$ rpki-client -vvf rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft File: HAF157M3En5uwlH0Og0qxhMRv04.mft (raw, json) Hash identifier: Cswfn3MeDGwWpN+jrCShyQW58vyxgHPvbGwdi3nyfiw= Subject key identifier: A0:00:4D:BF:C4:BE:46:59:4D:41:57:A8:C6:48:94:CA:4D:32:23:58 Authority key identifier: 1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E Certificate issuer: /CN=A91E3584/serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Certificate serial: 34CE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft Manifest number: 34CB Signing time: Sat 18 Oct 2025 14:28:14 +0000 Manifest this update: Sat 18 Oct 2025 14:28:13 +0000 Manifest next update: Sat 25 Oct 2025 14:28:13 +0000 Files and hashes: 1: HAF157M3En5uwlH0Og0qxhMRv04.crl (hash: WmYOwqcMOipmiinpCdJQrO83+sLRHm9pLlOC0Ac3r8o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 14:28:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13518 (0x34ce) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E3584, serialNumber=1C0175E7B337127E6EC251F43A0D2AC61311BF4E Validity Not Before: Oct 18 14:28:13 2025 GMT Not After : Oct 25 14:28:13 2025 GMT Subject: CN=68f3a3fd-db2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e2:f8:ee:e1:f0:7c:aa:b2:ca:87:1d:c9:7b:e5: 2c:2f:4d:c5:75:9d:19:94:e3:77:b9:de:e1:01:4e: 8f:1d:7a:e1:51:6a:be:52:d6:30:ca:59:03:a2:43: 79:30:df:ed:5d:68:f4:37:93:b6:2f:42:69:97:b6: 58:6e:4d:8a:55:f5:72:99:ca:97:73:1b:d4:20:ff: c2:d1:19:bb:24:de:ff:17:52:7e:3b:5c:e6:6d:12: dc:47:cf:1d:07:77:c6:d6:d8:21:44:27:51:6a:3d: 18:c3:b5:9d:55:a3:9f:53:26:16:52:06:53:32:cb: 78:20:df:09:1a:7e:9a:66:fc:60:02:92:47:c1:3c: 6f:d0:a9:f5:5a:5d:41:75:e3:8a:87:b0:e1:5c:c1: 1a:39:a4:67:e0:38:3f:ff:96:11:8e:92:75:99:b9: 28:37:1a:c2:e8:50:95:01:e2:57:a1:c9:ca:1b:da: c0:bd:8e:1b:05:74:36:3e:6d:c9:1a:b1:4d:72:4e: f6:dd:5d:12:91:08:de:03:94:8b:ea:55:ad:a0:9e: ab:e0:f5:63:ad:40:f9:80:f7:a9:e3:ad:7e:44:e2: e1:6e:8a:0a:66:2f:ce:ea:3b:5e:dc:fd:46:e3:9d: 5a:8a:82:d1:9b:da:98:45:61:ce:2e:ad:48:80:d1: 3f:9d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:00:4D:BF:C4:BE:46:59:4D:41:57:A8:C6:48:94:CA:4D:32:23:58 X509v3 Authority Key Identifier: keyid:1C:01:75:E7:B3:37:12:7E:6E:C2:51:F4:3A:0D:2A:C6:13:11:BF:4E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HAF157M3En5uwlH0Og0qxhMRv04.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E3584/D1A129461D8511E2BB4FA4DC08B02CD2/HAF157M3En5uwlH0Og0qxhMRv04.