$ rpki-client -vvf rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft File: htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft (raw, json) Hash identifier: eEIrjqe+N3pvKyLjS/vagfqbZQwihLjLHa0QvzxUZrI= Subject key identifier: 22:0C:23:AB:55:24:7C:46:81:16:E9:29:32:FC:84:78:11:13:8D:55 Authority key identifier: 86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D Certificate issuer: /CN=A91A99C5/serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Certificate serial: 3D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft Manifest number: 3D Signing time: Wed 05 Nov 2025 07:40:01 +0000 Manifest this update: Wed 05 Nov 2025 07:40:00 +0000 Manifest next update: Wed 12 Nov 2025 07:40:00 +0000 Files and hashes: 1: htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl (hash: dY0fpYVNBTUfzQcgaF2jpsZyvnfBcYo66+l2POC8LBc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:40:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 61 (0x3d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A99C5, serialNumber=86D95F41ED1981FA8D0B5908D64446510E6EAC7D Validity Not Before: Nov 5 07:40:00 2025 GMT Not After : Nov 12 07:40:00 2025 GMT Subject: CN=690aff51-3807 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:cb:06:6e:14:06:61:9d:05:5c:d1:55:2f:64: 2e:c2:49:0a:16:2d:df:85:35:2e:a3:31:99:b8:4f: 80:06:35:47:5a:ac:68:98:fb:ea:ff:43:e4:db:37: c5:92:56:7b:ad:37:89:6e:5d:e4:b6:1d:89:a8:da: 81:08:fb:61:d1:d1:c1:6d:6c:55:8f:81:37:8e:00: 1e:25:a2:69:9e:29:54:08:b3:1c:66:c9:ff:db:0d: 55:41:56:99:f6:f9:26:f6:03:54:8b:04:30:68:38: 95:d7:d4:01:c8:93:62:ef:37:32:2e:90:30:ff:59: 50:2c:24:b5:7b:f7:f1:ff:26:31:73:4a:e7:4c:84: a3:54:69:3a:18:af:9f:89:cb:87:34:69:60:d3:0f: 17:01:0e:f6:f9:74:41:e1:73:85:f8:be:8f:2f:2b: fd:08:fa:0f:9c:b9:ee:3f:0b:11:f6:bd:00:89:9e: b2:4e:17:9f:19:e0:7a:c5:06:56:b9:27:a3:a1:ca: f6:8f:5e:95:e6:9f:6d:72:7d:59:87:2a:f5:ed:17: b3:71:f7:5e:ed:d8:d0:5c:46:34:35:78:e0:b0:eb: 4b:a3:65:d7:0d:88:62:5a:c4:a2:1c:59:52:75:fb: c5:15:0a:dc:1d:2d:21:09:1b:24:a3:f8:fc:80:5b: e4:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 22:0C:23:AB:55:24:7C:46:81:16:E9:29:32:FC:84:78:11:13:8D:55 X509v3 Authority Key Identifier: keyid:86:D9:5F:41:ED:19:81:FA:8D:0B:59:08:D6:44:46:51:0E:6E:AC:7D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/htlfQe0ZgfqNC1kI1kRGUQ5urH0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A99C5/0603E5BE5DBC11F09AA17850C4F9AE02/htlfQe0ZgfqNC1kI1kRGUQ5urH0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:e8:6e:de:6d:da:b6:f6:ea:31:44:ec:56:cb:6d:11:67:dc: 