$ rpki-client -vvf rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft File: httX5pD30wkpOii6fFX7ivN9Xb0.mft (raw, json) Hash identifier: 1ZExb8Ny755hl0OgACB8nLY1wI8+2vM+K0uxxeSn1eA= Subject key identifier: D1:86:49:02:BB:4D:96:6C:05:DD:8E:07:1C:E2:C1:14:E0:46:1E:00 Authority key identifier: 86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD Certificate issuer: /CN=A91A560A/serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Certificate serial: 36CD Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft Manifest number: 36CB Signing time: Tue 04 Nov 2025 14:37:24 +0000 Manifest this update: Tue 04 Nov 2025 14:37:24 +0000 Manifest next update: Tue 11 Nov 2025 14:37:24 +0000 Files and hashes: 1: httX5pD30wkpOii6fFX7ivN9Xb0.crl (hash: 0Cs1rrMZmIbIK7UqBuGchSZ3FYNy5adccq6LHtIekVc=) 2: 3B8DEC18F67C11EFA12FD55AC4F9AE02.roa (hash: N2bskfxMFTrCp2qSWTYeMDSrONrPAtxZB594KPwftq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:37:23 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 14029 (0x36cd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A560A, serialNumber=86DB57E690F7D309293A28BA7C55FB8AF37D5DBD Validity Not Before: Nov 4 14:37:24 2025 GMT Not After : Nov 11 14:37:24 2025 GMT Subject: CN=690a0fa4-e3d1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:cb:1d:88:bc:30:b0:b5:0d:69:07:98:cb:f0: ae:c0:93:1a:8c:82:81:47:cf:92:17:6c:12:be:3b: 27:84:47:2f:68:f8:34:ae:60:bf:c9:cd:1d:06:f7: ac:51:b8:24:71:17:5a:2d:2d:dc:c5:5b:24:17:91: a7:d7:47:57:b4:65:74:58:5b:67:16:c5:6d:e6:dd: 53:e2:cf:09:8f:ae:20:c1:79:81:a1:12:3e:77:b5: be:62:30:34:90:21:9f:9e:38:b5:04:57:68:a9:a2: 7a:f2:89:7c:4b:4c:b1:03:c2:4d:06:6f:80:c6:cc: 3f:c4:bf:a6:4b:d7:f6:67:60:c8:de:3d:63:25:d7: 6a:c0:60:db:24:93:eb:77:23:44:3a:5b:65:52:18: 3e:df:ec:24:72:93:d5:2b:a7:f4:50:1d:97:af:2f: 0b:7f:18:60:7b:1e:2c:6b:8c:89:38:9c:08:1e:5d: ee:d2:3b:13:44:57:92:88:a4:f1:54:c3:cd:6c:54: f2:7f:07:4a:00:68:ae:ed:14:27:90:7e:91:5b:9b: 7b:d4:b5:ec:c0:f6:85:cb:51:2e:d9:ca:95:62:25: c3:8d:e4:7b:0c:73:0b:e0:c8:89:28:51:04:0e:40: 60:f9:3c:b1:16:6c:af:95:f4:a4:9e:a4:5f:16:c7: 5d:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D1:86:49:02:BB:4D:96:6C:05:DD:8E:07:1C:E2:C1:14:E0:46:1E:00 X509v3 Authority Key Identifier: keyid:86:DB:57:E6:90:F7:D3:09:29:3A:28:BA:7C:55:FB:8A:F3:7D:5D:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/httX5pD30wkpOii6fFX7ivN9Xb0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A560A/B9953DBA1D8A11E2A387D0E408B02CD2/httX5pD30wkpOii6fFX7ivN9Xb0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:b8:04:4e:a5:a1:d5:ca:5b:c9:97:88:fe:db:09:1d:ea:e8: 