$ rpki-client -vvf rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft File: hn09aLZZeAOvVkZcDptTq2Z7cqg.mft (raw, json) Hash identifier: rAQigdEBFNB4LRpJD+INLV/cw3l46G3qad52VJ409TA= Subject key identifier: 41:FE:9A:C9:2E:90:D0:95:F3:6F:76:3D:3E:4D:DF:C5:0E:67:DE:D5 Authority key identifier: 86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 Certificate issuer: /CN=A912CDC5/serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Certificate serial: 06C0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft Manifest number: 06BA Signing time: Sun 02 Nov 2025 22:10:48 +0000 Manifest this update: Sun 02 Nov 2025 22:10:47 +0000 Manifest next update: Sun 09 Nov 2025 22:10:47 +0000 Files and hashes: 1: hn09aLZZeAOvVkZcDptTq2Z7cqg.crl (hash: OqCm/ko3i8gIaDNVW32l2lbDpiVv7uYqDwhZuD4WXxs=) 2: 4EC5B52480B811EBBEE2CA7FC4F9AE02.roa (hash: nQ2JLGKaP47ih5m9qTo7j8aG05in8F4XWfknPmuOpgA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 22:10:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1728 (0x6c0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912CDC5, serialNumber=867D3D68B6597803AF56465C0E9B53AB667B72A8 Validity Not Before: Nov 2 22:10:47 2025 GMT Not After : Nov 9 22:10:47 2025 GMT Subject: CN=6907d6e8-2e7c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:ab:63:fc:81:96:0f:66:08:53:71:e6:21:37: 21:6b:11:29:11:79:ce:32:e1:5a:78:39:bf:d5:65: 50:3d:c0:08:30:05:d1:dd:f9:14:76:b5:36:76:74: 9f:57:d0:da:80:c0:26:20:77:1c:26:6b:ff:24:b3: a7:e9:72:7d:da:26:97:b2:5e:0b:92:52:98:60:d7: 21:cc:a3:04:37:c7:f6:48:a6:da:ef:5b:a0:14:00: 11:2f:59:85:5a:91:c3:4f:bd:5d:af:97:44:75:6a: 35:6f:98:68:b4:af:c3:bc:9d:7f:81:e9:e3:22:95: e6:62:6a:65:2c:ef:34:ea:62:f5:33:6f:b6:a7:c3: 76:84:cf:ef:aa:d6:41:e3:2c:89:c6:ad:ba:32:c5: ee:60:40:46:c2:25:58:32:74:96:b4:bd:5f:ce:d1: a3:3b:97:94:dd:b8:78:2f:b0:25:e1:fb:e2:de:09: 01:d7:01:5a:5d:8a:25:c9:65:95:cc:b6:26:17:9c: 29:02:21:ed:c3:8e:5e:2b:1d:d6:5c:9d:a0:ee:08: 45:df:b5:2b:94:3b:95:92:24:5d:47:8a:ad:2e:64: f1:ac:15:62:81:71:19:e8:69:3a:a2:b9:9a:c8:3b: 4d:f6:55:4d:53:71:15:c6:bd:90:46:60:54:ee:b4: d9:ff Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:FE:9A:C9:2E:90:D0:95:F3:6F:76:3D:3E:4D:DF:C5:0E:67:DE:D5 X509v3 Authority Key Identifier: keyid:86:7D:3D:68:B6:59:78:03:AF:56:46:5C:0E:9B:53:AB:66:7B:72:A8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hn09aLZZeAOvVkZcDptTq2Z7cqg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912CDC5/E9F292C680B611EBBECBF379C4F9AE02/hn09aLZZeAOvVkZcDptTq2Z7cqg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:ec:28:67:8f:29:c4:8f:c9:99:8b:70:1e:63:be:b2:b8:79: 