$ rpki-client -vvf rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft File: RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft (raw, json) Hash identifier: DCOU3YXIhRzJ2H8z/9/fv8hG/8ZhDw5V80o5jDfHiWU= Subject key identifier: D8:36:E9:66:AE:1A:11:CD:65:BB:D6:8C:CF:50:86:DA:1A:43:EF:AB Authority key identifier: 46:48:54:FB:50:A9:90:3C:52:53:41:8C:58:3D:0F:31:B8:41:D5:97 Certificate issuer: /CN=A91964B3/serialNumber=464854FB50A9903C5253418C583D0F31B841D597 Certificate serial: 1072 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft Manifest number: 1062 Signing time: Tue 04 Nov 2025 14:26:17 +0000 Manifest this update: Tue 04 Nov 2025 14:26:17 +0000 Manifest next update: Tue 11 Nov 2025 14:26:17 +0000 Files and hashes: 1: RkhU-1CpkDxSU0GMWD0PMbhB1Zc.crl (hash: 5oMRFleiOY3L9rhuxowgXr5xO4w1/fiTowPmpgWdQ1g=) 2: 23B68638C5DD11EABC58FD24C4F9AE02.roa (hash: 7YuoX9OkBSRUQiHpsiuHEMGmDB7ygNEWHmpkRA4QfgE=) 3: 5D563164AF3411EFB5B51A57C4F9AE02.roa (hash: Mjf+9MFV/8wopOF7hLs3Tt14yZvRKLf5RcXcRhi35uI=) 4: 1396434EC90A11EF8577744AC4F9AE02.roa (hash: vv5/sNroDyn31EV1FuwDRkKZ1Ky/CQIEoorZo83v9h8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.crl rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:26:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4210 (0x1072) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91964B3, serialNumber=464854FB50A9903C5253418C583D0F31B841D597 Validity Not Before: Nov 4 14:26:17 2025 GMT Not After : Nov 11 14:26:17 2025 GMT Subject: CN=690a0d09-e36d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ec:6a:93:2b:d1:83:4b:c6:9b:70:26:79:20:6d: c7:bf:99:02:9b:44:f3:3c:0d:eb:90:34:08:5b:56: 3c:d4:f4:f6:5a:83:2c:61:2c:cb:6a:b6:f1:41:a6: b1:9d:06:c2:d6:5f:37:78:8b:22:89:e7:54:07:b7: 38:dd:57:78:c8:ee:d8:bf:77:e6:5b:39:20:97:38: 7f:ea:ee:e0:37:8b:16:f3:2a:23:39:a4:a6:2e:f1: db:85:67:4f:7d:1f:86:67:79:5b:41:cc:10:df:15: b7:3b:1f:7b:2a:27:58:c4:1b:8d:a9:70:65:6b:34: 80:27:2f:6f:f4:0f:97:28:81:c9:a2:7d:29:66:cb: c4:19:d2:e0:7a:15:2e:58:88:2b:c5:1d:8e:fe:46: 5d:6a:3b:87:2b:04:64:c8:66:8b:81:38:fd:f1:05: 76:b3:40:53:77:83:6f:52:0d:11:aa:81:63:e4:03: bb:57:2c:f9:b9:3c:0f:e5:6d:09:9a:9f:5f:52:19: 1b:6b:6e:f1:8b:32:c4:88:b6:65:03:a2:e3:3d:e4: 09:c7:ba:f4:fa:0f:60:19:a2:f1:90:75:f6:c3:17: 37:14:8c:be:09:1e:7b:8c:69:84:ed:cb:5a:f1:b3: 72:4c:1c:22:12:01:65:e2:71:b3:1c:ab:84:82:cb: 03:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:36:E9:66:AE:1A:11:CD:65:BB:D6:8C:CF:50:86:DA:1A:43:EF:AB X509v3 Authority Key Identifier: keyid:46:48:54:FB:50:A9:90:3C:52:53:41:8C:58:3D:0F:31:B8:41:D5:97 