$ rpki-client -vvf rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft File: vHENBWM8XhGwdEtxrruIriskRuM.mft (raw, json) Hash identifier: TSqhEchO8zBFdYEND8fVsEdPGKkRr6lwmF7DBlwVEII= Subject key identifier: A0:31:F2:A2:6E:9C:3D:C5:7B:51:B5:DA:84:69:2A:3C:5B:61:EE:B3 Authority key identifier: BC:71:0D:05:63:3C:5E:11:B0:74:4B:71:AE:BB:88:AE:2B:24:46:E3 Certificate issuer: /CN=A91AF406/serialNumber=BC710D05633C5E11B0744B71AEBB88AE2B2446E3 Certificate serial: 1396 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft Manifest number: 138E Signing time: Tue 04 Nov 2025 17:04:19 +0000 Manifest this update: Tue 04 Nov 2025 17:04:18 +0000 Manifest next update: Tue 11 Nov 2025 17:04:18 +0000 Files and hashes: 1: vHENBWM8XhGwdEtxrruIriskRuM.crl (hash: 6wlM3G/64HUavfWEk2jw8KQdeRqNAAap4fcIOEWZfVY=) 2: C2065F2CA5F311E8B54BF03DC4F9AE02.roa (hash: c/V3Stz0hBoC77cDsx2sOFkExhPVs+UBbA7TaA5YseQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.crl rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:04:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5014 (0x1396) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91AF406, serialNumber=BC710D05633C5E11B0744B71AEBB88AE2B2446E3 Validity Not Before: Nov 4 17:04:18 2025 GMT Not After : Nov 11 17:04:18 2025 GMT Subject: CN=690a3213-50c4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:53:13:21:36:74:4c:d9:88:5a:1d:94:eb:de: 5d:45:bb:bf:c0:fd:fc:af:ca:69:0b:c8:a8:e9:02: b9:8d:46:96:4d:7d:bf:20:c9:9a:7e:fe:75:18:54: 7e:62:05:74:a7:bb:8d:00:af:89:45:b9:1c:00:f3: 28:30:9d:e4:f2:88:d6:2f:f1:bf:e8:02:72:c2:91: 25:25:3b:8c:ec:f9:49:d1:bd:3c:1d:f2:1a:36:c3: e7:4e:b6:c0:65:6d:60:40:66:e7:45:9c:18:69:93: 38:25:fa:49:44:74:61:d2:fa:db:f3:51:61:78:ea: 82:66:c2:03:5c:77:38:eb:e3:1c:3d:5f:ce:ae:0a: b3:00:00:cc:68:6d:7b:50:5c:c4:59:88:b0:27:44: 3f:98:2f:c7:61:57:e6:c5:1d:69:b8:bc:0e:d0:74: 62:ee:81:d1:54:0b:95:f8:00:33:f4:3f:01:bb:92: e0:27:7b:4d:d9:91:9f:81:9c:53:4f:1a:a4:54:4c: 13:88:21:eb:42:9c:46:96:9c:a8:c1:28:3e:53:42: d4:6e:54:8b:02:f8:6d:44:a7:b8:b9:74:3c:1c:f5: dd:f4:63:45:dd:b7:e3:da:09:16:c3:29:2d:d0:88: 8a:9b:86:1c:48:7f:25:83:f6:61:65:72:0b:dd:56: f2:85 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:31:F2:A2:6E:9C:3D:C5:7B:51:B5:DA:84:69:2A:3C:5B:61:EE:B3 X509v3 Authority Key Identifier: keyid:BC:71:0D:05:63:3C:5E:11:B0:74:4B:71:AE:BB:88:AE:2B:24:46:E3 