4c:43:a9:d3:75:86:fb:94:b4:d4:ff:c6:63:d2:18:ee:1f:b1: 58:45:ee:94:47:bf:42:ac:f9:00:ef:cf:27:e4:d2:45:15:da: b9:cd:91:d8:c8:94:8c:ee:aa:4e:02:cd:33:f9:4f:ba:16:56: fa:ef:57:8c:d9:7b:40:f5:2f:a1:cd:73:6f:8d:e4:d2:d6:fb: 00:e8:3a:97:eb:99:4a:db:6c:71:e6:84:f8:94:23:d1:28:61: 8a:6b:fa:ef:d4:1b:46:69:e6:fa:6d:f2:a9:b4:28:74:78:8f: de:85:e0:14:74:44:82:fb:00:c3:59:e3:68:ad:cd:f8:e2:ff: c4:cd:f3:14:6f:87:fd:51:07:b5:10:f3:ab:c3:48:da:c7:6c: 44:ee:22:e5:db:b7:2a:ab:db:a2:7f:3c:8e:3a:a9:85:6f:9a: ae:7b:d9:f8:1b:71:45:d4:51:5b:d3:07:2b:80:f4:c1:6c:74: 8d:ab:cd:f8:d1:1d:4f:70:42:34:8c:74:6b:d1:58:d3:26:72: ea:fd:01:2c:00:23:6d:b5:6c:ff:ec:c6:16:6c:2c:98:4b:b6: 2a:9c:29:01:ed:24:ee:8e:f2:79:1a:c9:4a:ab:b3:52:d9:12: e2:ef:de:9b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNs0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTU2MEExMTAvBgNVBAUTKDg2REI1N0U2OTBGN0QzMDkyOTNBMjhCQTdDNTVGQjhB RjM3RDVEQkQwHhcNMjUxMTA0MTQzNzI0WhcNMjUxMTExMTQzNzI0WjAYMRYwFAYD VQQDEw02OTBhMGZhNC1lM2QxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAussdiLwwsLUNaQeYy/CuwJMajIKBR8+SF2wSvjsnhEcvaPg0rmC/yc0dBves UbgkcRdaLS3cxVskF5Gn10dXtGV0WFtnFsVt5t1T4s8Jj64gwXmBoRI+d7W+YjA0 kCGfnji1BFdoqaJ68ol8S0yxA8JNBm+Axsw/xL+mS9f2Z2DI3j1jJddqwGDbJJPr dyNEOltlUhg+3+wkcpPVK6f0UB2Xry8Lfxhgex4sa4yJOJwIHl3u0jsTRFeSiKTx VMPNbFTyfwdKAGiu7RQnkH6RW5t71LXswPaFy1Eu2cqVYiXDjeR7DHML4MiJKFEE DkBg+TyxFmyvlfSknqRfFsdd6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNGGSQK7 TZZsBd2OBxziwRTgRh4AMB8GA1UdIwQYMBaAFIbbV+aQ99MJKToounxV+4rzfV29 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBNTYwQS9COTk1M0RCQTFE OEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3a3BPaWk2ZkZYN2l2TjlY YjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2h0dFg1cEQzMHdrcE9paTZmRlg3aXZOOVhiMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB NTYwQS9COTk1M0RCQTFEOEExMUUyQTM4N0QwRTQwOEIwMkNEMi9odHRYNXBEMzB3 a3BPaWk2ZkZYN2l2TjlYYjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCkuAROpaHVylvJl4j+2wkd6uhMQ6nTdYb7lLTU/8Zj0hjuH7FYRe6U R79CrPkA788n5NJFFdq5zZHYyJSM7qpOAs0z+U+6Flb671eM2XtA9S+hzXNvjeTS 1vsA6DqX65lK22xx5oT4lCPRKGGKa/rv1BtGaeb6bfKptCh0eI/eheAUdESC+wDD WeNorc344v/EzfMUb4f9UQe1EPOrw0jax2xE7iLl27cqq9uifzyOOqmFb5que9n4 G3FF1FFb0wcrgPTBbHSNq8340R1PcEI0jHRr0VjTJnLq/QEsACNttWz/7MYWbCyY S7YqnCkB7STujvJ5GslKq7NS2RLi796b -----END CERTIFICATE-----Generated at Wed Nov 5 11:13:55 2025 by rpki-client