$ rpki-client -vvf rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft File: HjKemPZ2kum1dgI6L7xVfVfdVWw.mft (raw, json) Hash identifier: 14FDwImyCESpS9Y43slVVKt3yw9bBtqZvPp3BoC/vUg= Subject key identifier: CF:78:45:C0:25:5C:BE:AB:C7:42:00:A5:6C:BC:51:70:41:06:1E:27 Authority key identifier: 1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C Certificate issuer: /CN=A91568F6/serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Certificate serial: 0DF3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft Manifest number: 0DC5 Signing time: Tue 04 Nov 2025 17:59:14 +0000 Manifest this update: Tue 04 Nov 2025 17:59:13 +0000 Manifest next update: Tue 11 Nov 2025 17:59:13 +0000 Files and hashes: 1: HjKemPZ2kum1dgI6L7xVfVfdVWw.crl (hash: ynCO/axOu3eUxkJr2rAF7ro9SzRsli/Zu6y75+1gnzE=) 2: FD120CC2D94411EDA95E3613C4F9AE02.roa (hash: u8GCpF3JjtF0fC5bHONBso6P9ZKL07gluzKPfJhmpXI=) 3: 79B042BAF3BD11EE961D7A7AC4F9AE02.roa (hash: 9OL0Nn9V+ede9DJf9mkaMrtLaF0tRZO3OAn8HvMuFRw=) 4: 4EF1DE0E822A11EDB2081A49C4F9AE02.roa (hash: ccQHTXT/JWlYkUSlrHBZlxj0fPuZnF/MXZqxQxgBSSk=) 5: 8F7DDD8889B811EE9E7ABE26C4F9AE02.roa (hash: JsvlnopzOaOKTX3AuOnQGEvn3QbobkZ0VGpy6s7Zufs=) 6: 50063EE8822A11EDB2081A49C4F9AE02.roa (hash: W9F0AxXLeTRt9akhBBWzGaKX1wJNYfdBQQ5r+SkSiyU=) 7: 87BB6D70822711ED94C3212CC4F9AE02.roa (hash: TgzuO7T0sgwTCl2sRbtN58HlHEFkWtWHdI30YEepdig=) 8: D0551B50046411F09760073DC4F9AE02.roa (hash: Ml6MHIFRGUbHxsyGVzTTlekIkq7JzuhUAzoayMJcf6g=) 9: F2826A504FCF11EB88444467C4F9AE02.roa (hash: QqSGad7FxeptCh4lzX5ee03GteRq4SxJe8s+1HGe3x4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:59:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3571 (0xdf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91568F6, serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Validity Not Before: Nov 4 17:59:13 2025 GMT Not After : Nov 11 17:59:13 2025 GMT Subject: CN=690a3ef1-a202 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:d2:57:9e:57:15:99:f0:19:31:76:d2:d4:4e: be:23:20:2e:70:a4:87:d4:5c:32:39:08:16:b7:82: b2:be:0d:9e:70:af:9a:47:45:10:84:ce:b9:e1:59: cf:fc:6b:0d:84:be:71:0e:e4:7e:1c:fe:3b:34:54: 6e:cb:d2:05:5b:10:cb:18:e2:34:10:a8:27:18:5b: 48:82:a0:2c:be:e0:27:71:fc:43:5b:0f:60:f4:1e: 7e:fa:d4:ef:9e:55:c6:90:b1:37:f6:8a:b2:36:ad: af:d9:c7:1a:66:5e:20:38:2f:23:6d:1d:5e:5b:0a: ed:72:c7:79:91:2f:11:1d:ba:2f:1b:8d:4f:4a:2a: 0a:5e:ee:21:4c:4f:cf:97:ad:f2:c3:5f:f5:3a:1b: 33:d2:3f:2d:05:95:54:2d:b8:e5:4e:70:c9:39:37: 62:e3:57:b0:95:83:df:39:26:14:10:5f:a9:b0:31: c4:da:7e:1d:fe:a5:98:9a:c3:ca:a4:bb:6d:6b:2c: 0d:ad:91:df:92:49:21:5a:17:34:b4:dd:69:95:61: 71:c8:aa:ea:5f:88:24:3a:07:be:70:57:82:25:37: a1:8f:3d:29:08:7d:98:52:c1:68:02:57:72:2e:bf: 