$ rpki-client -vvf rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft File: jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft (raw, json) Hash identifier: lywwb7Y9iGoji4KbS/ZvBaoX2QFP/gwJXbyIDVGOVV0= Subject key identifier: 17:5C:68:C9:DF:FB:69:94:9F:39:17:E1:D0:EC:D9:57:9A:FA:11:E9 Authority key identifier: 8E:11:FC:B4:E8:BD:63:D2:7B:84:EB:2D:52:67:0C:A1:74:F9:C4:3C Certificate issuer: /CN=A91C3A74/serialNumber=8E11FCB4E8BD63D27B84EB2D52670CA174F9C43C Certificate serial: 1AD6 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/jhH8tOi9Y9J7hOstUmcMoXT5xDw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft Manifest number: 1ACF Signing time: Tue 04 Nov 2025 15:46:54 +0000 Manifest this update: Tue 04 Nov 2025 15:46:54 +0000 Manifest next update: Tue 11 Nov 2025 15:46:54 +0000 Files and hashes: 1: jhH8tOi9Y9J7hOstUmcMoXT5xDw.crl (hash: SHrYdlgpqp09VNwuqYX5xagAQ7ldLT3trtPP2L0+HJ4=) 2: AFA37450139811EA807F1A26C4F9AE02.roa (hash: EvR5gfpmDfAVmSaNBVyf31LRk9wTqTU6OTSsCqxA5UQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.crl rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/jhH8tOi9Y9J7hOstUmcMoXT5xDw.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:46:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6870 (0x1ad6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C3A74, serialNumber=8E11FCB4E8BD63D27B84EB2D52670CA174F9C43C Validity Not Before: Nov 4 15:46:54 2025 GMT Not After : Nov 11 15:46:54 2025 GMT Subject: CN=690a1fee-00d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dc:47:2f:0b:5c:b2:2f:45:52:8e:23:bf:76:06: c6:6f:05:2c:46:7c:0b:a7:ea:09:95:a5:48:3b:8b: 85:d8:02:7e:82:39:43:ba:e6:db:de:36:45:8e:4c: f4:5f:c8:95:e7:3f:6e:81:e0:7c:3a:e0:89:6e:b4: da:d0:ae:58:59:56:38:dd:ab:97:20:8c:02:a0:5b: 3c:97:40:47:9a:c4:a6:a6:d7:06:23:b0:8f:5e:3d: 65:23:f9:5e:18:bf:40:1a:e5:27:d4:f5:1e:8d:e5: 85:82:8e:78:f6:78:dc:67:f6:b2:57:18:fd:90:36: f7:1a:bd:de:b4:fb:85:07:4a:2a:25:b2:26:76:f1: d7:e5:3a:dd:6d:4c:00:f8:0b:4c:ea:ef:53:8f:a9: b7:1c:92:5a:d8:6c:5a:fa:7e:a0:c9:5e:60:ae:60: 72:e1:d1:f8:ab:e9:49:cf:0c:03:4f:24:94:aa:93: 90:4d:85:8b:82:54:9b:cf:95:76:1d:38:9d:d6:5a: 18:af:5c:d9:88:98:8b:47:dd:54:5b:ff:d8:a0:d7: 3b:a5:87:0c:ad:d2:ad:51:0f:47:c1:bd:b3:eb:a2: 51:4c:8b:8a:1f:e9:03:27:19:68:72:89:3c:1e:52: b3:0e:5d:37:18:d7:e2:40:9f:b3:40:7d:be:cd:e1: 15:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 17:5C:68:C9:DF:FB:69:94:9F:39:17:E1:D0:EC:D9:57:9A:FA:11:E9 X509v3 Authority Key Identifier: