$ rpki-client -vvf rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft File: r_h3chh1NYXDiOm4HDkGa9ONtZI.mft (raw, json) Hash identifier: KVdx+XwL0iq0GHkyS5PrCvY9kzxWlC8AfflUmKC0izw= Subject key identifier: 36:57:14:1C:E8:D0:21:93:B4:61:39:27:1C:92:52:27:4B:8B:E7:DC Authority key identifier: AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 Certificate issuer: /CN=A91CB3FE/serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Certificate serial: 5C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft Manifest number: 59 Signing time: Wed 05 Nov 2025 07:23:18 +0000 Manifest this update: Wed 05 Nov 2025 07:23:18 +0000 Manifest next update: Wed 12 Nov 2025 07:23:18 +0000 Files and hashes: 1: r_h3chh1NYXDiOm4HDkGa9ONtZI.crl (hash: lXM0/3fRJqOxh9VhGvlbCLQ68ouT75RI+ebaDi0TTRY=) 2: AFD61B9C36A311F08A82A258C4F9AE02.roa (hash: GbT2Xq8LMseiodZFptbEkKwR2JJrCaZJBMK5VYRS9TY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:23:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 92 (0x5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CB3FE, serialNumber=AFF8777218753585C388E9B81C39066BD38DB592 Validity Not Before: Nov 5 07:23:18 2025 GMT Not After : Nov 12 07:23:18 2025 GMT Subject: CN=690afb66-9b71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:ec:d3:57:28:0b:fb:0d:61:c5:dd:35:18:77: 11:45:99:4d:a0:8f:71:8c:c8:0e:5d:2e:30:83:5e: 77:86:cb:7b:75:06:fa:5e:93:49:a3:cb:dc:f3:f3: 07:c8:be:0d:79:e9:6e:cd:cd:dd:28:93:af:ba:4e: 66:a1:da:18:f8:21:e1:73:98:8f:d0:b8:ec:45:63: c3:94:e0:c0:d8:18:c6:f8:1b:a4:3f:cd:fb:b9:76: 1a:b0:b2:4f:cf:07:19:ff:0c:4a:c8:a1:fc:7e:d6: 52:19:e3:e6:d2:8d:c3:e9:ff:1f:12:3a:fe:e4:60: d1:a5:3a:1e:ac:ea:06:8e:43:b7:8b:62:02:60:9b: 86:cc:6d:04:4b:41:5b:59:a1:7b:24:9c:6f:48:fb: ce:64:2d:3e:fe:f8:a6:5d:c6:fa:a4:35:8f:05:0f: d7:49:e1:2b:d7:a3:fe:42:9b:11:9d:63:44:da:fb: c6:c8:f1:8a:67:d7:d8:83:9c:f3:c6:ec:0b:58:07: d3:72:79:88:50:49:ea:7e:19:99:23:45:87:48:3c: de:af:45:28:b1:24:d1:a6:8b:89:b4:85:4f:37:68: 5a:38:6d:69:b6:e7:94:22:2d:82:ec:a0:14:58:59: 98:70:a4:f9:76:81:21:39:7f:35:4b:c8:32:1e:86: f1:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 36:57:14:1C:E8:D0:21:93:B4:61:39:27:1C:92:52:27:4B:8B:E7:DC X509v3 Authority Key Identifier: keyid:AF:F8:77:72:18:75:35:85:C3:88:E9:B8:1C:39:06:6B:D3:8D:B5:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/r_h3chh1NYXDiOm4HDkGa9ONtZI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CB3FE/2A56878236A211F0897B4B3CC4F9AE02/r_h3chh1NYXDiOm4HDkGa9ONtZI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:40:e9:71:2e:c7:94:9d:77:4d:3c:db:10:f7:6f:fa:18:62: