$ rpki-client -vvf rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft File: hQaYWfujzd6OwbgaHgTdYFCzgRM.mft (raw, json) Hash identifier: Ex75rezXWu1lu8t/l1TY3+xnZ81K/HYNs4bd29Ewjgo= Subject key identifier: DE:8F:E8:E0:D6:47:B5:EA:C5:CB:A9:E1:DC:14:75:EB:78:48:11:7D Authority key identifier: 85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 Certificate issuer: /CN=A91509C4/serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Certificate serial: 34CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft Manifest number: 34CE Signing time: Mon 20 Oct 2025 14:36:55 +0000 Manifest this update: Mon 20 Oct 2025 14:36:54 +0000 Manifest next update: Mon 27 Oct 2025 14:36:54 +0000 Files and hashes: 1: hQaYWfujzd6OwbgaHgTdYFCzgRM.crl (hash: 7Izx7zsr7ipNFfKI/Qq1F6HTr+wWYp8wPQ77vbP/XK4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:36:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13518 (0x34ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91509C4, serialNumber=85069859FBA3CDDE8EC1B81A1E04DD6050B38113 Validity Not Before: Oct 20 14:36:54 2025 GMT Not After : Oct 27 14:36:54 2025 GMT Subject: CN=68f64907-ec19 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:e0:4f:97:44:8d:c6:ea:09:ea:15:85:ca:44: 5d:5b:68:35:b5:cf:0c:ac:e0:be:a9:7a:80:ac:71: 4f:5e:99:a9:1d:e6:f0:42:a2:1f:c9:c1:89:9b:e1: 1e:ed:4e:27:c4:f5:ff:67:a4:30:0c:8d:90:9c:35: 57:05:2d:ea:f2:48:02:1b:9e:56:ad:72:5c:fc:7c: cb:34:f6:96:47:cd:3b:26:87:38:cc:13:57:d5:43: d2:0c:f1:67:e5:5e:ac:a0:50:de:fc:34:10:2d:2d: 71:a8:c9:e2:b6:58:8f:06:bc:cf:8e:a3:bd:a0:18: 5c:1a:35:57:b6:16:65:0c:a4:d1:d1:a0:4f:28:54: 71:2a:4f:47:d1:24:2e:b7:72:a4:c5:77:cf:a7:d4: 23:03:b2:3f:81:bb:61:ed:3c:7e:f1:71:99:bf:8b: 6b:4d:27:42:b8:53:21:3b:c3:82:29:7d:49:08:13: da:c0:9c:ce:86:0c:1f:2b:06:5e:6a:38:17:e5:83: 7c:c0:ab:9d:00:0e:6e:f2:26:47:92:ff:4e:8a:71: 4d:3f:96:64:d6:aa:79:4b:1d:ed:dc:06:ee:6f:d0: b4:a3:67:54:34:a9:6b:ec:7d:ca:9c:36:15:e2:c6: f8:9b:a5:8d:66:aa:1d:26:b7:79:c1:18:6f:15:c3: 0c:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:8F:E8:E0:D6:47:B5:EA:C5:CB:A9:E1:DC:14:75:EB:78:48:11:7D X509v3 Authority Key Identifier: keyid:85:06:98:59:FB:A3:CD:DE:8E:C1:B8:1A:1E:04:DD:60:50:B3:81:13 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hQaYWfujzd6OwbgaHgTdYFCzgRM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91509C4/4B8961381D8B11E28A33C7E508B02CD2/hQaYWfujzd6OwbgaHgTdYFCzgRM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:f9:56:6b:0a:50:2c:7f:2b:e9:9a:be:35:33:35:21:89:aa: 