$ rpki-client -vvf rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft File: 3HVZ7loiUGA5czj8qjgD_6pLI1c.mft (raw, json) Hash identifier: EZIOIIp7YUcMTtq4eNq1X+b1uyPqxnMj2zF10AuzrE8= Subject key identifier: 01:DB:BF:54:B0:C3:8D:47:6A:17:7A:74:80:0D:8B:DA:E0:9A:6E:39 Authority key identifier: DC:75:59:EE:5A:22:50:60:39:73:38:FC:AA:38:03:FF:AA:4B:23:57 Certificate issuer: /CN=A91FA56C/serialNumber=DC7559EE5A225060397338FCAA3803FFAA4B2357 Certificate serial: E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3HVZ7loiUGA5czj8qjgD_6pLI1c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft Manifest number: E0 Signing time: Mon 03 Nov 2025 05:31:07 +0000 Manifest this update: Mon 03 Nov 2025 05:31:06 +0000 Manifest next update: Mon 10 Nov 2025 05:31:06 +0000 Files and hashes: 1: 3HVZ7loiUGA5czj8qjgD_6pLI1c.crl (hash: f0Og8iFmZTWgqsQsgyc21+VZgkN286x2vmTiyuE9jT0=) 2: 6E16949065A011EFA4AA8E6BC4F9AE02.roa (hash: oWQYGFiOVrig6e7wgMi2E0kAg4y2iK2+1Mn5HCvnfk8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.crl rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3HVZ7loiUGA5czj8qjgD_6pLI1c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 05:31:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 226 (0xe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91FA56C, serialNumber=DC7559EE5A225060397338FCAA3803FFAA4B2357 Validity Not Before: Nov 3 05:31:06 2025 GMT Not After : Nov 10 05:31:06 2025 GMT Subject: CN=69083e1b-dcb1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:4d:68:ed:39:b6:27:74:11:77:78:eb:66:31: 8d:5f:cc:1f:0c:5a:de:9d:73:b7:c6:be:06:35:a7: b7:e6:20:a0:0d:00:53:27:aa:1a:a8:d3:56:ec:88: d7:02:82:0d:50:92:8c:a5:d1:63:9f:8e:f8:02:d4: cd:46:e8:4d:ad:23:a2:a6:4b:f1:04:ec:e7:7f:94: c0:c7:16:04:c0:6b:8b:9c:54:aa:cc:cd:54:ab:03: 83:9e:f1:e3:6c:8c:bc:d0:ff:fc:b2:38:f4:fd:cf: 42:22:f3:2e:0e:06:41:9c:3f:2c:b8:3f:7e:43:b3: 1b:4e:78:38:8c:a9:2d:b4:1b:7b:74:57:a4:84:d0: bb:0d:3a:33:cb:10:48:de:fa:9a:3a:ea:94:2f:0c: 45:79:7e:b8:ec:3c:8d:8f:63:f1:80:5e:43:d6:bb: 69:26:84:da:5b:93:b5:20:0d:b2:19:4f:5e:31:d9: eb:d4:d7:67:81:de:5b:7d:1e:8d:d2:d7:9a:2f:b7: 1c:ea:aa:44:ff:fd:d8:1b:af:83:b8:fe:38:7d:42: e3:38:eb:e8:d5:e8:6a:1c:da:81:ab:27:6d:2b:50: 13:77:0f:7c:1d:79:cd:b4:82:dc:c6:db:8a:85:63: 43:16:3e:d2:b6:b4:36:4b:8d:63:da:45:0c:10:31: 5e:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:DB:BF:54:B0:C3:8D:47:6A:17:7A:74:80:0D:8B:DA:E0:9A:6E:39 X509v3 Authority Key Identifier: