$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: qFpxYpiTKNRXeUb+7h022R3o95XqfPfcNI6JBQt3llw= Subject key identifier: C2:11:3C:51:BA:EB:51:1F:56:65:EB:9A:06:92:15:1A:7A:42:57:39 Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 01CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 01CA Signing time: Wed 05 Nov 2025 03:01:26 +0000 Manifest this update: Wed 05 Nov 2025 03:01:26 +0000 Manifest next update: Wed 12 Nov 2025 03:01:26 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: KuVPZkk4LeMDaenn54IFTLq7DCmaILCI/LSkQzRgF3w=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:01:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 463 (0x1cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Nov 5 03:01:26 2025 GMT Not After : Nov 12 03:01:26 2025 GMT Subject: CN=690abe06-4222 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:ed:5c:ad:03:35:51:96:b0:de:a9:af:84:bf: bc:8f:b5:e6:a0:fb:e5:dc:af:0e:c4:9b:61:5a:b7: 8d:43:0b:8f:7c:14:b6:57:c9:75:0a:1f:31:62:35: da:60:2e:aa:51:41:71:56:d8:9a:43:88:49:99:45: 82:f3:58:7a:80:4b:82:cd:07:ee:7b:6c:d7:16:cb: f3:1b:ad:8e:ec:09:7d:aa:45:b1:6a:f3:fd:f2:63: 7d:ff:b5:41:3d:63:36:90:78:af:95:80:ac:2a:3a: 75:a4:6e:e9:d7:f7:11:d6:f4:f0:34:d2:ae:b0:3a: 22:72:1b:bd:d6:f7:cc:b1:c8:c2:e2:96:42:c2:51: 24:70:02:7a:eb:78:e8:fd:8f:65:8d:10:5e:3e:d3: 23:a2:0f:5d:df:fa:0c:f1:9b:53:c3:4f:4a:0f:9f: ea:ca:66:f6:93:2e:a6:ed:2b:aa:5a:0f:7c:19:cf: 15:0b:fa:b7:6b:5d:86:38:c5:b7:51:e4:dc:98:5b: 81:8b:d9:5e:97:5e:d2:89:d8:6c:3f:0e:7a:b5:16: 6b:41:b7:da:b5:53:99:12:36:62:a0:5f:81:96:9a: 33:0b:ca:d6:4c:ee:69:5c:d7:3f:ce:f6:76:f9:f0: 94:7d:f0:60:a4:54:45:e6:b0:11:4f:f4:a6:1c:69: f8:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:11:3C:51:BA:EB:51:1F:56:65:EB:9A:06:92:15:1A:7A:42:57:39 X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b4:3a:86:b6:18:0b:41:d4:c8:fe:cd:81:fe:90:f8:6b:18:24: 6a:49:bd:e5:ab:e7:f0:bf:c2:21:ad:57:47:30:42:62:eb:7a: d2:1b:ab:dc:2f:75:4a:03:27:87:67:c9:fa:05:be:9a:08:94: e1:44:25:5b:df:80:bb:20:9e:7e:f7:56:a3:ce:f0:f8:0e:7f: 4e:14:50:a4:c3:e2:11:81:15:04:4f:39:0d:cd:85:fe:f1:0c: 9a:47:7b:d6:36:7f:e5:7a:01:e0:0c:d4:90:25:6d:35:d2:4f: 91:dc:7e:c1:16:04:3f:c5:8f:e3:37:6f:cc:f3:47:fd:7f:a3: 8c:04:d1:68:31:8f:ce:6d:8a:6f:c7:a0:b1:d4:3d:f2:ae:15: 45:35:c1:92:aa:a3:cf:9d:88:9c:28:d8:5f:b5:6f:29:13:5b: c3:33:65:56:f6:2a:6e:f6:d1:05:73:27:0c:56:9d:95:e6:87: c2:b9:ad:e1:ec:54:45:fa:1a:2d:1a:a3:80:31:b9:55:d1:e6: 95:94:e8:5a:f2:0f:72:72:ca:f8:65:b7:2b:da:44:de:e9:67: 1a:ce:1d:dc:33:cf:91:13:34:2d:db:67:76:42:ff:4c:28:6c: 3c:9f:bd:87:32:d7:a2:db:39:3f:9a:0f:2a:7e:e8:d5:f7:3a: 52:64:fb:be -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUxMTA1MDMwMTI2WhcNMjUxMTEyMDMwMTI2WjAYMRYwFAYD VQQDEw02OTBhYmUwNi00MjIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnO1crQM1UZaw3qmvhL+8j7XmoPvl3K8OxJthWreNQwuPfBS2V8l1Ch8xYjXa YC6qUUFxVtiaQ4hJmUWC81h6gEuCzQfue2zXFsvzG62O7Al9qkWxavP98mN9/7VB PWM2kHivlYCsKjp1pG7p1/cR1vTwNNKusDoichu91vfMscjC4pZCwlEkcAJ663jo /Y9ljRBePtMjog9d3/oM8ZtTw09KD5/qymb2ky6m7SuqWg98Gc8VC/q3a12GOMW3 UeTcmFuBi9lel17SidhsPw56tRZrQbfatVOZEjZioF+BlpozC8rWTO5pXNc/zvZ2 +fCUffBgpFRF5rART/SmHGn4+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMIRPFG6 61EfVmXrmgaSFRp6Qlc5MB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC0Ooa2GAtB1Mj+zYH+kPhrGCRqSb3lq+fwv8IhrVdHMEJi63rSG6vc L3VKAyeHZ8n6Bb6aCJThRCVb34C7IJ5+91ajzvD4Dn9OFFCkw+IRgRUETzkNzYX+ 8QyaR3vWNn/legHgDNSQJW010k+R3H7BFgQ/xY/jN2/M80f9f6OMBNFoMY/ObYpv x6Cx1D3yrhVFNcGSqqPPnYicKNhftW8pE1vDM2VW9ipu9tEFcycMVp2V5ofCua3h 7FRF+hotGqOAMblV0eaVlOha8g9ycsr4Zbcr2kTe6Wcazh3cM8+REzQt22d2Qv9M KGw8n72HMtei2zk/mg8qfujV9zpSZPu+ -----END CERTIFICATE-----Generated at Wed Nov 5 09:53:25 2025 by rpki-client