$ rpki-client -vvf rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft File: t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft (raw, json) Hash identifier: K+APCRzZlZYvyPeHU7ud9Oxc4ro7RzPF7vr5nyWMdZE= Subject key identifier: E4:93:D2:5D:4A:BE:62:89:E3:A4:86:41:36:EC:01:1B:A3:3A:0F:93 Authority key identifier: B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA Certificate issuer: /CN=A91F91EB/serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Certificate serial: 0CDA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft Manifest number: 0CD4 Signing time: Wed 22 Oct 2025 18:39:34 +0000 Manifest this update: Wed 22 Oct 2025 18:39:33 +0000 Manifest next update: Wed 29 Oct 2025 18:39:33 +0000 Files and hashes: 1: t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl (hash: rw7IUd83xMRl6L6vXrLGq40jhQA7tNFSYFKgylwVnDw=) 2: 8D243F849A6D11EA8674310DC4F9AE02.roa (hash: ZlxWP9id3BOwgT849Ql20JmEjoi9oTlH+F8ceOZ0tcg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 18:39:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3290 (0xcda) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F91EB, serialNumber=B7DCE14112A02982F5757CAB8D3491032C8E18FA Validity Not Before: Oct 22 18:39:33 2025 GMT Not After : Oct 29 18:39:33 2025 GMT Subject: CN=68f924e6-a6bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:78:4b:19:9a:bf:0a:ef:b4:0f:e7:95:ea:75: 53:06:b5:b0:58:b4:38:d3:dd:5d:bd:f7:0a:dd:6b: d8:df:34:86:71:85:b8:20:c0:8f:64:6d:c5:13:4c: a5:ed:07:54:51:16:c5:ad:f0:a4:18:56:6d:05:1d: 23:36:c8:56:5b:13:e8:11:a0:1b:bc:3f:16:43:4f: ea:d5:a4:f5:d7:75:48:57:2c:cd:ea:f1:b7:8e:c0: 00:15:9b:94:8d:a3:3a:b5:a3:db:71:38:c0:4d:41: e4:fa:4d:98:89:ab:39:8b:69:ee:39:1d:e0:47:1a: a8:67:09:9e:18:2c:3c:44:7c:f5:d1:49:59:b0:3d: 0b:9c:fa:8a:c6:31:d2:80:39:1a:5c:60:0b:ef:69: f6:f5:21:cc:2e:5f:b5:7f:46:11:43:9c:e5:04:f8: ac:22:06:1a:75:14:bb:61:05:ad:96:e4:33:36:8d: 22:44:48:a5:71:12:1d:0a:35:8b:27:e7:c7:0c:41: 4e:66:8f:03:a4:8b:9c:f2:8f:9f:80:7f:15:56:d8: 1d:9a:98:b8:63:10:6a:39:ee:99:cc:b0:c5:d3:c2: e0:b6:17:be:80:3d:14:42:84:62:c5:0b:5a:f7:9a: 9d:ca:f7:6b:90:a6:81:62:d6:8c:6b:aa:9f:f4:11: 3c:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:93:D2:5D:4A:BE:62:89:E3:A4:86:41:36:EC:01:1B:A3:3A:0F:93 X509v3 Authority Key Identifier: keyid:B7:DC:E1:41:12:A0:29:82:F5:75:7C:AB:8D:34:91:03:2C:8E:18:FA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/t9zhQRKgKYL1dXyrjTSRAyyOGPo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F91EB/497F2BD8F70511E9ADBA451FC4F9AE02/t9zhQRKgKYL1dXyrjTSRAyyOGPo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:b5:2c:7d:b5:fb:c9:3c:fe:a7:8d:c9:0c:41:c2:3f:60:b4: 