$ rpki-client -vvf rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.mft File: h_BZaHG1Fbuz0pgtxvucEt70wjQ.mft (raw, json) Hash identifier: 9xKGT5w4nGWpt43iCbrahEr+R32ZQfBNRvYMRNUk6Hg= Subject key identifier: 20:C6:49:A1:9A:9B:D7:81:CC:B9:3B:86:78:77:2D:44:55:E5:0C:DA Authority key identifier: 87:F0:59:68:71:B5:15:BB:B3:D2:98:2D:C6:FB:9C:12:DE:F4:C2:34 Certificate issuer: /CN=A91D226F/serialNumber=87F0596871B515BBB3D2982DC6FB9C12DEF4C234 Certificate serial: 01EA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.mft Manifest number: 01DB Signing time: Mon 03 Nov 2025 02:52:12 +0000 Manifest this update: Mon 03 Nov 2025 02:52:11 +0000 Manifest next update: Mon 10 Nov 2025 02:52:11 +0000 Files and hashes: 1: h_BZaHG1Fbuz0pgtxvucEt70wjQ.crl (hash: 1BhO2I1HlSeSEb8mRyefSBWMlUY29W9CuS1QATOYOok=) 2: 3681B720B2D611EF9B481340C4F9AE02.roa (hash: Aaq+TCQ/KTzVoqOiGqBuyk59qeKatX9nZx11XR64nYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.crl rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:52:11 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 490 (0x1ea) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D226F, serialNumber=87F0596871B515BBB3D2982DC6FB9C12DEF4C234 Validity Not Before: Nov 3 02:52:11 2025 GMT Not After : Nov 10 02:52:11 2025 GMT Subject: CN=690818dc-cd28 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:07:86:04:61:b1:c0:d4:79:dc:67:b0:2d:74: bb:44:07:5a:51:90:7a:01:2d:e0:48:06:03:49:7f: 4f:dc:89:20:d9:da:55:63:4b:c0:d7:8e:9b:cd:19: 47:79:34:39:09:ee:0c:3c:7f:86:00:98:48:50:98: 4b:a1:16:01:c2:d1:e2:da:ca:8d:2d:1e:9d:89:34: 95:63:0f:ff:95:0a:16:3d:95:ee:d6:b6:36:38:9e: c8:94:f0:26:97:0e:63:7a:1c:c0:46:fa:0e:d9:99: 98:ec:b0:9c:38:3c:c9:ce:9e:8d:e5:e0:02:b4:5e: ce:e2:69:a8:ac:bc:5b:96:7d:a2:c8:b5:be:58:6e: ef:5b:dc:68:db:01:c1:1b:2f:ef:b8:b9:b7:56:3c: 2c:d4:ea:7a:6e:48:e3:a2:13:2f:de:40:c7:2f:dd: 0b:ff:c7:1f:92:90:12:4e:d0:2a:ae:45:c6:70:43: e4:6b:83:7c:a8:9f:b5:de:d5:15:06:a5:a2:5b:cd: 65:28:79:72:da:9d:70:64:4b:6d:f0:5a:49:41:c2: 2f:20:ed:c2:de:75:b7:e8:d2:b5:da:24:95:cb:d3: 0c:5c:cb:41:4d:0d:61:2f:cf:ed:00:3f:36:76:44: 7d:83:5a:12:02:7e:b8:52:ec:2a:40:bc:e8:66:fd: e6:1f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:C6:49:A1:9A:9B:D7:81:CC:B9:3B:86:78:77:2D:44:55:E5:0C:DA X509v3 Authority Key Identifier: keyid:87:F0:59:68:71:B5:15:BB:B3:D2:98:2D:C6:FB:9C:12:DE:F4:C2:34 