$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft File: HretI1L3xupKYveEzl-7EW3ybsI.mft (raw, json) Hash identifier: zKRNLmQmyJVtl9tfhnHAtU1ND4ZFA/y/tJutPl0U4cg= Subject key identifier: B3:61:74:C1:DE:32:32:55:26:23:AC:E2:DF:E5:7D:37:21:D6:8F:8A Authority key identifier: 1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 Certificate issuer: /CN=A91EF24F/serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Certificate serial: 083C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft Manifest number: 0821 Signing time: Sun 02 Nov 2025 20:59:10 +0000 Manifest this update: Sun 02 Nov 2025 20:59:10 +0000 Manifest next update: Sun 09 Nov 2025 20:59:10 +0000 Files and hashes: 1: HretI1L3xupKYveEzl-7EW3ybsI.crl (hash: 3Dx/X7QiKZ0Z+n2xZ8xlN0W2HVRqJy/Gn8sBYeBGceg=) 2: 84B96CA6904111EF8D11A381C4F9AE02.roa (hash: bp4jWdbgFBJj7qXPWgiCGUliXYnrbIsNlkes3iQSxxc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:59:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2108 (0x83c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF24F, serialNumber=1EB7AD2352F7C6EA4A62F784CE5FBB116DF26EC2 Validity Not Before: Nov 2 20:59:10 2025 GMT Not After : Nov 9 20:59:10 2025 GMT Subject: CN=6907c61e-784b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:d5:8d:fe:5e:01:e3:13:1d:fc:ad:3c:ed:43: 9e:bc:d5:2e:a2:fa:73:80:cc:0a:3b:70:60:a1:97: 8c:5e:02:ab:f4:db:4c:51:ed:17:cc:e1:f7:a2:bc: 3f:e8:cc:20:82:7c:69:e6:05:36:13:eb:07:dd:18: 99:1a:04:e3:fa:13:71:17:56:66:39:62:bd:cd:3a: 88:72:be:21:3a:2a:29:33:24:a6:1d:59:46:94:74: c0:cf:6c:d8:17:70:90:eb:42:c4:e1:de:b4:25:06: 53:59:8a:d3:70:13:9a:47:39:ee:f4:06:49:80:4b: 9f:3b:0f:dd:35:19:f2:25:8b:23:4b:07:b1:f2:ed: fa:ea:1b:0e:84:9a:bb:e4:1e:8c:b0:01:ef:ce:d7: 5a:c0:fd:b6:3b:0d:4e:b8:b1:3c:9f:c8:a9:8b:aa: 93:5a:74:55:c8:d5:92:72:2a:81:99:a5:2f:fb:e9: 20:47:e8:e6:2c:65:aa:82:37:d9:37:a7:07:1e:ef: 1b:ce:8b:46:cb:c7:b1:a3:d7:9c:a6:50:d8:80:64: 3e:db:9a:8b:7e:46:21:56:88:b4:81:7d:71:54:11: 48:3a:03:a5:50:0e:56:58:90:58:5e:df:a3:48:63: 00:a3:1b:9b:b6:48:bd:0d:ce:75:cd:d7:b7:51:09: 73:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B3:61:74:C1:DE:32:32:55:26:23:AC:E2:DF:E5:7D:37:21:D6:8F:8A X509v3 Authority Key Identifier: keyid:1E:B7:AD:23:52:F7:C6:EA:4A:62:F7:84:CE:5F:BB:11:6D:F2:6E:C2 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HretI1L3xupKYveEzl-7EW3ybsI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF24F/65DDFAB402FA11EBA3A0A231C4F9AE02/HretI1L3xupKYveEzl-7EW3ybsI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:a8:28:01:45:68:66:04:0d:42:fe:79:00:4b:8e:fb:dd:e8: 