30:97:e4:49:d7:2d:70:63:00:6d:7c:f3:45:75:31:c6:27:ab: 2b:9e:e0:51:bf:25:43:44:9a:4e:46:c5:92:41:05:7d:27:17: 73:ed:b5:84:7b:39:b9:d5:c1:0a:b1:60:a9:4d:2f:4a:40:d1: 71:5b:f2:04:aa:20:92:3c:5e:22:5b:df:66:55:44:45:82:0d: 9f:3f:ea:d1:5a:07:86:35:34:eb:af:08:4d:2a:50:86:cb:46: ce:0c:56:29:60:c3:9a:f4:d5:97:88:ca:00:e8:d5:ec:b7:84: f1:63:40:32:ff:f6:75:12:c0:71:c3:9c:5f:7a:94:4d:b5:53: 91:a0:08:95:ed:43:c1:99:e7:dc:93:bf:d5:73:d4:51:69:cd: 62:bb:da:77:3f:79:61:d6:99:e2:57:b8:5a:26:b1:e1:d0:da: 3b:6b:dd:8d:f2:58:9e:ee:41:7d:e1:84:03:8c:7b:aa:60:d7: 35:98:14:a4:25:51:d7:03:c3:38:4d:a8:d7:f7:ba:ab:86:32: 26:96:e3:29:b2:ad:b5:2d:6e:56:c1:e5:5c:e7:49:be:49:20: 24:af:b1:a3:6d:05:fb:0d:92:7d:40:67:f0:3f:63:d7:1f:41: 2e:90:46:00 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBsAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkNEQzUxMTAvBgNVBAUTKDg2N0QzRDY4QjY1OTc4MDNBRjU2NDY1QzBFOUI1M0FC NjY3QjcyQTgwHhcNMjUxMTAyMjIxMDQ3WhcNMjUxMTA5MjIxMDQ3WjAYMRYwFAYD VQQDEw02OTA3ZDZlOC0yZTdjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6atj/IGWD2YIU3HmITchaxEpEXnOMuFaeDm/1WVQPcAIMAXR3fkUdrU2dnSf V9DagMAmIHccJmv/JLOn6XJ92iaXsl4LklKYYNchzKMEN8f2SKba71ugFAARL1mF WpHDT71dr5dEdWo1b5hotK/DvJ1/genjIpXmYmplLO806mL1M2+2p8N2hM/vqtZB 4yyJxq26MsXuYEBGwiVYMnSWtL1fztGjO5eU3bh4L7Al4fvi3gkB1wFaXYolyWWV zLYmF5wpAiHtw45eKx3WXJ2g7ghF37UrlDuVkiRdR4qtLmTxrBVigXEZ6Gk6orma yDtN9lVNU3EVxr2QRmBU7rTZ/wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEH+msku kNCV8292PT5N38UOZ97VMB8GA1UdIwQYMBaAFIZ9PWi2WXgDr1ZGXA6bU6tme3Ko MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyQ0RDNS9FOUYyOTJDNjgw QjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVBT3ZWa1pjRHB0VHEyWjdj cWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2huMDlhTFpaZUFPdlZrWmNEcHRUcTJaN2NxZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy Q0RDNS9FOUYyOTJDNjgwQjYxMUVCQkVDQkYzNzlDNEY5QUUwMi9objA5YUxaWmVB T3ZWa1pjRHB0VHEyWjdjcWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCt7ChnjynEj8mZi3AeY76yuHkwl+RJ1y1wYwBtfPNFdTHGJ6srnuBR vyVDRJpORsWSQQV9Jxdz7bWEezm51cEKsWCpTS9KQNFxW/IEqiCSPF4iW99mVURF gg2fP+rRWgeGNTTrrwhNKlCGy0bODFYpYMOa9NWXiMoA6NXst4TxY0Ay//Z1EsBx w5xfepRNtVORoAiV7UPBmefck7/Vc9RRac1iu9p3P3lh1pniV7haJrHh0No7a92N 8lie7kF94YQDjHuqYNc1mBSkJVHXA8M4TajX97qrhjImluMpsq21LW5WweVc50m+ SSAkr7GjbQX7DZJ9QGfwP2PXH0EukEYA -----END CERTIFICATE-----Generated at Tue Nov 4 18:44:21 2025 by rpki-client