$ rpki-client -vvf rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft File: XHIqJhQciPfNQPObN0raf7wfmx8.mft (raw, json) Hash identifier: CTrhMzXYRRl0FiduN35jl474WbVvnaRAnYrXdrcUT+k= Subject key identifier: DD:9C:E3:1A:69:7E:5E:3F:EF:FE:C4:FE:CE:3C:9E:6B:F1:2C:5F:26 Authority key identifier: 5C:72:2A:26:14:1C:88:F7:CD:40:F3:9B:37:4A:DA:7F:BC:1F:9B:1F Certificate issuer: /CN=A91D824A/serialNumber=5C722A26141C88F7CD40F39B374ADA7FBC1F9B1F Certificate serial: EF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft Manifest number: E8 Signing time: Mon 27 Oct 2025 07:37:27 +0000 Manifest this update: Mon 27 Oct 2025 07:37:27 +0000 Manifest next update: Mon 03 Nov 2025 07:37:27 +0000 Files and hashes: 1: XHIqJhQciPfNQPObN0raf7wfmx8.crl (hash: mRSXJGevP+p6k1NOp/8nbH5GfxjjNmcN9k9M7AXgcJs=) 2: D956F03AAB0211F083CD7E11C4F9AE02.roa (hash: qeoKnKi/L1qnb3FQ608yL9sJPnPOyw3KIsMI+MrC40Y=) 3: F0FCC9ECABF411F0B9E4F837C4F9AE02.roa (hash: kBaQGDaRm957tvzLCzGaAnm3IbVtZ/CNyACT06yHE1Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.crl rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Nov 2025 07:37:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 239 (0xef) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D824A, serialNumber=5C722A26141C88F7CD40F39B374ADA7FBC1F9B1F Validity Not Before: Oct 27 07:37:27 2025 GMT Not After : Nov 3 07:37:27 2025 GMT Subject: CN=68ff2137-c356 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:6d:19:87:34:15:9c:72:72:91:ba:46:e1:bb: f1:95:d8:a0:c2:38:d9:d6:5e:df:73:43:b8:a4:e9: 28:52:8b:9f:67:b4:fb:b1:d5:c2:57:f3:f2:27:5d: 46:e4:14:3e:5b:01:95:27:0d:8c:af:09:3b:7c:35: 9d:75:e6:d2:c0:f0:8f:0e:17:d5:96:98:ef:a9:69: 91:81:39:a0:a2:06:6b:92:8e:32:37:18:2e:8b:09: 9d:98:90:03:52:db:27:b2:5d:88:93:6c:7e:6c:86: f0:45:61:99:09:c9:2a:c8:19:3d:67:89:52:32:d7: 53:45:ed:31:99:42:c9:3c:5a:8a:08:7c:53:9a:52: 5e:09:c4:14:84:de:b9:cd:bc:ca:99:64:da:70:02: cd:ec:e7:31:76:7e:98:15:dc:6f:19:c8:5d:b9:e6: e2:cd:50:4c:ee:28:ba:de:b7:5a:4d:e5:1e:e6:8c: 3d:20:fc:e6:1a:b3:17:12:fb:81:6f:85:c2:c2:27: 58:aa:b9:04:2c:79:6b:38:db:f0:ef:01:5f:1f:86: 5e:80:51:33:00:b8:9f:14:33:02:e2:b3:7d:21:28: 6c:b8:99:c7:48:0a:20:2e:3e:f3:98:f6:fb:d9:4e: 2c:bc:d6:73:4e:d6:b9:b7:12:85:e7:73:9f:c2:b9: c6:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DD:9C:E3:1A:69:7E:5E:3F:EF:FE:C4:FE:CE:3C:9E:6B:F1:2C:5F:26 X509v3 Authority Key Identifier: