$ rpki-client -vvf rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft File: HKNtz8PAQzP4g7g18sjd0CXVQQY.mft (raw, json) Hash identifier: TN0WbF1lJdCyJiwe7fJFNiSaoy5E0y3OtarPW5PMn+Y= Subject key identifier: 4B:A5:E2:D5:E0:58:84:6E:BC:18:53:82:EC:44:A7:D6:38:B1:B6:6F Authority key identifier: 1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06 Certificate issuer: /CN=A9142F59/serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106 Certificate serial: 49 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft Manifest number: 42 Signing time: Wed 05 Nov 2025 07:43:48 +0000 Manifest this update: Wed 05 Nov 2025 07:43:47 +0000 Manifest next update: Wed 12 Nov 2025 07:43:47 +0000 Files and hashes: 1: HKNtz8PAQzP4g7g18sjd0CXVQQY.crl (hash: NzNW47VuowuerDYAYyJyJQkkggRossFPBtN3DyGM3Hg=) 2: C7A29726A65311F091E2CF10C4F9AE02.roa (hash: H+sz1WV2JCbo6B0gUh55p+qB63Mvx+1vqhNeQo2vgMo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 07:43:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 73 (0x49) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142F59, serialNumber=1CA36DCFC3C04333F883B835F2C8DDD025D54106 Validity Not Before: Nov 5 07:43:47 2025 GMT Not After : Nov 12 07:43:47 2025 GMT Subject: CN=690b0033-0ff2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c0:1b:56:bb:61:76:9d:05:9f:6f:f3:ff:d9:e4: 35:9e:cb:dd:fe:f1:10:45:8d:a3:40:6e:50:47:d8: 8a:8c:f4:b6:11:7f:0b:80:af:7c:7f:77:7a:98:54: 85:ba:1b:8d:80:fc:43:ca:5b:1a:57:58:fd:dc:8b: 10:55:04:6d:0a:00:10:e8:75:88:45:d3:00:b1:08: 4a:2f:b9:08:11:c1:9f:b2:80:8e:df:cb:a9:fa:44: ab:4d:f1:35:44:f4:64:ef:fb:b0:b6:70:4c:29:a2: 8c:ba:15:2b:da:30:2b:f1:4d:30:70:85:c9:57:26: f7:b0:83:b5:38:a7:44:4b:23:81:0f:8d:bd:d9:b9: e4:58:29:9e:56:03:80:c1:e2:a1:d2:1d:04:15:e0: f9:05:2b:08:53:b8:7b:3b:0b:80:43:0d:a0:18:d3: 1d:62:ff:30:18:5a:9a:e9:ec:71:4a:2a:de:2f:4f: d6:03:1c:12:83:42:3e:67:62:ef:30:57:7d:ee:63: 29:ec:3f:95:d4:27:d5:61:dd:63:a7:0d:1d:a8:3c: c6:b6:4e:7c:77:86:bc:dc:ef:e4:7a:f3:2b:03:ba: 05:e9:82:64:22:37:91:a2:22:f2:7b:ac:f8:2e:f1: 76:1a:05:b6:7f:01:44:e3:13:82:05:2c:83:41:61: 53:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:A5:E2:D5:E0:58:84:6E:BC:18:53:82:EC:44:A7:D6:38:B1:B6:6F X509v3 Authority Key Identifier: keyid:1C:A3:6D:CF:C3:C0:43:33:F8:83:B8:35:F2:C8:DD:D0:25:D5:41:06 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HKNtz8PAQzP4g7g18sjd0CXVQQY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142F59/0526D62E623011F0A0207630C4F9AE02/HKNtz8PAQzP4g7g18sjd0CXVQQY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1c:da:68:c3:8b:fe:36:1a:24:62:20:34:4f:03:fa:19:33:f1: 