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/h_BZaHG1Fbuz0pgtxvucEt70wjQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D226F/D5C56E28FAD411ED80EED05FC4F9AE02/h_BZaHG1Fbuz0pgtxvucEt70wjQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:5f:3f:38:a3:6a:fe:a8:f1:7d:e7:54:c9:00:53:30:d1:ad: 17:40:12:68:c2:b0:71:4a:c8:08:04:82:b9:17:43:7d:84:7a: 2e:03:49:c1:fd:03:86:ca:f6:4f:1f:76:75:55:69:8b:2d:16: 2b:5d:67:c3:1b:c8:e6:a3:bb:9a:17:f8:ca:a0:4e:ac:44:ea: e1:56:b7:c5:c0:58:f5:ba:89:45:22:80:93:44:64:4e:51:2d: e0:2c:cb:59:97:8c:a2:a0:f9:61:20:87:92:08:c1:e1:eb:b5: 18:c7:b0:1c:ce:8d:5a:1f:c3:a8:21:c4:d8:bd:12:3a:eb:97: af:09:05:0a:52:b9:51:0b:de:af:7e:85:76:4e:af:bc:d6:0e: 81:8b:fb:ed:cf:b1:4a:8d:be:1e:ec:e6:55:13:3c:d4:1a:49: c9:a3:51:6b:4f:d6:01:3e:55:d4:03:1d:07:64:d9:93:a6:bd: 08:fc:d9:cc:c6:65:e6:30:1c:87:e7:f7:80:08:1d:6c:e2:03: 12:1d:af:70:d9:18:58:fb:9a:67:b7:ec:4d:50:63:7e:39:b5: ed:7a:1d:86:fe:87:bb:41:38:aa:2b:9c:77:3b:ed:94:dd:f8: 05:38:54:79:a4:95:6e:63:7f:25:df:55:ce:f5:19:e9:6f:9f: cd:32:f9:84 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDIyNkYxMTAvBgNVBAUTKDg3RjA1OTY4NzFCNTE1QkJCM0QyOTgyREM2RkI5QzEy REVGNEMyMzQwHhcNMjUxMTAzMDI1MjExWhcNMjUxMTEwMDI1MjExWjAYMRYwFAYD VQQDEw02OTA4MThkYy1jZDI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0weGBGGxwNR53GewLXS7RAdaUZB6AS3gSAYDSX9P3Ikg2dpVY0vA146bzRlH eTQ5Ce4MPH+GAJhIUJhLoRYBwtHi2sqNLR6diTSVYw//lQoWPZXu1rY2OJ7IlPAm lw5jehzARvoO2ZmY7LCcODzJzp6N5eACtF7O4mmorLxbln2iyLW+WG7vW9xo2wHB Gy/vuLm3Vjws1Op6bkjjohMv3kDHL90L/8cfkpASTtAqrkXGcEPka4N8qJ+13tUV BqWiW81lKHly2p1wZEtt8FpJQcIvIO3C3nW36NK12iSVy9MMXMtBTQ1hL8/tAD82 dkR9g1oSAn64UuwqQLzoZv3mHwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCDGSaGa m9eBzLk7hnh3LURV5QzaMB8GA1UdIwQYMBaAFIfwWWhxtRW7s9KYLcb7nBLe9MI0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEMjI2Ri9ENUM1NkUyOEZB RDQxMUVEODBFRUQwNUZDNEY5QUUwMi9oX0JaYUhHMUZidXowcGd0eHZ1Y0V0NzB3 alEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hfQlphSEcxRmJ1ejBwZ3R4dnVjRXQ3MHdqUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE MjI2Ri9ENUM1NkUyOEZBRDQxMUVEODBFRUQwNUZDNEY5QUUwMi9oX0JaYUhHMUZi dXowcGd0eHZ1Y0V0NzB3alEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWXz84o2r+qPF951TJAFMw0a0XQBJowrBxSsgIBIK5F0N9hHouA0nB /QOGyvZPH3Z1VWmLLRYrXWfDG8jmo7uaF/jKoE6sROrhVrfFwFj1uolFIoCTRGRO US3gLMtZl4yioPlhIIeSCMHh67UYx7Aczo1aH8OoIcTYvRI665evCQUKUrlRC96v foV2Tq+81g6Bi/vtz7FKjb4e7OZVEzzUGknJo1FrT9YBPlXUAx0HZNmTpr0I/NnM xmXmMByH5/eACB1s4gMSHa9w2RhY+5pnt+xNUGN+ObXteh2G/oe7QTiqK5x3O+2U 3fgFOFR5pJVuY38l31XO9Rnpb5/NMvmE -----END CERTIFICATE-----Generated at Tue Nov 4 02:17:00 2025 by rpki-client