$ rpki-client -vvf rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft File: HaAa_AiIyqYXHgoOdBz8kE7S328.mft (raw, json) Hash identifier: rPiaKAryTo7UX0Vb0loODO/LPYRjov53apgkz70IDf4= Subject key identifier: 39:D0:F8:6A:87:4C:48:2B:09:CB:71:1B:E5:6A:A9:FE:18:8C:6E:83 Authority key identifier: 1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F Certificate issuer: /CN=A91352C6/serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Certificate serial: 0921 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft Manifest number: 091B Signing time: Sun 02 Nov 2025 20:13:33 +0000 Manifest this update: Sun 02 Nov 2025 20:13:33 +0000 Manifest next update: Sun 09 Nov 2025 20:13:33 +0000 Files and hashes: 1: HaAa_AiIyqYXHgoOdBz8kE7S328.crl (hash: MLLv+hIFfwIl+p5H9Bz7ny/1Ua6vpO+7TjfZvSCDAmA=) 2: 939AAE78B1D511EA8E3DAE1CC4F9AE02.roa (hash: KFIHw6tMuHLxcRTo8fAv1CEG7OYhkgzMk8UZPi5UKvY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:13:32 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2337 (0x921) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91352C6, serialNumber=1DA01AFC0888CAA6171E0A0E741CFC904ED2DF6F Validity Not Before: Nov 2 20:13:33 2025 GMT Not After : Nov 9 20:13:33 2025 GMT Subject: CN=6907bb6d-f6d0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:e5:e5:c8:5f:5c:0c:87:09:ea:26:80:24:e6: c5:5e:69:6b:cd:c0:bf:92:d5:31:f8:a8:7b:cf:6d: af:c8:2d:c0:77:cb:dd:4d:34:2e:3e:db:43:c1:b5: 7e:bf:4b:05:c5:6b:1e:bd:e6:57:de:69:41:7c:58: 07:a1:eb:b1:bd:89:38:c5:5b:b1:4b:c5:63:e8:5d: ff:d3:d3:44:80:76:b4:81:21:ad:77:ed:2d:18:e0: 22:98:0e:86:70:74:15:52:e5:7b:b6:65:a7:48:22: 6e:e5:d1:f4:3d:72:ea:b0:8e:24:f7:7f:3e:a6:7f: 0a:b0:eb:e6:d2:13:08:11:79:6c:3f:c8:da:ad:9f: 42:7f:ed:0e:40:14:eb:04:dc:34:ad:4f:75:d1:86: a4:7c:cf:8f:af:d8:95:33:03:c4:04:a4:63:54:ad: 03:8c:d7:ae:f6:bb:68:eb:aa:43:59:0c:7c:8b:da: ea:60:91:0a:aa:e6:71:71:87:b6:d7:9f:a5:c9:a2: 8e:0f:a8:f0:df:bf:ae:55:c0:52:40:01:eb:31:1f: 4f:3e:d7:8e:e6:fb:24:71:40:ce:a1:75:5e:e6:09: 46:23:ee:db:07:2d:15:2c:08:ad:72:fe:be:6f:6f: 18:d1:a9:b9:3e:dc:b8:ae:22:99:3e:97:60:fa:f2: b3:57 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:D0:F8:6A:87:4C:48:2B:09:CB:71:1B:E5:6A:A9:FE:18:8C:6E:83 X509v3 Authority Key Identifier: keyid:1D:A0:1A:FC:08:88:CA:A6:17:1E:0A:0E:74:1C:FC:90:4E:D2:DF:6F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HaAa_AiIyqYXHgoOdBz8kE7S328.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91352C6/1EDFE496B1D411EAA46F001AC4F9AE02/HaAa_AiIyqYXHgoOdBz8kE7S328.