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91964B3/2A5940F24BB311E9AB151C17C4F9AE02/RkhU-1CpkDxSU0GMWD0PMbhB1Zc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:f9:a8:ff:e4:db:40:84:58:3b:f9:7f:f1:21:f3:3b:24:d7: d4:98:b9:df:1d:20:bb:c8:92:d8:71:96:0c:70:53:e1:84:27: 32:c4:57:dc:47:7a:f0:45:47:e9:96:d9:10:ff:87:cf:34:c0: ea:3b:2f:71:1d:2a:d8:5c:85:bf:8b:a2:2e:2b:fa:93:1b:96: b5:f7:d0:54:29:c4:a2:2c:51:bd:67:ad:94:24:ea:7e:5f:d9: f1:e2:ee:6e:f4:f8:2d:c0:25:0e:8e:2d:23:0a:1d:f1:41:14: c1:74:1f:6d:eb:80:4e:2a:26:80:00:d2:5d:58:d4:1c:49:45: d9:80:b3:00:03:f6:d3:d8:9b:94:7c:9e:f4:69:ad:ee:8b:1e: d0:7c:76:f0:5b:a6:81:f8:2e:e6:43:e7:76:2e:01:48:78:da: ef:46:a4:2a:2a:8d:cc:a6:3c:46:06:d7:41:a9:6e:aa:0b:f5: 32:cc:69:c0:79:36:cb:1e:0a:d4:25:e5:97:8f:f6:7e:71:81: bb:f4:58:65:16:2e:0a:3c:6a:be:5f:99:c4:90:2c:e8:14:31: ce:61:4e:85:9c:c2:03:cd:2a:1e:4d:3a:87:0a:6b:d5:0c:36: a2:17:90:d6:3a:62:7b:f2:4c:01:4c:2f:f1:e7:ba:db:41:80: 57:eb:bf:9e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEHIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTY0QjMxMTAvBgNVBAUTKDQ2NDg1NEZCNTBBOTkwM0M1MjUzNDE4QzU4M0QwRjMx Qjg0MUQ1OTcwHhcNMjUxMTA0MTQyNjE3WhcNMjUxMTExMTQyNjE3WjAYMRYwFAYD VQQDEw02OTBhMGQwOS1lMzZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7GqTK9GDS8abcCZ5IG3Hv5kCm0TzPA3rkDQIW1Y81PT2WoMsYSzLarbxQaax nQbC1l83eIsiiedUB7c43Vd4yO7Yv3fmWzkglzh/6u7gN4sW8yojOaSmLvHbhWdP fR+GZ3lbQcwQ3xW3Ox97KidYxBuNqXBlazSAJy9v9A+XKIHJon0pZsvEGdLgehUu WIgrxR2O/kZdajuHKwRkyGaLgTj98QV2s0BTd4NvUg0RqoFj5AO7Vyz5uTwP5W0J mp9fUhkba27xizLEiLZlA6LjPeQJx7r0+g9gGaLxkHX2wxc3FIy+CR57jGmE7cta 8bNyTBwiEgFl4nGzHKuEgssDfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNg26Wau GhHNZbvWjM9QhtoaQ++rMB8GA1UdIwQYMBaAFEZIVPtQqZA8UlNBjFg9DzG4QdWX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NjRCMy8yQTU5NDBGMjRC QjMxMUU5QUIxNTFDMTdDNEY5QUUwMi9Sa2hVLTFDcGtEeFNVMEdNV0QwUE1iaEIx WmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL1JraFUtMUNwa0R4U1UwR01XRDBQTWJoQjFaYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NjRCMy8yQTU5NDBGMjRCQjMxMUU5QUIxNTFDMTdDNEY5QUUwMi9Sa2hVLTFDcGtE eFNVMEdNV0QwUE1iaEIxWmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBK+aj/5NtAhFg7+X/xIfM7JNfUmLnfHSC7yJLYcZYMcFPhhCcyxFfc R3rwRUfpltkQ/4fPNMDqOy9xHSrYXIW/i6IuK/qTG5a199BUKcSiLFG9Z62UJOp+ X9nx4u5u9PgtwCUOji0jCh3xQRTBdB9t64BOKiaAANJdWNQcSUXZgLMAA/bT2JuU fJ70aa3uix7QfHbwW6aB+C7mQ+d2LgFIeNrvRqQqKo3MpjxGBtdBqW6qC/UyzGnA eTbLHgrUJeWXj/Z+cYG79FhlFi4KPGq+X5nEkCzoFDHOYU6FnMIDzSoeTTqHCmvV DDaiF5DWOmJ78kwBTC/x57rbQYBX67+e -----END CERTIFICATE-----Generated at Wed Nov 5 21:13:09 2025 by rpki-client