0f:69:c3:93:2f:e2:b6:d4:c6:cb:52:3d:0a:6d:6b:f9:bb:ca: a4:09:08:c2:46:fe:9e:ec:b1:b5:44:0b:b1:b8:4f:b3:5b:9a: 81:cd:f6:ac:2d:27:02:61:63:32:e9:fd:18:98:08:0d:aa:0a: 5e:c3:2d:d8:20:23:9d:16:67:8e:71:66:44:1a:28:fa:de:ba: c9:28:12:0e:97:43:b7:e2:37:3c:09:1f:24:95:ef:52:e1:fe: 81:51:8c:eb:0f:a5:f7:49:a0:c7:67:c5:f9:9c:cb:10:e8:95: 3b:c1:ec:4b:d5:49:c5:99:20:a5:ef:65:1c:0f:b0:da:e7:6c: 3a:51:c4:c8:e2:45:5e:61:0c:4d:46:49:5f:69:9d:6a:4b:5b: 99:3b:d9:b1:81:b0:32:00:2e:24:a8:8e:5f:30:5b:33:48:7b: 38:26:a0:b8:9a:56:1e:1b:bf:0c:a5:e7:97:5f:1d:c0:72:a7: d5:37:c7:81:7b:26:4a:c2:ea:cb:ba:c9:c6:82:e0:ba:91:18: 62:13:62:1e:4b:99:27:15:dd:59:f6:fa:5e:23:05:51:25:0e: b5:7c:36:70:02:d7:d1:56:31:88:81:7c:b2:45:a9:06:b6:c8: 8d:1f:e5:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTA5QzQxMTAvBgNVBAUTKDg1MDY5ODU5RkJBM0NEREU4RUMxQjgxQTFFMDRERDYw NTBCMzgxMTMwHhcNMjUxMDIwMTQzNjU0WhcNMjUxMDI3MTQzNjU0WjAYMRYwFAYD VQQDEw02OGY2NDkwNy1lYzE5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo+BPl0SNxuoJ6hWFykRdW2g1tc8MrOC+qXqArHFPXpmpHebwQqIfycGJm+Ee 7U4nxPX/Z6QwDI2QnDVXBS3q8kgCG55WrXJc/HzLNPaWR807Joc4zBNX1UPSDPFn 5V6soFDe/DQQLS1xqMnitliPBrzPjqO9oBhcGjVXthZlDKTR0aBPKFRxKk9H0SQu t3KkxXfPp9QjA7I/gbth7Tx+8XGZv4trTSdCuFMhO8OCKX1JCBPawJzOhgwfKwZe ajgX5YN8wKudAA5u8iZHkv9OinFNP5Zk1qp5Sx3t3Abub9C0o2dUNKlr7H3KnDYV 4sb4m6WNZqodJrd5wRhvFcMMSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN6P6ODW R7Xqxcup4dwUdet4SBF9MB8GA1UdIwQYMBaAFIUGmFn7o83ejsG4Gh4E3WBQs4ET MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MDlDNC80Qjg5NjEzODFE OEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpkNk93YmdhSGdUZFlGQ3pn Uk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hRYVlXZnVqemQ2T3diZ2FIZ1RkWUZDemdSTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MDlDNC80Qjg5NjEzODFEOEIxMUUyOEEzM0M3RTUwOEIwMkNEMi9oUWFZV2Z1anpk Nk93YmdhSGdUZFlGQ3pnUk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCz+VZrClAsfyvpmr41MzUhiaoPacOTL+K21MbLUj0KbWv5u8qkCQjC Rv6e7LG1RAuxuE+zW5qBzfasLScCYWMy6f0YmAgNqgpewy3YICOdFmeOcWZEGij6 3rrJKBIOl0O34jc8CR8kle9S4f6BUYzrD6X3SaDHZ8X5nMsQ6JU7wexL1UnFmSCl 72UcD7Da52w6UcTI4kVeYQxNRklfaZ1qS1uZO9mxgbAyAC4kqI5fMFszSHs4JqC4 mlYeG78MpeeXXx3AcqfVN8eBeyZKwurLusnGguC6kRhiE2IeS5knFd1Z9vpeIwVR JQ61fDZwAtfRVjGIgXyyRakGtsiNH+VJ -----END CERTIFICATE-----Generated at Tue Oct 21 00:59:30 2025 by rpki-client