$ rpki-client -vvf rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft File: IHitW73x1MW5cLvik02aNV2zHOg.mft (raw, json) Hash identifier: 2Yi+fkERZkCJ7+HF2FJro8JM/eckdjzPav3qwq2Ev+Q= Subject key identifier: 45:68:86:FB:4C:BC:8C:AB:91:1A:A1:D0:5B:04:5B:D0:55:27:0C:87 Authority key identifier: 20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 Certificate issuer: /CN=A91E4DFA/serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Certificate serial: 0545 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft Manifest number: 053B Signing time: Tue 04 Nov 2025 23:34:48 +0000 Manifest this update: Tue 04 Nov 2025 23:34:48 +0000 Manifest next update: Tue 11 Nov 2025 23:34:48 +0000 Files and hashes: 1: IHitW73x1MW5cLvik02aNV2zHOg.crl (hash: Q0BE9i4QIV1RA/3CgyJlEmNPQH2zMbBflHuR92dQiUY=) 2: 5EAA75CC28E511F0BE4DF317C4F9AE02.roa (hash: aZ97R0qET0w8nFTTAAMLi629/SQxZPM4icyK4OVkGiY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 23:34:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1349 (0x545) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E4DFA, serialNumber=2078AD5BBDF1D4C5B970BBE2934D9A355DB31CE8 Validity Not Before: Nov 4 23:34:48 2025 GMT Not After : Nov 11 23:34:48 2025 GMT Subject: CN=690a8d98-d406 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:e6:2a:3b:36:44:a6:96:9c:f8:41:02:da:c2: 1b:0f:c1:4a:e8:ef:fa:c5:b1:07:05:29:26:9a:8a: 0a:86:6a:c4:85:2d:c6:ac:aa:54:a0:e0:88:ec:49: ef:09:1b:a2:a8:5c:c9:e1:f2:bb:2b:52:00:a1:b2: 5c:a1:92:3e:9d:5a:c0:68:f3:96:47:be:6e:42:88: e5:07:d6:e3:16:87:ab:4d:8b:6d:f8:29:98:95:ff: 24:03:a1:36:cf:1e:2f:34:3d:19:73:b9:03:22:30: 2f:19:25:ec:73:f8:c0:f0:ac:d1:38:b6:18:8c:38: 69:7d:23:d2:bc:d1:e0:d8:bf:0e:8c:e4:f7:f9:d1: 38:45:7c:0d:ff:24:3d:2d:d6:56:b4:0b:f8:0e:11: 4f:07:db:e2:81:8c:1d:e7:b5:38:27:68:e7:eb:3e: 92:9d:f8:4a:98:06:d5:25:2a:26:26:bc:50:6f:0a: 3c:c9:59:45:2d:3d:45:2a:7d:46:7e:f5:3c:bb:e3: ca:41:68:00:b0:8d:45:68:34:6c:9f:8b:09:68:71: cd:fc:78:c9:3c:05:f5:20:fc:cf:93:a8:27:94:ac: d6:8b:fe:e6:ea:2c:68:55:e7:1b:75:58:e0:a5:28: 92:d7:c8:b8:72:f4:5f:58:86:8e:b1:82:fe:30:0c: 2e:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 45:68:86:FB:4C:BC:8C:AB:91:1A:A1:D0:5B:04:5B:D0:55:27:0C:87 X509v3 Authority Key Identifier: keyid:20:78:AD:5B:BD:F1:D4:C5:B9:70:BB:E2:93:4D:9A:35:5D:B3:1C:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/IHitW73x1MW5cLvik02aNV2zHOg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E4DFA/845984CE1A8511ECA76AEA3AC4F9AE02/IHitW73x1MW5cLvik02aNV2zHOg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:bc:67:46:2d:63:9e:32:d3:17:7a:44:15:01:d3:c3:15:83: 