$ rpki-client -vvf rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft File: lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft (raw, json) Hash identifier: yapQoBuP+dqqCLbCugRwHSYnUQ2K3Z3sz7G7SWQVDGY= Subject key identifier: E4:C0:F5:4A:99:68:84:B8:47:54:26:88:D9:42:9A:EE:1B:F4:37:48 Authority key identifier: 94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D Certificate issuer: /CN=A91E41C9/serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Certificate serial: 08DD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft Manifest number: 08DF Signing time: Tue 04 Nov 2025 20:31:13 +0000 Manifest this update: Tue 04 Nov 2025 20:31:12 +0000 Manifest next update: Tue 11 Nov 2025 20:31:12 +0000 Files and hashes: 1: lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl (hash: Dio3Mdzt6pu2kCvu6RxlsyxOxPOifrz9usROBiQQCHM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:31:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2269 (0x8dd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E41C9, serialNumber=9470E76108063E4F7C64AD43D076BC11AE1FDB5D Validity Not Before: Nov 4 20:31:12 2025 GMT Not After : Nov 11 20:31:12 2025 GMT Subject: CN=690a6290-1ef3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:ef:07:22:51:6e:d2:39:60:23:3e:99:ea:a8: d6:cb:1b:0e:b8:3d:38:49:1d:ec:40:a4:fd:0d:d6: db:88:d3:49:df:34:02:65:d3:36:f9:3f:cd:53:f1: 1a:95:e1:15:6e:8b:11:16:b4:a5:6d:0c:b5:11:b2: 8b:ca:a5:d0:c4:b0:7b:ba:c4:ca:b8:85:45:65:79: 88:82:d2:c1:e1:ef:74:c7:72:bb:fa:ba:4b:1f:4c: 99:58:d6:26:49:5b:58:34:76:4c:b5:45:92:81:d6: 8c:d8:0d:c4:3a:59:df:56:50:8b:ca:db:a9:b9:48: 79:1e:ba:fd:4d:c5:e0:03:46:48:e5:fd:cd:01:0d: ba:e1:3a:10:05:a1:3f:8e:a2:59:f3:27:39:92:23: 43:ef:e4:25:98:17:12:ba:3b:bd:26:dd:9d:f6:c8: f2:ba:8c:2e:7e:97:48:43:2f:bb:86:6e:8e:b2:29: 66:0f:fb:de:a8:e5:3d:0f:78:44:38:d9:e4:12:2e: 91:fc:44:e4:a4:29:20:9f:52:cb:c1:6e:53:37:c5: c4:36:35:94:f9:35:ee:40:3a:94:bf:22:34:e7:93: ac:06:99:b5:5b:01:e7:c6:44:83:c9:79:06:ab:cf: 0d:9c:05:a5:bb:9f:f0:d2:e4:50:1d:6e:0d:45:c6: 53:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E4:C0:F5:4A:99:68:84:B8:47:54:26:88:D9:42:9A:EE:1B:F4:37:48 X509v3 Authority Key Identifier: keyid:94:70:E7:61:08:06:3E:4F:7C:64:AD:43:D0:76:BC:11:AE:1F:DB:5D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lHDnYQgGPk98ZK1D0Ha8Ea4f210.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E41C9/49BD9DA6C0F811EA8AC6C46CC4F9AE02/lHDnYQgGPk98ZK1D0Ha8Ea4f210.