$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft File: nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft (raw, json) Hash identifier: AEBnZQZc09Am5cjcjp/j7I1t5IlfKoXVWAE8gn1CcUk= Subject key identifier: 5B:04:C1:BF:B0:43:91:90:AC:55:02:A9:87:AE:65:5D:B9:99:4B:3E Authority key identifier: 9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A Certificate issuer: /CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Certificate serial: 2A5C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft Manifest number: 2A51 Signing time: Tue 04 Nov 2025 14:23:49 +0000 Manifest this update: Tue 04 Nov 2025 14:23:49 +0000 Manifest next update: Tue 11 Nov 2025 14:23:49 +0000 Files and hashes: 1: nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl (hash: Mntdoj+ry/pyBRbxLqhRDv0y9z8Bqv15Vn2Deoj6CLA=) 2: F9722F8255C411E9A0FEF781C4F9AE02.roa (hash: symelOI4KiPwqS+zxOG2abXkQkOu/9Ecrvxkqaxc9Us=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:23:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10844 (0x2a5c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF19E, serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Validity Not Before: Nov 4 14:23:49 2025 GMT Not After : Nov 11 14:23:49 2025 GMT Subject: CN=690a0c75-201f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:08:6c:07:1b:5a:e2:eb:19:c8:7b:52:b8:f9: d5:51:3b:ee:0d:25:38:d8:0d:2c:62:fa:0a:0b:3d: d9:2f:7a:2b:76:20:a1:20:53:fb:bd:82:03:bc:3a: ed:40:8b:e6:5d:70:2b:b8:a1:05:84:c0:08:7f:ed: 5e:ad:fa:7b:ce:58:38:70:a3:07:f6:c7:51:f4:fd: d5:b3:85:49:0b:44:b5:3a:0e:34:e9:82:67:4c:65: f5:73:ea:5d:c7:d5:36:b5:2b:c8:e5:38:31:f5:4f: 0c:79:8d:d9:90:ce:11:c1:0b:6d:09:11:2e:42:93: c0:0d:4d:6a:75:af:d2:43:8b:02:6d:58:1b:7c:30: 70:71:d9:c9:3b:b4:6b:cc:d3:47:c7:f5:c9:7f:b3: 23:fe:d2:0a:2c:51:5f:0d:73:89:96:b7:a0:26:3e: cd:61:77:c3:d9:0d:66:78:4e:98:9b:0d:bc:8d:1f: c8:3e:dc:4d:28:13:53:c5:64:fd:9b:3f:37:fa:c1: f5:0d:0f:d3:df:53:a4:8b:12:1d:63:5c:89:bf:50: a7:71:19:ed:fe:cf:d9:60:73:4b:62:75:1e:11:03: 8b:75:5c:94:43:b7:60:f5:ea:a9:ef:de:0f:00:3a: ae:6b:a3:40:62:63:25:94:ba:df:04:b5:a2:ad:83: 94:55 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5B:04:C1:BF:B0:43:91:90:AC:55:02:A9:87:AE:65:5D:B9:99:4B:3E X509v3 Authority Key Identifier: keyid:9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:e0:43:e4:6f:eb:02:5b:8f:1d:57:b6:df:64:c2:31:69:51: cd:92:d1:d5:96:72:0b:46:84:a8:94:53:74:48:ed:24:a0:12: dc:c6:0e:36:bb:0e:2a:33:8c:fc:c5:ac:50:2b:ea:e8:b6:57: 25:3a:9c:0d:cf:32:09:c9:30:7a:a4:ab:6c:f1:0f:e5:85:6c: 23:d4:68:55:50:aa:5f:c9:8a:6d:ca:a0:f8:0a:64:09:f7:b4: 09:15:1d:c3:8d:4d:e8:24:3a:38:8e:35:34:b4:32:98:3a:a8: cf:6b:d7:bd:f2:5a:a9:64:f8:5d:64:f9:06:ee:6c:21:e7:e5: cc:21:07:95:31:9b:4c:70:dc:0d:2b:88:98:f3:6f:06:9b:d8: e2:45:6e:8e:2f:81:22:aa:b8:0c:a6:98:ab:5a:cd:22:0a:69: 3b:ff:ca:67:95:39:d2:41:99:7c:79:ca:4a:a8:da:b8:c6:fd: 7b:8d:20:5a:76:ce:2a:a4:61:93:84:6c:36:cd:ef:ae:aa:d8: 47:36:ac:66:5d:09:2b:95:2b:5a:25:6b:ba:b7:53:41:96:93: f5:6b:a7:20:49:29:64:87:13:a0:c3:e8:9d:7d:af:34:3b:bf: 59:c2:c3:0c:87:e9:1a:cd:5e:92:c2:02:b1:56:af:50:d5:99: f9:e6:a6:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICKlwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYxOUUxMTAvBgNVBAUTKDlFMUYxOUE3RTE4RDhCQ0VEMjNFRjJFREFCMTlFODU0 MzhFN0YwOEEwHhcNMjUxMTA0MTQyMzQ5WhcNMjUxMTExMTQyMzQ5WjAYMRYwFAYD VQQDEw02OTBhMGM3NS0yMDFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2QhsBxta4usZyHtSuPnVUTvuDSU42A0sYvoKCz3ZL3ordiChIFP7vYIDvDrt QIvmXXAruKEFhMAIf+1erfp7zlg4cKMH9sdR9P3Vs4VJC0S1Og406YJnTGX1c+pd x9U2tSvI5Tgx9U8MeY3ZkM4RwQttCREuQpPADU1qda/SQ4sCbVgbfDBwcdnJO7Rr zNNHx/XJf7Mj/tIKLFFfDXOJlregJj7NYXfD2Q1meE6Ymw28jR/IPtxNKBNTxWT9 mz83+sH1DQ/T31OkixIdY1yJv1CncRnt/s/ZYHNLYnUeEQOLdVyUQ7dg9eqp794P ADqua6NAYmMllLrfBLWirYOUVQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFsEwb+w Q5GQrFUCqYeuZV25mUs+MB8GA1UdIwQYMBaAFJ4fGafhjYvO0j7y7asZ6FQ45/CK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS9BOTNFOTkzRTM0 MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4N1NQdkx0cXhub1ZEam44 SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25oOFpwLUdOaTg3U1B2THRxeG5vVkRqbjhJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjE5RS9BOTNFOTkzRTM0MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4 N1NQdkx0cXhub1ZEam44SW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBi4EPkb+sCW48dV7bfZMIxaVHNktHVlnILRoSolFN0SO0koBLcxg42 uw4qM4z8xaxQK+rotlclOpwNzzIJyTB6pKts8Q/lhWwj1GhVUKpfyYptyqD4CmQJ 97QJFR3DjU3oJDo4jjU0tDKYOqjPa9e98lqpZPhdZPkG7mwh5+XMIQeVMZtMcNwN K4iY828Gm9jiRW6OL4EiqrgMppirWs0iCmk7/8pnlTnSQZl8ecpKqNq4xv17jSBa ds4qpGGThGw2ze+uqthHNqxmXQkrlStaJWu6t1NBlpP1a6cgSSlkhxOgw+idfa80 O79ZwsMMh+kazV6SwgKxVq9Q1Zn55qb2 -----END CERTIFICATE-----Generated at Wed Nov 5 15:03:07 2025 by rpki-client