f7:6e:e0:2c:c9:83:5a:03:e3:93:ec:3b:85:3b:b0:0d:dc:fd: 50:5f:99:45:90:66:4e:7f:09:af:9d:65:3f:a6:30:90:2e:c3: 8f:85:c9:7b:af:8e:f9:ce:af:af:bd:6e:38:81:f5:d9:bc:2d: d1:45:33:a0:01:c3:f7:04:58:4f:f0:f2:ec:08:1a:f9:a5:08: f9:85:52:71:31:92:7b:fe:98:30:79:80:f9:2a:b7:9c:ed:51: f6:a1:6d:46:ca:2f:87:72:25:1d:b0:b4:8c:c2:06:16:7f:a3: 09:06:84:5c:76:4a:d9:f5:8c:39:2b:5a:82:be:7d:86:3a:1f: 83:11:5d:fd:51:94:ae:2b:58:78:a3:ca:58:d0:e4:cc:3f:ba: 19:ba:f0:5e:ff:01:f0:7a:be:cb:94:42:9d:ac:25:e4:83:f4: 3e:b1:64:e5:a7:47:b1:bd:ea:96:45:f5:cc:cc:03:4a:e9:6b: 0b:e3:bd:11:bd:30:7b:f8:be:53:8b:ae:f7:64:d6:98:88:2b: ec:cc:25:03:89:e3:3d:da:4b:71:fe:6c:75:77:d5:a2:68:46: 9d:97:d6:b0:37:3f:98:e7:ee:bd:9c:2e:5b:05:6a:fc:13:41: 8f:40:97:9a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBXDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFD QjNGRTExMC8GA1UEBRMoQUZGODc3NzIxODc1MzU4NUMzODhFOUI4MUMzOTA2NkJE MzhEQjU5MjAeFw0yNTExMDUwNzIzMThaFw0yNTExMTIwNzIzMThaMBgxFjAUBgNV BAMTDTY5MGFmYjY2LTliNzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDD7NNXKAv7DWHF3TUYdxFFmU2gj3GMyA5dLjCDXneGy3t1Bvpek0mjy9zz8wfI vg156W7Nzd0ok6+6Tmah2hj4IeFzmI/QuOxFY8OU4MDYGMb4G6Q/zfu5dhqwsk/P Bxn/DErIofx+1lIZ4+bSjcPp/x8SOv7kYNGlOh6s6gaOQ7eLYgJgm4bMbQRLQVtZ oXsknG9I+85kLT7++KZdxvqkNY8FD9dJ4SvXo/5CmxGdY0Ta+8bI8Ypn19iDnPPG 7AtYB9NyeYhQSep+GZkjRYdIPN6vRSixJNGmi4m0hU83aFo4bWm255QiLYLsoBRY WZhwpPl2gSE5fzVLyDIehvF9AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUNlcUHOjQ IZO0YTknHJJSJ0uL59wwHwYDVR0jBBgwFoAUr/h3chh1NYXDiOm4HDkGa9ONtZIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNCM0ZFLzJBNTY4NzgyMzZB MjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllYRGlPbTRIRGtHYTlPTnRa SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvcl9oM2NoaDFOWVhEaU9tNEhEa0dhOU9OdFpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUNC M0ZFLzJBNTY4NzgyMzZBMjExRjA4OTdCNEIzQ0M0RjlBRTAyL3JfaDNjaGgxTllY RGlPbTRIRGtHYTlPTnRaSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAEJA6XEux5Sdd0082xD3b/oYYvdu4CzJg1oD45PsO4U7sA3c/VBfmUWQ Zk5/Ca+dZT+mMJAuw4+FyXuvjvnOr6+9bjiB9dm8LdFFM6ABw/cEWE/w8uwIGvml CPmFUnExknv+mDB5gPkqt5ztUfahbUbKL4dyJR2wtIzCBhZ/owkGhFx2Stn1jDkr WoK+fYY6H4MRXf1RlK4rWHijyljQ5Mw/uhm68F7/AfB6vsuUQp2sJeSD9D6xZOWn R7G96pZF9czMA0rpawvjvRG9MHv4vlOLrvdk1piIK+zMJQOJ4z3aS3H+bHV31aJo Rp2X1rA3P5jn7r2cLlsFavwTQY9Al5o= -----END CERTIFICATE-----Generated at Wed Nov 5 11:57:33 2025 by rpki-client