$ rpki-client -vvf rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft File: hxSXyIUOQWJXlcT42UXHs9BBbB8.mft (raw, json) Hash identifier: aSj5mtWCohaY/DxCKIaUwcU8voLeQXama3YfGhrcXBQ= Subject key identifier: D8:8C:86:24:B5:9F:65:93:70:A0:3B:1C:33:61:0A:63:F6:5B:CD:5B Authority key identifier: 87:14:97:C8:85:0E:41:62:57:95:C4:F8:D9:45:C7:B3:D0:41:6C:1F Certificate issuer: /CN=A91C6825/serialNumber=871497C8850E41625795C4F8D945C7B3D0416C1F Certificate serial: 067B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft Manifest number: 0675 Signing time: Tue 04 Nov 2025 22:36:01 +0000 Manifest this update: Tue 04 Nov 2025 22:36:00 +0000 Manifest next update: Tue 11 Nov 2025 22:36:00 +0000 Files and hashes: 1: hxSXyIUOQWJXlcT42UXHs9BBbB8.crl (hash: Hr2fugI2STsZoDiKRGNtRRh6/TTniL4YkCeyvhLjTNs=) 2: 925B815E9ABE11EBA445A74FC4F9AE02.roa (hash: tc+HUzngZ7VVMdvUKEWM7ZZWawGnaExqZ4p3l2kRuv4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.crl rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:36:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1659 (0x67b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C6825, serialNumber=871497C8850E41625795C4F8D945C7B3D0416C1F Validity Not Before: Nov 4 22:36:00 2025 GMT Not After : Nov 11 22:36:00 2025 GMT Subject: CN=690a7fd0-eefe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4a:78:04:05:78:ae:8e:ab:eb:52:8b:ef:01: a2:3e:71:ed:da:82:a1:a8:58:12:3c:fc:7d:ee:60: a4:87:bb:cb:ac:a8:bf:c7:10:06:b8:85:89:7a:f4: 21:5e:4a:da:f3:da:cc:5b:79:98:df:3c:2c:d1:36: b6:9b:9a:9f:b4:24:a7:78:8f:3f:db:f3:47:d2:c9: d1:c1:1b:a8:74:1a:10:e7:78:ad:64:3c:06:8f:50: c1:d3:14:9d:c3:c5:de:aa:63:b5:0c:ce:57:03:b7: 4d:5c:bd:78:16:a3:17:68:07:13:08:a9:92:85:64: 75:61:b8:7c:32:e7:45:06:c5:df:c5:98:05:77:33: 31:b5:db:13:85:f3:e7:87:2b:55:ac:aa:42:47:ab: 9e:ae:ca:95:73:3c:eb:91:6d:4b:9f:65:44:be:8e: eb:3f:33:eb:55:28:f3:7c:87:35:90:6b:03:ad:19: 42:d8:02:1c:58:b5:e0:8f:fa:7d:11:2e:a5:95:1e: 62:3e:c6:e0:6e:7f:20:59:67:55:70:64:09:56:8f: e3:b7:cd:d6:a9:62:ef:52:c3:33:d0:e9:08:64:c9: 4e:f3:10:3d:d4:08:04:52:4f:d2:f0:ac:2b:c4:ef: 59:7e:fc:3a:6b:86:fe:1c:eb:79:4b:7e:4a:bf:3e: 92:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D8:8C:86:24:B5:9F:65:93:70:A0:3B:1C:33:61:0A:63:F6:5B:CD:5B X509v3 Authority Key Identifier: keyid:87:14:97:C8:85:0E:41:62:57:95:C4:F8:D9:45:C7:B3:D0:41:6C:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hxSXyIUOQWJXlcT42UXHs9BBbB8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C6825/1AA90FB69ABC11EB900A164CC4F9AE02/hxSXyIUOQWJXlcT42UXHs9BBbB8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:0b:a9:6e:4f:d7:dd:29:6e:28:fb:b4:9d:ba:5b:ac:55:b0: 