$ rpki-client -vvf rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft File: HjKemPZ2kum1dgI6L7xVfVfdVWw.mft (raw, json) Hash identifier: r7E2JhXTVOs7Ib5R7YxLW12GxyVv5TseKyl4smheCE0= Subject key identifier: 3A:37:74:46:C6:EF:8A:58:D8:5A:42:11:58:93:12:F7:07:09:71:82 Authority key identifier: 1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C Certificate issuer: /CN=A91568F6/serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Certificate serial: 0DEC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft Manifest number: 0DBE Signing time: Wed 22 Oct 2025 18:23:14 +0000 Manifest this update: Wed 22 Oct 2025 18:23:13 +0000 Manifest next update: Wed 29 Oct 2025 18:23:13 +0000 Files and hashes: 1: HjKemPZ2kum1dgI6L7xVfVfdVWw.crl (hash: 4qNjFJkY/BXm2Vf0XNvmC4LcjQOZZ7D3xzaADZHiVT0=) 2: FD120CC2D94411EDA95E3613C4F9AE02.roa (hash: u8GCpF3JjtF0fC5bHONBso6P9ZKL07gluzKPfJhmpXI=) 3: 79B042BAF3BD11EE961D7A7AC4F9AE02.roa (hash: 9OL0Nn9V+ede9DJf9mkaMrtLaF0tRZO3OAn8HvMuFRw=) 4: 4EF1DE0E822A11EDB2081A49C4F9AE02.roa (hash: ccQHTXT/JWlYkUSlrHBZlxj0fPuZnF/MXZqxQxgBSSk=) 5: 8F7DDD8889B811EE9E7ABE26C4F9AE02.roa (hash: JsvlnopzOaOKTX3AuOnQGEvn3QbobkZ0VGpy6s7Zufs=) 6: 50063EE8822A11EDB2081A49C4F9AE02.roa (hash: W9F0AxXLeTRt9akhBBWzGaKX1wJNYfdBQQ5r+SkSiyU=) 7: 87BB6D70822711ED94C3212CC4F9AE02.roa (hash: TgzuO7T0sgwTCl2sRbtN58HlHEFkWtWHdI30YEepdig=) 8: D0551B50046411F09760073DC4F9AE02.roa (hash: Ml6MHIFRGUbHxsyGVzTTlekIkq7JzuhUAzoayMJcf6g=) 9: F2826A504FCF11EB88444467C4F9AE02.roa (hash: QqSGad7FxeptCh4lzX5ee03GteRq4SxJe8s+1HGe3x4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 29 Oct 2025 18:23:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3564 (0xdec) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91568F6, serialNumber=1E329E98F67692E9B576023A2FBC557D57DD556C Validity Not Before: Oct 22 18:23:13 2025 GMT Not After : Oct 29 18:23:13 2025 GMT Subject: CN=68f92111-07cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c9:88:02:a3:e2:29:c3:dd:2e:4b:7e:5c:44:6e: 11:f2:f6:16:52:2c:e1:5a:2c:9a:54:6c:cd:23:77: dc:5e:41:b4:65:78:fa:70:c2:98:26:12:8c:52:78: 23:30:c1:f8:79:f6:03:21:c2:4b:79:9a:e8:1d:fb: 19:66:c2:f9:81:23:43:67:3d:97:25:4e:aa:83:cb: 95:7e:07:0a:f6:04:1b:65:18:1f:72:85:aa:7e:90: 43:5e:b5:1a:70:e8:6e:e1:2c:3f:ef:0b:5b:be:d0: ce:1b:4a:7b:4e:4f:a1:ae:d4:de:95:d7:06:d3:fa: d5:79:4c:54:6b:c3:16:96:e5:2c:59:c5:94:61:11: 85:b6:00:db:8a:9b:f7:b0:b9:d6:2b:af:2f:2e:9f: 14:50:2c:db:9f:f2:27:ad:3a:65:07:bc:8f:ab:db: a6:22:6d:e0:fd:51:06:66:18:a5:3f:ff:6e:9f:82: 93:94:f5:01:9b:92:34:10:6f:a0:ec:fc:4d:fd:08: da:0c:34:83:2c:46:dc:5f:a1:24:00:6b:48:54:ae: 27:de:55:6e:19:b2:fe:3e:17:57:68:ac:b5:ed:43: ea:12:e7:4e:2c:4c:34:1f:6b:35:9c:ef:70:fe:83: f7:c5:da:d1:7e:80:54:09:9d:c1:2d:f5:34:d8:71: 4b:3d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:37:74:46:C6:EF:8A:58:D8:5A:42:11:58:93:12:F7:07:09:71:82 