$ rpki-client -vvf rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft File: LnNx4gZThK0R1DN9DS7NH2bSGco.mft (raw, json) Hash identifier: /qR1ajytDPU7DNKRiVMKob2RH9xMaAw1JN+W05dokYM= Subject key identifier: 21:FA:5D:2C:CC:2F:AB:37:E7:A7:57:78:DA:D1:64:2C:69:25:A3:B8 Authority key identifier: 2E:73:71:E2:06:53:84:AD:11:D4:33:7D:0D:2E:CD:1F:66:D2:19:CA Certificate issuer: /CN=A91F5753/serialNumber=2E7371E2065384AD11D4337D0D2ECD1F66D219CA Certificate serial: 02AA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft Manifest number: 02A5 Signing time: Wed 05 Nov 2025 01:37:15 +0000 Manifest this update: Wed 05 Nov 2025 01:37:14 +0000 Manifest next update: Wed 12 Nov 2025 01:37:14 +0000 Files and hashes: 1: LnNx4gZThK0R1DN9DS7NH2bSGco.crl (hash: 7r1W8SpG9cGC4bsqou5a2rI4iL2X8RtA6wQhqY8Onns=) 2: 68C425FC1BBF11ED9F87C083C4F9AE02.roa (hash: x9csIWd6s8afCMS1YmHZZTrl70IFmSCSA9MRca7TL7s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.crl rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:37:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 682 (0x2aa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F5753, serialNumber=2E7371E2065384AD11D4337D0D2ECD1F66D219CA Validity Not Before: Nov 5 01:37:14 2025 GMT Not After : Nov 12 01:37:14 2025 GMT Subject: CN=690aaa4a-34cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:d0:ca:0d:58:54:33:83:35:b0:bd:ba:44:ad: 5d:b9:81:f7:e5:4d:ec:3b:10:18:a4:46:2c:41:de: 77:b1:59:33:94:d5:38:6f:52:78:3a:6e:da:26:62: 73:ed:39:09:1b:1f:8c:ea:6a:2b:cc:ca:8c:68:4f: dd:1e:ff:b0:d0:79:dd:61:c6:15:bb:27:93:9b:fc: e0:4d:d6:be:5b:f2:30:ff:3f:03:7d:fd:68:c9:7a: a9:58:0a:f6:09:5c:90:ff:ed:0f:e5:2f:03:0d:ca: c3:4a:c2:dc:8d:ce:01:f9:50:aa:6f:f2:41:c9:e5: a4:9e:f6:ee:b9:e7:75:6f:64:94:53:cc:f0:5f:f8: 2d:1d:0a:ae:76:57:f7:6c:2f:f1:7e:76:31:1c:6a: 11:eb:0f:6b:48:9a:46:41:e9:5a:5f:73:d4:c9:5f: e7:39:ae:ee:7b:d8:1e:fe:fa:2c:cc:86:c8:ac:f1: d7:b3:53:e7:62:28:b0:d9:14:20:39:83:7b:bc:34: b9:f8:d8:53:aa:f1:ab:d1:39:12:a1:05:7f:cc:c7: 82:3c:57:e4:44:b5:23:a5:c1:7b:cf:5a:64:1a:a3: f4:bc:79:f0:da:c3:35:7b:42:0b:dc:9b:7e:d9:2c: d1:7b:9c:b0:d3:68:ce:94:3c:f4:29:75:40:76:fb: b3:59 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 21:FA:5D:2C:CC:2F:AB:37:E7:A7:57:78:DA:D1:64:2C:69:25:A3:B8 X509v3 Authority Key Identifier: keyid:2E:73:71:E2:06:53:84:AD:11:D4:33:7D:0D:2E:CD:1F:66:D2:19:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LnNx4gZThK0R1DN9DS7NH2bSGco.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F5753/7B5624441BBB11EDA87F6E67C4F9AE02/LnNx4gZThK0R1DN9DS7NH2bSGco.