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 88:9d:0b:1c:67:0e:b7:b3:57:ca:57:73:a9:ea:cd:8b:01:3d: 1b:ca:0a:35:df:5d:48:16:33:e5:55:48:e1:5e:1f:78:4f:fc: 4b:97:ed:74:35:8e:05:d3:39:27:3b:8e:9e:71:39:01:b4:18: 1a:4f:f6:2a:8e:66:4b:96:ef:13:94:ff:4c:83:98:45:8a:31: 9c:f2:1f:f6:61:0a:94:ca:0f:bd:95:9d:0e:8b:7b:2f:d1:6c: b0:83:19:14:7a:c1:4e:14:6d:91:8c:b0:a6:f6:27:29:bd:fe: b1:9b:f7:c4:4e:6e:b2:8b:b9:86:ea:16:75:58:27:fe:c9:e2: 85:2b:e0:9c:8a:3b:34:6d:e1:54:8b:5b:ee:2c:e2:0b:14:ac: 12:67:ef:d8:a4:ab:ed:60:69:69:26:6a:11:00:35:d4:27:f9: 3c:80:9d:ca:07:32:26:17:59:ac:b1:ce:c9:d0:39:19:3d:ae: 28:ee:60:db:41:9c:d5:84:6a:42:16:c7:86:eb:4f:a5:e1:a2: a4:cd:97:f5:cb:89:fe:7d:d7:c5:7c:98:6a:01:e3:d7:ef:76: 4d:c3:ff:66:17:2b:d2:d9:55:2b:9d:a9:78:2f:df:d9:b2:f0: a6:20:a1:1b:ba:fb:ce:bb:f5:13:31:36:10:c8:45:f7:55:a3: 12:9b:35:3e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNM4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTM1ODQxMTAvBgNVBAUTKDFDMDE3NUU3QjMzNzEyN0U2RUMyNTFGNDNBMEQyQUM2 MTMxMUJGNEUwHhcNMjUxMDE4MTQyODEzWhcNMjUxMDI1MTQyODEzWjAYMRYwFAYD VQQDEw02OGYzYTNmZC1kYjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4vju4fB8qrLKhx3Je+UsL03FdZ0ZlON3ud7hAU6PHXrhUWq+UtYwylkDokN5 MN/tXWj0N5O2L0Jpl7ZYbk2KVfVymcqXcxvUIP/C0Rm7JN7/F1J+O1zmbRLcR88d B3fG1tghRCdRaj0Yw7WdVaOfUyYWUgZTMst4IN8JGn6aZvxgApJHwTxv0Kn1Wl1B deOKh7DhXMEaOaRn4Dg//5YRjpJ1mbkoNxrC6FCVAeJXocnKG9rAvY4bBXQ2Pm3J GrFNck723V0SkQjeA5SL6lWtoJ6r4PVjrUD5gPep461+ROLhbooKZi/O6jte3P1G 451aioLRm9qYRWHOLq1IgNE/nQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKAATb/E vkZZTUFXqMZIlMpNMiNYMB8GA1UdIwQYMBaAFBwBdeezNxJ+bsJR9DoNKsYTEb9O MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMzU4NC9EMUExMjk0NjFE ODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0VuNXV3bEgwT2cwcXhoTVJ2 MDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hBRjE1N00zRW41dXdsSDBPZzBxeGhNUnYwNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MzU4NC9EMUExMjk0NjFEODUxMUUyQkI0RkE0REMwOEIwMkNEMi9IQUYxNTdNM0Vu NXV3bEgwT2cwcXhoTVJ2MDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCInQscZw63s1fKV3Op6s2LAT0bygo1311IFjPlVUjhXh94T/xLl+10 NY4F0zknO46ecTkBtBgaT/YqjmZLlu8TlP9Mg5hFijGc8h/2YQqUyg+9lZ0Oi3sv 0WywgxkUesFOFG2RjLCm9icpvf6xm/fETm6yi7mG6hZ1WCf+yeKFK+Ccijs0beFU i1vuLOILFKwSZ+/YpKvtYGlpJmoRADXUJ/k8gJ3KBzImF1mssc7J0DkZPa4o7mDb QZzVhGpCFseG60+l4aKkzZf1y4n+fdfFfJhqAePX73ZNw/9mFyvS2VUrnal4L9/Z svCmIKEbuvvOu/UTMTYQyEX3VaMSmzU+ -----END CERTIFICATE-----Generated at Mon Oct 20 09:23:33 2025 by rpki-client