$ rpki-client -vvf rpki.apnic.net/member_repository/A91FE637/9BAEA13A974311E9BFD8E519C4F9AE02/EJhSul3Eo2jPdhIFFeysYu_aPkA.mft File: EJhSul3Eo2jPdhIFFeysYu_aPkA.mft (raw, json) Hash identifier: 8HogwfGI6KztFK5e/7zzkujmA1GnnqTTpDUQVr43oJ4= Subject key identifier: 61:3A:82:62:4D:89:53:0B:FA:90:BF:FE:56:41:61:AD:E3:72:20:AC Authority key identifier: 10:98:52:BA:5D:C4:A3:68:CF:76:12:05:15:EC:AC:62:EF:DA:3E:40 Certificate issuer: /CN=A91FE637/serialNumber=109852BA5DC4A368CF76120515ECAC62EFDA3E40 Certificate serial: 0EC2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EJhSul3Eo2jPdhIFFeysYu_aPkA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FE637/9BAEA13A974311E9BFD8E519C4F9AE02/EJhSul3Eo2jPdhIFFeysYu_aPkA.mft Manifest number: 0EBC Signing time: Tue 04 Nov 2025 17:44:17 +0000 Manifest this update: Tue 04 Nov 2025 17:44:16 +0000 Manifest next update: Tue 11 Nov 2025 17:44:16 +0000 Files and hashes: 1: EJhSul3Eo2jPdhIFFeysYu_aPkA.crl (hash: we4mKViEYlysO1ECl1UjlmE+m5eZoQDd8FK2rORaO3Y=) 2: 3D88426C974511E982D6FD1BC4F9AE02.roa (hash: U9KBsxBRcXn+lvll9K6vuuTm2toDlFCHVWsbee/fhwU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FE637/9BAEA13A974311E9BFD8E519C4F9AE02/EJhSul3Eo2jPdhIFFeysYu_aPkA.crl rsync://rpki.apnic.net/member_repository/A91FE637/9BAEA13A974311E9BFD8E519C4F9AE02/EJhSul3Eo2jPdhIFFeysYu_aPkA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EJhSul3Eo2jPdhIFFeysYu_aPkA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:44:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3778 (0xec2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FE637, serialNumber=109852BA5DC4A368CF76120515ECAC62EFDA3E40 Validity Not Before: Nov 4 17:44:16 2025 GMT Not After : Nov 11 17:44:16 2025 GMT Subject: CN=690a3b70-8149 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:3a:6d:31:31:c8:53:9f:60:9b:54:56:e0:d7: 6a:12:5f:85:d9:50:49:ba:f1:5f:9b:98:5f:f5:a4: e8:aa:0c:71:75:8f:ec:0c:ff:28:4d:61:4e:39:71: 5b:12:4a:94:65:4a:33:1e:8c:05:b6:4b:eb:e2:5c: bb:07:4b:f8:57:f9:63:d4:11:84:b0:38:d6:d1:81: 6f:9e:a7:b3:67:70:5c:e7:ca:cf:78:8a:fa:86:11: 12:c4:d6:02:16:f0:59:53:87:50:67:92:43:78:fc: e4:c7:9d:af:ea:1a:98:ec:9f:58:5c:ed:37:c0:20: 09:77:fc:d1:8f:bd:a4:d1:36:f4:0b:de:8c:59:99: 37:ab:4f:d7:08:d3:8d:6a:d8:56:93:f9:f8:6c:6f: de:29:57:f2:6d:1d:79:86:e5:a6:38:a5:3c:75:b2: 63:79:ff:da:c5:1c:39:58:80:c9:0f:3d:b1:71:66: fa:ca:28:d3:3e:b6:91:b0:6b:3d:92:04:00:10:9e: 73:66:9e:14:9f:7b:52:bf:be:4c:6d:6d:c8:97:42: e8:6c:ba:45:5a:ad:1c:54:e1:e8:6a:44:a1:49:f4: 40:96:14:0c:35:b7:01:c9:0f:7c:11:0a:37:29:4d: 7a:77:84:39:26:38:fc:3d:89:6e:49:f8:6c:6c:9a: 22:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:3A:82:62:4D:89:53:0B:FA:90:BF:FE:56:41:61:AD:E3:72:20:AC X509v3 Authority Key Identifier: keyid:10:98:52:BA:5D:C4:A3:68:CF:76:12:05:15:EC:AC:62:EF:DA:3E:40 