$ rpki-client -vvf rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft File: hfK68bffHaqMiKtsXnjB_MP3jQg.mft (raw, json) Hash identifier: 0qNsaS56OASeUe+6Zrt2Vva465Yh4s/79vC9GeGUrsg= Subject key identifier: 45:E9:FF:CC:F3:B2:BA:A7:C2:3A:F8:FC:8D:6A:1D:5F:F2:70:BA:0E Authority key identifier: 85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 Certificate issuer: /CN=A91342C5/serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Certificate serial: 03FA Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft Manifest number: 03E8 Signing time: Mon 03 Nov 2025 00:34:51 +0000 Manifest this update: Mon 03 Nov 2025 00:34:50 +0000 Manifest next update: Mon 10 Nov 2025 00:34:50 +0000 Files and hashes: 1: hfK68bffHaqMiKtsXnjB_MP3jQg.crl (hash: mjU2uLAFsYi6z1ru9AZivs8tEBv5DIoBD6TaDLbmD10=) 2: A7FBA00E778811EDAE39280CC4F9AE02.roa (hash: A66Rcwdstkb/5EinIJWrWOuekP0qJLH5hk4F7NZimSw=) 3: 06FA5A64774011F0BE2D3736C4F9AE02.roa (hash: kpBK3OXshYOskuLSoO3uUhN6W4dairHEsqEKAKksIS4=) 4: F570D764773F11F09FC02036C4F9AE02.roa (hash: zmJ243eRg2Ohq2gJwqhBcxhyjwkk5xLJsekeFyx7Ld0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:34:50 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1018 (0x3fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91342C5, serialNumber=85F2BAF1B7DF1DAA8C88AB6C5E78C1FCC3F78D08 Validity Not Before: Nov 3 00:34:50 2025 GMT Not After : Nov 10 00:34:50 2025 GMT Subject: CN=6907f8ab-e3fb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:cf:a4:0f:78:1d:af:27:88:80:86:cb:a0:bd: dd:05:a6:ba:cf:72:6e:3f:ea:c1:37:9f:a0:4e:45: 5e:31:e0:5b:bc:d0:29:5b:61:d9:96:f9:01:a2:8b: 77:86:0d:bd:d3:0f:80:5e:26:de:34:e6:fc:8e:3f: 7b:fc:d3:a7:79:fa:dc:6b:a4:10:fd:0b:f8:1d:50: cd:cc:30:1a:a7:f8:b5:a6:a7:0b:c0:db:b2:d3:5c: 1d:82:6a:74:27:fc:d9:52:86:cb:d2:86:99:9d:8b: c8:e2:b9:ba:13:85:2e:65:29:c2:9d:56:b8:00:1b: 65:b6:9b:17:05:7d:14:c7:07:f6:50:41:c0:65:31: ff:6b:d2:17:ff:a3:93:d0:11:77:8d:db:9a:4e:72: 3a:8d:2c:79:08:0b:56:28:ed:3b:96:c4:2c:0a:b9: 9f:89:6e:c9:88:bc:cb:d0:38:01:0f:5b:c6:57:b2: dd:4c:5c:b0:ea:6d:52:97:fd:c4:26:b1:ba:50:dc: 72:da:26:5b:fd:7b:09:e9:91:64:24:80:04:cf:d3: 83:51:2e:99:1c:fe:82:e6:1c:09:25:dd:5d:ec:ae: 07:2e:b1:c1:ba:23:9b:58:fd:18:4f:07:87:3a:0f: c0:70:92:d9:af:62:61:61:4f:75:0e:c2:c1:e7:36: 87:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:E9:FF:CC:F3:B2:BA:A7:C2:3A:F8:FC:8D:6A:1D:5F:F2:70:BA:0E X509v3 Authority Key Identifier: keyid:85:F2:BA:F1:B7:DF:1D:AA:8C:88:AB:6C:5E:78:C1:FC:C3:F7:8D:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hfK68bffHaqMiKtsXnjB_MP3jQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91342C5/1F404E30A4E911ECAF3FB152C4F9AE02/hfK68bffHaqMiKtsXnjB_MP3jQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 