6c:7b:0b:47:5a:65:b7:1b:f2:9c:26:4c:5b:1c:d8:df:2c:d4: cb:52:8a:fa:9f:5c:a6:82:e7:95:63:5f:3d:22:64:5b:ad:93: f7:b6:ff:4f:b0:6e:0d:0a:27:1a:0f:e5:12:bd:62:ae:7f:63: a7:94:f9:ef:e4:9d:e4:60:c6:19:e3:4f:2e:b4:ec:90:20:31: e7:18:f5:69:a3:f4:e7:a8:b2:0a:fe:0d:c2:fd:68:be:4b:56: dc:88:6b:be:6e:9f:56:19:3a:ce:96:aa:48:82:24:67:8a:e1: 2d:2c:8c:1e:62:c6:94:8c:8c:b4:31:fc:ba:97:6b:7d:25:80: 61:f2:16:fb:4f:3c:d3:8a:08:c9:7a:b4:5e:fb:f8:91:44:3d: 81:ff:d8:ca:83:3b:97:70:a9:05:82:49:10:29:c9:40:e4:11: 4b:8d:1b:51:13:31:a8:12:80:9c:a8:75:e7:5c:d0:06:3e:66: d8:55:a0:a0:89:c0:bc:cd:bd:0e:41:79:84:39:4c:49:5a:0e: 69:c6:cd:4e:3d:b4:ea:49:a3:5f:bd:ad:cb:43:44:57:07:94: 25:59:15:12:21:bc:77:dd:71:b1:ee:c8:f8:4d:01:ad:78:f8: bf:10:2c:f9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjkxRUIxMTAvBgNVBAUTKEI3RENFMTQxMTJBMDI5ODJGNTc1N0NBQjhEMzQ5MTAz MkM4RTE4RkEwHhcNMjUxMDIyMTgzOTMzWhcNMjUxMDI5MTgzOTMzWjAYMRYwFAYD VQQDEw02OGY5MjRlNi1hNmJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2XhLGZq/Cu+0D+eV6nVTBrWwWLQ4091dvfcK3WvY3zSGcYW4IMCPZG3FE0yl 7QdUURbFrfCkGFZtBR0jNshWWxPoEaAbvD8WQ0/q1aT113VIVyzN6vG3jsAAFZuU jaM6taPbcTjATUHk+k2Yias5i2nuOR3gRxqoZwmeGCw8RHz10UlZsD0LnPqKxjHS gDkaXGAL72n29SHMLl+1f0YRQ5zlBPisIgYadRS7YQWtluQzNo0iREilcRIdCjWL J+fHDEFOZo8DpIuc8o+fgH8VVtgdmpi4YxBqOe6ZzLDF08Lgthe+gD0UQoRixQta 95qdyvdrkKaBYtaMa6qf9BE86wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOST0l1K vmKJ46SGQTbsARujOg+TMB8GA1UdIwQYMBaAFLfc4UESoCmC9XV8q400kQMsjhj6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGOTFFQi80OTdGMkJEOEY3 MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZTDFkWHlyalRTUkF5eU9H UG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL3Q5emhRUktnS1lMMWRYeXJqVFNSQXl5T0dQby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG OTFFQi80OTdGMkJEOEY3MDUxMUU5QURCQTQ1MUZDNEY5QUUwMi90OXpoUVJLZ0tZ TDFkWHlyalRTUkF5eU9HUG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKtSx9tfvJPP6njckMQcI/YLRsewtHWmW3G/KcJkxbHNjfLNTLUor6 n1ymgueVY189ImRbrZP3tv9PsG4NCicaD+USvWKuf2OnlPnv5J3kYMYZ408utOyQ IDHnGPVpo/TnqLIK/g3C/Wi+S1bciGu+bp9WGTrOlqpIgiRniuEtLIweYsaUjIy0 Mfy6l2t9JYBh8hb7TzzTigjJerRe+/iRRD2B/9jKgzuXcKkFgkkQKclA5BFLjRtR EzGoEoCcqHXnXNAGPmbYVaCgicC8zb0OQXmEOUxJWg5pxs1OPbTqSaNfva3LQ0RX B5QlWRUSIbx33XGx7sj4TQGtePi/ECz5 -----END CERTIFICATE-----Generated at Thu Oct 23 04:00:19 2025 by rpki-client