$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft File: 0hsNWsWvkZAPUK2WADMT5R7WChA.mft (raw, json) Hash identifier: 0C1H3vFfOP1rzzskw9T0IjjIitgkjxCettGsduR7m4E= Subject key identifier: 1D:C5:27:EF:56:05:E2:4D:6A:BC:7B:E9:8F:FC:74:A9:8E:ED:5B:0F Authority key identifier: D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 Certificate issuer: /CN=A91A0E9D/serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft Manifest number: CA Signing time: Wed 05 Nov 2025 06:06:49 +0000 Manifest this update: Wed 05 Nov 2025 06:06:48 +0000 Manifest next update: Wed 12 Nov 2025 06:06:48 +0000 Files and hashes: 1: 0hsNWsWvkZAPUK2WADMT5R7WChA.crl (hash: kkh+AoMy4yn5MfFK14XYM5uOTUwZ1cv3JuAMqeWOs3k=) 2: 3996C94896D211EF924C486FC4F9AE02.roa (hash: kqOdm4mIQ5rtE9W5sQYT9M1D8hmXdIyf47H8prMLi/w=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:06:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0E9D, serialNumber=D21B0D5AC5AF91900F50AD96003313E51ED60A10 Validity Not Before: Nov 5 06:06:48 2025 GMT Not After : Nov 12 06:06:48 2025 GMT Subject: CN=690ae979-5f88 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:bb:d6:9d:e0:8e:e8:3d:da:1e:9d:3c:67:08: b6:fd:d1:95:be:52:55:3e:8c:0f:27:93:cb:96:01: d1:0a:16:d2:61:71:b5:c8:3d:bc:9e:5e:48:a7:ef: 15:e6:66:26:9a:24:bd:1d:99:71:70:d7:ba:f7:b0: 99:d7:24:5a:c1:fb:62:0e:23:97:74:f0:66:1a:a9: 98:aa:f3:4d:78:d4:3f:d0:3c:89:da:da:d1:11:70: d4:de:ca:76:61:45:2a:5c:57:62:33:0d:3d:e1:bb: ed:98:03:71:94:b1:db:db:3b:12:f2:57:89:5e:81: 7a:71:b0:12:5e:b6:45:a8:fb:b5:28:0f:34:a6:10: 20:a4:0e:07:59:b8:9a:75:c3:f6:4a:18:bb:6d:eb: 42:7a:d1:1f:d5:b1:46:89:f8:78:72:f4:e4:04:91: 00:89:8a:07:7b:41:4c:47:cc:69:38:8f:9c:36:d7: b4:44:96:84:db:6e:7d:02:e7:90:71:f6:e7:8b:73: b6:98:0e:2a:12:6e:98:32:5e:26:7e:b2:74:9d:31: 09:e0:88:52:1c:5e:f5:70:c4:7e:76:80:2d:33:cd: 8c:dd:3f:76:29:f7:90:72:e8:76:4f:2f:bd:f2:42: e3:35:2a:ad:37:62:31:61:44:26:61:ca:a8:6f:05: 0c:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1D:C5:27:EF:56:05:E2:4D:6A:BC:7B:E9:8F:FC:74:A9:8E:ED:5B:0F X509v3 Authority Key Identifier: keyid:D2:1B:0D:5A:C5:AF:91:90:0F:50:AD:96:00:33:13:E5:1E:D6:0A:10 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/0hsNWsWvkZAPUK2WADMT5R7WChA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0E9D/9569ADB495DB11EFA4E2FB45C4F9AE02/0hsNWsWvkZAPUK2WADMT5R7WChA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:1b:62:83:78:f0:f7:48:cd:0f:16:b5:72:b6:c9:fa:74:af: bf:a5:50:2f:4d:77:1c:15:b1:a1:a8:4d:00:db:98:20:8e:27: 1d:6c:82:1a:60:3b:bc:6b:06:27:6e:6f:e7:c3:dd:e9:50:c1: e2:5f:49:f3:75:d9:29:6f:42:58:61:fd:83:8f:ca:ab:b2:d6: 48:b7:fb:9c:2b:84:f5:50:c5:38:bb:46:2c:53:4f:de:77:60: a7:b5:c7:96:80:d3:1c:a2:06:93:e7:e8:19:64:25:18:9a:7b: d9:4d:25:69:69:46:f8:d4:3c:db:9d:8a:de:5c:53:c6:31:4b: 38:33:31:dc:fe:f7:e5:c3:b7:29:c8:0c:c7:80:39:aa:b8:04: 58:6c:87:ea:ae:34:db:40:51:a4:ee:85:9d:ab:b7:6d:da:c0: 60:2d:78:f8:b1:07:b2:92:10:69:ea:70:48:ce:25:e2:66:54: 2c:b8:36:fc:b4:b5:01:24:44:d3:75:8e:94:72:99:4e:c1:a1: 4c:62:b3:26:d9:b2:f3:38:4a:04:9a:b6:5e:ec:8a:15:ce:ea: be:70:67:0f:88:8d:8f:3e:82:d1:57:b1:eb:9a:57:0d:83:e6: 9d:18:74:e2:00:c7:b1:22:71:bd:87:3f:5b:a1:2e:96:6a:b6: f8:62:46:74 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTBFOUQxMTAvBgNVBAUTKEQyMUIwRDVBQzVBRjkxOTAwRjUwQUQ5NjAwMzMxM0U1 MUVENjBBMTAwHhcNMjUxMTA1MDYwNjQ4WhcNMjUxMTEyMDYwNjQ4WjAYMRYwFAYD VQQDEw02OTBhZTk3OS01Zjg4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6LvWneCO6D3aHp08Zwi2/dGVvlJVPowPJ5PLlgHRChbSYXG1yD28nl5Ip+8V 5mYmmiS9HZlxcNe697CZ1yRawftiDiOXdPBmGqmYqvNNeNQ/0DyJ2trREXDU3sp2 YUUqXFdiMw094bvtmANxlLHb2zsS8leJXoF6cbASXrZFqPu1KA80phAgpA4HWbia dcP2Shi7betCetEf1bFGifh4cvTkBJEAiYoHe0FMR8xpOI+cNte0RJaE2259AueQ cfbni3O2mA4qEm6YMl4mfrJ0nTEJ4IhSHF71cMR+doAtM82M3T92KfeQcuh2Ty+9 8kLjNSqtN2IxYUQmYcqobwUMZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB3FJ+9W BeJNarx76Y/8dKmO7VsPMB8GA1UdIwQYMBaAFNIbDVrFr5GQD1CtlgAzE+Ue1goQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMEU5RC85NTY5QURCNDk1 REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8waHNOV3NXdmtaQVBVSzJXQURNVDVSN1dD aEEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzBoc05Xc1d2a1pBUFVLMldBRE1UNVI3V0NoQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MEU5RC85NTY5QURCNDk1REIxMUVGQTRFMkZCNDVDNEY5QUUwMi8waHNOV3NXdmta QVBVSzJXQURNVDVSN1dDaEEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1G2KDePD3SM0PFrVytsn6dK+/pVAvTXccFbGhqE0A25ggjicdbIIa YDu8awYnbm/nw93pUMHiX0nzddkpb0JYYf2Dj8qrstZIt/ucK4T1UMU4u0YsU0/e d2CntceWgNMcogaT5+gZZCUYmnvZTSVpaUb41DzbnYreXFPGMUs4MzHc/vflw7cp yAzHgDmquARYbIfqrjTbQFGk7oWdq7dt2sBgLXj4sQeykhBp6nBIziXiZlQsuDb8 tLUBJETTdY6UcplOwaFMYrMm2bLzOEoEmrZe7IoVzuq+cGcPiI2PPoLRV7HrmlcN g+adGHTiAMexInG9hz9boS6Warb4YkZ0 -----END CERTIFICATE-----Generated at Wed Nov 5 19:28:28 2025 by rpki-client