$ rpki-client -vvf rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.mft File: NHr-s5TFaX6XkiFO-M9WpZyo6L0.mft (raw, json) Hash identifier: EvF7io9QT0IQI35AOGjIA3mI1lrlrSDbxuCylD4yaBM= Subject key identifier: 32:55:4B:B6:2D:75:4C:6D:D5:D8:A1:93:06:8E:9F:76:8F:76:E1:9D Authority key identifier: 34:7A:FE:B3:94:C5:69:7E:97:92:21:4E:F8:CF:56:A5:9C:A8:E8:BD Certificate issuer: /CN=A91626EF/serialNumber=347AFEB394C5697E9792214EF8CF56A59CA8E8BD Certificate serial: 0CD7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHr-s5TFaX6XkiFO-M9WpZyo6L0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.mft Manifest number: 0CC4 Signing time: Sun 02 Nov 2025 18:12:37 +0000 Manifest this update: Sun 02 Nov 2025 18:12:37 +0000 Manifest next update: Sun 09 Nov 2025 18:12:37 +0000 Files and hashes: 1: NHr-s5TFaX6XkiFO-M9WpZyo6L0.crl (hash: jBkKtlYlwFLbrAU0QpyKNhYLfnEA5vHXm4++qIWChjE=) 2: 24A28E0C07B911F091752834C4F9AE02.roa (hash: DxAfEgav23qNw9acbrJvstjPzIpBZbMgGcy+koP3ZBo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.crl rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHr-s5TFaX6XkiFO-M9WpZyo6L0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:12:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3287 (0xcd7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91626EF, serialNumber=347AFEB394C5697E9792214EF8CF56A59CA8E8BD Validity Not Before: Nov 2 18:12:37 2025 GMT Not After : Nov 9 18:12:37 2025 GMT Subject: CN=69079f15-6aa0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:d8:dd:92:94:e9:4a:40:f5:a2:80:17:5b:0d: dc:d6:38:87:18:30:ef:13:87:70:95:67:f2:b8:ad: 38:93:0b:39:1b:34:19:d4:d2:d9:87:f0:23:44:5e: 17:8b:c7:04:80:c5:86:52:30:f5:ad:0d:d1:1e:49: 5b:23:69:50:2d:37:ac:83:6c:a0:d3:34:fa:e0:83: a9:f6:11:97:c7:e5:f4:24:9b:65:cf:0d:cd:d6:47: a5:14:7b:a7:ff:a5:f1:e6:c9:61:96:a3:22:10:d0: 53:7c:9a:31:e4:34:d1:a8:f5:cf:19:31:30:a0:f2: 72:be:4f:e3:33:55:aa:d5:51:63:c4:f0:c8:f0:f2: 21:99:9e:6b:39:14:3a:8c:13:2f:da:27:57:f8:e9: b8:72:75:26:f6:08:59:21:34:36:ce:c2:96:9c:bb: 69:a2:2d:fd:2b:f6:bc:d5:e3:5d:77:c9:7a:e5:6d: 53:60:de:9a:e6:9b:92:cf:ed:9a:de:0b:ae:42:2e: cb:90:02:8e:75:66:6a:43:af:65:7f:41:a4:f4:f2: ff:d9:51:da:3e:d6:92:a6:a3:3c:0b:5e:26:25:e3: 49:6e:3f:92:2c:7e:a2:83:ad:41:66:e0:f3:0b:d3: 95:ab:c1:95:af:8c:8e:95:7d:b9:dc:50:89:03:6f: 83:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:55:4B:B6:2D:75:4C:6D:D5:D8:A1:93:06:8E:9F:76:8F:76:E1:9D X509v3 Authority Key Identifier: keyid:34:7A:FE:B3:94:C5:69:7E:97:92:21:4E:F8:CF:56:A5:9C:A8:E8:BD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/NHr-s5TFaX6XkiFO-M9WpZyo6L0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91626EF/9D867510FFD411E992D06518C4F9AE02/NHr-s5TFaX6XkiFO-M9WpZyo6L0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:03:d9:34:73:f9:7d:25:44:83:d9:7d:bb:ca:4b:53:91:17: fe:c9:cb:9c:4b:72:64:9f:2c:38:f3:fc:df:d1:8f:26:03:e3: 00:a9:26:9d:dd:19:21:7f:d4:c8:a7:a4:d4:b4:cf:9c:e6:67: e3:46:bf:ef:4c:25:27:67:48:0c:de:57:a8:bc:c3:2e:c8:75: 8f:1e:57:ee:18:36:c9:a4:7b:d2:23:15:c0:9c:66:17:6a:09: 5b:6e:93:c4:f1:80:6a:44:0e:47:f0:5c:54:cf:8d:c2:fc:69: 2b:fc:9c:66:24:78:aa:60:8d:30:9b:0d:a7:a8:8a:f6:bc:2d: c0:63:e9:f2:5b:b5:67:f2:a9:10:fc:57:8b:c0:9d:a1:ca:16: 54:8d:30:e8:ca:bb:d4:f7:ff:3a:ec:3f:87:5e:c3:59:74:83: 0f:1a:9e:df:29:cd:67:21:11:9c:aa:f0:85:c4:a4:1a:4d:b5: f2:a1:90:da:d3:af:ef:c4:64:fb:81:fe:4f:a5:b1:36:83:c8: 7b:58:d0:41:35:a7:e9:11:46:9a:1f:83:b5:aa:32:68:26:ea: 08:a3:c6:08:c4:a1:2a:29:9f:0d:74:cb:da:ce:c3:40:1c:e1: d2:ef:f2:f3:de:83:c2:ce:29:64:29:e3:b8:2f:98:40:48:a5: cb:1e:e0:2d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDNcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjI2RUYxMTAvBgNVBAUTKDM0N0FGRUIzOTRDNTY5N0U5NzkyMjE0RUY4Q0Y1NkE1 OUNBOEU4QkQwHhcNMjUxMTAyMTgxMjM3WhcNMjUxMTA5MTgxMjM3WjAYMRYwFAYD VQQDEw02OTA3OWYxNS02YWEwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0tjdkpTpSkD1ooAXWw3c1jiHGDDvE4dwlWfyuK04kws5GzQZ1NLZh/AjRF4X i8cEgMWGUjD1rQ3RHklbI2lQLTesg2yg0zT64IOp9hGXx+X0JJtlzw3N1kelFHun /6Xx5slhlqMiENBTfJox5DTRqPXPGTEwoPJyvk/jM1Wq1VFjxPDI8PIhmZ5rORQ6 jBMv2idX+Om4cnUm9ghZITQ2zsKWnLtpoi39K/a81eNdd8l65W1TYN6a5puSz+2a 3guuQi7LkAKOdWZqQ69lf0Gk9PL/2VHaPtaSpqM8C14mJeNJbj+SLH6ig61BZuDz C9OVq8GVr4yOlX253FCJA2+DpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDJVS7Yt dUxt1dihkwaOn3aPduGdMB8GA1UdIwQYMBaAFDR6/rOUxWl+l5IhTvjPVqWcqOi9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MjZFRi85RDg2NzUxMEZG RDQxMUU5OTJEMDY1MThDNEY5QUUwMi9OSHItczVURmFYNlhraUZPLU05V3BaeW82 TDAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL05Ici1zNVRGYVg2WGtpRk8tTTlXcFp5bzZMMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MjZFRi85RDg2NzUxMEZGRDQxMUU5OTJEMDY1MThDNEY5QUUwMi9OSHItczVURmFY NlhraUZPLU05V3BaeW82TDAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJA9k0c/l9JUSD2X27yktTkRf+ycucS3Jknyw48/zf0Y8mA+MAqSad 3Rkhf9TIp6TUtM+c5mfjRr/vTCUnZ0gM3leovMMuyHWPHlfuGDbJpHvSIxXAnGYX aglbbpPE8YBqRA5H8FxUz43C/Gkr/JxmJHiqYI0wmw2nqIr2vC3AY+nyW7Vn8qkQ /FeLwJ2hyhZUjTDoyrvU9/867D+HXsNZdIMPGp7fKc1nIRGcqvCFxKQaTbXyoZDa 06/vxGT7gf5PpbE2g8h7WNBBNafpEUaaH4O1qjJoJuoIo8YIxKEqKZ8NdMvazsNA HOHS7/Lz3oPCzilkKeO4L5hASKXLHuAt -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:26 2025 by rpki-client