43:5c:88:87:12:39:8f:bc:26:12:e2:6b:1a:1f:4a:f7:fd:32: 5c:8c:e5:b2:6d:ed:db:8c:31:21:6e:fb:d6:a2:61:5b:a1:fb: 55:3f:8c:9e:86:77:a9:d1:99:98:28:58:03:16:83:42:0e:07: 83:28:5d:46:50:6c:27:ce:33:01:c4:c5:bd:4c:dc:a2:a2:60: 44:45:e7:8b:6d:cf:f8:06:1c:34:d9:52:76:23:59:a0:8e:62: 00:70:d4:fa:e3:ad:f0:1f:a6:87:12:a6:67:ac:7e:ad:68:4e: 10:62:7d:48:9e:0b:fa:3f:07:57:c7:0f:8a:67:42:17:0f:06: 11:41:d3:bf:9e:a9:13:86:35:17:ba:ad:b4:0d:fe:2e:da:32: 54:17:c4:d3:cc:60:a9:85:0b:fa:55:0e:44:f5:12:dc:93:64: 4a:f6:bd:be:bd:e2:41:f2:2f:ff:d0:c9:0a:8b:86:02:26:a6: e0:de:f2:0b:3b:35:3f:48:a2:0c:0d:9a:3f:44:d2:8a:8b:3e: 4d:fb:3b:39:09:74:2c:66:b5:e4:58:59:a7:91:9f:7a:89:63: 7f:ef:74:85:2a:96:96:ba:e0:b1:10:5e:c5:41:2c:7a:98:47: b8:84:e0:b8 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBnswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzY4MjUxMTAvBgNVBAUTKDg3MTQ5N0M4ODUwRTQxNjI1Nzk1QzRGOEQ5NDVDN0Iz RDA0MTZDMUYwHhcNMjUxMTA0MjIzNjAwWhcNMjUxMTExMjIzNjAwWjAYMRYwFAYD VQQDEw02OTBhN2ZkMC1lZWZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvkp4BAV4ro6r61KL7wGiPnHt2oKhqFgSPPx97mCkh7vLrKi/xxAGuIWJevQh Xkra89rMW3mY3zws0Ta2m5qftCSneI8/2/NH0snRwRuodBoQ53itZDwGj1DB0xSd w8XeqmO1DM5XA7dNXL14FqMXaAcTCKmShWR1Ybh8MudFBsXfxZgFdzMxtdsThfPn hytVrKpCR6uersqVczzrkW1Ln2VEvo7rPzPrVSjzfIc1kGsDrRlC2AIcWLXgj/p9 ES6llR5iPsbgbn8gWWdVcGQJVo/jt83WqWLvUsMz0OkIZMlO8xA91AgEUk/S8Kwr xO9Zfvw6a4b+HOt5S35Kvz6SuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNiMhiS1 n2WTcKA7HDNhCmP2W81bMB8GA1UdIwQYMBaAFIcUl8iFDkFiV5XE+NlFx7PQQWwf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNjgyNS8xQUE5MEZCNjlB QkMxMUVCOTAwQTE2NENDNEY5QUUwMi9oeFNYeUlVT1FXSlhsY1Q0MlVYSHM5QkJi QjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2h4U1h5SVVPUVdKWGxjVDQyVVhIczlCQmJCOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NjgyNS8xQUE5MEZCNjlBQkMxMUVCOTAwQTE2NENDNEY5QUUwMi9oeFNYeUlVT1FX SlhsY1Q0MlVYSHM5QkJiQjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCiC6luT9fdKW4o+7SdulusVbBDXIiHEjmPvCYS4msaH0r3/TJcjOWy be3bjDEhbvvWomFboftVP4yehnep0ZmYKFgDFoNCDgeDKF1GUGwnzjMBxMW9TNyi omBEReeLbc/4Bhw02VJ2I1mgjmIAcNT6463wH6aHEqZnrH6taE4QYn1Ingv6PwdX xw+KZ0IXDwYRQdO/nqkThjUXuq20Df4u2jJUF8TTzGCphQv6VQ5E9RLck2RK9r2+ veJB8i//0MkKi4YCJqbg3vILOzU/SKIMDZo/RNKKiz5N+zs5CXQsZrXkWFmnkZ96 iWN/73SFKpaWuuCxEF7FQSx6mEe4hOC4 -----END CERTIFICATE-----Generated at Wed Nov 5 15:03:13 2025 by rpki-client