$ rpki-client -vvf rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft File: hpBNLQLbigWb7ZOPL46u88Qgb9A.mft (raw, json) Hash identifier: p1zrCaqI2M4HOMGyR4wfHCntbvci12Se6Zz2nr9svmk= Subject key identifier: 90:4B:17:89:16:FA:90:84:22:F1:27:AE:EC:E5:A8:FD:94:75:B8:97 Authority key identifier: 86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 Certificate issuer: /CN=A91D4ACD/serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Certificate serial: D2 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft Manifest number: D0 Signing time: Sun 19 Oct 2025 08:49:28 +0000 Manifest this update: Sun 19 Oct 2025 08:49:27 +0000 Manifest next update: Sun 26 Oct 2025 08:49:27 +0000 Files and hashes: 1: hpBNLQLbigWb7ZOPL46u88Qgb9A.crl (hash: fNX5pXWVgHt5QSP78za1wiTppkgQvVuzopYdIEzGUgA=) 2: 388D7E38797D11EF8CA64711C4F9AE02.roa (hash: w4Rh9NpZ/IQ60xsdouCsCPn/eRzJ06RRF4GvfzZ5uwo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:49:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 210 (0xd2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D4ACD, serialNumber=86904D2D02DB8A059BED938F2F8EAEF3C4206FD0 Validity Not Before: Oct 19 08:49:27 2025 GMT Not After : Oct 26 08:49:27 2025 GMT Subject: CN=68f4a617-4133 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:97:1d:05:53:cf:76:73:19:6c:0c:05:f9:36:ac: ca:9a:bb:b6:ed:5a:e9:b1:c0:22:89:b0:33:71:99: d4:b1:06:dd:59:f4:65:53:0a:80:51:8d:a1:fe:ad: 4a:19:08:ce:27:51:0e:5f:4c:2c:0a:6f:eb:f1:96: fe:55:d8:80:74:16:b8:24:50:eb:12:99:17:88:19: d0:89:f3:61:ce:68:0b:a5:47:50:40:59:1e:84:42: b2:fe:9b:1c:e4:a9:cf:89:17:34:f4:ed:e3:1e:9a: 99:2b:88:b7:87:a3:01:8c:3f:65:b0:a2:11:db:a9: 84:29:12:93:10:c8:c2:3a:4d:4c:fa:58:d0:9d:87: 4c:66:3f:94:c0:45:a0:e2:1f:6c:f3:09:f5:01:9e: 03:ed:32:f5:65:be:6c:a8:b6:f7:13:27:ff:6d:9d: 74:99:df:e7:43:83:0d:0f:b1:b3:97:c1:b7:e4:3d: 4e:0e:0a:61:75:be:03:67:49:15:f0:5c:2e:69:67: 39:a9:fc:47:93:97:cb:37:b6:51:4f:a2:f5:78:74: 51:99:11:26:86:f8:87:b0:ae:f4:4c:59:58:62:e9: 25:0c:c2:ac:2c:4e:a2:29:ec:01:7f:a1:21:5a:06: 17:14:c1:d0:9f:3d:bd:a7:a6:32:ee:29:7a:7c:a3: a2:a5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:4B:17:89:16:FA:90:84:22:F1:27:AE:EC:E5:A8:FD:94:75:B8:97 X509v3 Authority Key Identifier: keyid:86:90:4D:2D:02:DB:8A:05:9B:ED:93:8F:2F:8E:AE:F3:C4:20:6F:D0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/hpBNLQLbigWb7ZOPL46u88Qgb9A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D4ACD/1F53569E756E11EF9CA46E51C4F9AE02/hpBNLQLbigWb7ZOPL46u88Qgb9A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:eb:f7:40:4d:06:5c:c3:5b:ec:4c:55:f9:df:dc:53:76:14: fd:83:dd:3f:99:58:5b:41:16:01:bc:9b:bc:db:98:29:ca:56: 70:16:0b:d0:cb:c0:84:a8:32:9d:2a:25:2f:63:76:26:c2:bc: cf:8b:4f:26:07:a4:a0:1f:f1:0c:75:ae:34:bd:9a:a1:9d:0a: c9:58:38:1d:ab:59:65:3e:dd:cb:55:53:4d:5a:51:2b:ba:26: cb:81:0a:46:86:aa:51:b5:5b:4e:3d:3f:0e:cf:93:1b:c8:0f: c0:7f:60:4c:5d:2e:02:5e:17:f7:20:2f:a4:31:15:30:e0:1c: 6d:5b:15:3b:2c:d2:8f:e6:ee:45:86:c5:be:87:e2:83:21:74: f6:b9:24:dc:bc:05:9d:de:4e:f7:c5:67:a9:ff:d6:e0:71:de: 56:16:5b:f0:1f:66:f4:5e:ec:e9:70:17:0a:95:83:85:14:ea: 34:01:9e:c9:c6:0b:2a:02:9a:22:bd:d8:5d:7b:66:55:a6:f3: 65:6a:2b:7e:0c:22:fe:b6:d3:7d:02:8f:b7:a9:2b:66:8e:b9: bf:d9:f8:55:a4:59:a2:f3:66:18:bd:ac:90:7c:e1:f9:3d:ea: fe:17:35:7f:c2:97:a6:22:6a:30:06:8e:e7:4d:ba:a2:c1:85: 0f:81:d0:02 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDRBQ0QxMTAvBgNVBAUTKDg2OTA0RDJEMDJEQjhBMDU5QkVEOTM4RjJGOEVBRUYz QzQyMDZGRDAwHhcNMjUxMDE5MDg0OTI3WhcNMjUxMDI2MDg0OTI3WjAYMRYwFAYD VQQDEw02OGY0YTYxNy00MTMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAlx0FU892cxlsDAX5NqzKmru27VrpscAiibAzcZnUsQbdWfRlUwqAUY2h/q1K GQjOJ1EOX0wsCm/r8Zb+VdiAdBa4JFDrEpkXiBnQifNhzmgLpUdQQFkehEKy/psc 5KnPiRc09O3jHpqZK4i3h6MBjD9lsKIR26mEKRKTEMjCOk1M+ljQnYdMZj+UwEWg 4h9s8wn1AZ4D7TL1Zb5sqLb3Eyf/bZ10md/nQ4MND7Gzl8G35D1ODgphdb4DZ0kV 8FwuaWc5qfxHk5fLN7ZRT6L1eHRRmREmhviHsK70TFlYYuklDMKsLE6iKewBf6Eh WgYXFMHQnz29p6Yy7il6fKOipQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJBLF4kW +pCEIvEnruzlqP2UdbiXMB8GA1UdIwQYMBaAFIaQTS0C24oFm+2Tjy+OrvPEIG/Q MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENEFDRC8xRjUzNTY5RTc1 NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmlnV2I3Wk9QTDQ2dTg4UWdi OUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2hwQk5MUUxiaWdXYjdaT1BMNDZ1ODhRZ2I5QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NEFDRC8xRjUzNTY5RTc1NkUxMUVGOUNBNDZFNTFDNEY5QUUwMi9ocEJOTFFMYmln V2I3Wk9QTDQ2dTg4UWdiOUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB26/dATQZcw1vsTFX539xTdhT9g90/mVhbQRYBvJu825gpylZwFgvQ y8CEqDKdKiUvY3YmwrzPi08mB6SgH/EMda40vZqhnQrJWDgdq1llPt3LVVNNWlEr uibLgQpGhqpRtVtOPT8Oz5MbyA/Af2BMXS4CXhf3IC+kMRUw4BxtWxU7LNKP5u5F hsW+h+KDIXT2uSTcvAWd3k73xWep/9bgcd5WFlvwH2b0XuzpcBcKlYOFFOo0AZ7J xgsqApoivdhde2ZVpvNlait+DCL+ttN9Ao+3qStmjrm/2fhVpFmi82YYvayQfOH5 Per+FzV/wpemImowBo7nTbqiwYUPgdAC -----END CERTIFICATE-----Generated at Tue Oct 21 02:10:49 2025 by rpki-client