$ rpki-client -vvf rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft File: He-yCnpR7hjdetBq2qxJEePi95Q.mft (raw, json) Hash identifier: KEw/jOuPgKphp53U58/s18z8zNTf2AG+KLEBcFZBq9U= Subject key identifier: C2:FF:A5:F8:B4:5F:83:68:B6:08:49:36:73:64:25:AD:60:A2:33:58 Authority key identifier: 1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 Certificate issuer: /CN=A91285E3/serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Certificate serial: 022E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft Manifest number: 0228 Signing time: Wed 05 Nov 2025 02:10:14 +0000 Manifest this update: Wed 05 Nov 2025 02:10:13 +0000 Manifest next update: Wed 12 Nov 2025 02:10:13 +0000 Files and hashes: 1: He-yCnpR7hjdetBq2qxJEePi95Q.crl (hash: SLHzNJmFVk83+xbbdn9SvQY4HlgoA9sdx6pzm9kp06U=) 2: 54365208708411EDA8B14246C4F9AE02.roa (hash: mCCSZ+9WYvhaMFX9tC0Iaz2gMx4GH4ZGb0UPoAirqT8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:10:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 558 (0x22e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91285E3, serialNumber=1DEFB20A7A51EE18DD7AD06ADAAC4911E3E2F794 Validity Not Before: Nov 5 02:10:13 2025 GMT Not After : Nov 12 02:10:13 2025 GMT Subject: CN=690ab206-6048 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:55:72:45:58:95:78:31:f5:80:0a:ff:49:b6: 73:ca:5f:5e:44:f7:cd:48:28:03:f4:10:4f:10:00: 07:d5:97:f5:eb:a8:54:c0:1b:f6:46:e8:c6:e4:06: eb:17:00:9b:cf:8e:27:ad:53:13:73:82:c1:e4:18: 8a:44:13:9e:1f:ef:d8:2a:cf:67:97:e6:89:cb:de: cf:ac:af:5c:c5:3c:14:99:b4:0d:94:24:fa:f0:fd: 4e:6f:d1:1a:81:9c:33:f0:4a:71:04:c3:8e:c5:1b: e5:84:93:84:c9:f2:66:25:c3:64:d4:25:21:c7:4a: 81:78:d6:08:ac:af:53:0a:29:cf:63:94:d3:ec:e7: 7f:27:e9:87:34:cc:cc:9e:5c:bd:2a:49:47:26:d8: 73:42:33:c9:a4:ad:17:f3:97:70:31:3f:b2:ca:6a: 0e:29:91:20:ef:6d:fe:c8:0a:5c:24:c4:5c:da:f3: c7:10:1a:cd:28:8f:6f:3d:1e:04:9e:82:9e:10:8b: 72:52:e3:88:f6:9b:34:6e:fb:63:99:92:b1:fa:14: fb:6b:84:f9:84:80:e5:72:1a:7c:ee:9f:3a:5e:ad: b7:db:6d:ed:66:49:cd:46:48:96:a0:bb:88:3d:01: 12:ad:0a:03:55:70:06:0f:6a:0f:76:26:79:62:27: 71:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:FF:A5:F8:B4:5F:83:68:B6:08:49:36:73:64:25:AD:60:A2:33:58 X509v3 Authority Key Identifier: keyid:1D:EF:B2:0A:7A:51:EE:18:DD:7A:D0:6A:DA:AC:49:11:E3:E2:F7:94 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He-yCnpR7hjdetBq2qxJEePi95Q.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91285E3/1B12A824707911EDBAA7CD26C4F9AE02/He-yCnpR7hjdetBq2qxJEePi95Q.