0e:2f:42:76:68:31:38:9b:39:e2:82:fc:9d:ca:43:22:56:c9: f6:be:a4:31:6b:d2:61:87:32:65:a0:48:c3:c8:19:ff:37:97: c4:e5:0c:f9:70:4c:5e:32:cf:ee:b1:ee:bc:f1:43:5a:95:d7: e4:50:97:6b:95:1a:a7:a1:cf:87:cb:63:46:51:dd:81:fb:00: ff:6e:81:25:e6:ed:44:6a:bf:32:94:b8:01:ac:c9:15:72:1e: d3:79:fe:a0:91:8d:af:27:58:3d:03:97:dc:f6:b9:2d:6d:73: 33:06:da:5c:40:a5:16:ee:9b:e1:20:01:27:f4:a6:95:a4:ea: 9f:3f:c0:67:ca:60:7b:8c:6c:59:e8:c2:04:a0:8c:37:1b:ce: 14:fb:49:93:13:97:9f:f2:09:ff:07:bc:db:2d:91:ce:5e:60: 21:bc:bd:20:ce:55:83:ba:5a:75:f7:9d:2e:11:8e:96:9d:97: 69:84:71:7f:1d:6a:01:0c:b7:b5:23:6c:bb:61:f1:19:29:eb: 2f:40:8d:5b:ea:5b:90:2a:d8:ce:5e:d7:3f:57:63:8e:0d:42: 10:5e:f6:40:94:8f:7e:68:c0:51:31:2d:ca:88:22:d2:e7:8d: 0f:5b:2b:af -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBSTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE0 MkY1OTExMC8GA1UEBRMoMUNBMzZEQ0ZDM0MwNDMzM0Y4ODNCODM1RjJDOERERDAy NUQ1NDEwNjAeFw0yNTExMDUwNzQzNDdaFw0yNTExMTIwNzQzNDdaMBgxFjAUBgNV BAMTDTY5MGIwMDMzLTBmZjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDAG1a7YXadBZ9v8//Z5DWey93+8RBFjaNAblBH2IqM9LYRfwuAr3x/d3qYVIW6 G42A/EPKWxpXWP3cixBVBG0KABDodYhF0wCxCEovuQgRwZ+ygI7fy6n6RKtN8TVE 9GTv+7C2cEwpooy6FSvaMCvxTTBwhclXJvewg7U4p0RLI4EPjb3ZueRYKZ5WA4DB 4qHSHQQV4PkFKwhTuHs7C4BDDaAY0x1i/zAYWprp7HFKKt4vT9YDHBKDQj5nYu8w V33uYynsP5XUJ9Vh3WOnDR2oPMa2Tnx3hrzc7+R68ysDugXpgmQiN5GiIvJ7rPgu 8XYaBbZ/AUTjE4IFLINBYVPJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUS6Xi1eBY hG68GFOC7ESn1jixtm8wHwYDVR0jBBgwFoAUHKNtz8PAQzP4g7g18sjd0CXVQQYw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQyRjU5LzA1MjZENjJFNjIz MDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQNGc3ZzE4c2pkMENYVlFR WS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSEtOdHo4UEFRelA0ZzdnMThzamQwQ1hWUVFZLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTQy RjU5LzA1MjZENjJFNjIzMDExRjBBMDIwNzYzMEM0RjlBRTAyL0hLTnR6OFBBUXpQ NGc3ZzE4c2pkMENYVlFRWS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABzaaMOL/jYaJGIgNE8D+hkz8Q4vQnZoMTibOeKC/J3KQyJWyfa+pDFr 0mGHMmWgSMPIGf83l8TlDPlwTF4yz+6x7rzxQ1qV1+RQl2uVGqehz4fLY0ZR3YH7 AP9ugSXm7URqvzKUuAGsyRVyHtN5/qCRja8nWD0Dl9z2uS1tczMG2lxApRbum+Eg ASf0ppWk6p8/wGfKYHuMbFnowgSgjDcbzhT7SZMTl5/yCf8HvNstkc5eYCG8vSDO VYO6WnX3nS4Rjpadl2mEcX8dagEMt7UjbLth8Rkp6y9AjVvqW5Aq2M5e1z9XY44N QhBe9kCUj35owFExLcqIItLnjQ9bK68= -----END CERTIFICATE-----Generated at Wed Nov 5 13:52:36 2025 by rpki-client