keyid:DC:75:59:EE:5A:22:50:60:39:73:38:FC:AA:38:03:FF:AA:4B:23:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/3HVZ7loiUGA5czj8qjgD_6pLI1c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91FA56C/DDDE8C4864FF11EFA5A81158C4F9AE02/3HVZ7loiUGA5czj8qjgD_6pLI1c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4f:97:da:54:93:7d:ee:b5:fb:a1:e0:0b:b6:f8:0f:02:68:60: dc:87:a2:39:b9:8a:71:95:97:b8:d8:dd:89:7f:29:a9:6d:5c: 2c:f8:78:13:75:e8:88:44:17:c6:48:3c:5e:5a:99:5b:ca:7a: fb:20:8c:67:ee:e9:f4:58:54:59:4d:d4:4f:af:0d:b3:b8:56: 76:5f:12:57:d5:47:d7:6e:65:b4:41:ac:7b:60:30:c0:9c:20: ac:b8:6f:5f:f0:70:00:99:4f:33:76:9f:a5:11:ee:e6:02:2f: 0b:e4:a2:d2:e2:d0:6c:6e:4f:f5:5e:c9:21:c6:ff:f7:ab:cd: 4a:f7:9d:a9:f2:04:7f:2a:05:59:0f:77:c8:a6:ed:d1:4e:30: 8a:a5:1c:a1:c6:cf:f4:db:72:f2:d9:4e:37:f2:e5:8e:e6:ec: 5a:ae:78:22:2f:68:b9:77:7d:30:28:ec:67:0c:a9:65:0a:dd: a1:c8:5c:de:9a:66:dc:92:6e:bf:7e:d4:0c:5e:ff:2a:5d:35: ba:85:ff:91:eb:94:3f:39:57:99:b5:fb:44:4c:dc:ce:92:72: 0a:ec:04:13:2d:3e:20:99:66:92:59:3d:db:cf:4f:df:a5:c9: 0e:91:60:76:a2:5d:85:78:e7:85:30:77:47:53:95:0e:9c:9c: da:b6:37:0b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RkE1NkMxMTAvBgNVBAUTKERDNzU1OUVFNUEyMjUwNjAzOTczMzhGQ0FBMzgwM0ZG QUE0QjIzNTcwHhcNMjUxMTAzMDUzMTA2WhcNMjUxMTEwMDUzMTA2WjAYMRYwFAYD VQQDEw02OTA4M2UxYi1kY2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvk1o7Tm2J3QRd3jrZjGNX8wfDFrenXO3xr4GNae35iCgDQBTJ6oaqNNW7IjX AoINUJKMpdFjn474AtTNRuhNrSOipkvxBOznf5TAxxYEwGuLnFSqzM1UqwODnvHj bIy80P/8sjj0/c9CIvMuDgZBnD8suD9+Q7MbTng4jKkttBt7dFekhNC7DTozyxBI 3vqaOuqULwxFeX647DyNj2PxgF5D1rtpJoTaW5O1IA2yGU9eMdnr1Ndngd5bfR6N 0teaL7cc6qpE//3YG6+DuP44fULjOOvo1ehqHNqBqydtK1ATdw98HXnNtILcxtuK hWNDFj7StrQ2S41j2kUMEDFeaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAHbv1Sw w41Hahd6dIANi9rgmm45MB8GA1UdIwQYMBaAFNx1We5aIlBgOXM4/Ko4A/+qSyNX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGQTU2Qy9ERERFOEM0ODY0 RkYxMUVGQTVBODExNThDNEY5QUUwMi8zSFZaN2xvaVVHQTVjemo4cWpnRF82cExJ MWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzNIVlo3bG9pVUdBNWN6ajhxamdEXzZwTEkxYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG QTU2Qy9ERERFOEM0ODY0RkYxMUVGQTVBODExNThDNEY5QUUwMi8zSFZaN2xvaVVH QTVjemo4cWpnRF82cExJMWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBPl9pUk33utfuh4Au2+A8CaGDch6I5uYpxlZe42N2JfympbVws+HgT deiIRBfGSDxeWplbynr7IIxn7un0WFRZTdRPrw2zuFZ2XxJX1UfXbmW0Qax7YDDA nCCsuG9f8HAAmU8zdp+lEe7mAi8L5KLS4tBsbk/1Xskhxv/3q81K952p8gR/KgVZ D3fIpu3RTjCKpRyhxs/023Ly2U438uWO5uxarngiL2i5d30wKOxnDKllCt2hyFze mmbckm6/ftQMXv8qXTW6hf+R65Q/OVeZtftETNzOknIK7AQTLT4gmWaSWT3bz0/f pckOkWB2ol2FeOeFMHdHU5UOnJzatjcL -----END CERTIFICATE-----Generated at Mon Nov 3 18:15:06 2025 by rpki-client