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FE637/9BAEA13A974311E9BFD8E519C4F9AE02/EJhSul3Eo2jPdhIFFeysYu_aPkA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/EJhSul3Eo2jPdhIFFeysYu_aPkA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FE637/9BAEA13A974311E9BFD8E519C4F9AE02/EJhSul3Eo2jPdhIFFeysYu_aPkA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:cd:d7:e0:38:d0:0d:1d:00:06:7b:5b:b7:63:39:10:46:2b: 85:22:d8:86:4a:80:0f:5d:6c:43:d4:bf:d4:f0:da:1d:da:85: 38:a7:d1:7b:d4:71:f2:e6:47:12:45:fa:05:2a:4e:5e:38:fa: 52:5c:97:18:bb:8e:7d:50:13:6e:fc:37:f4:9d:ff:f5:12:59: 2f:3e:f3:0f:2e:0b:02:8e:22:7a:3e:8e:cf:eb:4d:60:79:1c: ae:2a:7e:b0:19:d6:b8:ce:50:12:e1:65:c4:4b:85:a9:6f:6d: 32:ba:37:9b:8f:ba:a8:1e:bd:15:8b:67:38:e2:66:a9:14:19: a5:6e:51:df:d6:3e:bc:e5:e7:d2:7c:c6:64:fd:b6:73:ae:d0: b5:d9:d6:2a:aa:b7:f5:67:4e:5a:d0:96:9e:b8:8d:7e:e3:a9: ea:35:47:90:58:8c:97:a0:42:d8:41:01:eb:cb:34:16:c0:e2: f3:9b:31:8f:8f:e1:c5:12:63:c4:ab:7a:9f:48:3d:e8:b5:92: f1:41:40:35:a8:cb:2d:18:1e:aa:47:b1:d5:6c:2a:78:22:ea: b0:1e:00:82:10:d4:88:6c:0e:bf:1a:6b:97:f3:e2:76:87:ee: 0d:f3:a2:aa:c7:dd:8b:6b:88:3a:80:4c:5f:30:7d:4f:cc:43: 14:ea:33:ad -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDsIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkU2MzcxMTAvBgNVBAUTKDEwOTg1MkJBNURDNEEzNjhDRjc2MTIwNTE1RUNBQzYy RUZEQTNFNDAwHhcNMjUxMTA0MTc0NDE2WhcNMjUxMTExMTc0NDE2WjAYMRYwFAYD VQQDEw02OTBhM2I3MC04MTQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0jptMTHIU59gm1RW4NdqEl+F2VBJuvFfm5hf9aToqgxxdY/sDP8oTWFOOXFb EkqUZUozHowFtkvr4ly7B0v4V/lj1BGEsDjW0YFvnqezZ3Bc58rPeIr6hhESxNYC FvBZU4dQZ5JDePzkx52v6hqY7J9YXO03wCAJd/zRj72k0Tb0C96MWZk3q0/XCNON athWk/n4bG/eKVfybR15huWmOKU8dbJjef/axRw5WIDJDz2xcWb6yijTPraRsGs9 kgQAEJ5zZp4Un3tSv75MbW3Il0LobLpFWq0cVOHoakShSfRAlhQMNbcByQ98EQo3 KU16d4Q5Jjj8PYluSfhsbJoi2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGE6gmJN iVML+pC//lZBYa3jciCsMB8GA1UdIwQYMBaAFBCYUrpdxKNoz3YSBRXsrGLv2j5A MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGRTYzNy85QkFFQTEzQTk3 NDMxMUU5QkZEOEU1MTlDNEY5QUUwMi9FSmhTdWwzRW8yalBkaElGRmV5c1l1X2FQ a0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0VKaFN1bDNFbzJqUGRoSUZGZXlzWXVfYVBrQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG RTYzNy85QkFFQTEzQTk3NDMxMUU5QkZEOEU1MTlDNEY5QUUwMi9FSmhTdWwzRW8y alBkaElGRmV5c1l1X2FQa0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWzdfgONANHQAGe1u3YzkQRiuFItiGSoAPXWxD1L/U8Nod2oU4p9F7 1HHy5kcSRfoFKk5eOPpSXJcYu459UBNu/Df0nf/1ElkvPvMPLgsCjiJ6Po7P601g eRyuKn6wGda4zlAS4WXES4Wpb20yujebj7qoHr0Vi2c44mapFBmlblHf1j685efS fMZk/bZzrtC12dYqqrf1Z05a0JaeuI1+46nqNUeQWIyXoELYQQHryzQWwOLzmzGP j+HFEmPEq3qfSD3otZLxQUA1qMstGB6qR7HVbCp4IuqwHgCCENSIbA6/GmuX8+J2 h+4N86Kqx92La4g6gExfMH1PzEMU6jOt -----END CERTIFICATE-----Generated at Wed Nov 5 05:47:06 2025 by rpki-client