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:df:20:c6:0e:e2:2f:4a:9f:f5:a5:f5:c2:88:10:b7:69:bf: 45:d1:1b:a7:90:55:98:89:a0:e6:a1:d8:f9:d6:59:6e:d5:0a: 96:a2:b8:9c:36:ec:6e:60:a6:56:e0:22:4c:9f:a3:46:b3:e4: 1b:30:7f:db:97:06:3a:4a:4c:88:2c:1e:3e:ec:99:e5:d0:45: ce:86:60:1f:9e:ed:44:7b:d3:15:14:48:75:0f:4f:40:f9:23: 66:23:eb:e9:ac:02:be:82:b6:bf:e5:a8:87:0a:14:68:d0:64: 89:8e:9a:24:78:33:5b:c5:22:18:c6:5d:53:27:06:21:db:eb: b1:9b:1c:62:c6:6b:4b:5c:23:e3:7b:11:e8:90:dd:a9:c9:cf: e8:d3:62:8a:00:65:e8:ae:54:97:94:5f:a4:2b:ee:5c:4e:d0: df:e7:9f:38:91:17:49:b7:2c:e2:ab:44:b2:96:c0:2a:86:64: 5e:2c:7d:7c:e5:db:80:cf:c4:12:86:ed:10:ef:8f:dc:ef:eb: e8:be:bd:47:3e:c8:4d:66:5d:90:aa:05:a2:60:48:be:75:c7: 06:10:97:44:8e:88:f5:dc:83:55:b7:66:f0:58:95:63:ab:e7: 7e:e7:25:55:70:66:50:e7:08:14:bc:15:be:f4:44:c9:af:af: e7:30:35:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Mjg1RTMxMTAvBgNVBAUTKDFERUZCMjBBN0E1MUVFMThERDdBRDA2QURBQUM0OTEx RTNFMkY3OTQwHhcNMjUxMTA1MDIxMDEzWhcNMjUxMTEyMDIxMDEzWjAYMRYwFAYD VQQDEw02OTBhYjIwNi02MDQ4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA21VyRViVeDH1gAr/SbZzyl9eRPfNSCgD9BBPEAAH1Zf166hUwBv2RujG5Abr FwCbz44nrVMTc4LB5BiKRBOeH+/YKs9nl+aJy97PrK9cxTwUmbQNlCT68P1Ob9Ea gZwz8EpxBMOOxRvlhJOEyfJmJcNk1CUhx0qBeNYIrK9TCinPY5TT7Od/J+mHNMzM nly9KklHJthzQjPJpK0X85dwMT+yymoOKZEg723+yApcJMRc2vPHEBrNKI9vPR4E noKeEItyUuOI9ps0bvtjmZKx+hT7a4T5hIDlchp87p86Xq23223tZknNRkiWoLuI PQESrQoDVXAGD2oPdiZ5YidxSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFML/pfi0 X4NotghJNnNkJa1gojNYMB8GA1UdIwQYMBaAFB3vsgp6Ue4Y3XrQatqsSRHj4veU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyODVFMy8xQjEyQTgyNDcw NzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdoamRldEJxMnF4SkVlUGk5 NVEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlLXlDbnBSN2hqZGV0QnEycXhKRWVQaTk1US5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy ODVFMy8xQjEyQTgyNDcwNzkxMUVEQkFBN0NEMjZDNEY5QUUwMi9IZS15Q25wUjdo amRldEJxMnF4SkVlUGk5NVEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAW3yDGDuIvSp/1pfXCiBC3ab9F0RunkFWYiaDmodj51llu1QqWoric NuxuYKZW4CJMn6NGs+QbMH/blwY6SkyILB4+7Jnl0EXOhmAfnu1Ee9MVFEh1D09A +SNmI+vprAK+gra/5aiHChRo0GSJjpokeDNbxSIYxl1TJwYh2+uxmxxixmtLXCPj exHokN2pyc/o02KKAGXorlSXlF+kK+5cTtDf5584kRdJtyziq0SylsAqhmReLH18 5duAz8QShu0Q74/c7+vovr1HPshNZl2QqgWiYEi+dccGEJdEjoj13INVt2bwWJVj q+d+5yVVcGZQ5wgUvBW+9ETJr6/nMDXG -----END CERTIFICATE-----Generated at Wed Nov 5 12:22:34 2025 by rpki-client