$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft File: HhI4RWNx50SJRiLpisHuVbQUXhA.mft (raw, json) Hash identifier: tpxgwSU7TAPrBlVqzU1pF2RJ9VYmMFjp1QzlaQwvySw= Subject key identifier: 9F:CE:BB:3F:FB:59:10:B9:53:FE:F6:FE:54:AC:71:EA:2A:32:58:1C Authority key identifier: 1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 Certificate issuer: /CN=A917E678/serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Certificate serial: 15CB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft Manifest number: 1574 Signing time: Tue 04 Nov 2025 16:57:46 +0000 Manifest this update: Tue 04 Nov 2025 16:57:46 +0000 Manifest next update: Tue 11 Nov 2025 16:57:46 +0000 Files and hashes: 1: HhI4RWNx50SJRiLpisHuVbQUXhA.crl (hash: 2yF7IaVd6uwaTRCyUGGDzhQjyZGiOvsX7KYA93fS28w=) 2: 1E7AFF46066811ED8098BF45C4F9AE02.roa (hash: DfNj+35duToCe3Gw0TkK/ekaVs5oFQDYwJM0zF6fRx0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:57:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5579 (0x15cb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=1E1238456371E744894622E98AC1EE55B4145E10 Validity Not Before: Nov 4 16:57:46 2025 GMT Not After : Nov 11 16:57:46 2025 GMT Subject: CN=690a308a-bed7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:92:d5:6a:98:95:7b:16:9a:6b:d4:64:52:59: 68:55:18:ad:fe:87:80:df:4f:04:bb:cd:43:a0:7b: ed:97:ad:76:51:f3:96:d2:59:1e:a5:f3:bb:ad:27: c0:29:9e:c4:8b:40:8f:48:58:d4:7c:51:ad:40:44: bf:61:68:66:f4:01:90:3f:ad:99:ed:3d:a9:83:c2: 4f:b0:35:f1:6f:f8:d4:86:b7:22:d9:6e:a3:63:96: b5:1d:2e:db:a2:2f:5f:eb:fa:e2:ce:12:44:7e:9d: e1:5f:bf:c5:28:47:82:3b:25:ef:95:a1:45:84:26: 52:f2:74:e7:9a:13:8e:28:df:ce:31:71:84:5b:5a: 57:9c:6d:0f:13:ee:39:7b:1e:61:09:24:95:6f:f4: a3:da:f1:c1:c0:cd:54:93:da:4f:94:bb:58:1e:3c: 0a:0d:9c:81:70:d5:d6:44:ec:84:9a:05:c1:1c:2f: f9:fb:f6:f4:61:64:2d:62:40:2c:7e:ba:2c:33:e5: c2:67:12:6b:89:00:f7:dd:66:39:a9:da:5c:2f:33: 7a:dd:e1:62:c8:98:4f:30:f2:95:29:3f:19:cf:1b: 26:51:32:8a:b0:fc:94:07:bc:1e:5a:56:d2:25:de: 4a:57:25:3a:a7:e9:62:f3:4d:39:ea:43:26:d3:e5: 1a:81 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9F:CE:BB:3F:FB:59:10:B9:53:FE:F6:FE:54:AC:71:EA:2A:32:58:1C X509v3 Authority Key Identifier: keyid:1E:12:38:45:63:71:E7:44:89:46:22:E9:8A:C1:EE:55:B4:14:5E:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/HhI4RWNx50SJRiLpisHuVbQUXhA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/697E356A695711E8A42BE680C4F9AE02/HhI4RWNx50SJRiLpisHuVbQUXhA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4e:7d:4f:19:41:38:1c:13:d0:f1:1c:11:76:48:14:1a:2f:bb: 