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:ed:89:6e:7b:b2:4f:c3:22:43:45:cf:8c:63:98:05:e6:88: a3:af:5c:0e:a4:d8:d6:10:c7:ae:62:c0:30:cb:81:0b:2f:7b: 82:86:7b:fc:30:fb:ed:9c:ec:1c:a6:cc:99:f5:88:65:66:dc: 51:b5:40:23:13:ae:e4:92:3e:da:7c:f8:1b:3d:8b:1b:68:72: 90:bc:44:60:0a:f6:2b:75:c1:5e:65:4d:dc:9a:74:ec:ed:f9: 4b:c5:91:ef:50:a1:d0:5c:25:63:60:db:08:79:a8:1f:34:e7: d3:fe:d5:f4:5c:a7:64:92:f7:eb:c4:eb:7d:5f:11:e0:24:35: dc:85:2c:fd:f6:17:39:c0:86:f0:78:d9:17:06:9a:bd:14:af: 60:a2:4d:73:2b:96:06:17:fb:9a:fc:f2:00:e8:f3:f7:43:c2: 5b:df:6d:a9:d0:e7:e4:b3:7b:0b:21:fa:13:59:ba:79:02:2a: b5:10:27:34:eb:76:f4:ea:dc:7e:96:88:15:ae:51:e5:a3:f6: b8:9e:e1:61:eb:39:af:f2:ac:20:be:6b:93:68:3b:e7:b2:d3: c4:48:9e:aa:26:55:95:de:a9:4c:94:ba:0b:b2:dc:40:80:d7: d7:64:ef:0b:fa:1d:1f:79:7a:88:fb:be:82:2b:39:c2:37:1c: c5:a3:fd:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAqowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjU3NTMxMTAvBgNVBAUTKDJFNzM3MUUyMDY1Mzg0QUQxMUQ0MzM3RDBEMkVDRDFG NjZEMjE5Q0EwHhcNMjUxMTA1MDEzNzE0WhcNMjUxMTEyMDEzNzE0WjAYMRYwFAYD VQQDEw02OTBhYWE0YS0zNGNiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApdDKDVhUM4M1sL26RK1duYH35U3sOxAYpEYsQd53sVkzlNU4b1J4Om7aJmJz 7TkJGx+M6morzMqMaE/dHv+w0HndYcYVuyeTm/zgTda+W/Iw/z8Dff1oyXqpWAr2 CVyQ/+0P5S8DDcrDSsLcjc4B+VCqb/JByeWknvbuued1b2SUU8zwX/gtHQqudlf3 bC/xfnYxHGoR6w9rSJpGQelaX3PUyV/nOa7ue9ge/voszIbIrPHXs1PnYiiw2RQg OYN7vDS5+NhTqvGr0TkSoQV/zMeCPFfkRLUjpcF7z1pkGqP0vHnw2sM1e0IL3Jt+ 2SzRe5yw02jOlDz0KXVAdvuzWQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCH6XSzM L6s356dXeNrRZCxpJaO4MB8GA1UdIwQYMBaAFC5zceIGU4StEdQzfQ0uzR9m0hnK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNTc1My83QjU2MjQ0NDFC QkIxMUVEQTg3RjZFNjdDNEY5QUUwMi9Mbk54NGdaVGhLMFIxRE45RFM3TkgyYlNH Y28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xuTng0Z1pUaEswUjFETjlEUzdOSDJiU0djby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NTc1My83QjU2MjQ0NDFCQkIxMUVEQTg3RjZFNjdDNEY5QUUwMi9Mbk54NGdaVGhL MFIxRE45RFM3TkgyYlNHY28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAh7Ylue7JPwyJDRc+MY5gF5oijr1wOpNjWEMeuYsAwy4ELL3uChnv8 MPvtnOwcpsyZ9YhlZtxRtUAjE67kkj7afPgbPYsbaHKQvERgCvYrdcFeZU3cmnTs 7flLxZHvUKHQXCVjYNsIeagfNOfT/tX0XKdkkvfrxOt9XxHgJDXchSz99hc5wIbw eNkXBpq9FK9gok1zK5YGF/ua/PIA6PP3Q8Jb322p0Ofks3sLIfoTWbp5Aiq1ECc0 63b06tx+logVrlHlo/a4nuFh6zmv8qwgvmuTaDvnstPESJ6qJlWV3qlMlLoLstxA gNfXZO8L+h0feXqI+76CKznCNxzFo/0i -----END CERTIFICATE-----Generated at Wed Nov 5 13:35:28 2025 by rpki-client