$ rpki-client -vvf rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft File: QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft (raw, json) Hash identifier: xJ2ZPU8zauwFjmQiXeGt4VtIEnJfkMogcjCG6ZT5+Os= Subject key identifier: C3:D5:F2:66:3C:B5:9B:14:8E:13:9F:4E:BB:B6:12:C7:A6:33:6A:12 Authority key identifier: 42:67:CF:5D:03:00:4A:8F:EF:DF:21:39:5D:0F:E8:24:54:8B:13:C1 Certificate issuer: /CN=A91FCEB1/serialNumber=4267CF5D03004A8FEFDF21395D0FE824548B13C1 Certificate serial: 20DC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmfPXQMASo_v3yE5XQ_oJFSLE8E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft Manifest number: 282F Signing time: Sun 02 Nov 2025 15:57:40 +0000 Manifest this update: Sun 02 Nov 2025 15:57:39 +0000 Manifest next update: Sun 09 Nov 2025 15:57:39 +0000 Files and hashes: 1: QmfPXQMASo_v3yE5XQ_oJFSLE8E.crl (hash: BZ6Xg8RbgroQLs3HvyPgqnxT6UwKZj82+3ZtT+To59g=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.crl rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmfPXQMASo_v3yE5XQ_oJFSLE8E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 15:57:39 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 8412 (0x20dc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FCEB1, serialNumber=4267CF5D03004A8FEFDF21395D0FE824548B13C1 Validity Not Before: Nov 2 15:57:39 2025 GMT Not After : Nov 9 15:57:39 2025 GMT Subject: CN=69077f74-aa06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:86:2e:33:c4:2a:5f:d1:62:11:4f:29:13:97: cc:d0:c8:1d:96:a3:d7:ca:b2:80:65:d9:3c:67:70: 27:b8:13:33:6b:fa:26:34:b6:f1:1b:47:bb:87:5e: 9a:d9:34:63:77:ea:ae:11:55:e6:89:d8:30:ad:36: 4d:24:62:6a:39:d5:19:3f:92:6c:1c:60:2e:21:b8: 40:9e:0e:49:14:5d:c5:ee:c0:29:06:3a:2a:a3:34: ba:fc:65:24:2a:3d:8f:61:50:1b:80:f0:e1:f6:4f: f5:1b:bb:55:e2:72:34:38:3a:8f:a9:ca:32:a7:0c: a2:b8:67:5c:88:19:14:13:a4:d6:3e:83:88:0c:68: e0:a4:c8:e0:3f:6f:bf:32:0d:9a:7f:a7:49:c6:ef: f3:ec:ce:01:13:9d:b8:09:07:2c:7e:69:dc:f2:06: 94:69:2c:79:fc:d8:a9:14:14:87:5f:89:52:63:eb: 8d:2f:b5:18:d7:64:06:86:90:4a:86:86:e7:e7:da: 67:72:12:2e:3f:36:74:87:43:77:f6:10:44:9f:ea: 37:5b:01:e9:a3:38:5f:2e:79:dc:f2:1f:72:a4:d7: f0:e8:00:8f:03:47:42:a8:40:4b:a5:b2:14:bb:d5: 95:bb:b5:26:f4:14:1e:fc:f2:91:d2:c0:ef:66:38: 5a:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:D5:F2:66:3C:B5:9B:14:8E:13:9F:4E:BB:B6:12:C7:A6:33:6A:12 X509v3 Authority Key Identifier: keyid:42:67:CF:5D:03:00:4A:8F:EF:DF:21:39:5D:0F:E8:24:54:8B:13:C1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QmfPXQMASo_v3yE5XQ_oJFSLE8E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FCEB1/EFB875C808C911E68C778878C4F9AE02/QmfPXQMASo_v3yE5XQ_oJFSLE8E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:77:d7:0a:b5:92:b4:46:a6:b7:3d:aa:b5:b2:41:7c:74:5b: f9:cc:90:fb:f0:03:ac:ed:57:7a:f4:25:d3:93:20:58:14:61: 8f:3e:5d:1c:a9:cb:06:1d:de:6d:bb:4b:b5:b3:4f:df:93:20: 3a:aa:ec:b2:5c:9c:31:07:9e:2f:ed:5c:62:aa:f7:97:ea:a1: 33:26:94:b8:95:78:57:8f:80:5a:0c:d4:36:02:1d:7d:be:9a: 65:1d:5d:d0:96:1b:a2:e7:ca:8b:71:ba:d0:39:d3:80:71:e6: aa:75:90:a3:ba:67:34:a8:df:18:a6:68:fb:ef:ea:b8:26:8d: d0:40:65:9c:3c:75:3a:b9:16:37:77:92:9c:41:27:5d:d1:fc: dd:af:d5:64:57:4b:74:52:8c:0c:68:77:1b:79:ac:d7:28:e8: 4a:09:f8:4d:dd:03:e6:6d:80:a6:c6:6d:3b:5b:71:04:ef:f6: 11:e4:e3:2d:e6:7b:95:ae:3f:0f:6e:43:99:eb:ce:c7:33:38: e0:b9:c5:2b:14:39:52:83:f5:7e:c9:a4:06:e0:5c:9e:51:72: 17:c0:d9:7b:86:0c:9d:4c:0b:d3:20:09:3e:91:fc:0d:19:7b: 9a:38:e4:65:66:4d:d9:93:94:93:75:3b:54:3b:b1:a1:79:03: 74:90:60:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICINwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkNFQjExMTAvBgNVBAUTKDQyNjdDRjVEMDMwMDRBOEZFRkRGMjEzOTVEMEZFODI0 NTQ4QjEzQzEwHhcNMjUxMTAyMTU1NzM5WhcNMjUxMTA5MTU1NzM5WjAYMRYwFAYD VQQDEw02OTA3N2Y3NC1hYTA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuIYuM8QqX9FiEU8pE5fM0MgdlqPXyrKAZdk8Z3AnuBMza/omNLbxG0e7h16a 2TRjd+quEVXmidgwrTZNJGJqOdUZP5JsHGAuIbhAng5JFF3F7sApBjoqozS6/GUk Kj2PYVAbgPDh9k/1G7tV4nI0ODqPqcoypwyiuGdciBkUE6TWPoOIDGjgpMjgP2+/ Mg2af6dJxu/z7M4BE524CQcsfmnc8gaUaSx5/NipFBSHX4lSY+uNL7UY12QGhpBK hobn59pnchIuPzZ0h0N39hBEn+o3WwHpozhfLnnc8h9ypNfw6ACPA0dCqEBLpbIU u9WVu7Um9BQe/PKR0sDvZjhaSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMPV8mY8 tZsUjhOfTru2EsemM2oSMB8GA1UdIwQYMBaAFEJnz10DAEqP798hOV0P6CRUixPB MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQ0VCMS9FRkI4NzVDODA4 QzkxMUU2OEM3Nzg4NzhDNEY5QUUwMi9RbWZQWFFNQVNvX3YzeUU1WFFfb0pGU0xF OEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1FtZlBYUU1BU29fdjN5RTVYUV9vSkZTTEU4RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG Q0VCMS9FRkI4NzVDODA4QzkxMUU2OEM3Nzg4NzhDNEY5QUUwMi9RbWZQWFFNQVNv X3YzeUU1WFFfb0pGU0xFOEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQByd9cKtZK0Rqa3Paq1skF8dFv5zJD78AOs7Vd69CXTkyBYFGGPPl0c qcsGHd5tu0u1s0/fkyA6quyyXJwxB54v7VxiqveX6qEzJpS4lXhXj4BaDNQ2Ah19 vpplHV3Qlhui58qLcbrQOdOAceaqdZCjumc0qN8Ypmj77+q4Jo3QQGWcPHU6uRY3 d5KcQSdd0fzdr9VkV0t0UowMaHcbeazXKOhKCfhN3QPmbYCmxm07W3EE7/YR5OMt 5nuVrj8PbkOZ687HMzjgucUrFDlSg/V+yaQG4FyeUXIXwNl7hgydTAvTIAk+kfwN GXuaOORlZk3Zk5STdTtUO7GheQN0kGBE -----END CERTIFICATE-----Generated at Tue Nov 4 01:01:58 2025 by rpki-client