20:00:87:18:76:d3:cd:56:ae:be:cb:ee:b8:18:be:49:53:b6: 4a:86:da:d9:f1:c5:0a:6f:e3:05:3c:52:1a:2f:0e:4d:71:31: 8b:58:b6:a5:f5:8d:33:f8:bd:06:0e:e0:74:d4:d5:3a:c4:8f: b3:9d:e4:31:75:4c:56:a7:da:1b:2e:3f:e6:39:2d:55:e8:09: 05:65:57:2e:32:18:7f:b8:10:0e:98:8c:e5:3e:95:cc:52:9f: dc:f0:83:f6:c3:46:1f:99:22:2a:4d:fd:12:46:48:56:5d:36: e9:91:a2:27:7c:87:75:dd:1f:2a:68:23:ee:24:f0:7c:36:a8: 52:9c:b8:1d:13:f9:62:13:d2:b7:f7:dd:94:e7:9b:1b:16:a1: 8b:7b:e2:bd:6c:7a:22:fd:18:8f:0d:59:a8:a9:70:01:de:ea: 79:38:6a:1a:4b:9a:68:8a:e8:45:d3:fe:76:2e:de:01:0c:f2: ad:f3:3f:8a:e4:62:6a:b8:c6:e8:28:50:8a:31:53:18:fc:b9: 66:56:eb:d5:5b:d8:c7:1c:1a:51:10:2c:f4:e3:b0:0d:7c:46: 6e:c3:08:d4:65:c2:cc:46:9d:73:58:cc:55:77:4e:18:99:93: 66:92:a5:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFcswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDFFMTIzODQ1NjM3MUU3NDQ4OTQ2MjJFOThBQzFFRTU1 QjQxNDVFMTAwHhcNMjUxMTA0MTY1NzQ2WhcNMjUxMTExMTY1NzQ2WjAYMRYwFAYD VQQDEw02OTBhMzA4YS1iZWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsZLVapiVexaaa9RkUlloVRit/oeA308Eu81DoHvtl612UfOW0lkepfO7rSfA KZ7Ei0CPSFjUfFGtQES/YWhm9AGQP62Z7T2pg8JPsDXxb/jUhrci2W6jY5a1HS7b oi9f6/rizhJEfp3hX7/FKEeCOyXvlaFFhCZS8nTnmhOOKN/OMXGEW1pXnG0PE+45 ex5hCSSVb/Sj2vHBwM1Uk9pPlLtYHjwKDZyBcNXWROyEmgXBHC/5+/b0YWQtYkAs frosM+XCZxJriQD33WY5qdpcLzN63eFiyJhPMPKVKT8ZzxsmUTKKsPyUB7weWlbS Jd5KVyU6p+li80056kMm0+UagQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ/Ouz/7 WRC5U/72/lSsceoqMlgcMB8GA1UdIwQYMBaAFB4SOEVjcedEiUYi6YrB7lW0FF4Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC82OTdFMzU2QTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUwU0pSaUxwaXNIdVZiUVVY aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0hoSTRSV054NTBTSlJpTHBpc0h1VmJRVVhoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC82OTdFMzU2QTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9IaEk0UldOeDUw U0pSaUxwaXNIdVZiUVVYaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBOfU8ZQTgcE9DxHBF2SBQaL7sgAIcYdtPNVq6+y+64GL5JU7ZKhtrZ 8cUKb+MFPFIaLw5NcTGLWLal9Y0z+L0GDuB01NU6xI+zneQxdUxWp9obLj/mOS1V 6AkFZVcuMhh/uBAOmIzlPpXMUp/c8IP2w0YfmSIqTf0SRkhWXTbpkaInfId13R8q aCPuJPB8NqhSnLgdE/liE9K3992U55sbFqGLe+K9bHoi/RiPDVmoqXAB3up5OGoa S5poiuhF0/52Lt4BDPKt8z+K5GJquMboKFCKMVMY/LlmVuvVW9jHHBpRECz047AN fEZuwwjUZcLMRp1zWMxVd04YmZNmkqVB -----END CERTIFICATE-----Generated at Wed Nov 5 13:37:47 2025 by rpki-client