$ rpki-client -vvf rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft File: hsjX-0IuFSejmUSD0fne8sYKMHI.mft (raw, json) Hash identifier: Z23GhEbiGh6QYR6NU/PR9mluJu3O1sp5WPzsC0GeDEw= Subject key identifier: 85:94:74:AD:04:20:B1:88:86:7F:79:CA:45:90:2F:86:62:5A:CD:3A Authority key identifier: 86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 Certificate issuer: /CN=A91BEB11/serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Certificate serial: 34D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft Manifest number: 34D4 Signing time: Tue 04 Nov 2025 14:59:14 +0000 Manifest this update: Tue 04 Nov 2025 14:59:13 +0000 Manifest next update: Tue 11 Nov 2025 14:59:13 +0000 Files and hashes: 1: hsjX-0IuFSejmUSD0fne8sYKMHI.crl (hash: PmDE01FR+ShtgSmc8X0BEUOA7QBRX1aqq/+jS99LNac=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:59:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13524 (0x34d4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BEB11, serialNumber=86C8D7FB422E1527A3994483D1F9DEF2C60A3072 Validity Not Before: Nov 4 14:59:13 2025 GMT Not After : Nov 11 14:59:13 2025 GMT Subject: CN=690a14c1-6339 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:e3:0b:ae:8e:4a:e6:52:da:e9:2f:71:a0:c4: cd:b7:fa:bf:88:90:0d:b0:4b:f7:e6:6c:87:e8:9f: 52:79:e4:3c:a0:8d:74:c0:f1:71:c9:07:4f:cb:c2: df:2e:59:42:11:30:f3:b8:32:b3:3b:d9:e5:48:56: 98:aa:00:e8:ef:67:3f:9c:46:94:e9:c5:16:0e:a3: 62:98:8d:0e:be:ff:8a:8d:1a:43:27:84:e6:3a:9f: d7:65:6c:21:7b:7e:18:75:45:d7:ef:7b:09:50:70: 38:ae:69:7e:b3:b5:8a:95:6a:32:74:f9:98:fa:58: f5:98:e5:fd:3d:85:72:2f:95:45:dc:99:3e:dd:a8: 3e:52:cb:0e:1b:32:6a:7d:06:e0:f4:50:ee:51:e7: 54:dd:17:46:15:45:6e:8b:8d:9f:66:9c:c0:40:b2: ad:6b:d0:ec:63:80:02:57:77:12:c3:d4:02:89:c5: fa:5c:a5:56:03:ad:dc:72:f0:64:88:1c:e8:a6:1f: c8:02:c5:60:dc:30:2d:67:86:ac:b0:af:83:6c:dd: 8b:62:05:22:51:b0:85:4e:8a:97:8d:6c:e4:4b:d3: 65:20:a9:b8:49:80:ec:2e:d6:fd:07:a7:76:f9:c9: 5e:b2:b9:c6:e2:a4:d8:0b:8a:d9:0c:c0:90:dc:38: c9:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 85:94:74:AD:04:20:B1:88:86:7F:79:CA:45:90:2F:86:62:5A:CD:3A X509v3 Authority Key Identifier: keyid:86:C8:D7:FB:42:2E:15:27:A3:99:44:83:D1:F9:DE:F2:C6:0A:30:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hsjX-0IuFSejmUSD0fne8sYKMHI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BEB11/9F43587E1D9A11E29AF6FC8708B02CD2/hsjX-0IuFSejmUSD0fne8sYKMHI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 