$ rpki-client -vvf rpki.apnic.net/member_repository/A9154EAF/47D5A7E016C311EDAE7EB955C4F9AE02/ehMEShEYWGwP2hOLs-vdSEiRTjc.mft File: ehMEShEYWGwP2hOLs-vdSEiRTjc.mft (raw, json) Hash identifier: XWXk7Czk/hXvLpfUg+Q44rTpzfdf7IbPa5t6rHQZVSE= Subject key identifier: 3A:DA:7C:00:02:F5:52:E4:D0:35:6D:C5:81:10:FF:1E:09:91:B6:21 Authority key identifier: 7A:13:04:4A:11:18:58:6C:0F:DA:13:8B:B3:EB:DD:48:48:91:4E:37 Certificate issuer: /CN=A9154EAF/serialNumber=7A13044A1118586C0FDA138BB3EBDD4848914E37 Certificate serial: 02B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ehMEShEYWGwP2hOLs-vdSEiRTjc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154EAF/47D5A7E016C311EDAE7EB955C4F9AE02/ehMEShEYWGwP2hOLs-vdSEiRTjc.mft Manifest number: 02AF Signing time: Mon 03 Nov 2025 01:27:01 +0000 Manifest this update: Mon 03 Nov 2025 01:27:00 +0000 Manifest next update: Mon 10 Nov 2025 01:27:00 +0000 Files and hashes: 1: ehMEShEYWGwP2hOLs-vdSEiRTjc.crl (hash: TY5muZyOJ906ibqONnG7MGjiadtqd1v9WTWtdjixvLA=) 2: 62A0C17A16C511ED91E80F56C4F9AE02.roa (hash: JJX6OI5aam7BC0uvlTdjVV9SQAAwhFakRzY5oiIX9Uk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154EAF/47D5A7E016C311EDAE7EB955C4F9AE02/ehMEShEYWGwP2hOLs-vdSEiRTjc.crl rsync://rpki.apnic.net/member_repository/A9154EAF/47D5A7E016C311EDAE7EB955C4F9AE02/ehMEShEYWGwP2hOLs-vdSEiRTjc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ehMEShEYWGwP2hOLs-vdSEiRTjc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:27:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 691 (0x2b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154EAF, serialNumber=7A13044A1118586C0FDA138BB3EBDD4848914E37 Validity Not Before: Nov 3 01:27:00 2025 GMT Not After : Nov 10 01:27:00 2025 GMT Subject: CN=690804e5-1634 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:4b:21:73:0d:c2:74:06:77:cd:ef:fa:c4:41: 2a:2e:c6:fd:fa:d4:5a:0c:93:e3:d6:8c:c1:20:f6: b0:29:98:9f:17:2e:b6:7a:09:fc:01:e4:7d:d3:8b: de:94:a5:6f:1e:52:78:53:cb:37:d8:49:2f:e5:6d: 07:8b:78:72:1f:69:2d:a3:58:33:6c:4a:f5:1d:b2: 4f:29:2c:ae:dc:fd:47:6d:28:41:33:0c:93:3f:a2: 3c:75:64:36:e7:de:f8:69:72:94:4e:eb:28:2d:bb: b9:2d:81:73:15:4c:04:74:cf:e3:d5:66:17:88:b8: 87:10:93:e4:9e:dd:f3:56:af:ab:6a:6f:ca:e0:5a: ec:07:93:eb:ad:8c:b7:81:60:d4:9e:96:24:f0:da: 1b:b8:2e:97:d0:56:24:40:80:6d:08:60:1d:23:a7: 6f:9d:a2:4a:12:dc:25:03:fe:59:89:ba:7e:eb:40: 32:1f:56:3a:b5:09:e5:0b:79:90:25:c9:af:da:e7: ca:02:9b:6a:b2:c9:a4:b5:6f:db:7a:c5:42:1c:11: b6:dd:58:20:8d:90:c9:b0:01:77:68:d3:73:29:60: fb:13:f9:43:d3:7d:af:aa:7a:06:50:be:1f:cd:c7: 8c:29:a4:34:00:5e:88:02:ca:ca:2b:de:73:ed:96: 72:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:DA:7C:00:02:F5:52:E4:D0:35:6D:C5:81:10:FF:1E:09:91:B6:21 X509v3 Authority Key Identifier: keyid:7A:13:04:4A:11:18:58:6C:0F:DA:13:8B:B3:EB:DD:48:48:91:4E:37 