9c:ea:68:6d:0f:6a:46:5c:f6:6f:57:27:f5:8b:67:c2:2c:3f: 89:e3:b9:7d:95:c2:4d:ec:c3:5a:7d:f7:4c:40:76:6e:74:72: 1a:23:c4:b6:42:20:31:0c:ae:1b:2d:d9:6d:71:bf:4f:37:58: b0:1f:dd:16:45:20:00:8c:fa:fe:e6:aa:3b:4c:e7:3a:a8:39: bf:33:8a:36:59:5f:20:32:19:f3:49:cb:86:3d:07:14:67:dd: ec:2c:d0:cf:29:fe:16:f2:69:c8:d8:84:f4:7f:a0:09:a7:93: 78:de:77:b0:3e:2b:e3:06:e0:8f:53:89:25:60:c1:8c:a4:7f: 0a:e9:97:9f:b5:a8:aa:69:d2:de:40:44:e2:d5:ae:4e:ce:80: 2a:b0:35:ef:53:4b:51:4d:ad:27:ad:a0:13:aa:a3:ca:05:14: 7f:a8:84:ac:df:3a:99:19:f0:6b:68:2f:b8:b5:79:2e:e8:cc: 1e:1d:2f:9a:9d:fe:8b:a0:ee:e8:da:f3:fb:c1:c2:86:1f:03: e2:89:56:98:37:4a:5e:e0:47:3b:66:b8:af:4c:33:c3:a4:25: 6f:7e:47:6e:9f:52:84:ad:29:16:9d:b8:ad:af:cc:c6:ef:1e: 32:a1:c9:e4 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB OTlDNTExMC8GA1UEBRMoODZEOTVGNDFFRDE5ODFGQThEMEI1OTA4RDY0NDQ2NTEw RTZFQUM3RDAeFw0yNTExMDUwNzQwMDBaFw0yNTExMTIwNzQwMDBaMBgxFjAUBgNV BAMTDTY5MGFmZjUxLTM4MDcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDSywZuFAZhnQVc0VUvZC7CSQoWLd+FNS6jMZm4T4AGNUdarGiY++r/Q+TbN8WS VnutN4luXeS2HYmo2oEI+2HR0cFtbFWPgTeOAB4lommeKVQIsxxmyf/bDVVBVpn2 +Sb2A1SLBDBoOJXX1AHIk2LvNzIukDD/WVAsJLV79/H/JjFzSudMhKNUaToYr5+J y4c0aWDTDxcBDvb5dEHhc4X4vo8vK/0I+g+cue4/CxH2vQCJnrJOF58Z4HrFBla5 J6OhyvaPXpXmn21yfVmHKvXtF7Nx917t2NBcRjQ1eOCw60ujZdcNiGJaxKIcWVJ1 +8UVCtwdLSEJGySj+PyAW+QzAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUIgwjq1Uk fEaBFukpMvyEeBETjVUwHwYDVR0jBBgwFoAUhtlfQe0ZgfqNC1kI1kRGUQ5urH0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5OUM1LzA2MDNFNUJFNURC QzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2ZxTkMxa0kxa1JHVVE1dXJI MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvaHRsZlFlMFpnZnFOQzFrSTFrUkdVUTV1ckgwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE5 OUM1LzA2MDNFNUJFNURCQzExRjA5QUExNzg1MEM0RjlBRTAyL2h0bGZRZTBaZ2Zx TkMxa0kxa1JHVVE1dXJIMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAILobt5t2rb26jFE7FbLbRFn3JzqaG0PakZc9m9XJ/WLZ8IsP4njuX2V wk3sw1p990xAdm50chojxLZCIDEMrhst2W1xv083WLAf3RZFIACM+v7mqjtM5zqo Ob8zijZZXyAyGfNJy4Y9BxRn3ews0M8p/hbyacjYhPR/oAmnk3jed7A+K+MG4I9T iSVgwYykfwrpl5+1qKpp0t5AROLVrk7OgCqwNe9TS1FNrSetoBOqo8oFFH+ohKzf OpkZ8GtoL7i1eS7ozB4dL5qd/oug7uja8/vBwoYfA+KJVpg3Sl7gRztmuK9MM8Ok JW9+R26fUoStKRaduK2vzMbvHjKhyeQ= -----END CERTIFICATE-----Generated at Wed Nov 5 12:28:06 2025 by rpki-client