38:e8:54:f7:e6:b6:3d:26:54:e0:87:87:53:3a:fa:1c:72:c5: ce:88:a4:50:55:18:44:6a:21:47:12:ed:b7:9a:11:f9:21:b7: ad:e2:39:7b:0b:77:1e:09:76:bc:e4:80:de:82:aa:6c:8c:d7: 70:3d:60:33:e9:63:a9:3b:e1:1d:62:94:bc:a7:23:da:9d:fe: bf:04:be:4f:64:19:e7:a1:a5:4f:4e:7f:38:97:6f:49:6a:d8: 20:43:3c:3b:e1:fa:dd:4d:df:74:18:2e:fd:dc:9f:cc:00:3a: 70:27:aa:2b:ab:8e:97:da:d1:b3:37:57:46:1a:23:b7:49:fa: 94:cf:1a:14:82:b4:f0:10:83:91:34:6b:b1:43:91:71:c4:a9: c0:b0:ff:31:a4:02:d5:9c:27:ba:0a:22:6e:c4:1a:f0:4d:da: e7:f6:f1:5c:c9:63:a9:10:93:b4:40:40:99:bc:7a:42:65:c9: 0d:3f:35:eb:2a:a8:1a:aa:1b:0f:b8:2b:95:a2:e9:7d:be:c7: 95:0b:81:f9:7e:8d:26:d9:97:a0:5b:ec:88:bc:4e:02:87:e7: 44:18:34:fe:52:6e:aa:9f:50:04:0f:2f:78:9c:2e:af:a4:23: b7:64:0a:96:4a:c7:c0:09:8e:cd:ed:54:37:19:74:e3:30:0f: a8:24:5b:dc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNNQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkVCMTExMTAvBgNVBAUTKDg2QzhEN0ZCNDIyRTE1MjdBMzk5NDQ4M0QxRjlERUYy QzYwQTMwNzIwHhcNMjUxMTA0MTQ1OTEzWhcNMjUxMTExMTQ1OTEzWjAYMRYwFAYD VQQDEw02OTBhMTRjMS02MzM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuOMLro5K5lLa6S9xoMTNt/q/iJANsEv35myH6J9SeeQ8oI10wPFxyQdPy8Lf LllCETDzuDKzO9nlSFaYqgDo72c/nEaU6cUWDqNimI0Ovv+KjRpDJ4TmOp/XZWwh e34YdUXX73sJUHA4rml+s7WKlWoydPmY+lj1mOX9PYVyL5VF3Jk+3ag+UssOGzJq fQbg9FDuUedU3RdGFUVui42fZpzAQLKta9DsY4ACV3cSw9QCicX6XKVWA63ccvBk iBzoph/IAsVg3DAtZ4assK+DbN2LYgUiUbCFToqXjWzkS9NlIKm4SYDsLtb9B6d2 +clesrnG4qTYC4rZDMCQ3DjJXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIWUdK0E ILGIhn95ykWQL4ZiWs06MB8GA1UdIwQYMBaAFIbI1/tCLhUno5lEg9H53vLGCjBy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCRUIxMS85RjQzNTg3RTFE OUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZTZWptVVNEMGZuZThzWUtN SEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hzalgtMEl1RlNlam1VU0QwZm5lOHNZS01ISS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC RUIxMS85RjQzNTg3RTFEOUExMUUyOUFGNkZDODcwOEIwMkNEMi9oc2pYLTBJdUZT ZWptVVNEMGZuZThzWUtNSEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA46FT35rY9JlTgh4dTOvoccsXOiKRQVRhEaiFHEu23mhH5Ibet4jl7 C3ceCXa85IDegqpsjNdwPWAz6WOpO+EdYpS8pyPanf6/BL5PZBnnoaVPTn84l29J atggQzw74frdTd90GC793J/MADpwJ6orq46X2tGzN1dGGiO3SfqUzxoUgrTwEIOR NGuxQ5FxxKnAsP8xpALVnCe6CiJuxBrwTdrn9vFcyWOpEJO0QECZvHpCZckNPzXr KqgaqhsPuCuVoul9vseVC4H5fo0m2ZegW+yIvE4Ch+dEGDT+Um6qn1AEDy94nC6v pCO3ZAqWSsfACY7N7VQ3GXTjMA+oJFvc -----END CERTIFICATE-----Generated at Wed Nov 5 07:58:41 2025 by rpki-client