$ rpki-client -vvf rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft File: hav4SAyQlji9zKZTrx5pD1crI-E.mft (raw, json) Hash identifier: PCF4RPut/qiPiF3lLnBgbgzUHyyLM+5RuSsJHznMDGY= Subject key identifier: 5E:24:1E:B7:2A:EB:F0:30:DD:5E:35:F8:A3:CC:71:43:E6:10:B4:EF Authority key identifier: 85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1 Certificate issuer: /CN=A91A03CB/serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1 Certificate serial: 34E4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft Manifest number: 34DB Signing time: Sat 18 Oct 2025 14:56:13 +0000 Manifest this update: Sat 18 Oct 2025 14:56:12 +0000 Manifest next update: Sat 25 Oct 2025 14:56:12 +0000 Files and hashes: 1: hav4SAyQlji9zKZTrx5pD1crI-E.crl (hash: 0NPHDJIXKINWgI2BjrHo+P0zG1jeJ0PTtJAn1DMr2Ek=) 2: ABF3C76E0C4B11EF87D4886FC4F9AE02.roa (hash: 4D8Gd5fcPnmWPe8Yaf2DxYR0OtX+KheAxOMoPi97yp8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 14:56:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13540 (0x34e4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A03CB, serialNumber=85ABF8480C909638BDCCA653AF1E690F572B23E1 Validity Not Before: Oct 18 14:56:12 2025 GMT Not After : Oct 25 14:56:12 2025 GMT Subject: CN=68f3aa8d-0c79 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:93:4e:9a:4d:13:ab:ea:9d:c0:0a:39:c0:52: 48:e2:79:fd:fb:77:71:48:74:f6:e8:99:10:e5:46: af:87:68:f0:ef:1c:68:44:0e:ae:2f:66:92:18:ac: 86:23:2e:83:08:e3:3b:25:4b:08:2f:e9:36:4f:9c: db:ca:5f:5d:98:74:c7:78:40:a2:81:08:df:42:78: e8:ce:01:c1:d0:8f:79:29:b7:f2:fc:c8:e6:b6:2b: d1:a4:22:5a:0b:9c:4f:f2:3c:f0:fb:6a:2c:36:89: d6:73:1a:cc:77:d0:0e:6d:b0:7c:fd:36:9a:27:c2: 5a:f3:8b:69:4b:d4:62:0e:f4:f1:a7:92:c6:73:8f: 1b:5b:5c:87:cd:2e:6a:8e:0d:e5:05:66:93:21:ba: 63:86:90:35:ae:48:f1:13:8d:40:eb:38:b1:f6:f3: 52:5e:71:70:96:1e:1f:ec:be:d0:5f:73:c3:e9:99: 7b:0e:42:fe:de:0c:b6:a8:7d:a6:e7:81:a9:86:a3: 49:51:53:42:ce:c5:72:80:bd:86:6b:d2:39:16:b8: eb:be:8e:d8:94:6c:36:09:d9:fb:78:93:95:77:68: 51:39:37:eb:b5:09:d2:da:c8:45:86:40:85:f2:b3: c6:76:a7:fe:3a:87:33:35:8c:ea:1e:b8:bc:e8:86: 58:03 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5E:24:1E:B7:2A:EB:F0:30:DD:5E:35:F8:A3:CC:71:43:E6:10:B4:EF X509v3 Authority Key Identifier: keyid:85:AB:F8:48:0C:90:96:38:BD:CC:A6:53:AF:1E:69:0F:57:2B:23:E1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/hav4SAyQlji9zKZTrx5pD1crI-E.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A03CB/81D9E4A01D9611E2AAC2147F08B02CD2/hav4SAyQlji9zKZTrx5pD1crI-E.