68:43:48:5c:26:74:13:ab:5a:b4:55:f8:f5:f4:27:e1:69:19: 0b:2c:8d:a1:c8:3c:b2:56:cb:04:fe:12:c8:5f:68:c9:e2:c1: 2e:3d:7e:29:df:90:f7:e3:71:d6:e3:2a:38:cd:cc:8d:17:6f: 6b:33:e7:84:f8:6d:84:b2:d0:93:73:ff:07:e9:47:c6:21:e8: aa:40:bb:65:47:48:d0:3e:a6:f4:b2:01:13:67:77:cb:a0:02: 69:11:0f:aa:fe:2d:ce:f2:a5:66:04:47:b3:a6:78:0e:94:cd: b7:48:a3:29:8c:a1:d8:a8:4c:46:67:d5:a8:cd:c0:04:7a:a4: 07:9b:65:3a:d1:c3:da:db:eb:90:6f:3c:ba:a6:8a:56:fc:37: 11:b9:c5:24:67:2c:28:82:d7:a3:d8:6f:cd:07:94:67:60:6c: 79:96:cb:60:10:2b:a6:ff:79:36:b1:65:b7:b9:d3:75:49:06: 15:a4:69:d1:ec:17:0a:ea:af:cd:a9:00:85:4c:83:a4:16:a2: f5:ba:5f:e9:e2:a9:1f:6e:f5:e6:4e:4c:2b:4f:41:05:c3:6e: 98:42:cc:4b:87:d3:8d:2b:3e:20:07:ed:83:88:d9:a5:73:ab: e4:cb:1d:b0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCDwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYyNEYxMTAvBgNVBAUTKDFFQjdBRDIzNTJGN0M2RUE0QTYyRjc4NENFNUZCQjEx NkRGMjZFQzIwHhcNMjUxMTAyMjA1OTEwWhcNMjUxMTA5MjA1OTEwWjAYMRYwFAYD VQQDEw02OTA3YzYxZS03ODRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxdWN/l4B4xMd/K087UOevNUuovpzgMwKO3BgoZeMXgKr9NtMUe0XzOH3orw/ 6Mwggnxp5gU2E+sH3RiZGgTj+hNxF1ZmOWK9zTqIcr4hOiopMySmHVlGlHTAz2zY F3CQ60LE4d60JQZTWYrTcBOaRznu9AZJgEufOw/dNRnyJYsjSwex8u366hsOhJq7 5B6MsAHvztdawP22Ow1OuLE8n8ipi6qTWnRVyNWSciqBmaUv++kgR+jmLGWqgjfZ N6cHHu8bzotGy8exo9ecplDYgGQ+25qLfkYhVoi0gX1xVBFIOgOlUA5WWJBYXt+j SGMAoxubtki9Dc51zde3UQlz3QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLNhdMHe MjJVJiOs4t/lfTch1o+KMB8GA1UdIwQYMBaAFB63rSNS98bqSmL3hM5fuxFt8m7C MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjI0Ri82NURERkFCNDAy RkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1cEtZdmVFemwtN0VXM3li c0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hyZXRJMUwzeHVwS1l2ZUV6bC03RVczeWJzSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjI0Ri82NURERkFCNDAyRkExMUVCQTNBMEEyMzFDNEY5QUUwMi9IcmV0STFMM3h1 cEtZdmVFemwtN0VXM3lic0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSqCgBRWhmBA1C/nkAS4773ehoQ0hcJnQTq1q0Vfj19CfhaRkLLI2h yDyyVssE/hLIX2jJ4sEuPX4p35D343HW4yo4zcyNF29rM+eE+G2EstCTc/8H6UfG IeiqQLtlR0jQPqb0sgETZ3fLoAJpEQ+q/i3O8qVmBEezpngOlM23SKMpjKHYqExG Z9WozcAEeqQHm2U60cPa2+uQbzy6popW/DcRucUkZywogtej2G/NB5RnYGx5lstg ECum/3k2sWW3udN1SQYVpGnR7BcK6q/NqQCFTIOkFqL1ul/p4qkfbvXmTkwrT0EF w26YQsxLh9ONKz4gB+2DiNmlc6vkyx2w -----END CERTIFICATE-----Generated at Mon Nov 3 18:07:44 2025 by rpki-client