$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2DDD/B4A283629E1B11E98E1E4E5EC4F9AE02/ySTN5BVFl0tvV4MubGA7zIlm2eA.mft File: ySTN5BVFl0tvV4MubGA7zIlm2eA.mft (raw, json) Hash identifier: ZrTwU5sv3kVckks1Ude9UObOh6Vd0kSRA9eFiRCte0s= Subject key identifier: CB:A5:26:DF:CD:B4:FA:B6:05:FF:C0:17:68:C4:97:83:95:4D:A8:30 Authority key identifier: C9:24:CD:E4:15:45:97:4B:6F:57:83:2E:6C:60:3B:CC:89:66:D9:E0 Certificate issuer: /CN=A91F2DDD/serialNumber=C924CDE41545974B6F57832E6C603BCC8966D9E0 Certificate serial: 0362 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySTN5BVFl0tvV4MubGA7zIlm2eA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2DDD/B4A283629E1B11E98E1E4E5EC4F9AE02/ySTN5BVFl0tvV4MubGA7zIlm2eA.mft Manifest number: 11FB Signing time: Tue 04 Nov 2025 17:46:18 +0000 Manifest this update: Tue 04 Nov 2025 17:46:18 +0000 Manifest next update: Tue 11 Nov 2025 17:46:18 +0000 Files and hashes: 1: ySTN5BVFl0tvV4MubGA7zIlm2eA.crl (hash: H+JpzldyZW6VqUimktLMTu9aoYJyhlMk5ibAn1/SU3g=) 2: 2FBEB0B0D5B011EC90A8A031C4F9AE02.roa (hash: dTotqn1MA4iFciet41gKXuxTQQQVUzcSiuTmgAsBCPA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2DDD/B4A283629E1B11E98E1E4E5EC4F9AE02/ySTN5BVFl0tvV4MubGA7zIlm2eA.crl rsync://rpki.apnic.net/member_repository/A91F2DDD/B4A283629E1B11E98E1E4E5EC4F9AE02/ySTN5BVFl0tvV4MubGA7zIlm2eA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySTN5BVFl0tvV4MubGA7zIlm2eA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:46:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 866 (0x362) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2DDD, serialNumber=C924CDE41545974B6F57832E6C603BCC8966D9E0 Validity Not Before: Nov 4 17:46:18 2025 GMT Not After : Nov 11 17:46:18 2025 GMT Subject: CN=690a3bea-69f9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f4:01:56:13:7f:80:39:58:2f:2c:01:7b:cd:21: 06:48:14:98:b2:d7:58:36:db:99:26:66:f6:1b:e2: bf:46:72:6a:9d:a6:69:1c:54:23:3e:52:50:ef:b1: f6:ce:a3:b8:f9:86:35:73:4e:e4:3b:22:a8:cf:5f: d5:f9:dc:4c:08:3a:36:80:61:b5:78:4d:e1:3c:68: 12:e3:76:4b:a3:a1:76:93:d8:5b:e6:bc:3b:08:6f: 95:dd:f5:8f:89:3a:6f:5f:6c:69:db:12:bf:bd:95: c2:11:89:23:c0:85:ab:d6:bc:5d:b1:a4:34:ec:63: 14:45:07:0c:26:b6:71:24:20:8b:14:12:13:79:e4: f8:90:1a:01:9c:f2:04:1c:bd:51:46:bf:49:d6:a1: ea:72:b9:b0:b1:9a:0b:87:72:04:6c:37:d4:82:fa: 94:98:f0:05:ef:c1:6c:ac:58:48:62:0a:1b:bf:a7: f6:4e:27:35:39:d6:63:ce:87:dc:53:37:bb:29:94: f2:ba:20:ac:8d:fd:d5:49:ae:b0:a1:69:d5:f8:96: a8:46:1f:5c:7e:26:06:41:fe:92:05:e9:f0:b8:1a: 9e:4e:ff:9f:26:09:a5:b3:c4:31:61:9d:a8:7f:b7: 12:de:8a:6b:00:39:37:a5:05:6d:9c:2b:f0:64:d7: b0:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CB:A5:26:DF:CD:B4:FA:B6:05:FF:C0:17:68:C4:97:83:95:4D:A8:30 X509v3 Authority Key Identifier: keyid:C9:24:CD:E4:15:45:97:4B:6F:57:83:2E:6C:60:3B:CC:89:66:D9:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2DDD/B4A283629E1B11E98E1E4E5EC4F9AE02/ySTN5BVFl0tvV4MubGA7zIlm2eA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ySTN5BVFl0tvV4MubGA7zIlm2eA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2DDD/B4A283629E1B11E98E1E4E5EC4F9AE02/ySTN5BVFl0tvV4MubGA7zIlm2eA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:f1:70:45:b0:61:14:7c:c1:db:2b:16:48:11:f2:ff:05:ef: 1f:df:e6:e9:6b:f9:ec:2f:14:a8:26:d2:90:6a:93:a0:8a:27: f5:c8:19:55:9f:9d:b3:8b:16:b8:a1:8f:aa:a2:bf:0e:99:5e: e5:7c:5e:e1:d4:66:ce:28:c1:56:fc:29:91:d0:f1:11:0e:b4: 9a:2b:de:ab:e0:17:9f:f6:2b:ca:1e:43:09:2d:de:a9:16:2b: c1:87:76:90:1b:6d:93:14:21:0c:16:e2:8c:27:ff:8f:bb:86: 94:c1:50:33:2a:d4:fe:3d:62:b7:81:3c:b0:10:47:6e:9b:b9: cf:a6:3a:26:85:c6:32:c3:00:29:87:95:24:5e:1b:12:84:a1: 03:bb:27:0b:d8:72:3d:9f:30:0b:3a:8b:45:b7:6d:53:de:17: b2:b7:62:1f:43:17:79:97:ef:cd:87:9f:6f:d9:91:d8:c1:21: 6c:fc:00:76:76:5f:8c:bf:c6:f9:2b:e3:85:c6:96:03:5c:b4: 3a:e9:c1:38:5b:eb:19:69:bd:d6:1e:98:2d:b5:e5:55:67:29: cb:34:f2:6b:e9:97:1b:d7:27:00:84:0c:c8:16:ae:b1:16:8f: aa:09:2b:a5:68:0c:b8:ed:a9:73:dc:70:a0:36:ed:cd:55:72: d6:7a:b5:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA2IwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJEREQxMTAvBgNVBAUTKEM5MjRDREU0MTU0NTk3NEI2RjU3ODMyRTZDNjAzQkND ODk2NkQ5RTAwHhcNMjUxMTA0MTc0NjE4WhcNMjUxMTExMTc0NjE4WjAYMRYwFAYD VQQDEw02OTBhM2JlYS02OWY5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9AFWE3+AOVgvLAF7zSEGSBSYstdYNtuZJmb2G+K/RnJqnaZpHFQjPlJQ77H2 zqO4+YY1c07kOyKoz1/V+dxMCDo2gGG1eE3hPGgS43ZLo6F2k9hb5rw7CG+V3fWP iTpvX2xp2xK/vZXCEYkjwIWr1rxdsaQ07GMURQcMJrZxJCCLFBITeeT4kBoBnPIE HL1RRr9J1qHqcrmwsZoLh3IEbDfUgvqUmPAF78FsrFhIYgobv6f2Tic1OdZjzofc Uze7KZTyuiCsjf3VSa6woWnV+JaoRh9cfiYGQf6SBenwuBqeTv+fJgmls8QxYZ2o f7cS3oprADk3pQVtnCvwZNewlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMulJt/N tPq2Bf/AF2jEl4OVTagwMB8GA1UdIwQYMBaAFMkkzeQVRZdLb1eDLmxgO8yJZtng MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkRERC9CNEEyODM2MjlF MUIxMUU5OEUxRTRFNUVDNEY5QUUwMi95U1RONUJWRmwwdHZWNE11YkdBN3pJbG0y ZUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3lTVE41QlZGbDB0dlY0TXViR0E3eklsbTJlQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkRERC9CNEEyODM2MjlFMUIxMUU5OEUxRTRFNUVDNEY5QUUwMi95U1RONUJWRmww dHZWNE11YkdBN3pJbG0yZUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCW8XBFsGEUfMHbKxZIEfL/Be8f3+bpa/nsLxSoJtKQapOgiif1yBlV n52zixa4oY+qor8OmV7lfF7h1GbOKMFW/CmR0PERDrSaK96r4Bef9ivKHkMJLd6p FivBh3aQG22TFCEMFuKMJ/+Pu4aUwVAzKtT+PWK3gTywEEdum7nPpjomhcYywwAp h5UkXhsShKEDuycL2HI9nzALOotFt21T3heyt2IfQxd5l+/Nh59v2ZHYwSFs/AB2 dl+Mv8b5K+OFxpYDXLQ66cE4W+sZab3WHpgtteVVZynLNPJr6Zcb1ycAhAzIFq6x Fo+qCSulaAy47alz3HCgNu3NVXLWerVT -----END CERTIFICATE-----Generated at Wed Nov 5 15:18:35 2025 by rpki-client