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:66:d9:67:81:90:96:76:ec:05:19:be:67:f0:2c:2f:d6:e4: b0:59:3a:bc:f5:3a:d0:b0:25:60:e3:ac:d4:67:9e:e8:a2:a5: 6f:fd:46:75:81:16:c6:36:dc:ef:c7:41:ce:a0:76:e1:3e:92: 84:ed:8c:10:d8:02:a5:78:bf:ed:6b:0b:27:04:79:da:96:14: 04:2c:e6:00:c6:43:73:60:42:f3:84:f1:b4:e9:f5:15:94:c4: 96:59:44:5b:a8:17:be:45:8c:0c:41:b7:54:03:04:6d:31:7e: 6f:38:3a:e1:bf:04:3d:1d:dc:b4:32:59:3a:ef:62:69:47:1c: da:0f:21:76:45:d7:bb:64:50:d7:2f:5d:ae:71:6d:8b:fa:f8: 57:22:a7:ef:72:67:dc:9a:16:c7:c1:75:29:13:78:e3:79:0a: f3:7b:4e:3f:6b:c6:ce:2b:a1:3e:98:ed:0e:5c:e3:d6:79:90: 65:bd:c1:29:52:2a:de:0a:fe:fb:ca:f0:fb:44:9c:20:13:a5: 56:56:0e:48:11:53:3c:89:f4:4d:40:3f:d8:d8:de:ef:d3:89: f9:67:e1:d2:d9:19:79:76:a0:2e:ba:1f:85:30:32:68:aa:20: ea:f5:55:be:99:0c:e0:52:54:93:7f:9b:bc:6c:9f:a1:d3:ec: 43:31:fd:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTAzQ0IxMTAvBgNVBAUTKDg1QUJGODQ4MEM5MDk2MzhCRENDQTY1M0FGMUU2OTBG NTcyQjIzRTEwHhcNMjUxMDE4MTQ1NjEyWhcNMjUxMDI1MTQ1NjEyWjAYMRYwFAYD VQQDEw02OGYzYWE4ZC0wYzc5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuZNOmk0Tq+qdwAo5wFJI4nn9+3dxSHT26JkQ5Uavh2jw7xxoRA6uL2aSGKyG Iy6DCOM7JUsIL+k2T5zbyl9dmHTHeECigQjfQnjozgHB0I95Kbfy/MjmtivRpCJa C5xP8jzw+2osNonWcxrMd9AObbB8/TaaJ8Ja84tpS9RiDvTxp5LGc48bW1yHzS5q jg3lBWaTIbpjhpA1rkjxE41A6zix9vNSXnFwlh4f7L7QX3PD6Zl7DkL+3gy2qH2m 54GphqNJUVNCzsVygL2Ga9I5Frjrvo7YlGw2Cdn7eJOVd2hROTfrtQnS2shFhkCF 8rPGdqf+OoczNYzqHri86IZYAwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF4kHrcq 6/Aw3V41+KPMcUPmELTvMB8GA1UdIwQYMBaAFIWr+EgMkJY4vcymU68eaQ9XKyPh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDNDQi84MUQ5RTRBMDFE OTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxqaTl6S1pUcng1cEQxY3JJ LUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2hhdjRTQXlRbGppOXpLWlRyeDVwRDFjckktRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDNDQi84MUQ5RTRBMDFEOTYxMUUyQUFDMjE0N0YwOEIwMkNEMi9oYXY0U0F5UWxq aTl6S1pUcng1cEQxY3JJLUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCfZtlngZCWduwFGb5n8Cwv1uSwWTq89TrQsCVg46zUZ57ooqVv/UZ1 gRbGNtzvx0HOoHbhPpKE7YwQ2AKleL/tawsnBHnalhQELOYAxkNzYELzhPG06fUV lMSWWURbqBe+RYwMQbdUAwRtMX5vODrhvwQ9Hdy0Mlk672JpRxzaDyF2Rde7ZFDX L12ucW2L+vhXIqfvcmfcmhbHwXUpE3jjeQrze04/a8bOK6E+mO0OXOPWeZBlvcEp UireCv77yvD7RJwgE6VWVg5IEVM8ifRNQD/Y2N7v04n5Z+HS2Rl5dqAuuh+FMDJo qiDq9VW+mQzgUlSTf5u8bJ+h0+xDMf2F -----END CERTIFICATE-----Generated at Mon Oct 20 11:39:22 2025 by rpki-client