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vHENBWM8XhGwdEtxrruIriskRuM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91AF406/3F670C0CA5F211E897A7503AC4F9AE02/vHENBWM8XhGwdEtxrruIriskRuM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:b7:4a:65:e5:12:41:b4:22:a1:78:4b:09:8b:eb:a8:dc:c2: 96:0f:7f:b6:7f:a8:26:db:63:19:cf:4c:db:5c:3b:6a:71:9f: 63:da:f2:61:cf:f1:ee:ca:e4:fe:18:9c:32:3e:29:39:ff:54: 00:a1:cd:ab:14:87:31:22:23:12:8d:5a:12:1f:28:8f:7f:07: 2b:eb:80:a1:1c:48:7e:29:b5:fd:70:e8:13:03:97:10:72:35: c0:db:0a:80:09:a2:fc:42:a5:fa:54:03:9e:f8:80:a9:bc:03: 7e:1f:77:13:f9:cf:83:ef:04:67:fa:82:b5:3e:f7:c1:a2:b9: 31:2d:24:c7:4a:25:99:71:3b:68:ad:14:40:0f:b0:66:f8:e1: 4a:3c:49:20:9f:40:e2:bc:66:07:35:42:2c:c4:43:55:6b:86: df:98:fa:18:05:10:63:a8:2d:25:7d:fd:85:b5:24:b6:7f:b7: 1b:55:db:17:1d:c6:e2:9f:cd:88:32:bd:05:01:1b:a4:19:dc: cc:63:42:1e:2a:76:40:e2:4f:c3:f3:c6:89:9c:f8:8b:bf:23: d8:02:d6:45:db:28:47:2a:2d:4f:cc:44:97:3f:98:3d:7b:61: 8e:3d:c2:d4:89:98:65:f7:dd:2b:a4:85:90:14:73:5f:4c:5b: 7e:89:3a:96 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QUY0MDYxMTAvBgNVBAUTKEJDNzEwRDA1NjMzQzVFMTFCMDc0NEI3MUFFQkI4OEFF MkIyNDQ2RTMwHhcNMjUxMTA0MTcwNDE4WhcNMjUxMTExMTcwNDE4WjAYMRYwFAYD VQQDEw02OTBhMzIxMy01MGM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqlMTITZ0TNmIWh2U695dRbu/wP38r8ppC8io6QK5jUaWTX2/IMmafv51GFR+ YgV0p7uNAK+JRbkcAPMoMJ3k8ojWL/G/6AJywpElJTuM7PlJ0b08HfIaNsPnTrbA ZW1gQGbnRZwYaZM4JfpJRHRh0vrb81FheOqCZsIDXHc46+McPV/OrgqzAADMaG17 UFzEWYiwJ0Q/mC/HYVfmxR1puLwO0HRi7oHRVAuV+AAz9D8Bu5LgJ3tN2ZGfgZxT TxqkVEwTiCHrQpxGlpyowSg+U0LUblSLAvhtRKe4uXQ8HPXd9GNF3bfj2gkWwykt 0IiKm4YcSH8lg/ZhZXIL3VbyhQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKAx8qJu nD3Fe1G12oRpKjxbYe6zMB8GA1UdIwQYMBaAFLxxDQVjPF4RsHRLca67iK4rJEbj MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBRjQwNi8zRjY3MEMwQ0E1 RjIxMUU4OTdBNzUwM0FDNEY5QUUwMi92SEVOQldNOFhoR3dkRXR4cnJ1SXJpc2tS dU0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3ZIRU5CV004WGhHd2RFdHhycnVJcmlza1J1TS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB RjQwNi8zRjY3MEMwQ0E1RjIxMUU4OTdBNzUwM0FDNEY5QUUwMi92SEVOQldNOFho R3dkRXR4cnJ1SXJpc2tSdU0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+t0pl5RJBtCKheEsJi+uo3MKWD3+2f6gm22MZz0zbXDtqcZ9j2vJh z/HuyuT+GJwyPik5/1QAoc2rFIcxIiMSjVoSHyiPfwcr64ChHEh+KbX9cOgTA5cQ cjXA2wqACaL8QqX6VAOe+ICpvAN+H3cT+c+D7wRn+oK1PvfBorkxLSTHSiWZcTto rRRAD7Bm+OFKPEkgn0DivGYHNUIsxENVa4bfmPoYBRBjqC0lff2FtSS2f7cbVdsX Hcbin82IMr0FARukGdzMY0IeKnZA4k/D88aJnPiLvyPYAtZF2yhHKi1PzESXP5g9 e2GOPcLUiZhl990rpIWQFHNfTFt+iTqW -----END CERTIFICATE-----Generated at Wed Nov 5 05:47:39 2025 by rpki-client