$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: uMDX6zSnPa4LTtpU3uCoP3/I0y1YDlfHYvAA9N1xbcE= Subject key identifier: 68:45:D9:C8:71:A1:0E:B2:20:C6:46:A9:B6:39:BC:09:79:45:6A:FE Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 0544 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 053A Signing time: Sun 02 Nov 2025 23:29:05 +0000 Manifest this update: Sun 02 Nov 2025 23:29:05 +0000 Manifest next update: Sun 09 Nov 2025 23:29:05 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: PLn1akkyop0JgoSknD6aeAODhRgni7vfEZmNeD/z4Yg=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 23:29:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1348 (0x544) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Nov 2 23:29:05 2025 GMT Not After : Nov 9 23:29:05 2025 GMT Subject: CN=6907e941-22d3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:3a:99:12:27:f6:d9:eb:89:9a:cf:cc:ed:4d: 1f:86:5b:03:c6:13:e8:43:03:84:af:9b:66:cb:3a: 5a:30:69:da:f5:3d:7d:9a:45:94:cf:57:42:a9:9a: c7:13:81:86:43:f4:fe:29:ee:94:79:6c:70:a1:6b: 4f:02:b5:97:8a:18:ff:0c:65:a1:73:c2:1c:bd:c7: fd:b3:26:b4:ae:c2:f4:df:e2:2e:73:d4:3f:19:30: 88:3e:ff:cf:19:21:0e:0d:c8:30:b8:66:7b:ba:bf: 91:f9:4c:0e:e4:9b:2c:78:2e:83:7d:37:c1:8f:e2: 25:75:38:43:81:e8:ed:44:9b:b5:22:6c:d7:ff:68: f3:53:76:9f:5d:9f:f7:b1:06:aa:41:13:00:df:a0: ee:aa:e0:dc:62:89:51:05:6a:eb:47:48:b8:85:10: 75:e3:86:a7:94:38:6b:bd:9e:d3:a4:1a:a3:3e:90: 64:5c:27:80:7f:1a:0e:79:13:d9:86:ed:25:cc:f5: 36:c8:85:95:b3:78:9f:da:96:5f:ec:63:6f:d9:f1: 8e:3b:bf:4f:f2:18:64:a0:d7:d0:d3:dc:04:56:b2: a1:8c:e2:d8:5f:fd:36:2b:64:30:c8:df:03:91:f2: e5:37:2f:54:08:87:69:93:2f:d3:99:58:89:fe:c3: e6:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 68:45:D9:C8:71:A1:0E:B2:20:C6:46:A9:B6:39:BC:09:79:45:6A:FE X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b1:74:19:6e:75:dc:3b:5c:aa:ce:89:a2:06:f9:d8:e8:25:4c: 79:96:c9:c8:97:3a:37:2c:99:4b:93:11:c5:eb:2c:d9:0a:2d: 07:72:4c:e6:3b:54:62:70:5a:13:02:da:e8:b3:19:8d:ef:dc: 61:ee:80:f4:e9:45:35:0c:82:0e:18:be:65:dd:0c:34:ef:82: d3:1e:5c:32:f1:c6:0c:d1:6e:8f:74:91:04:2c:db:bd:9b:f4: 27:ca:56:e8:24:bf:e3:56:9e:8e:6f:55:4b:19:ee:10:f3:35: 50:c2:63:7d:2e:c1:36:b9:a7:60:64:cf:02:32:14:aa:fc:3a: fb:18:5c:ed:6b:0e:8e:c8:8a:26:a6:eb:61:b9:fb:bb:d3:19: 2b:c2:70:52:35:07:62:ea:63:5b:cc:06:c9:aa:d8:de:2b:c6: 99:a7:31:8f:9f:a4:0c:e8:3f:62:30:f5:ae:1b:f9:3e:a9:83: 9e:8d:23:82:75:8d:d1:61:20:c6:29:66:a8:97:e2:bf:7c:81: 20:94:91:2f:a1:18:15:a4:59:29:7d:08:90:93:9f:78:ff:00: 9d:6c:41:d8:af:3c:0d:73:c6:35:c7:df:5b:ca:31:cd:47:91: 91:43:1e:93:ac:1b:6c:55:6b:02:e9:cf:8c:0b:15:25:00:7e: 38:68:c5:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUxMTAyMjMyOTA1WhcNMjUxMTA5MjMyOTA1WjAYMRYwFAYD VQQDEw02OTA3ZTk0MS0yMmQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwjqZEif22euJms/M7U0fhlsDxhPoQwOEr5tmyzpaMGna9T19mkWUz1dCqZrH E4GGQ/T+Ke6UeWxwoWtPArWXihj/DGWhc8Icvcf9sya0rsL03+Iuc9Q/GTCIPv/P GSEODcgwuGZ7ur+R+UwO5JsseC6DfTfBj+IldThDgejtRJu1ImzX/2jzU3afXZ/3 sQaqQRMA36DuquDcYolRBWrrR0i4hRB144anlDhrvZ7TpBqjPpBkXCeAfxoOeRPZ hu0lzPU2yIWVs3if2pZf7GNv2fGOO79P8hhkoNfQ09wEVrKhjOLYX/02K2QwyN8D kfLlNy9UCIdpky/TmViJ/sPmqQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGhF2chx oQ6yIMZGqbY5vAl5RWr+MB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCxdBluddw7XKrOiaIG+djoJUx5lsnIlzo3LJlLkxHF6yzZCi0Hckzm O1RicFoTAtrosxmN79xh7oD06UU1DIIOGL5l3Qw074LTHlwy8cYM0W6PdJEELNu9 m/QnylboJL/jVp6Ob1VLGe4Q8zVQwmN9LsE2uadgZM8CMhSq/Dr7GFztaw6OyIom puthufu70xkrwnBSNQdi6mNbzAbJqtjeK8aZpzGPn6QM6D9iMPWuG/k+qYOejSOC dY3RYSDGKWaol+K/fIEglJEvoRgVpFkpfQiQk594/wCdbEHYrzwNc8Y1x99byjHN R5GRQx6TrBtsVWsC6c+MCxUlAH44aMXN -----END CERTIFICATE-----Generated at Mon Nov 3 18:06:57 2025 by rpki-client