$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft File: 4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json) Hash identifier: 8gE3FERg82C0AAh1c+7o0+FofxbAuIigQ5j+tci/oGA= Subject key identifier: 40:89:84:A7:5F:19:18:D9:B0:AE:0E:D0:C7:62:69:FA:F7:3E:FF:C0 Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 Certificate issuer: /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Certificate serial: 0860 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft Manifest number: 0858 Signing time: Tue 04 Nov 2025 20:45:23 +0000 Manifest this update: Tue 04 Nov 2025 20:45:23 +0000 Manifest next update: Tue 11 Nov 2025 20:45:23 +0000 Files and hashes: 1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: x0W8wHt1GkZRF3Nxovf05OEWsnfjHkPjRiHVsxxtbKM=) 2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:45:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2144 (0x860) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Validity Not Before: Nov 4 20:45:23 2025 GMT Not After : Nov 11 20:45:23 2025 GMT Subject: CN=690a65e3-1f6b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:23:a6:76:72:73:94:47:37:70:01:74:ed:d3: 86:10:f3:15:37:30:15:72:16:e0:dd:4f:af:5e:98: 8b:92:f5:5b:4e:0d:d9:b1:f9:e6:cb:9e:71:80:45: a9:14:5e:4a:9b:ef:ff:37:26:2f:c7:70:2d:83:b2: af:37:2c:94:1f:05:e2:ca:90:3c:1c:a8:16:73:8d: 83:66:4c:2e:15:cf:0a:dd:97:59:a7:3d:25:ae:89: 74:77:17:78:94:8d:46:61:ff:f0:db:ef:c2:04:60: 07:85:03:c2:99:44:63:64:27:cb:c8:4c:0e:fb:07: f1:57:7e:da:a8:d9:81:55:12:c9:7d:7b:90:5c:0a: a7:a9:e2:aa:d5:f9:31:f9:1f:bf:18:24:1c:a1:fb: 7a:97:d3:7b:9d:6a:07:24:05:02:9e:77:1d:fb:80: ed:72:a7:a2:23:0c:0a:16:8f:59:df:86:ce:77:ec: e0:43:91:ee:28:27:ff:0e:4d:e2:74:14:d7:89:89: c7:60:63:18:3a:b5:4e:c6:81:3b:9e:71:84:b5:aa: 83:9c:97:c8:bd:e5:4c:19:00:0e:52:fb:af:f8:24: fd:b8:7a:dc:b5:05:03:f3:fb:3d:f8:b4:7c:e0:a4: 9d:63:93:f3:58:46:fc:7d:b1:17:75:7a:85:ee:41: 5f:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 40:89:84:A7:5F:19:18:D9:B0:AE:0E:D0:C7:62:69:FA:F7:3E:FF:C0 X509v3 Authority Key Identifier: keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:6f:27:78:0d:fc:c1:38:ec:a4:32:a2:e6:f5:91:6b:3c:c5: 4f:59:96:7f:2b:b8:cd:cb:a8:f8:24:87:c9:cc:3c:6f:e3:b1: 2a:db:e0:18:b3:ec:b9:49:5d:c1:5c:65:7d:cf:3d:5e:a0:40: 1b:5d:c4:47:b3:c8:50:5c:cc:e2:98:50:0d:ea:4a:69:d1:87: 15:c4:f6:8c:2f:81:93:4c:07:99:90:45:45:4a:73:98:19:95: 0c:c1:bd:c4:14:6f:c8:c0:1b:82:50:cd:66:e5:fe:cc:bd:25: d7:a3:9c:9f:88:a0:d6:10:50:20:f5:6e:23:21:a2:22:02:6c: aa:1c:eb:a4:17:73:73:ad:82:48:3e:71:f5:b8:a4:57:55:1d: 27:42:c9:fa:c2:42:46:21:22:51:e4:6e:80:1f:0a:b1:6e:70: 0d:9e:20:d2:41:03:2c:d3:1d:ff:7b:67:b4:d7:b4:e5:3b:f8: e7:52:f9:3d:fd:22:35:0d:bf:1c:7f:99:57:fb:c6:45:57:ad: fe:b5:c0:7a:b2:b6:a5:98:ec:b6:23:75:f5:d5:f5:4b:c7:f7: 0c:a5:2b:e5:42:75:8e:1a:a8:1d:35:d2:a1:42:10:b1:f4:3b: 3c:59:7b:5d:17:a2:bb:08:e8:99:6e:51:7d:dd:b3:81:f8:3a: 4b:35:f4:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG QUQxRDM1MzIwHhcNMjUxMTA0MjA0NTIzWhcNMjUxMTExMjA0NTIzWjAYMRYwFAYD VQQDEw02OTBhNjVlMy0xZjZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsCOmdnJzlEc3cAF07dOGEPMVNzAVchbg3U+vXpiLkvVbTg3Zsfnmy55xgEWp FF5Km+//NyYvx3Atg7KvNyyUHwXiypA8HKgWc42DZkwuFc8K3ZdZpz0lrol0dxd4 lI1GYf/w2+/CBGAHhQPCmURjZCfLyEwO+wfxV37aqNmBVRLJfXuQXAqnqeKq1fkx +R+/GCQcoft6l9N7nWoHJAUCnncd+4DtcqeiIwwKFo9Z34bOd+zgQ5HuKCf/Dk3i dBTXiYnHYGMYOrVOxoE7nnGEtaqDnJfIveVMGQAOUvuv+CT9uHrctQUD8/s9+LR8 4KSdY5PzWEb8fbEXdXqF7kFfOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFECJhKdf GRjZsK4O0Mdiafr3Pv/AMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCabyd4DfzBOOykMqLm9ZFrPMVPWZZ/K7jNy6j4JIfJzDxv47Eq2+AY s+y5SV3BXGV9zz1eoEAbXcRHs8hQXMzimFAN6kpp0YcVxPaML4GTTAeZkEVFSnOY GZUMwb3EFG/IwBuCUM1m5f7MvSXXo5yfiKDWEFAg9W4jIaIiAmyqHOukF3NzrYJI PnH1uKRXVR0nQsn6wkJGISJR5G6AHwqxbnANniDSQQMs0x3/e2e017TlO/jnUvk9 /SI1Db8cf5lX+8ZFV63+tcB6sralmOy2I3X11fVLx/cMpSvlQnWOGqgdNdKhQhCx 9Ds8WXtdF6K7COiZblF93bOB+DpLNfTl -----END CERTIFICATE-----Generated at Wed Nov 5 13:27:08 2025 by rpki-client