:6c: 89:d5:8b:26:d7:92:a9:9b:73:cb:2b:2a:75:61:7c:aa:e9:98: d5:36:90:a9:ff:31:e6:24:db:eb:8b:f0:1f:00:f1:b0:3e:81: 23:a6:81:9c:31:6b:9d:16:c5:c8:26:48:74:f8:e0:b9:09:9b: 12:63:43:ac:d8:50:f8:48:b4:18:45:cc:24:99:32:3a:2c:6a: 56:e9:ab:b0:30:53:b2:bc:26:f5:7e:90:47:15:59:b7:27:71: 49:0b:76:d3:dc:45:a5:64:72:73:e7:5f:3a:70:2e:22:cd:9a: 73:63:c7:b6:ca:35:e9:e7:a7:55:7d:a9:f7:63:ba:e2:78:54: c5:2b:07:3f:16:99:8d:5a:3d:d6:a8:ca:ea:6b:5a:83:25:dc: 87:e0:fc:a0:0b:6a:29:bd:4b:d4:36:e9:4c:7c:ba:1f:e4:39: 5c:8a:ae:13 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDRTcxMTAvBgNVBAUTKDkwMUE5RjlFOEFFNDA2MkU1MjE5Qjc2NTJEOEU5RkVF N0VDNUFFMzMwHhcNMjUxMDI3MDczNTEzWhcNMjUxMTAzMDczNTEzWjAYMRYwFAYD VQQDEw02OGZmMjBiMS02OWY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxyBEu/Kgh3VZvAR0k3YnzpPtSqYWkecDVY7kgSZe/40agl4ufuJBWXoBVWXo lMWIH6/xUdMD/HMliNQVD/MJXRWggpLE1d1z2tz5mCFcpwbHXQNqfdnzgGiAhGm5 2vjXvcRPlKTx5PopJlIZ2CRczEKKCpBLSBqKDxgM/hzHym/tj4Jcmaa3TnQJdpf0 xgt9sN2LFW1c+IMH/OZeZ2/ORY6qLFDJrGbY7U+ve0vAylCCzCx9fXVh02v73PX7 NofB6Xy4E0TzGU8K6o8qLhkHr9afwjbzrdrhgkj53v9JVYY0HH1N01w/Ur7CCcen UQzzgEToLGaratSc4Es6nl0kWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJlALC0k xdxJwzU6nD3wHGoOZzzkMB8GA1UdIwQYMBaAFJAan56K5AYuUhm3ZS2On+5+xa4z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNFNy83MkY3NUI5ODVB REQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0JpNVNHYmRsTFk2ZjduN0Zy ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJqTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNFNy83MkY3NUI5ODVBREQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0Jp NVNHYmRsTFk2ZjduN0Zyak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCJVrkXTNQoSk8ef8QAECY2ZsYHMerj7fJoOFN2FnuSa4aG3utKaqTx Y74jyecIEM9g/rnSvlfFHFs8x7MwYKosPDxdNa26rU4n+N9alPj6ng14ZTEeTscp tmyJ1Ysm15Kpm3PLKyp1YXyq6ZjVNpCp/zHmJNvri/AfAPGwPoEjpoGcMWudFsXI Jkh0+OC5CZsSY0Os2FD4SLQYRcwkmTI6LGpW6auwMFOyvCb1fpBHFVm3J3FJC3bT 3EWlZHJz5186cC4izZpzY8e2yjXp56dVfan3Y7rieFTFKwc/FpmNWj3WqMrqa1qD JdyH4PygC2opvUvUNulMfLof5Dlciq4T -----END CERTIFICATE-----Generated at Tue Oct 28 16:05:48 2025 by rpki-client