X509v3 Authority Key Identifier: keyid:1E:32:9E:98:F6:76:92:E9:B5:76:02:3A:2F:BC:55:7D:57:DD:55:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HjKemPZ2kum1dgI6L7xVfVfdVWw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91568F6/37D03DF6CE2811E9A6B6C17BC4F9AE02/HjKemPZ2kum1dgI6L7xVfVfdVWw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:54:cf:bb:1b:17:7a:c4:47:44:40:95:a5:bd:73:3d:3e:79: 90:de:a3:87:25:76:a6:46:85:4f:a8:ac:d5:bb:9e:12:fb:3a: 32:9d:d1:c7:a8:72:27:ba:e4:a6:eb:49:80:95:c7:43:d0:09: 44:8a:8b:d0:bc:b5:43:d1:db:ed:80:58:da:fb:d4:a5:42:6c: 27:77:ff:73:60:4e:cc:1d:b5:cc:c3:83:f9:5c:32:44:a2:67: c0:9a:21:da:c7:a9:94:10:03:e5:3b:90:d4:75:15:a6:79:a9: d4:da:d0:f5:11:d3:ce:eb:ba:8f:1c:26:e6:f9:2d:66:62:bd: 75:6a:d9:c6:ad:18:a0:ba:f2:f5:4f:12:d4:e6:f8:b7:ce:7b: 5b:ec:76:4a:8b:5c:29:eb:a2:e4:51:0e:3e:7a:ff:ec:c7:c9: 51:d3:64:bf:1d:cc:8e:46:cd:b2:9d:48:f0:03:d5:fd:2c:90: eb:7b:17:1d:9b:9e:a8:69:f1:c4:8b:ca:ee:92:64:da:d1:d8: 6c:ea:c8:b3:6a:ae:fd:4e:7c:41:60:fe:d8:3f:b6:0d:d1:cf: 91:e2:01:a7:b2:11:1d:76:88:a3:7e:98:62:8c:32:d9:93:16: 38:de:e1:d5:68:3c:dc:38:5a:30:df:6a:1c:96:1a:6e:9f:d7: 4c:49:d0:a3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDewwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY4RjYxMTAvBgNVBAUTKDFFMzI5RTk4RjY3NjkyRTlCNTc2MDIzQTJGQkM1NTdE NTdERDU1NkMwHhcNMjUxMDIyMTgyMzEzWhcNMjUxMDI5MTgyMzEzWjAYMRYwFAYD VQQDEw02OGY5MjExMS0wN2NiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyYgCo+Ipw90uS35cRG4R8vYWUizhWiyaVGzNI3fcXkG0ZXj6cMKYJhKMUngj MMH4efYDIcJLeZroHfsZZsL5gSNDZz2XJU6qg8uVfgcK9gQbZRgfcoWqfpBDXrUa cOhu4Sw/7wtbvtDOG0p7Tk+hrtTeldcG0/rVeUxUa8MWluUsWcWUYRGFtgDbipv3 sLnWK68vLp8UUCzbn/InrTplB7yPq9umIm3g/VEGZhilP/9un4KTlPUBm5I0EG+g 7PxN/QjaDDSDLEbcX6EkAGtIVK4n3lVuGbL+PhdXaKy17UPqEudOLEw0H2s1nO9w /oP3xdrRfoBUCZ3BLfU02HFLPQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDo3dEbG 74pY2FpCEViTEvcHCXGCMB8GA1UdIwQYMBaAFB4ynpj2dpLptXYCOi+8VX1X3VVs MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1NjhGNi8zN0QwM0RGNkNF MjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1bTFkZ0k2TDd4VmZWZmRW V3cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hqS2VtUFoya3VtMWRnSTZMN3hWZlZmZFZXdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 NjhGNi8zN0QwM0RGNkNFMjgxMUU5QTZCNkMxN0JDNEY5QUUwMi9IaktlbVBaMmt1 bTFkZ0k2TDd4VmZWZmRWV3cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2VM+7Gxd6xEdEQJWlvXM9PnmQ3qOHJXamRoVPqKzVu54S+zoyndHH qHInuuSm60mAlcdD0AlEiovQvLVD0dvtgFja+9SlQmwnd/9zYE7MHbXMw4P5XDJE omfAmiHax6mUEAPlO5DUdRWmeanU2tD1EdPO67qPHCbm+S1mYr11atnGrRiguvL1 TxLU5vi3zntb7HZKi1wp66LkUQ4+ev/sx8lR02S/HcyORs2ynUjwA9X9LJDrexcd m56oafHEi8rukmTa0dhs6sizaq79TnxBYP7YP7YN0c+R4gGnshEddoijfphijDLZ kxY43uHVaDzcOFow32oclhpun9dMSdCj -----END CERTIFICATE-----Generated at Thu Oct 23 13:04:28 2025 by rpki-client