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4b:58:dc:66:cc:1b:7d:e1:dc:14:52:df:59:67:62:6c:24:23: 96:a9:c1:c9:2d:92:f8:7c:3e:22:0e:8b:81:54:a6:09:28:49: 4f:4c:bc:00:af:2a:5d:ed:ac:e3:da:a4:86:76:b0:ae:2c:3d: c7:2f:eb:e3:5b:7c:cd:97:22:57:32:27:84:07:d7:97:6e:eb: 92:88:88:16:73:88:45:c2:76:48:ac:71:c2:c4:76:cd:55:aa: e9:8a:16:40:f5:f3:b7:d3:8d:9a:6e:aa:81:13:9e:a7:13:09: af:d8:84:87:ee:69:18:25:e1:b4:68:0f:76:ce:3b:5e:a9:84: 55:a3:64:35:28:bd:78:62:35:af:fc:9b:db:1f:1b:18:57:26: 1f:c9:f4:32:3d:15:24:ac:c4:74:7b:75:0e:c5:e4:01:26:b2: 80:f3:fe:ba:6e:dc:35:a0:4f:a6:9c:9c:3f:18:46:0f:79:80: d3:21:c1:be:70:14:59:16:65:e3:c7:aa:8c:dd:08:f3:ca:a5: a8:0a:75:ab:e0:f0:61:14:04:e2:2c:d9:23:b0:e8:76:5a:dc: bc:ac:5a:b5:70:14:ec:be:4f:ac:07:f7:3e:97:a2:a5:81:5f: 95:0e:0a:d4:36:7c:8e:a0:8b:21:1a:06:79:50:c3:ac:6a:f7: b8:6c:5a:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzUyQzYxMTAvBgNVBAUTKDFEQTAxQUZDMDg4OENBQTYxNzFFMEEwRTc0MUNGQzkw NEVEMkRGNkYwHhcNMjUxMTAyMjAxMzMzWhcNMjUxMTA5MjAxMzMzWjAYMRYwFAYD VQQDEw02OTA3YmI2ZC1mNmQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn+XlyF9cDIcJ6iaAJObFXmlrzcC/ktUx+Kh7z22vyC3Ad8vdTTQuPttDwbV+ v0sFxWseveZX3mlBfFgHoeuxvYk4xVuxS8Vj6F3/09NEgHa0gSGtd+0tGOAimA6G cHQVUuV7tmWnSCJu5dH0PXLqsI4k938+pn8KsOvm0hMIEXlsP8jarZ9Cf+0OQBTr BNw0rU910YakfM+Pr9iVMwPEBKRjVK0DjNeu9rto66pDWQx8i9rqYJEKquZxcYe2 15+lyaKOD6jw37+uVcBSQAHrMR9PPteO5vskcUDOoXVe5glGI+7bBy0VLAitcv6+ b28Y0am5Pty4riKZPpdg+vKzVwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDnQ+GqH TEgrCctxG+Vqqf4YjG6DMB8GA1UdIwQYMBaAFB2gGvwIiMqmFx4KDnQc/JBO0t9v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNTJDNi8xRURGRTQ5NkIx RDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlxWVhIZ29PZEJ6OGtFN1Mz MjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hhQWFfQWlJeXFZWEhnb09kQno4a0U3UzMyOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NTJDNi8xRURGRTQ5NkIxRDQxMUVBQTQ2RjAwMUFDNEY5QUUwMi9IYUFhX0FpSXlx WVhIZ29PZEJ6OGtFN1MzMjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBLWNxmzBt94dwUUt9ZZ2JsJCOWqcHJLZL4fD4iDouBVKYJKElPTLwA rypd7azj2qSGdrCuLD3HL+vjW3zNlyJXMieEB9eXbuuSiIgWc4hFwnZIrHHCxHbN VarpihZA9fO3042abqqBE56nEwmv2ISH7mkYJeG0aA92zjteqYRVo2Q1KL14YjWv /JvbHxsYVyYfyfQyPRUkrMR0e3UOxeQBJrKA8/66btw1oE+mnJw/GEYPeYDTIcG+ cBRZFmXjx6qM3QjzyqWoCnWr4PBhFATiLNkjsOh2Wty8rFq1cBTsvk+sB/c+l6Kl gV+VDgrUNnyOoIshGgZ5UMOsave4bFp8 -----END CERTIFICATE-----Generated at Tue Nov 4 21:36:18 2025 by rpki-client