$ rpki-client -vvf rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft File: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft (raw, json) Hash identifier: y+PI3Fnifr3l2MyadzlxzI8PKp3iA5cFv1HTb7dJUR4= Subject key identifier: DF:FB:52:DF:5B:03:67:60:82:D9:F1:DC:9E:3F:B3:F5:B5:90:64:F4 Authority key identifier: 84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D Certificate issuer: /CN=A911C743/serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Certificate serial: 0E95 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft Manifest number: 0E87 Signing time: Sat 18 Oct 2025 18:20:49 +0000 Manifest this update: Sat 18 Oct 2025 18:20:49 +0000 Manifest next update: Sat 25 Oct 2025 18:20:49 +0000 Files and hashes: 1: hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl (hash: dzpnC2jyWWFDH3ys7XfOYl2H4cj1CjAx8EgeAnb0L9g=) 2: 2B21EC2EE4E111E981365C17C4F9AE02.roa (hash: MmZvnPTLEUK2uOO8LldttqheyhLmSNsa1D7UmikJt9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:20:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3733 (0xe95) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911C743, serialNumber=84E4FFB6927F77F5C3F0A252682F71DDB377B11D Validity Not Before: Oct 18 18:20:49 2025 GMT Not After : Oct 25 18:20:49 2025 GMT Subject: CN=68f3da81-b144 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:02:0f:fc:d1:1e:f2:62:07:da:77:c3:93:c2: 5a:40:f7:89:af:c4:e3:a7:f8:33:5d:f3:73:49:a0: 05:f8:67:10:68:3f:d5:fd:15:49:14:c4:03:b7:f4: 70:99:63:cf:ab:f4:d5:45:50:ae:92:a1:1a:55:e3: 5e:f2:d9:a9:1e:82:15:f4:a1:7d:73:7e:5f:f8:2a: 00:1f:42:12:ce:3a:8b:8d:fa:f7:d9:53:3a:7e:49: 23:75:f3:07:04:91:6c:dc:4c:41:6d:1e:54:da:00: 9c:c1:a4:dd:cd:2e:aa:18:0d:89:34:16:b9:6e:5e: 2c:e4:b7:cd:3a:a8:77:a3:86:b3:4a:6a:7a:63:1d: a5:39:5d:11:e1:65:03:3f:60:05:98:fa:96:75:03: 1f:79:b3:18:fa:3d:02:88:ec:ce:f5:fc:0d:14:f6: 03:93:76:23:12:2d:63:6d:5b:f0:9d:61:75:7e:c0: 37:d2:c3:24:78:93:32:60:1f:37:d8:ef:fa:38:b5: 31:e7:70:52:60:c1:a6:8d:f5:41:4a:ea:f3:b7:1f: 16:aa:68:4d:2a:1f:97:2e:0a:02:e7:b7:e0:8d:04: 74:b7:7e:bc:f7:c7:3b:c0:c3:41:4a:4c:cf:d3:35: 90:bc:29:c2:da:f7:a9:d2:f7:a4:b9:c2:b3:39:b7: 89:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:FB:52:DF:5B:03:67:60:82:D9:F1:DC:9E:3F:B3:F5:B5:90:64:F4 X509v3 Authority Key Identifier: keyid:84:E4:FF:B6:92:7F:77:F5:C3:F0:A2:52:68:2F:71:DD:B3:77:B1:1D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911C743/F8AE2880A21D11E98242AD81C4F9AE02/hOT_tpJ_d_XD8KJSaC9x3bN3sR0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:28:5e:59:f0:47:5d:09:6f:8a:7d:80:23:55:3d:6f:d9:68: 