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154EAF/47D5A7E016C311EDAE7EB955C4F9AE02/ehMEShEYWGwP2hOLs-vdSEiRTjc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ehMEShEYWGwP2hOLs-vdSEiRTjc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154EAF/47D5A7E016C311EDAE7EB955C4F9AE02/ehMEShEYWGwP2hOLs-vdSEiRTjc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 13:3b:76:80:a7:a5:1f:8b:f4:d6:95:32:1b:2e:29:ae:e0:a1: f3:fa:d1:c3:1c:7d:e8:86:5a:38:7c:a6:89:7c:7f:5a:2d:83: 16:f4:5d:37:62:d2:7f:4b:43:54:bb:88:df:d0:0a:0c:0b:60: 6b:b3:a8:b7:8f:90:36:45:8c:93:80:bb:9f:63:9e:b7:e6:0d: 9e:55:c5:0a:df:90:2e:ad:26:16:0b:1e:a6:62:6c:3a:5f:bf: 17:6b:61:f3:9d:9f:00:a1:ed:49:60:53:ce:5d:c2:d8:ec:1d: 3e:6d:3f:dc:63:b9:f6:4d:c3:a5:43:13:92:4d:01:41:21:d1: 42:c0:8d:d6:5e:70:b2:a9:56:a8:b4:d2:73:f0:a5:6e:ec:bc: f7:28:ce:60:63:a9:e7:0e:f3:1e:46:39:85:db:e4:ea:76:72: 83:9e:08:cf:47:ad:fb:56:31:47:12:c7:2e:1a:06:ca:d1:be: fd:3b:4e:e8:4a:2f:85:1f:82:ac:c8:01:e2:de:0f:cf:30:3e: 1a:84:61:87:5c:5f:77:87:99:c2:71:be:88:0c:ee:73:c8:7f: 89:4f:d5:06:58:4e:92:ba:be:91:16:36:2c:4a:bd:01:e3:a5: 47:93:28:90:bb:26:c6:aa:7e:7f:93:7f:24:2d:85:80:20:98: a9:be:0a:6c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTRFQUYxMTAvBgNVBAUTKDdBMTMwNDRBMTExODU4NkMwRkRBMTM4QkIzRUJERDQ4 NDg5MTRFMzcwHhcNMjUxMTAzMDEyNzAwWhcNMjUxMTEwMDEyNzAwWjAYMRYwFAYD VQQDEw02OTA4MDRlNS0xNjM0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqkshcw3CdAZ3ze/6xEEqLsb9+tRaDJPj1ozBIPawKZifFy62egn8AeR904ve lKVvHlJ4U8s32Ekv5W0Hi3hyH2kto1gzbEr1HbJPKSyu3P1HbShBMwyTP6I8dWQ2 5974aXKUTusoLbu5LYFzFUwEdM/j1WYXiLiHEJPknt3zVq+ram/K4FrsB5PrrYy3 gWDUnpYk8NobuC6X0FYkQIBtCGAdI6dvnaJKEtwlA/5Zibp+60AyH1Y6tQnlC3mQ Jcmv2ufKAptqssmktW/besVCHBG23VggjZDJsAF3aNNzKWD7E/lD032vqnoGUL4f zceMKaQ0AF6IAsrKK95z7ZZy4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDrafAAC 9VLk0DVtxYEQ/x4JkbYhMB8GA1UdIwQYMBaAFHoTBEoRGFhsD9oTi7Pr3UhIkU43 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NEVBRi80N0Q1QTdFMDE2 QzMxMUVEQUU3RUI5NTVDNEY5QUUwMi9laE1FU2hFWVdHd1AyaE9Mcy12ZFNFaVJU amMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2VoTUVTaEVZV0d3UDJoT0xzLXZkU0VpUlRqYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NEVBRi80N0Q1QTdFMDE2QzMxMUVEQUU3RUI5NTVDNEY5QUUwMi9laE1FU2hFWVdH d1AyaE9Mcy12ZFNFaVJUamMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQATO3aAp6Ufi/TWlTIbLimu4KHz+tHDHH3ohlo4fKaJfH9aLYMW9F03 YtJ/S0NUu4jf0AoMC2Brs6i3j5A2RYyTgLufY5635g2eVcUK35AurSYWCx6mYmw6 X78Xa2HznZ8Aoe1JYFPOXcLY7B0+bT/cY7n2TcOlQxOSTQFBIdFCwI3WXnCyqVao tNJz8KVu7Lz3KM5gY6nnDvMeRjmF2+TqdnKDngjPR637VjFHEscuGgbK0b79O07o Si+FH4KsyAHi3g/PMD4ahGGHXF93h5nCcb6IDO5zyH+JT9UGWE6Sur6RFjYsSr0B 46VHkyiQuybGqn5/k38kLYWAIJipvgps -----END CERTIFICATE-----Generated at Mon Nov 3 18:06:54 2025 by rpki-client