$ rpki-client -vvf rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft File: 4hHNheByVQ4z5MyGpj-8360dNTI.mft (raw, json) Hash identifier: bE5TpD3rEAU2ZdLrQFveh/R+nxuIhk7LqQvz68ezaLE= Subject key identifier: B9:B5:39:81:D7:07:03:31:9C:A8:86:4D:AB:9A:3C:04:98:C5:DA:0C Authority key identifier: E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 Certificate issuer: /CN=A91F85CD/serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Certificate serial: 085F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft Manifest number: 0857 Signing time: Sun 02 Nov 2025 20:39:02 +0000 Manifest this update: Sun 02 Nov 2025 20:39:01 +0000 Manifest next update: Sun 09 Nov 2025 20:39:01 +0000 Files and hashes: 1: 4hHNheByVQ4z5MyGpj-8360dNTI.crl (hash: UmxXRzJpZXf4wqlXQedGctUz+SSzc9+6Yz77Iv/5r+Y=) 2: 624086E2E99611EA930A5B74C4F9AE02.roa (hash: ZdmpHgIkxt7GWbnQ6LOR1kcULfHlPHaLzEsc6YKJVc0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:39:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2143 (0x85f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F85CD, serialNumber=E211CD85E072550E33E4CC86A63FBCDFAD1D3532 Validity Not Before: Nov 2 20:39:01 2025 GMT Not After : Nov 9 20:39:01 2025 GMT Subject: CN=6907c166-a7d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:0a:69:dd:ec:5f:44:63:a2:90:ec:5b:ad:0d: a1:8a:13:b9:40:17:66:49:ad:c3:08:bb:d3:6b:70: db:26:fd:44:1b:ce:13:e5:36:82:4f:be:29:b0:a5: 5b:44:89:f6:0c:6c:30:7f:e9:22:e0:3a:ab:af:6e: 43:48:f9:83:34:50:73:c9:5e:5a:8a:c5:64:3f:44: d0:06:ca:ac:db:8d:10:55:39:da:3b:57:51:52:4f: 6a:7f:ae:b2:7a:e4:9d:41:21:21:44:16:6a:55:73: d8:6e:02:ac:fb:2a:36:4b:bc:82:e6:ab:56:cd:f7: 6b:7f:bc:0d:07:09:51:d2:67:56:fb:13:ad:ef:1b: cb:6f:68:81:21:1a:f1:04:90:5e:ff:3f:75:1c:73: d2:f3:43:74:63:93:ad:f5:bf:0b:12:2b:7c:d3:85: 1f:5a:4e:36:14:96:fd:b9:29:54:4d:91:12:c9:fa: 34:e4:55:cc:bf:d1:9b:d6:ac:da:4c:2f:7d:fc:3b: 46:90:d1:47:22:d1:b1:aa:98:97:5f:4a:15:5b:68: 5c:f8:1f:88:b3:b3:f0:16:9c:b9:83:7c:b5:8f:e9: 3f:4f:fe:88:a5:fe:0f:c3:f2:4f:e0:b8:d4:61:ee: ff:d2:63:66:45:65:0b:2e:84:ed:e6:73:67:ae:c7: 68:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:B5:39:81:D7:07:03:31:9C:A8:86:4D:AB:9A:3C:04:98:C5:DA:0C X509v3 Authority Key Identifier: keyid:E2:11:CD:85:E0:72:55:0E:33:E4:CC:86:A6:3F:BC:DF:AD:1D:35:32 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/4hHNheByVQ4z5MyGpj-8360dNTI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F85CD/8A505588DD1911EA94D26011C4F9AE02/4hHNheByVQ4z5MyGpj-8360dNTI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:00:c1:c5:5f:ae:48:6c:c0:22:10:6c:5e:0b:e2:91:09:30: