$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: YynK8Dj3yK8TyBCRTQ+3lMhRmXI7c8fMWZ3Z7eBx2Mc= Subject key identifier: 01:6E:83:12:9B:6D:5D:D4:EB:B8:DF:DB:91:F3:B8:FB:A6:18:33:10 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E9E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E90 Signing time: Tue 04 Nov 2025 17:47:46 +0000 Manifest this update: Tue 04 Nov 2025 17:47:45 +0000 Manifest next update: Tue 11 Nov 2025 17:47:45 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: 4e0LNY+2T4gHR90bnDHX1difbCfiLpbUuEC65UOyYwA=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: MmZvnPTLEUK2uOO8LldttqheyhLmSNsa1D7UmikJt9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:47:45 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3742 (0xe9e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Nov 4 17:47:45 2025 GMT Not After : Nov 11 17:47:45 2025 GMT Subject: CN=690a3c42-7c97 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:15:6f:b7:21:06:11:29:55:22:27:c9:5b:5f: 6a:7a:e0:ae:3d:64:1a:58:3a:4e:1d:cb:40:7c:92: b4:86:c0:1d:19:9b:77:d5:5f:d3:9d:7c:53:4f:5d: 0f:a9:31:be:04:59:eb:4a:58:30:5a:7d:f8:8c:f8: 78:86:c5:4d:7d:45:26:05:9d:9d:de:37:13:20:c5: d5:de:1a:5c:c7:9e:dc:2c:e6:39:c7:90:cd:56:1d: f5:de:5b:00:86:b4:27:3c:c2:f5:b8:f7:ad:3e:76: 46:34:53:29:16:d3:b7:a6:2a:b9:82:74:80:b5:3c: bf:60:79:15:e8:a4:1e:1c:83:ad:df:6f:b5:c8:a0: d5:b0:b9:3d:3e:46:07:24:1b:ff:ab:ca:58:09:a5: cf:0f:1f:19:03:0c:44:be:94:cb:6f:87:d5:d7:93: cb:c8:dc:5f:a4:06:ec:21:60:30:a7:8c:01:84:46: 3f:9a:52:2f:4a:1a:09:a2:17:eb:b2:1a:9d:80:40: 42:e8:25:ae:d4:e9:c1:eb:40:28:ea:99:1d:07:f6: 1c:47:40:d2:72:11:d6:0e:2f:02:f1:7a:7c:38:08: b9:a2:46:e6:29:d1:b6:85:5d:e9:50:7f:e7:f2:52: 08:cd:3e:81:03:90:87:ab:1c:4c:da:f0:dd:0c:22: 2d:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:6E:83:12:9B:6D:5D:D4:EB:B8:DF:DB:91:F3:B8:FB:A6:18:33:10 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c6:84:95:d2:03:1d:c5:84:72:ec:d4:51:27:d5:58:df:0b:5a: ce:27:ac:09:fc:92:d3:6f:7c:eb:33:60:db:d8:2d:5d:20:24: 9b:12:5a:33:58:0b:79:93:a2:c1:a6:40:49:3b:85:d8:94:dd: 57:2e:e1:13:a8:b9:30:69:d6:2b:4b:fd:1e:3e:ce:84:e5:f0: 42:23:39:7e:4d:e4:3e:21:45:7c:96:bf:6d:bd:04:3e:b8:29: 7b:cf:58:ae:d2:25:fa:68:67:93:ff:ab:bf:13:4e:ea:44:44: 4d:68:17:db:54:a9:72:85:da:b2:05:b8:1a:51:a4:13:d6:12: 81:43:41:1d:e3:49:ef:81:46:22:4d:b2:1e:ad:ed:78:a4:ae: 22:63:e3:70:8d:b8:2c:59:45:f1:9d:30:1d:d6:76:14:43:f5: 1b:fb:53:2c:4a:fa:d5:82:ee:fd:d7:2c:4d:9a:45:be:8c:1b: e3:74:7e:fe:29:53:28:bb:7f:13:ab:b3:6b:8e:f9:55:20:f7: 97:f9:7a:c3:0d:26:10:31:0b:3f:6e:31:9f:34:c1:ed:a3:71: 05:49:f5:b5:45:4e:78:1c:bc:1a:28:1c:a9:9a:6b:54:2f:5e: b1:c9:3b:e8:a4:ee:d0:f0:fa:93:63:42:fe:1c:7c:36:d6:92: bd:b6:c7:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDp4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUxMTA0MTc0NzQ1WhcNMjUxMTExMTc0NzQ1WjAYMRYwFAYD VQQDEw02OTBhM2M0Mi03Yzk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuxVvtyEGESlVIifJW19qeuCuPWQaWDpOHctAfJK0hsAdGZt31V/TnXxTT10P qTG+BFnrSlgwWn34jPh4hsVNfUUmBZ2d3jcTIMXV3hpcx57cLOY5x5DNVh313lsA hrQnPML1uPetPnZGNFMpFtO3piq5gnSAtTy/YHkV6KQeHIOt32+1yKDVsLk9PkYH JBv/q8pYCaXPDx8ZAwxEvpTLb4fV15PLyNxfpAbsIWAwp4wBhEY/mlIvShoJohfr shqdgEBC6CWu1OnB60Ao6pkdB/YcR0DSchHWDi8C8Xp8OAi5okbmKdG2hV3pUH/n 8lIIzT6BA5CHqxxM2vDdDCItSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAFugxKb bV3U67jf25HzuPumGDMQMB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDGhJXSAx3FhHLs1FEn1VjfC1rOJ6wJ/JLTb3zrM2Db2C1dICSbEloz WAt5k6LBpkBJO4XYlN1XLuETqLkwadYrS/0ePs6E5fBCIzl+TeQ+IUV8lr9tvQQ+ uCl7z1iu0iX6aGeT/6u/E07qRERNaBfbVKlyhdqyBbgaUaQT1hKBQ0Ed40nvgUYi TbIere14pK4iY+NwjbgsWUXxnTAd1nYUQ/Ub+1MsSvrVgu791yxNmkW+jBvjdH7+ KVMou38Tq7NrjvlVIPeX+XrDDSYQMQs/bjGfNMHto3EFSfW1RU54HLwaKBypmmtU L16xyTvopO7Q8PqTY0L+HHw21pK9tseK -----END CERTIFICATE-----Generated at Wed Nov 5 13:29:44 2025 by rpki-client