25:f6:05:fb:91:b8:4e:b7:c8:de:aa:09:64:a8:17:18:d5:cb: f9:bd:f3:85:98:db:4a:fc:1e:2e:5b:df:28:03:a4:8a:53:dd: aa:fb:6d:e2:cd:95:05:8c:18:a1:21:56:96:77:f5:d0:1c:63: d4:7f:d7:2a:17:18:86:5d:2f:d8:8b:90:2f:74:3c:5e:51:52: ac:79:6a:fc:8e:1c:07:33:51:27:2c:b0:13:dc:25:64:35:79: ef:ff:f2:58:5b:6e:1c:5c:84:26:00:52:89:3c:56:9b:18:6a: 88:90:4f:b2:42:8a:b5:fb:18:27:b5:1f:c1:0a:0e:45:93:14: c0:de:09:dc:1c:6c:f4:b3:5c:be:f0:d1:a5:d4:40:19:7b:43: f8:22:35:dd:fc:ee:2e:e4:c3:4b:1a:ac:0c:d3:0e:65:cc:23: e2:a9:df:9e:01:e6:30:48:ce:21:28:52:75:1e:01:66:b5:68: ba:64:6a:98:4a:56:ed:1e:e5:8f:4a:6e:56:a0:ab:ec:d0:f3: 90:92:dc:47:66:42:a6:3f:58:1e:b3:50:5b:27:2a:c6:26:da: e7:49:bb:cc:60:b1:dc:b3:a3:cb:85:f8:13:32:b5:e7:05:2d: 95:96:01:47:c6:07:84:30:3b:d1:bd:64:17:aa:2d:d8:bc:8d: 33:1a:27:24 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA/owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzQyQzUxMTAvBgNVBAUTKDg1RjJCQUYxQjdERjFEQUE4Qzg4QUI2QzVFNzhDMUZD QzNGNzhEMDgwHhcNMjUxMTAzMDAzNDUwWhcNMjUxMTEwMDAzNDUwWjAYMRYwFAYD VQQDEw02OTA3ZjhhYi1lM2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1s+kD3gdryeIgIbLoL3dBaa6z3JuP+rBN5+gTkVeMeBbvNApW2HZlvkBoot3 hg290w+AXibeNOb8jj97/NOnefrca6QQ/Qv4HVDNzDAap/i1pqcLwNuy01wdgmp0 J/zZUobL0oaZnYvI4rm6E4UuZSnCnVa4ABtltpsXBX0Uxwf2UEHAZTH/a9IX/6OT 0BF3jduaTnI6jSx5CAtWKO07lsQsCrmfiW7JiLzL0DgBD1vGV7LdTFyw6m1Sl/3E JrG6UNxy2iZb/XsJ6ZFkJIAEz9ODUS6ZHP6C5hwJJd1d7K4HLrHBuiObWP0YTweH Og/AcJLZr2JhYU91DsLB5zaHoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEXp/8zz srqnwjr4/I1qHV/ycLoOMB8GA1UdIwQYMBaAFIXyuvG33x2qjIirbF54wfzD940I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNDJDNS8xRjQwNEUzMEE0 RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhhcU1pS3RzWG5qQl9NUDNq UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hmSzY4YmZmSGFxTWlLdHNYbmpCX01QM2pRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NDJDNS8xRjQwNEUzMEE0RTkxMUVDQUYzRkIxNTJDNEY5QUUwMi9oZks2OGJmZkhh cU1pS3RzWG5qQl9NUDNqUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAl9gX7kbhOt8jeqglkqBcY1cv5vfOFmNtK/B4uW98oA6SKU92q+23i zZUFjBihIVaWd/XQHGPUf9cqFxiGXS/Yi5AvdDxeUVKseWr8jhwHM1EnLLAT3CVk NXnv//JYW24cXIQmAFKJPFabGGqIkE+yQoq1+xgntR/BCg5FkxTA3gncHGz0s1y+ 8NGl1EAZe0P4IjXd/O4u5MNLGqwM0w5lzCPiqd+eAeYwSM4hKFJ1HgFmtWi6ZGqY SlbtHuWPSm5WoKvs0POQktxHZkKmP1ges1BbJyrGJtrnSbvMYLHcs6PLhfgTMrXn BS2VlgFHxgeEMDvRvWQXqi3YvI0zGick -----END CERTIFICATE-----Generated at Wed Nov 5 00:21:43 2025 by rpki-client