6a:47:a5:8d:2e:d8:33:1c:0d:3a:52:71:69:30:61:28:e3:fb: 20:d4:86:f2:d1:db:ff:40:bd:3f:2c:3d:a3:c5:0d:88:f5:24: 13:7d:7b:92:b1:02:e9:1d:a6:df:70:cf:6f:d1:8e:87:0e:23: 79:96:f9:c5:86:d6:c7:c1:56:eb:04:cb:0f:d7:2e:63:e8:81: 0e:97:ba:ca:f7:bc:4c:3c:ed:db:6c:68:e5:bf:7d:1a:9c:cd: 8c:25:3e:9c:eb:67:7c:ff:b5:e0:0c:3b:ec:57:91:e9:36:02: f0:b3:81:5e:4e:ad:f3:ad:b9:d6:a2:15:c1:cf:63:a3:2e:e6: 4e:88:62:9a:c9:e3:27:ec:1a:aa:95:e2:47:f7:e4:6c:81:e6: 45:83:71:e2:64:58:25:d2:8c:b6:d2:b4:f4:3d:09:32:eb:89: 3e:4f:ed:0c:8a:a7:db:29:d5:e7:21:47:0a:cd:da:57:c2:1c: fd:c5:c1:d1:e1:49:78:d2:f0:d9:39:6d:8c:45:71:f7:03:9c: de:b5:b4:a0:5a:fd:36:80:cf:d4:b0:de:36:2e:7f:0d:8d:2e: bb:13:54:b4:3d:e6:be:3b:20:bd:1e:b8:1e:36:b8:8e:12:12: bf:4f:90:f5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDpUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MUM3NDMxMTAvBgNVBAUTKDg0RTRGRkI2OTI3Rjc3RjVDM0YwQTI1MjY4MkY3MURE QjM3N0IxMUQwHhcNMjUxMDE4MTgyMDQ5WhcNMjUxMDI1MTgyMDQ5WjAYMRYwFAYD VQQDEw02OGYzZGE4MS1iMTQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArgIP/NEe8mIH2nfDk8JaQPeJr8Tjp/gzXfNzSaAF+GcQaD/V/RVJFMQDt/Rw mWPPq/TVRVCukqEaVeNe8tmpHoIV9KF9c35f+CoAH0ISzjqLjfr32VM6fkkjdfMH BJFs3ExBbR5U2gCcwaTdzS6qGA2JNBa5bl4s5LfNOqh3o4azSmp6Yx2lOV0R4WUD P2AFmPqWdQMfebMY+j0CiOzO9fwNFPYDk3YjEi1jbVvwnWF1fsA30sMkeJMyYB83 2O/6OLUx53BSYMGmjfVBSurztx8WqmhNKh+XLgoC57fgjQR0t36898c7wMNBSkzP 0zWQvCnC2vep0vekucKzObeJdQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN/7Ut9b A2dggtnx3J4/s/W1kGT0MB8GA1UdIwQYMBaAFITk/7aSf3f1w/CiUmgvcd2zd7Ed MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExQzc0My9GOEFFMjg4MEEy MUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2RfWEQ4S0pTYUM5eDNiTjNz UjAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hPVF90cEpfZF9YRDhLSlNhQzl4M2JOM3NSMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx Qzc0My9GOEFFMjg4MEEyMUQxMUU5ODI0MkFEODFDNEY5QUUwMi9oT1RfdHBKX2Rf WEQ4S0pTYUM5eDNiTjNzUjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8KF5Z8EddCW+KfYAjVT1v2WhqR6WNLtgzHA06UnFpMGEo4/sg1Iby 0dv/QL0/LD2jxQ2I9SQTfXuSsQLpHabfcM9v0Y6HDiN5lvnFhtbHwVbrBMsP1y5j 6IEOl7rK97xMPO3bbGjlv30anM2MJT6c62d8/7XgDDvsV5HpNgLws4FeTq3zrbnW ohXBz2OjLuZOiGKayeMn7BqqleJH9+RsgeZFg3HiZFgl0oy20rT0PQky64k+T+0M iqfbKdXnIUcKzdpXwhz9xcHR4Ul40vDZOW2MRXH3A5zetbSgWv02gM/UsN42Ln8N jS67E1S0Pea+OyC9HrgeNriOEhK/T5D1 -----END CERTIFICATE-----Generated at Sun Oct 19 23:33:26 2025 by rpki-client