$ rpki-client -vvf rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft File: HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft (raw, json) Hash identifier: bpEQL+LF+YBccS/lMCecaFxp4YUoYqddIUQEeuASjkE= Subject key identifier: BB:91:D1:52:E5:75:5C:5E:46:E7:1B:84:FE:1E:48:32:72:15:5F:43 Authority key identifier: 1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B Certificate issuer: /CN=A91B1FA8/serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Certificate serial: 13B6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft Manifest number: 138C Signing time: Mon 20 Oct 2025 17:25:09 +0000 Manifest this update: Mon 20 Oct 2025 17:25:09 +0000 Manifest next update: Mon 27 Oct 2025 17:25:09 +0000 Files and hashes: 1: HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl (hash: Yl4YBoDGvGIqWnLLG5RwtgP7WtA7XDH2TQxZPZAUJ98=) 2: 40366CF0F8C811EBB7BFD243C4F9AE02.roa (hash: YO0KSyMg3rhBagYoGztB5o5uMcRrrSiw068DI4yqRmI=) 3: E4A74BE6255211EB96B9B269C4F9AE02.roa (hash: WXuqlnvJ/kQYgmajvkp6WqRXIhVjEPtrsEAuBi7s1vA=) 4: 538F7B12B1D711EBB3C0A24AC4F9AE02.roa (hash: VriM0YGDOfhzo18xUQqToLLJGd+19KKo1Yju23Rp1tg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 17:25:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5046 (0x13b6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B1FA8, serialNumber=1C4E9F3F800505A40BA165B6C020405A22C64B3B Validity Not Before: Oct 20 17:25:09 2025 GMT Not After : Oct 27 17:25:09 2025 GMT Subject: CN=68f67075-7ca8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:af:9e:72:72:5d:03:f2:8f:c4:b8:ed:04:d3: dc:b0:ea:24:64:1f:fb:69:fb:3d:aa:5f:17:e9:be: 0e:b4:3e:9f:eb:c2:62:20:86:9d:b3:fc:c8:dc:6e: 13:63:19:90:f7:c6:4b:f9:05:37:e3:f0:3e:bf:09: 5c:33:bf:a9:bf:7d:cb:e0:ff:25:07:53:68:d7:b6: 32:89:58:04:3f:d1:a6:ce:45:6b:c5:b7:42:20:e6: 8a:c9:29:e6:fa:61:5b:f4:67:e8:1c:80:2c:c8:62: 03:3a:4e:5f:40:19:0c:a1:7c:98:8d:10:6d:aa:0a: a6:a1:f3:39:09:dd:fd:f5:72:12:91:f0:a5:ea:f2: 47:54:d0:0b:c1:c0:c0:8b:5c:84:e3:a6:37:52:79: ad:63:1a:89:78:ce:51:b5:e7:13:87:e0:a1:78:f5: 17:c1:10:6f:fa:87:45:a4:fe:a5:d8:33:ce:10:e3: 76:23:74:d2:ff:67:9c:43:ac:05:2f:b5:aa:34:c3: 42:39:6a:10:46:a1:15:b8:5c:77:93:8c:15:77:f7: 85:e2:55:52:40:55:09:69:a0:86:a5:5d:8d:17:d4: 14:23:ac:b9:74:e2:c6:04:04:f1:e9:2d:7a:fd:40: 2b:14:b5:3d:c5:71:9c:fa:32:bf:d8:91:4e:a4:5d: eb:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BB:91:D1:52:E5:75:5C:5E:46:E7:1B:84:FE:1E:48:32:72:15:5F:43 X509v3 Authority Key Identifier: