$ rpki-client -vvf rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft File: hQaYWfujzd6OwbgaHgTdYFCzgRM.mft (raw, json) Hash identifier: kZ9vGBx7XjhWalJmMHGPP/YorRZ4be1dJjh6puUSO3U= Subject key identifier: E7:07:20:C9:F7:3D:45:41:81:9E:5F:69:E6:AD:59:1A:9F:4D:98:27 Authority key identifier: 85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 Certificate issuer: /CN=A91509C4/serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Certificate serial: 34D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft Manifest number: 34D7 Signing time: Tue 04 Nov 2025 14:38:25 +0000 Manifest this update: Tue 04 Nov 2025 14:38:24 +0000 Manifest next update: Tue 11 Nov 2025 14:38:24 +0000 Files and hashes: 1: hQaYWfujzd6OwbgaHgTdYFCzgRM.crl (hash: 1yISh8z/PFFSCK9zMm3EJkz4NoU0ezlsT/RjcFhDKwk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:38:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13527 (0x34d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509C4, serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Validity Not Before: Nov 4 14:38:24 2025 GMT Not After : Nov 11 14:38:24 2025 GMT Subject: CN=690a0fe1-d547 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:97:4c:3c:6d:25:27:9e:9c:6c:1d:4c:68:08: 6d:cb:b0:33:98:42:79:a0:3e:8e:a0:04:2e:d2:a6: 5c:c3:78:97:e5:0b:fd:99:c3:e6:c5:c3:cc:0b:d2: 33:7c:7b:26:6e:33:b0:b7:fc:8d:5d:a7:4a:fa:5d: c5:c3:90:2e:7c:1b:db:7d:39:34:e0:d7:10:04:ad: 50:7b:6e:dc:c5:9b:60:2b:b9:e8:b0:b7:04:4f:e2: ac:89:1c:ec:43:ae:3f:52:6f:00:af:70:52:a0:49: fa:a5:95:df:e5:d3:dd:23:ee:96:cc:80:da:65:39: 0c:61:c5:c2:a0:6c:f4:e1:dc:66:9f:5b:36:b6:09: 19:81:e3:17:18:b5:27:30:25:18:0e:f8:9b:67:ac: 96:a7:68:a9:fe:18:a4:cc:ac:5a:12:c3:fb:2d:72: f5:82:85:21:6e:92:1c:9e:15:1e:b4:c1:5c:2a:76: 59:74:f1:45:e1:23:97:72:cd:08:53:95:e3:c4:9e: 15:54:9e:00:a8:e8:a8:68:73:9d:95:15:5d:0e:0f: bc:41:d3:87:aa:24:8d:62:61:0e:05:ed:9e:2d:00: df:ad:9b:75:b4:48:d6:85:6f:fe:9d:0b:7c:52:15: ac:63:45:6e:7d:01:f9:68:27:8a:a5:87:10:7c:7a: a7:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E7:07:20:C9:F7:3D:45:41:81:9E:5F:69:E6:AD:59:1A:9F:4D:98:27 X509v3 Authority Key Identifier: keyid:85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:3e:71:29:b8:60:c9:fa:09:52:86:4c:0b:67:a5:dc:aa:b8: c4:04:0e:97:5c:01:61:0c:3c:0c:50:00:7d:81:7d:6e:ba:80: 86:9e:97:6b:1f:4c:ae:56:88:9b:10:e4:ed:a5:83:54:bf:83: 3a:7a:60:67:fc:58:f0:a8:59:13:db:fa:63:e8:db:40:a8:fc: 47:05:bb:eb:69:6e:25:1c:0e:58:92:f8:74:2f:52:ca:a7:7f: c7:f7:01:2d:46:cd:8a:39:45:2e:18:ac:d4:ef:5d:4d:f5:01: de:1f:ef:92:09:c2:03:44:bf:d7:ad:fe:05:8e:68:bd:68:f1: c2:dd:55:fe:f6:29:33:cb:e3:ef:9c:b8:de:e4:33:a5:22:97: fb:15:7a:82:30:f0:4c:34:4a:49:53:bc:64:d4:89:9a:af:c3: 21:37:22:22:2f:ca:69:03:40:f4:71:fe:02:0e:16:64:f5:28: fa:4d:d5:3a:b4:5b:a5:1f:bc:b4:3b:1e:56:54:ca:d9:f9:2f: 81:c1:9e:a5:a4:fc:23:5d:a4:7e:20:00:5d:bb:dd:b5:0b:6e: 29:da:25:2c:8a:9d:2b:bb:8e:49:a6:b8:9c:aa:76:e6:b8:45: 9e:3b:4d:72:e2:99:b0:b6:c2:2e:58:74:0d:49:05:28:b9:30: a5:87:a7:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA5QzQxMTAvBgNVBAUTKDg1MDY5ODU5RkJBM0NEREU4RUMxQjgxQTFFMDRERDYw NTBCMzgxMTMwHhcNMjUxMTA0MTQzODI0WhcNMjUxMTExMTQzODI0WjAYMRYwFAYD VQQDEw02OTBhMGZlMS1kNTQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzZdMPG0lJ56cbB1MaAhty7AzmEJ5oD6OoAQu0qZcw3iX5Qv9mcPmxcPMC9Iz fHsmbjOwt/yNXadK+l3Fw5AufBvbfTk04NcQBK1Qe27cxZtgK7nosLcET+KsiRzs Q64/Um8Ar3BSoEn6pZXf5dPdI+6WzIDaZTkMYcXCoGz04dxmn1s2tgkZgeMXGLUn MCUYDvibZ6yWp2ip/hikzKxaEsP7LXL1goUhbpIcnhUetMFcKnZZdPFF4SOXcs0I U5XjxJ4VVJ4AqOioaHOdlRVdDg+8QdOHqiSNYmEOBe2eLQDfrZt1tEjWhW/+nQt8 UhWsY0VufQH5aCeKpYcQfHqn9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOcHIMn3 PUVBgZ5faeatWRqfTZgnMB8GA1UdIwQYMBaAFIUGmFn7o83ejsG4Gh4E3WBQs4ET MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDlDNC80Qjg5NjEzODFE OEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpkNk93YmdhSGdUZFlGQ3pn Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hRYVlXZnVqemQ2T3diZ2FIZ1RkWUZDemdSTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDlDNC80Qjg5NjEzODFEOEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpk Nk93YmdhSGdUZFlGQ3pnUk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARPnEpuGDJ+glShkwLZ6XcqrjEBA6XXAFhDDwMUAB9gX1uuoCGnpdr H0yuVoibEOTtpYNUv4M6emBn/FjwqFkT2/pj6NtAqPxHBbvraW4lHA5Ykvh0L1LK p3/H9wEtRs2KOUUuGKzU711N9QHeH++SCcIDRL/Xrf4Fjmi9aPHC3VX+9ikzy+Pv nLje5DOlIpf7FXqCMPBMNEpJU7xk1Imar8MhNyIiL8ppA0D0cf4CDhZk9Sj6TdU6 tFulH7y0Ox5WVMrZ+S+BwZ6lpPwjXaR+IABdu921C24p2iUsip0ru45Jpricqnbm uEWeO01y4pmwtsIuWHQNSQUouTClh6dr -----END CERTIFICATE-----Generated at Tue Nov 4 19:06:00 2025 by rpki-client