31:06:01:b2:c8:e6:0a:d3:b3:e5:e1:b1:1c:a8:16:80:e5:78: 01:81:07:8b:07:44:09:d6:a0:85:7d:7e:fd:91:0f:6c:3d:88: ca:ec:6f:01:af:72:d2:44:a6:d6:05:ac:38:b5:21:92:e9:cb: 74:27:d2:a8:04:38:25:86:a3:af:77:28:8e:da:78:97:db:ab: bb:b1:a5:d3:17:39:28:a6:65:3d:6d:26:89:4e:c8:5c:e8:9b: 88:87:91:52:37:c5:a9:72:00:91:36:dc:00:31:a9:55:8b:56: d4:c5:dc:2e:b4:5d:88:a8:09:6f:a7:27:dc:88:46:7a:80:ec: c9:13:b0:02:d1:2c:f1:7f:35:12:17:2a:38:29:d1:15:69:bb: a9:ad:01:86:42:d2:22:62:0b:68:15:91:7b:bb:ce:9b:dc:07: bd:8e:b3:eb:d4:55:bd:d8:87:14:81:58:0a:1b:04:da:f9:61: e1:13:8b:39:25:9b:1e:4c:f4:b1:ae:71:15:4d:85:2e:60:b5: 4f:cf:6f:84:29:a7:79:9e:93:5a:66:4b:c9:b0:80:df:a0:34: b9:be:19:b2:41:7b:11:0e:ed:c6:90:f7:2d:5c:1a:d9:85:df: 64:56:a1:77 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBUUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTRERkExMTAvBgNVBAUTKDIwNzhBRDVCQkRGMUQ0QzVCOTcwQkJFMjkzNEQ5QTM1 NURCMzFDRTgwHhcNMjUxMTA0MjMzNDQ4WhcNMjUxMTExMjMzNDQ4WjAYMRYwFAYD VQQDEw02OTBhOGQ5OC1kNDA2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu+YqOzZEppac+EEC2sIbD8FK6O/6xbEHBSkmmooKhmrEhS3GrKpUoOCI7Env CRuiqFzJ4fK7K1IAobJcoZI+nVrAaPOWR75uQojlB9bjFoerTYtt+CmYlf8kA6E2 zx4vND0Zc7kDIjAvGSXsc/jA8KzROLYYjDhpfSPSvNHg2L8OjOT3+dE4RXwN/yQ9 LdZWtAv4DhFPB9vigYwd57U4J2jn6z6SnfhKmAbVJSomJrxQbwo8yVlFLT1FKn1G fvU8u+PKQWgAsI1FaDRsn4sJaHHN/HjJPAX1IPzPk6gnlKzWi/7m6ixoVecbdVjg pSiS18i4cvRfWIaOsYL+MAwujwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEVohvtM vIyrkRqh0FsEW9BVJwyHMB8GA1UdIwQYMBaAFCB4rVu98dTFuXC74pNNmjVdsxzo MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFNERGQS84NDU5ODRDRTFB ODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFNVzVjTHZpazAyYU5WMnpI T2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lIaXRXNzN4MU1XNWNMdmlrMDJhTlYyekhPZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF NERGQS84NDU5ODRDRTFBODUxMUVDQTc2QUVBM0FDNEY5QUUwMi9JSGl0VzczeDFN VzVjTHZpazAyYU5WMnpIT2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1vGdGLWOeMtMXekQVAdPDFYMxBgGyyOYK07Pl4bEcqBaA5XgBgQeL B0QJ1qCFfX79kQ9sPYjK7G8Br3LSRKbWBaw4tSGS6ct0J9KoBDglhqOvdyiO2niX 26u7saXTFzkopmU9bSaJTshc6JuIh5FSN8WpcgCRNtwAMalVi1bUxdwutF2IqAlv pyfciEZ6gOzJE7AC0SzxfzUSFyo4KdEVabuprQGGQtIiYgtoFZF7u86b3Ae9jrPr 1FW92IcUgVgKGwTa+WHhE4s5JZseTPSxrnEVTYUuYLVPz2+EKad5npNaZkvJsIDf oDS5vhmyQXsRDu3GkPctXBrZhd9kVqF3 -----END CERTIFICATE-----Generated at Wed Nov 5 11:33:48 2025 by rpki-client