$ rpki-client -vvf rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft File: HAQwdyQVc864WNlR8CsiBXujluc.mft (raw, json) Hash identifier: U0K9a9/jVOyozC1rZcze7TR1yT82kNGzwxkBcnljymk= Subject key identifier: 83:52:53:B7:A9:0F:07:07:EB:2E:74:8F:95:5C:B7:1B:18:D8:D8:C7 Authority key identifier: 1C:04:30:77:24:15:73:CE:B8:58:D9:51:F0:2B:22:05:7B:A3:96:E7 Certificate issuer: /CN=A91D45A2/serialNumber=1C043077241573CEB858D951F02B22057BA396E7 Certificate serial: 0439 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft Manifest number: 0433 Signing time: Mon 03 Nov 2025 00:15:44 +0000 Manifest this update: Mon 03 Nov 2025 00:15:44 +0000 Manifest next update: Mon 10 Nov 2025 00:15:44 +0000 Files and hashes: 1: HAQwdyQVc864WNlR8CsiBXujluc.crl (hash: SVJZZLZAttrYIHrZjc8IXFzbZwjgNa2/b3BOoHf0SiM=) 2: 4AB730E0800B11EC84B3FA3BC4F9AE02.roa (hash: /pdJUaEubJCV2S3p1KppNWpdc/sERLFGpbX3qSnYD48=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.crl rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:15:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1081 (0x439) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D45A2, serialNumber=1C043077241573CEB858D951F02B22057BA396E7 Validity Not Before: Nov 3 00:15:44 2025 GMT Not After : Nov 10 00:15:44 2025 GMT Subject: CN=6907f430-24c7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:fd:71:b1:6f:9b:27:f5:d3:ba:72:a1:bf:e6: 3e:a5:77:22:cc:8d:82:3d:e4:01:62:f4:01:0b:0f: c7:91:17:42:54:0e:d6:80:b2:3e:56:d3:cc:24:ce: 32:a7:49:bb:3a:1e:00:92:d5:0a:f6:5b:b4:ea:56: b3:87:03:7a:5f:d5:fb:53:4e:3b:10:cc:10:14:ed: de:47:10:eb:c0:c8:be:48:40:9b:7c:92:d7:fa:7a: a6:94:f8:6e:43:dc:7c:eb:0b:b0:73:8d:de:2c:a5: 69:b0:02:b5:64:41:c1:00:c4:91:29:86:2d:db:2d: c6:d2:40:a0:2d:8e:17:f3:e1:41:51:0d:df:47:c7: cd:9b:92:c4:5b:dc:11:7c:8f:78:f9:bc:85:f6:f4: b5:3d:56:2a:cd:47:ce:1d:6b:9d:16:15:63:3a:3a: aa:33:64:89:c8:36:5c:16:45:29:f7:35:2e:dc:82: e2:3e:32:90:01:a8:15:a1:10:d7:e7:c8:7a:50:32: 95:f8:f8:71:33:71:1d:4f:44:7c:47:7e:c3:01:72: 5c:41:d1:b8:95:25:28:21:e4:42:dc:88:50:f5:65: 80:0a:db:9b:d3:06:c9:04:45:0d:03:a1:96:80:4d: 9b:8f:93:71:8a:1c:d7:fa:d8:86:6a:d6:47:14:15: d5:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 83:52:53:B7:A9:0F:07:07:EB:2E:74:8F:95:5C:B7:1B:18:D8:D8:C7 X509v3 Authority Key Identifier: keyid:1C:04:30:77:24:15:73:CE:B8:58:D9:51:F0:2B:22:05:7B:A3:96:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAQwdyQVc864WNlR8CsiBXujluc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D45A2/A3D2DCAA800711EC908AA967C4F9AE02/HAQwdyQVc864WNlR8CsiBXujluc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:55:d7:ee:3f:ea:59:0e:69:ff:01:54:70:b6:ca:af:41:7f: 