3e:40:91:be:2e:d0:cf:9a:2e:e4:a9:96:3e:f5:f2: b2:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CF:78:45:C0:25:5C:BE:AB:C7:42:00:A5:6C:BC:51:70:41:06:1E:27 X509v3 Authority Key Identifier: keyid:1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3f:de:3a:65:a0:e1:41:0f:1d:fa:f6:12:13:fa:7d:0a:c8:11: ca:16:5c:88:98:3a:c1:74:b1:a5:ed:3d:96:58:5a:cc:07:bf: 48:ab:f8:98:52:2d:91:45:8d:52:8a:89:a3:82:81:70:d5:ea: 12:53:2c:f5:1d:58:ae:62:34:07:71:17:f4:d0:60:56:d6:48: 21:76:45:07:78:46:14:9f:bc:97:cf:6a:f5:0b:05:b6:21:a3: a3:08:4b:d0:eb:d9:a2:ed:57:b6:7d:c1:42:18:b3:5f:8c:02: 68:c9:a2:cb:a4:27:bb:34:d1:2e:3f:bc:c1:d6:c4:1e:ea:aa: 1f:1b:4b:d4:c6:84:9a:03:68:59:94:47:8a:8c:3c:05:40:cd: 0b:03:ba:78:0c:8a:0a:ba:95:b7:8f:b1:e0:40:c0:bb:04:c4: e7:bd:2a:99:99:4c:fc:96:b5:21:2f:cf:65:42:4d:15:13:4c: 7f:d9:ca:5d:28:bc:cf:fc:56:8d:b5:90:3f:70:b0:af:84:a6: 71:d3:15:ba:74:31:1e:40:70:a7:26:7a:d9:89:a4:85:2d:4c: 86:32:6f:e8:ab:7e:d0:16:0d:d9:22:f7:07:f5:9d:88:53:43: 3e:c6:b8:da:a3:00:ad:3a:25:87:85:30:d9:e2:12:86:a5:db: b6:04:7b:e8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY4RjYxMTAvBgNVBAUTKDFFMzI5RTk4RjY3NjkyRTlCNTc2MDIzQTJGQkM1NTdE NTdERDU1NkMwHhcNMjUxMTA0MTc1OTEzWhcNMjUxMTExMTc1OTEzWjAYMRYwFAYD VQQDEw02OTBhM2VmMS1hMjAyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx9JXnlcVmfAZMXbS1E6+IyAucKSH1FwyOQgWt4Kyvg2ecK+aR0UQhM654VnP /GsNhL5xDuR+HP47NFRuy9IFWxDLGOI0EKgnGFtIgqAsvuAncfxDWw9g9B5++tTv nlXGkLE39oqyNq2v2ccaZl4gOC8jbR1eWwrtcsd5kS8RHbovG41PSioKXu4hTE/P l63yw1/1Ohsz0j8tBZVULbjlTnDJOTdi41ewlYPfOSYUEF+psDHE2n4d/qWYmsPK pLttaywNrZHfkkkhWhc0tN1plWFxyKrqX4gkOge+cFeCJTehjz0pCH2YUsFoAldy Lr8+QJG+LtDPmi7kqZY+9fKykwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM94RcAl XL6rx0IApWy8UXBBBh4nMB8GA1UdIwQYMBaAFB4ynpj2dpLptXYCOi+8VX1X3VVs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjhGNi8zN0QwM0RGNkNF MjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1bTFkZ0k2TDd4VmZWZmRW V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hqS2VtUFoya3VtMWRnSTZMN3hWZlZmZFZXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjhGNi8zN0QwM0RGNkNFMjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1 bTFkZ0k2TDd4VmZWZmRWV3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA/3jploOFBDx369hIT+n0KyBHKFlyImDrBdLGl7T2WWFrMB79Iq/iY Ui2RRY1SiomjgoFw1eoSUyz1HViuYjQHcRf00GBW1kghdkUHeEYUn7yXz2r1CwW2 IaOjCEvQ69mi7Ve2fcFCGLNfjAJoyaLLpCe7NNEuP7zB1sQe6qofG0vUxoSaA2hZ lEeKjDwFQM0LA7p4DIoKupW3j7HgQMC7BMTnvSqZmUz8lrUhL89lQk0VE0x/2cpd KLzP/FaNtZA/cLCvhKZx0xW6dDEeQHCnJnrZiaSFLUyGMm/oq37QFg3ZIvcH9Z2I U0M+xrjaowCtOiWHhTDZ4hKGpdu2BHvo -----END CERTIFICATE-----Generated at Wed Nov 5 17:56:02 2025 by rpki-client