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:50:b6:a7:dd:93:c3:1d:8f:dd:ff:c8:2c:4e:95:38:6f:a8: 09:a0:bf:c3:a3:00:a3:f2:7d:51:75:6f:1c:e2:cf:ae:20:e5: 14:a8:cf:88:07:1e:dc:98:c5:d6:fc:59:7d:2c:87:1f:bc:6e: ac:2d:8b:03:ce:34:f2:b3:89:a9:c8:2c:47:da:94:a7:1c:ef: 8d:7e:65:82:cf:93:40:26:fb:af:40:4e:c9:c6:92:95:17:7b: e2:7e:a3:b1:e2:f9:ce:e3:44:f1:95:ea:37:6b:7a:6b:1d:30: 37:50:66:34:67:24:da:5b:60:a6:e9:45:0e:bd:93:ec:55:1c: 10:77:70:b3:3f:11:af:f9:a2:1c:02:d8:d0:73:e7:4e:de:cf: 72:b6:df:ef:fd:47:f9:91:78:05:e7:8b:fd:01:85:d2:7e:24: 77:84:4f:1b:36:7c:4e:62:67:da:50:22:0c:b0:2f:71:20:b7: 02:e5:c9:9c:6d:88:dd:be:2b:19:24:e7:d1:49:60:86:1a:41: fb:ca:29:11:d0:10:dc:e1:41:b2:54:91:e9:44:0e:c9:9e:fd: 62:b6:4f:b6:54:78:37:a0:dc:51:4f:8d:cb:05:69:49:fd:44: c0:32:aa:87:3e:37:fd:07:8b:14:7d:b7:3e:f4:25:2b:9d:f9: b4:46:86:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTQxQzkxMTAvBgNVBAUTKDk0NzBFNzYxMDgwNjNFNEY3QzY0QUQ0M0QwNzZCQzEx QUUxRkRCNUQwHhcNMjUxMTA0MjAzMTEyWhcNMjUxMTExMjAzMTEyWjAYMRYwFAYD VQQDEw02OTBhNjI5MC0xZWYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAze8HIlFu0jlgIz6Z6qjWyxsOuD04SR3sQKT9DdbbiNNJ3zQCZdM2+T/NU/Ea leEVbosRFrSlbQy1EbKLyqXQxLB7usTKuIVFZXmIgtLB4e90x3K7+rpLH0yZWNYm SVtYNHZMtUWSgdaM2A3EOlnfVlCLytupuUh5Hrr9TcXgA0ZI5f3NAQ264ToQBaE/ jqJZ8yc5kiND7+QlmBcSuju9Jt2d9sjyuowufpdIQy+7hm6OsilmD/veqOU9D3hE ONnkEi6R/ETkpCkgn1LLwW5TN8XENjWU+TXuQDqUvyI055OsBpm1WwHnxkSDyXkG q88NnAWlu5/w0uRQHW4NRcZTRQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOTA9UqZ aIS4R1QmiNlCmu4b9DdIMB8GA1UdIwQYMBaAFJRw52EIBj5PfGStQ9B2vBGuH9td MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNDFDOS80OUJEOURBNkMw RjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1BrOThaSzFEMEhhOEVhNGYy MTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xIRG5ZUWdHUGs5OFpLMUQwSGE4RWE0ZjIxMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NDFDOS80OUJEOURBNkMwRjgxMUVBOEFDNkM0NkNDNEY5QUUwMi9sSERuWVFnR1Br OThaSzFEMEhhOEVhNGYyMTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdULan3ZPDHY/d/8gsTpU4b6gJoL/DowCj8n1RdW8c4s+uIOUUqM+I Bx7cmMXW/Fl9LIcfvG6sLYsDzjTys4mpyCxH2pSnHO+NfmWCz5NAJvuvQE7JxpKV F3vifqOx4vnO40Txleo3a3prHTA3UGY0ZyTaW2Cm6UUOvZPsVRwQd3CzPxGv+aIc AtjQc+dO3s9ytt/v/Uf5kXgF54v9AYXSfiR3hE8bNnxOYmfaUCIMsC9xILcC5cmc bYjdvisZJOfRSWCGGkH7yikR0BDc4UGyVJHpRA7Jnv1itk+2VHg3oNxRT43LBWlJ /UTAMqqHPjf9B4sUfbc+9CUrnfm0RoZO -----END CERTIFICATE-----Generated at Wed Nov 5 04:48:14 2025 by rpki-client