f2:6a:b7:18:42:2b:c0:88:15:6c:23:56:c0:a7:df:36:a0:0b: 78:14:f6:4c:83:d6:e7:9a:90:54:9a:bc:1d:7b:ca:d3:a6:7d: 89:a1:d9:ce:26:b2:3d:d5:cb:eb:fc:6a:07:67:57:05:51:6e: 40:12:55:88:92:fb:43:e9:01:c5:c3:50:5c:f2:48:4b:4d:83: da:bb:0b:82:99:2e:ad:0d:b7:2b:53:59:42:86:b1:35:1d:6c: f2:da:7f:cd:51:93:fc:1d:8d:1e:8a:a5:9a:cc:02:c1:60:5d: 2b:0e:fa:fb:25:ed:21:47:3d:f9:a3:b7:d3:ac:ae:35:48:6f: a1:2b:e3:0e:1a:eb:a9:ac:bc:9d:7f:5a:0e:ab:17:1e:06:f3: 9d:be:07:fa:9d:8d:c6:06:30:8a:05:37:8d:91:8c:ab:1f:bb: 31:c9:2c:2d:20:9e:46:d8:a6:4d:28:81:f0:30:b4:c1:d9:c0: 6e:c7:99:7c:47:74:96:69:d7:b8:65:bf:23:ea:1e:f7:33:3c: 13:34:ee:49:3b:b7:b4:ce:6e:e3:ac:d1:df:34:ea:ad:98:1b: 75:ed:0a:77:8b:f1:8f:85:6a:11:2d:84:36:8a:45:7d:3b:be: 61:fc:df:7e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCF8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg1Q0QxMTAvBgNVBAUTKEUyMTFDRDg1RTA3MjU1MEUzM0U0Q0M4NkE2M0ZCQ0RG QUQxRDM1MzIwHhcNMjUxMTAyMjAzOTAxWhcNMjUxMTA5MjAzOTAxWjAYMRYwFAYD VQQDEw02OTA3YzE2Ni1hN2Q0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAywpp3exfRGOikOxbrQ2hihO5QBdmSa3DCLvTa3DbJv1EG84T5TaCT74psKVb RIn2DGwwf+ki4Dqrr25DSPmDNFBzyV5aisVkP0TQBsqs240QVTnaO1dRUk9qf66y euSdQSEhRBZqVXPYbgKs+yo2S7yC5qtWzfdrf7wNBwlR0mdW+xOt7xvLb2iBIRrx BJBe/z91HHPS80N0Y5Ot9b8LEit804UfWk42FJb9uSlUTZESyfo05FXMv9Gb1qza TC99/DtGkNFHItGxqpiXX0oVW2hc+B+Is7PwFpy5g3y1j+k/T/6Ipf4Pw/JP4LjU Ye7/0mNmRWULLoTt5nNnrsdo6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLm1OYHX BwMxnKiGTauaPASYxdoMMB8GA1UdIwQYMBaAFOIRzYXgclUOM+TMhqY/vN+tHTUy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODVDRC84QTUwNTU4OERE MTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZRNHo1TXlHcGotODM2MGRO VEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzRoSE5oZUJ5VlE0ejVNeUdwai04MzYwZE5USS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODVDRC84QTUwNTU4OEREMTkxMUVBOTREMjYwMTFDNEY5QUUwMi80aEhOaGVCeVZR NHo1TXlHcGotODM2MGROVEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMAMHFX65IbMAiEGxeC+KRCTDyarcYQivAiBVsI1bAp982oAt4FPZM g9bnmpBUmrwde8rTpn2JodnOJrI91cvr/GoHZ1cFUW5AElWIkvtD6QHFw1Bc8khL TYPauwuCmS6tDbcrU1lChrE1HWzy2n/NUZP8HY0eiqWazALBYF0rDvr7Je0hRz35 o7fTrK41SG+hK+MOGuuprLydf1oOqxceBvOdvgf6nY3GBjCKBTeNkYyrH7sxySwt IJ5G2KZNKIHwMLTB2cBux5l8R3SWade4Zb8j6h73MzwTNO5JO7e0zm7jrNHfNOqt mBt17Qp3i/GPhWoRLYQ2ikV9O75h/N9+ -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:07 2025 by rpki-client