4f:31:78:ec:5b:6a:cb:86:e8:00:ce:17:6e:ad:ef:d8:97:fe: 5f:a3:1d:e8:58:0e:b5:f3:7d:1a:f3:93:cb:50:94:4c:38:dd: 34:87:26:40:2c:71:fc:29:b0:06:e5:83:14:82:28:cf:d1:05: 9b:1e:af:7f:f1:0f:82:bf:57:d0:e9:92:74:d5:11:53:94:c2: 5b:66:e5:35:d8:32:63:98:a8:f2:d0:2f:e0:4d:49:08:25:5a: fa:25:1b:3d:e5:a9:47:12:0f:cc:75:48:8c:77:88:c0:73:d5: fa:a1:2c:53:12:0c:11:99:fe:18:7b:e0:9b:9e:e0:50:9b:ff: ab:c9:ce:97:9e:f2:7b:fc:96:45:99:2c:95:d1:07:07:74:bc: 0c:20:ee:93:b2:75:d8:52:d6:42:3e:2f:2c:fe:ec:11:f2:83: 2b:e5:18:74:f5:20:6b:a0:8c:4d:4b:9d:66:b8:f5:ef:c5:eb: 2a:15:f9:57:6b:51:2a:ea:ad:fb:de:cf:f6:4e:9b:a1:c7:d0: 8c:82:7b:e2:e5:b6:6c:cb:f4:20:73:c0:1a:c7:3d:4c:e6:98: c0:9d:66:6b:2b:9e:c1:3f:fa:56:db:e0:6b:98:35:73:10:e4: bc:d2:8c:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDQ1QTIxMTAvBgNVBAUTKDFDMDQzMDc3MjQxNTczQ0VCODU4RDk1MUYwMkIyMjA1 N0JBMzk2RTcwHhcNMjUxMTAzMDAxNTQ0WhcNMjUxMTEwMDAxNTQ0WjAYMRYwFAYD VQQDEw02OTA3ZjQzMC0yNGM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqP1xsW+bJ/XTunKhv+Y+pXcizI2CPeQBYvQBCw/HkRdCVA7WgLI+VtPMJM4y p0m7Oh4AktUK9lu06lazhwN6X9X7U047EMwQFO3eRxDrwMi+SECbfJLX+nqmlPhu Q9x86wuwc43eLKVpsAK1ZEHBAMSRKYYt2y3G0kCgLY4X8+FBUQ3fR8fNm5LEW9wR fI94+byF9vS1PVYqzUfOHWudFhVjOjqqM2SJyDZcFkUp9zUu3ILiPjKQAagVoRDX 58h6UDKV+PhxM3EdT0R8R37DAXJcQdG4lSUoIeRC3IhQ9WWACtub0wbJBEUNA6GW gE2bj5NxihzX+tiGatZHFBXVLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFINSU7ep DwcH6y50j5VctxsY2NjHMB8GA1UdIwQYMBaAFBwEMHckFXPOuFjZUfArIgV7o5bn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENDVBMi9BM0QyRENBQTgw MDcxMUVDOTA4QUE5NjdDNEY5QUUwMi9IQVF3ZHlRVmM4NjRXTmxSOENzaUJYdWps dWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBUXdkeVFWYzg2NFdObFI4Q3NpQlh1amx1Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NDVBMi9BM0QyRENBQTgwMDcxMUVDOTA4QUE5NjdDNEY5QUUwMi9IQVF3ZHlRVmM4 NjRXTmxSOENzaUJYdWpsdWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdVdfuP+pZDmn/AVRwtsqvQX9PMXjsW2rLhugAzhdure/Yl/5fox3o WA61830a85PLUJRMON00hyZALHH8KbAG5YMUgijP0QWbHq9/8Q+Cv1fQ6ZJ01RFT lMJbZuU12DJjmKjy0C/gTUkIJVr6JRs95alHEg/MdUiMd4jAc9X6oSxTEgwRmf4Y e+CbnuBQm/+ryc6XnvJ7/JZFmSyV0QcHdLwMIO6TsnXYUtZCPi8s/uwR8oMr5Rh0 9SBroIxNS51muPXvxesqFflXa1Eq6q373s/2Tpuhx9CMgnvi5bZsy/Qgc8Aaxz1M 5pjAnWZrK57BP/pW2+BrmDVzEOS80ozx -----END CERTIFICATE-----Generated at Mon Nov 3 18:20:10 2025 by rpki-client