keyid:8E:11:FC:B4:E8:BD:63:D2:7B:84:EB:2D:52:67:0C:A1:74:F9:C4:3C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/jhH8tOi9Y9J7hOstUmcMoXT5xDw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C3A74/753D71EE3AB511E7B8609F1CC4F9AE02/jhH8tOi9Y9J7hOstUmcMoXT5xDw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 82:89:44:8b:1f:85:5b:27:55:2c:89:81:6d:fe:0a:60:96:ec: 7e:22:b7:c6:e4:43:bb:a3:4e:3b:4b:0d:29:6f:74:5b:39:5d: ce:9b:2b:97:78:e4:e9:e4:e3:67:e6:96:f5:68:5e:d2:d5:a5: e6:b6:f8:60:72:52:90:56:3c:b3:66:c1:1f:d1:dc:76:d4:1d: 83:f0:64:d0:b5:b7:d5:e8:86:2d:62:1e:ce:d9:8e:1b:c0:0e: a4:7d:d5:a2:e0:7f:db:0c:c5:13:14:bc:ce:54:95:ca:3e:d2: 94:8c:37:10:f4:33:ab:47:e8:af:cc:48:71:ec:fe:2a:20:1f: a6:17:61:d3:c1:a3:05:f4:86:56:a8:72:a0:2a:c0:8d:42:34: 5d:ce:ed:c9:b2:ba:3a:5b:aa:b8:91:b9:0b:b9:9c:6f:fb:1e: de:a1:e9:4c:10:52:3e:dc:b6:49:6a:cc:07:a6:f9:ad:f4:39: 9c:15:57:69:fe:2d:da:6f:4a:cc:e1:0c:c5:35:af:78:83:5a: 11:d3:4a:7f:31:3a:84:93:f4:f0:30:f5:5d:de:ce:ea:b1:2a: cd:7c:91:97:dc:7e:dd:bd:e8:42:df:99:8f:7b:7b:ad:c5:81: 49:c7:19:68:31:9e:c0:74:1b:87:3b:4b:cb:8e:6a:9b:84:21: 0d:94:97:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGtYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzNBNzQxMTAvBgNVBAUTKDhFMTFGQ0I0RThCRDYzRDI3Qjg0RUIyRDUyNjcwQ0Ex NzRGOUM0M0MwHhcNMjUxMTA0MTU0NjU0WhcNMjUxMTExMTU0NjU0WjAYMRYwFAYD VQQDEw02OTBhMWZlZS0wMGQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3EcvC1yyL0VSjiO/dgbGbwUsRnwLp+oJlaVIO4uF2AJ+gjlDuubb3jZFjkz0 X8iV5z9ugeB8OuCJbrTa0K5YWVY43auXIIwCoFs8l0BHmsSmptcGI7CPXj1lI/le GL9AGuUn1PUejeWFgo549njcZ/ayVxj9kDb3Gr3etPuFB0oqJbImdvHX5TrdbUwA +AtM6u9Tj6m3HJJa2Gxa+n6gyV5grmBy4dH4q+lJzwwDTySUqpOQTYWLglSbz5V2 HTid1loYr1zZiJiLR91UW//YoNc7pYcMrdKtUQ9Hwb2z66JRTIuKH+kDJxlocok8 HlKzDl03GNfiQJ+zQH2+zeEV1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBdcaMnf +2mUnzkX4dDs2Vea+hHpMB8GA1UdIwQYMBaAFI4R/LTovWPSe4TrLVJnDKF0+cQ8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDM0E3NC83NTNENzFFRTNB QjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9qaEg4dE9pOVk5SjdoT3N0VW1jTW9YVDV4 RHcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2poSDh0T2k5WTlKN2hPc3RVbWNNb1hUNXhEdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD M0E3NC83NTNENzFFRTNBQjUxMUU3Qjg2MDlGMUNDNEY5QUUwMi9qaEg4dE9pOVk5 SjdoT3N0VW1jTW9YVDV4RHcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCCiUSLH4VbJ1UsiYFt/gpglux+IrfG5EO7o047Sw0pb3RbOV3OmyuX eOTp5ONn5pb1aF7S1aXmtvhgclKQVjyzZsEf0dx21B2D8GTQtbfV6IYtYh7O2Y4b wA6kfdWi4H/bDMUTFLzOVJXKPtKUjDcQ9DOrR+ivzEhx7P4qIB+mF2HTwaMF9IZW qHKgKsCNQjRdzu3Jsro6W6q4kbkLuZxv+x7eoelMEFI+3LZJaswHpvmt9DmcFVdp /i3ab0rM4QzFNa94g1oR00p/MTqEk/TwMPVd3s7qsSrNfJGX3H7dvehC35mPe3ut xYFJxxloMZ7AdBuHO0vLjmqbhCENlJej -----END CERTIFICATE-----Generated at Wed Nov 5 17:57:32 2025 by rpki-client