keyid:5C:72:2A:26:14:1C:88:F7:CD:40:F3:9B:37:4A:DA:7F:BC:1F:9B:1F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/XHIqJhQciPfNQPObN0raf7wfmx8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D824A/4ADF33FC5B9A11EF8307F540C4F9AE02/XHIqJhQciPfNQPObN0raf7wfmx8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:2e:04:0a:87:52:6e:f1:a3:9b:ab:bf:2a:9b:2e:7d:c6:9a: 3c:42:aa:e8:68:eb:a4:66:3d:4e:8d:44:06:6e:63:2c:8c:18: b5:7c:36:80:0a:32:ba:b7:b5:be:59:1e:7d:76:58:02:11:ca: 62:5a:55:a1:7a:00:78:63:09:95:f3:31:1d:67:73:3d:45:7b: 71:33:be:dc:26:32:e6:77:71:25:0b:c1:ec:c1:cc:b7:0f:b5: 82:b2:56:c7:c0:5b:d9:c2:8a:4f:c7:58:90:a6:96:d4:9e:67: 23:a2:1d:3b:ed:a0:9e:e8:d0:1c:11:25:21:22:6d:cd:3a:5e: 10:7c:d9:33:e1:95:e4:c3:93:28:3f:cf:ae:2d:46:69:a6:e9: cb:26:58:5c:aa:0e:bb:62:d1:33:8b:ac:4c:ea:6c:c2:ce:5c: c1:0b:7e:8f:bf:33:cb:84:80:3f:34:48:d8:4c:3f:3f:3b:21: 7c:cd:5f:8c:45:52:56:17:2b:39:dc:c0:3d:a5:66:69:cb:e7: 33:97:d3:f8:61:99:9b:a4:74:cb:6b:ab:fa:fe:73:1c:dc:3d: 97:3c:cb:e3:51:ae:e5:41:df:5b:98:c2:68:2f:1a:ce:84:1e: 31:00:07:fe:13:2d:86:8a:ee:23:0d:ad:33:cf:5f:ee:30:35: 9a:04:b8:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAO8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDgyNEExMTAvBgNVBAUTKDVDNzIyQTI2MTQxQzg4RjdDRDQwRjM5QjM3NEFEQTdG QkMxRjlCMUYwHhcNMjUxMDI3MDczNzI3WhcNMjUxMTAzMDczNzI3WjAYMRYwFAYD VQQDEw02OGZmMjEzNy1jMzU2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv20ZhzQVnHJykbpG4bvxldigwjjZ1l7fc0O4pOkoUoufZ7T7sdXCV/PyJ11G 5BQ+WwGVJw2Mrwk7fDWddebSwPCPDhfVlpjvqWmRgTmgogZrko4yNxguiwmdmJAD Utsnsl2Ik2x+bIbwRWGZCckqyBk9Z4lSMtdTRe0xmULJPFqKCHxTmlJeCcQUhN65 zbzKmWTacALN7Ocxdn6YFdxvGchduebizVBM7ii63rdaTeUe5ow9IPzmGrMXEvuB b4XCwidYqrkELHlrONvw7wFfH4ZegFEzALifFDMC4rN9IShsuJnHSAogLj7zmPb7 2U4svNZzTta5txKF53OfwrnGXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN2c4xpp fl4/7/7E/s48nmvxLF8mMB8GA1UdIwQYMBaAFFxyKiYUHIj3zUDzmzdK2n+8H5sf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFEODI0QS80QURGMzNGQzVC OUExMUVGODMwN0Y1NDBDNEY5QUUwMi9YSElxSmhRY2lQZk5RUE9iTjByYWY3d2Zt eDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1hISXFKaFFjaVBmTlFQT2JOMHJhZjd3Zm14OC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE ODI0QS80QURGMzNGQzVCOUExMUVGODMwN0Y1NDBDNEY5QUUwMi9YSElxSmhRY2lQ Zk5RUE9iTjByYWY3d2ZteDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCLgQKh1Ju8aObq78qmy59xpo8QqroaOukZj1OjUQGbmMsjBi1fDaA CjK6t7W+WR59dlgCEcpiWlWhegB4YwmV8zEdZ3M9RXtxM77cJjLmd3ElC8Hswcy3 D7WCslbHwFvZwopPx1iQppbUnmcjoh077aCe6NAcESUhIm3NOl4QfNkz4ZXkw5Mo P8+uLUZppunLJlhcqg67YtEzi6xM6mzCzlzBC36PvzPLhIA/NEjYTD8/OyF8zV+M RVJWFys53MA9pWZpy+czl9P4YZmbpHTLa6v6/nMc3D2XPMvjUa7lQd9bmMJoLxrO hB4xAAf+Ey2Giu4jDa0zz1/uMDWaBLh6 -----END CERTIFICATE-----Generated at Mon Oct 27 17:47:18 2025 by rpki-client