$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: mOp0X1W4gsHxfNvQef/nnI47U+pL7JLf0xFjkO0TCKQ= Subject key identifier: C8:42:2E:69:8D:59:F2:29:F3:F4:FE:5B:3D:02:C8:81:19:EA:58:0A Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 01CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 01C9 Signing time: Mon 03 Nov 2025 02:53:15 +0000 Manifest this update: Mon 03 Nov 2025 02:53:15 +0000 Manifest next update: Mon 10 Nov 2025 02:53:15 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: ZPPcM3x/Jb3zrYtfMf+cfR3Ls7f/kLrRI/1Ki3sLGak=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 02:53:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 462 (0x1ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Nov 3 02:53:15 2025 GMT Not After : Nov 10 02:53:15 2025 GMT Subject: CN=6908191b-93da Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:f6:77:3d:62:3e:ce:72:5a:3b:55:da:79:98: a9:70:16:c9:cf:bd:31:67:81:a1:63:2b:c9:3c:ec: 21:25:93:e3:de:08:62:77:5d:5b:18:63:17:ca:88: be:aa:7e:68:03:45:cc:28:67:a2:c1:4a:c4:67:8f: e5:b9:2b:9b:20:09:3f:94:b6:12:b3:1d:5a:ac:df: 16:33:9d:db:75:f3:e5:75:ee:05:32:ce:00:b0:8e: f4:0d:92:f9:2a:f3:10:69:bd:60:d5:95:e3:0e:19: 9a:ba:f2:9b:0e:d8:ff:1b:be:62:99:a3:25:09:64: a9:bd:c4:be:6c:a3:f5:28:8a:2e:b2:6e:8c:9e:60: 2e:9e:bb:13:33:5b:28:32:27:ca:1e:61:b1:01:06: 09:eb:bc:e0:a6:62:58:20:0e:2d:4e:40:53:40:b4: 31:1b:28:83:32:81:cb:63:57:dd:76:f2:57:ed:1b: 8a:25:c3:6f:03:94:4c:91:99:ae:91:4e:b2:1e:7e: 44:08:79:fe:9f:33:98:9b:35:71:99:e2:c5:9c:cb: ca:99:c9:e5:c3:32:6e:05:9d:d6:2f:34:c5:14:88: 78:6a:04:b4:6b:89:0e:e1:ab:2a:dc:93:df:5f:36: 5f:f3:45:9c:13:42:bc:47:55:92:c1:0a:e7:e5:e7: d0:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C8:42:2E:69:8D:59:F2:29:F3:F4:FE:5B:3D:02:C8:81:19:EA:58:0A X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:ab:f7:2f:54:38:d5:4d:24:ce:a1:ac:94:35:4d:ad:32:3e: cd:44:57:66:94:80:2a:33:87:f5:39:f8:2b:89:d3:e8:5f:fd: 2f:20:7f:d2:5d:34:ad:ed:ef:9e:a3:e1:86:c7:a2:e0:88:1a: 2f:55:d1:ac:b4:84:8c:64:d2:bf:80:1c:7e:ca:a4:e4:7b:48: 47:6c:c1:f2:d7:57:57:95:e5:73:1f:a6:b8:51:9e:1f:44:ed: 2c:76:f7:b0:a6:0c:93:28:8c:37:05:47:e0:38:3d:ec:27:2b: 78:d2:20:66:61:38:64:6a:9d:3d:82:02:7e:7b:5b:28:30:0e: b7:4b:73:77:ab:ad:d1:35:67:0b:68:0b:e1:4d:09:86:b5:b6: 9a:0f:6f:af:68:f6:16:80:b5:a8:63:19:b1:9b:ab:70:15:8b: 60:0b:2e:74:3c:87:70:59:43:46:ba:72:4d:5f:7d:b4:57:d4: e3:ba:54:55:51:6c:bc:45:42:85:c1:2a:ed:1c:5a:8a:32:bd: 90:2c:48:aa:34:c1:da:0b:1b:ba:8d:82:aa:f1:cf:c4:e0:94: fd:b4:88:86:eb:89:c8:2f:50:7f:05:dd:ba:72:a7:e0:08:79: 6e:9a:0c:85:34:56:ce:1c:40:98:7f:3e:92:07:b1:85:33:ed: 79:65:8d:68 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUxMTAzMDI1MzE1WhcNMjUxMTEwMDI1MzE1WjAYMRYwFAYD VQQDEw02OTA4MTkxYi05M2RhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2/Z3PWI+znJaO1XaeZipcBbJz70xZ4GhYyvJPOwhJZPj3ghid11bGGMXyoi+ qn5oA0XMKGeiwUrEZ4/luSubIAk/lLYSsx1arN8WM53bdfPlde4FMs4AsI70DZL5 KvMQab1g1ZXjDhmauvKbDtj/G75imaMlCWSpvcS+bKP1KIousm6MnmAunrsTM1so MifKHmGxAQYJ67zgpmJYIA4tTkBTQLQxGyiDMoHLY1fddvJX7RuKJcNvA5RMkZmu kU6yHn5ECHn+nzOYmzVxmeLFnMvKmcnlwzJuBZ3WLzTFFIh4agS0a4kO4asq3JPf XzZf80WcE0K8R1WSwQrn5efQxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMhCLmmN WfIp8/T+Wz0CyIEZ6lgKMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCwq/cvVDjVTSTOoayUNU2tMj7NRFdmlIAqM4f1OfgridPoX/0vIH/S XTSt7e+eo+GGx6LgiBovVdGstISMZNK/gBx+yqTke0hHbMHy11dXleVzH6a4UZ4f RO0sdvewpgyTKIw3BUfgOD3sJyt40iBmYThkap09ggJ+e1soMA63S3N3q63RNWcL aAvhTQmGtbaaD2+vaPYWgLWoYxmxm6twFYtgCy50PIdwWUNGunJNX320V9TjulRV UWy8RUKFwSrtHFqKMr2QLEiqNMHaCxu6jYKq8c/E4JT9tIiG64nIL1B/Bd26cqfg CHlumgyFNFbOHECYfz6SB7GFM+15ZY1o -----END CERTIFICATE-----Generated at Tue Nov 4 08:18:24 2025 by rpki-client