keyid:1C:4E:9F:3F:80:05:05:A4:0B:A1:65:B6:C0:20:40:5A:22:C6:4B:3B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HE6fP4AFBaQLoWW2wCBAWiLGSzs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B1FA8/E861FD3AAFD911E8B2ED4C7FC4F9AE02/HE6fP4AFBaQLoWW2wCBAWiLGSzs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 79:a7:d6:d3:9a:d0:04:6c:08:30:b1:ca:1e:41:05:4b:0b:45: 3f:f9:7b:5b:9d:2e:79:2e:67:58:6d:ee:96:7d:04:6b:bd:8d: 54:09:f6:c2:31:20:17:87:f6:34:78:5e:b2:8c:96:c9:b0:a2: 31:c5:a5:60:4c:92:c5:04:b6:31:bf:ef:74:af:6d:63:e0:6c: c3:9c:47:b0:7b:0d:b1:4b:a5:3b:f9:8b:d2:01:dd:01:20:7c: d4:52:07:bc:15:6a:cd:64:37:c2:63:46:e7:93:98:cb:14:c8: 6d:b0:ec:4a:21:9c:42:9b:2b:34:f8:d1:03:2a:a6:a9:86:8b: 01:fb:39:f4:9d:97:6b:c1:a6:d5:93:92:09:61:96:09:e7:05: 99:67:4c:56:13:ab:0b:e1:30:e6:57:48:9c:b7:e6:8a:a3:27: 40:30:3b:61:eb:b8:58:7a:e7:26:fa:4b:83:0b:35:6b:76:73: 16:a5:64:9b:e3:90:4f:19:be:d6:a2:9b:ed:62:0d:17:ca:22: 34:51:df:08:4a:bb:5f:ef:dc:f4:33:e8:53:91:6f:5c:6f:3a: 55:7f:c3:57:93:6e:74:22:30:74:1e:59:66:de:e9:d6:98:22: 39:f2:14:7e:12:57:fe:85:d9:fa:50:e8:3f:26:a4:04:32:2d: f0:e1:d2:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE7YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjFGQTgxMTAvBgNVBAUTKDFDNEU5RjNGODAwNTA1QTQwQkExNjVCNkMwMjA0MDVB MjJDNjRCM0IwHhcNMjUxMDIwMTcyNTA5WhcNMjUxMDI3MTcyNTA5WjAYMRYwFAYD VQQDEw02OGY2NzA3NS03Y2E4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu6+ecnJdA/KPxLjtBNPcsOokZB/7afs9ql8X6b4OtD6f68JiIIads/zI3G4T YxmQ98ZL+QU34/A+vwlcM7+pv33L4P8lB1No17YyiVgEP9GmzkVrxbdCIOaKySnm +mFb9GfoHIAsyGIDOk5fQBkMoXyYjRBtqgqmofM5Cd399XISkfCl6vJHVNALwcDA i1yE46Y3UnmtYxqJeM5RtecTh+ChePUXwRBv+odFpP6l2DPOEON2I3TS/2ecQ6wF L7WqNMNCOWoQRqEVuFx3k4wVd/eF4lVSQFUJaaCGpV2NF9QUI6y5dOLGBATx6S16 /UArFLU9xXGc+jK/2JFOpF3r1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLuR0VLl dVxeRucbhP4eSDJyFV9DMB8GA1UdIwQYMBaAFBxOnz+ABQWkC6FltsAgQFoixks7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMUZBOC9FODYxRkQzQUFG RDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJhUUxvV1cyd0NCQVdpTEdT enMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hFNmZQNEFGQmFRTG9XVzJ3Q0JBV2lMR1N6cy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MUZBOC9FODYxRkQzQUFGRDkxMUU4QjJFRDRDN0ZDNEY5QUUwMi9IRTZmUDRBRkJh UUxvV1cyd0NCQVdpTEdTenMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB5p9bTmtAEbAgwscoeQQVLC0U/+XtbnS55LmdYbe6WfQRrvY1UCfbC MSAXh/Y0eF6yjJbJsKIxxaVgTJLFBLYxv+90r21j4GzDnEewew2xS6U7+YvSAd0B IHzUUge8FWrNZDfCY0bnk5jLFMhtsOxKIZxCmys0+NEDKqaphosB+zn0nZdrwabV k5IJYZYJ5wWZZ0xWE6sL4TDmV0ict+aKoydAMDth67hYeucm+kuDCzVrdnMWpWSb 45BPGb7WopvtYg0XyiI0Ud8ISrtf79z0M+hTkW9cbzpVf8NXk250IjB0Hllm3unW mCI58hR+Elf+hdn6UOg/JqQEMi3w4dJB -----END CERTIFICATE-----Generated at Tue Oct 21 13:57:02 2025 by rpki-client