$ rpki-client -vvf rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft File: hIP9VFfRHgUTVSER9bovNxLphfc.mft (raw, json) Hash identifier: CJ5uCSfnNR7iQB/RWrdVkWYK45venPvRYekyqhF7GJk= Subject key identifier: D0:04:8A:93:BC:B0:9E:D6:48:81:E3:12:F0:A6:00:34:FB:F5:A1:99 Authority key identifier: 84:83:FD:54:57:D1:1E:05:13:55:21:11:F5:BA:2F:37:12:E9:85:F7 Certificate issuer: /CN=A91DC9C4/serialNumber=8483FD5457D11E0513552111F5BA2F3712E985F7 Certificate serial: 0248 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft Manifest number: 023F Signing time: Mon 03 Nov 2025 01:47:25 +0000 Manifest this update: Mon 03 Nov 2025 01:47:24 +0000 Manifest next update: Mon 10 Nov 2025 01:47:24 +0000 Files and hashes: 1: hIP9VFfRHgUTVSER9bovNxLphfc.crl (hash: wE3+PlojBkbewGZ0yiHACPi0Q7VRQne68f9/18vzw0E=) 2: 153EBE3ADEF711EF84C57421C4F9AE02.roa (hash: d2fZwjk/kReWJf7o+GQOO5RAjKTwIQ1B0ld4lPrAcBY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.crl rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:47:24 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 584 (0x248) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91DC9C4, serialNumber=8483FD5457D11E0513552111F5BA2F3712E985F7 Validity Not Before: Nov 3 01:47:24 2025 GMT Not After : Nov 10 01:47:24 2025 GMT Subject: CN=690809ac-c6e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:5e:10:70:04:8f:64:85:99:de:da:4d:96:45: 0a:3c:1f:c4:d1:14:30:05:d5:a5:85:33:c6:f3:e3: 2a:4b:c9:78:86:f1:67:92:37:3e:7f:bd:38:81:47: 73:e5:fc:85:33:7d:67:c7:be:b3:c2:d0:40:8d:ee: f6:45:5c:5d:fc:d0:42:51:70:4d:2f:29:5a:5e:fb: 52:e7:ea:da:1a:e5:58:0c:a7:69:0a:8d:a9:c2:b5: 21:ad:69:0d:f0:01:45:f1:7c:06:2d:d8:3f:39:5b: bb:5c:74:5b:1b:02:08:1a:cf:ec:2b:34:b9:92:cd: a0:bb:14:0c:46:11:26:6c:6b:68:a3:ca:b7:eb:d0: 92:e8:36:5e:51:2e:6d:40:49:5f:42:8a:e9:24:8a: 9d:65:91:ff:3b:ed:d9:46:45:a2:b7:d6:52:c3:c7: 75:8a:7d:4f:be:f4:13:52:05:56:2f:22:64:27:3e: 39:a3:77:a8:9a:27:7d:a3:c7:46:80:cf:86:eb:15: 39:26:2e:34:b8:a3:1a:78:6e:9d:03:2e:2c:7a:ab: cb:20:27:47:fb:65:78:81:c0:b2:09:c9:c4:f5:d7: 9e:f8:18:ce:5a:15:f4:f6:4a:06:5b:5d:79:bb:ef: e1:60:ab:92:f3:1f:04:d9:11:01:c2:54:c0:8f:52: 4a:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D0:04:8A:93:BC:B0:9E:D6:48:81:E3:12:F0:A6:00:34:FB:F5:A1:99 X509v3 Authority Key Identifier: keyid:84:83:FD:54:57:D1:1E:05:13:55:21:11:F5:BA:2F:37:12:E9:85:F7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hIP9VFfRHgUTVSER9bovNxLphfc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91DC9C4/1A70DC864E9311EDA730ED32C4F9AE02/hIP9VFfRHgUTVSER9bovNxLphfc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:d6:43:d4:2c:d8:af:cf:97:1b:f7:8c:ba:b3:59:09:0b:34: c0:01:3a:b0:72:6c:d2:64:6c:d5:e0:8c:07:c9:ba:37:99:64: 8f:2e:4c:c1:3a:86:eb:0b:e0:8c:62:45:93:79:86:39:d8:fb: a2:f7:02:70:b9:f4:ca:7d:a8:95:9b:08:68:cf:0b:87:d3:97: 33:c7:26:d2:80:df:42:d0:e4:2b:af:b9:40:a9:eb:dc:b9:87: be:16:12:da:dd:1e:62:15:b5:17:86:bb:96:f0:37:c1:e2:81: a2:07:6f:73:39:cb:e0:b3:9e:f3:08:14:a3:26:65:ef:c1:db: 88:8a:8a:41:82:bb:15:bf:8f:81:04:d4:68:48:72:e3:c4:d5: 0b:7b:e4:f8:34:7c:51:e2:ae:c7:e3:e3:c6:d7:cb:a4:a4:53: d5:e3:96:ef:0d:91:d2:79:4c:ae:c5:dd:3e:ed:19:2c:be:85: 90:61:d0:68:ef:87:b6:b8:a0:93:28:bb:37:41:a5:a3:af:ee: 5d:6a:64:79:db:4f:81:32:70:67:aa:4c:07:5a:ea:39:29:56: 0e:c7:f7:54:59:17:aa:ba:b6:fe:78:b2:33:15:30:0e:6c:de: 2a:e6:73:13:fb:cd:53:4d:bf:4e:ab:7d:2b:6a:7d:83:65:7f: c3:59:78:93 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAkgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx REM5QzQxMTAvBgNVBAUTKDg0ODNGRDU0NTdEMTFFMDUxMzU1MjExMUY1QkEyRjM3 MTJFOTg1RjcwHhcNMjUxMTAzMDE0NzI0WhcNMjUxMTEwMDE0NzI0WjAYMRYwFAYD VQQDEw02OTA4MDlhYy1jNmUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsl4QcASPZIWZ3tpNlkUKPB/E0RQwBdWlhTPG8+MqS8l4hvFnkjc+f704gUdz 5fyFM31nx76zwtBAje72RVxd/NBCUXBNLylaXvtS5+raGuVYDKdpCo2pwrUhrWkN 8AFF8XwGLdg/OVu7XHRbGwIIGs/sKzS5ks2guxQMRhEmbGtoo8q369CS6DZeUS5t QElfQorpJIqdZZH/O+3ZRkWit9ZSw8d1in1PvvQTUgVWLyJkJz45o3eomid9o8dG gM+G6xU5Ji40uKMaeG6dAy4seqvLICdH+2V4gcCyCcnE9dee+BjOWhX09koGW115 u+/hYKuS8x8E2REBwlTAj1JKMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNAEipO8 sJ7WSIHjEvCmADT79aGZMB8GA1UdIwQYMBaAFISD/VRX0R4FE1UhEfW6LzcS6YX3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEQzlDNC8xQTcwREM4NjRF OTMxMUVEQTczMEVEMzJDNEY5QUUwMi9oSVA5VkZmUkhnVVRWU0VSOWJvdk54THBo ZmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hJUDlWRmZSSGdVVFZTRVI5Ym92TnhMcGhmYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE QzlDNC8xQTcwREM4NjRFOTMxMUVEQTczMEVEMzJDNEY5QUUwMi9oSVA5VkZmUkhn VVRWU0VSOWJvdk54THBoZmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAR1kPULNivz5cb94y6s1kJCzTAATqwcmzSZGzV4IwHybo3mWSPLkzB OobrC+CMYkWTeYY52Pui9wJwufTKfaiVmwhozwuH05czxybSgN9C0OQrr7lAqevc uYe+FhLa3R5iFbUXhruW8DfB4oGiB29zOcvgs57zCBSjJmXvwduIiopBgrsVv4+B BNRoSHLjxNULe+T4NHxR4q7H4+PG18ukpFPV45bvDZHSeUyuxd0+7RksvoWQYdBo 74e2uKCTKLs3QaWjr+5damR520+BMnBnqkwHWuo5KVYOx/dUWRequrb+eLIzFTAO bN4q5nMT+81TTb9Oq30ran2DZX/DWXiT -----END CERTIFICATE-----Generated at Tue Nov 4 16:02:18 2025 by rpki-client