$ rpki-client -vvf rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft File: He4XpqM4DuSI7ztuISW4eOZAckg.mft (raw, json) Hash identifier: h56gaKCi0mIxSrJBmDQdu1+q2W6tNyqwskidnORJiEs= Subject key identifier: DF:C2:0A:9F:EF:00:DE:C4:73:98:9C:2E:C9:F0:71:42:BE:21:99:06 Authority key identifier: 1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 Certificate issuer: /CN=A91E8D22/serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Certificate serial: 01C7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft Manifest number: 01C2 Signing time: Sun 19 Oct 2025 05:27:37 +0000 Manifest this update: Sun 19 Oct 2025 05:27:36 +0000 Manifest next update: Sun 26 Oct 2025 05:27:36 +0000 Files and hashes: 1: He4XpqM4DuSI7ztuISW4eOZAckg.crl (hash: WEcGiY52PG4D2qH7R9XIG01sIMGXSxRWTrtdloOfTqE=) 2: 805A2E74660311EF90397033C4F9AE02.roa (hash: kr3XK/LA3ME6CWbcxw7hFQfhU6QavtLWXc2+mP6aHgc=) 3: 8405155C69EB11EF933A993CC4F9AE02.roa (hash: Nc218pLJmDdsf2Z9Kv612BkBE9ixmiOBUD2+vg6KRQA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:27:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 455 (0x1c7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E8D22, serialNumber=1DEE17A6A3380EE488EF3B6E2125B878E6407248 Validity Not Before: Oct 19 05:27:36 2025 GMT Not After : Oct 26 05:27:36 2025 GMT Subject: CN=68f476c8-268f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:90:f2:06:1a:16:87:8e:05:2c:22:8e:cf:a1: 4b:89:68:f1:0c:a9:09:7e:7e:e3:7e:0e:1a:0c:30: d2:94:96:ae:45:38:53:88:8a:b9:ff:23:6f:8a:6e: 31:04:77:7d:fd:ef:48:0d:ed:0b:f7:17:10:8b:00: 69:83:a9:c8:5d:f8:ab:ab:4e:4d:32:f4:7b:5a:85: fe:8f:42:f6:70:a0:99:c7:97:cd:2d:df:ce:f7:35: e6:b0:48:44:53:82:68:18:18:b2:80:3f:07:37:4a: 8a:a2:f3:05:81:ee:d8:d8:14:a2:10:5e:a8:0d:36: 16:f9:0b:a2:73:ef:2b:15:46:a9:80:a0:f5:62:c0: e6:23:3e:35:5f:26:d1:5a:b0:0b:fb:e8:92:d1:7b: 17:fe:42:f7:0d:a3:c7:6f:98:08:45:63:02:d3:0a: 46:04:c7:1b:d4:f1:ff:ec:4c:62:74:bb:ec:a4:46: 08:57:fb:7f:16:1a:11:cc:21:55:67:fb:15:cb:9d: da:75:e6:82:14:b2:35:3f:13:46:bc:67:e7:06:86: 7e:aa:b6:35:68:af:a0:06:4c:5c:26:11:a7:4f:80: aa:92:e2:77:1c:27:fa:27:b1:39:fb:44:9e:ea:fe: a0:49:79:6e:53:1c:0e:2a:19:ee:a2:ad:94:96:de: 94:cb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DF:C2:0A:9F:EF:00:DE:C4:73:98:9C:2E:C9:F0:71:42:BE:21:99:06 X509v3 Authority Key Identifier: keyid:1D:EE:17:A6:A3:38:0E:E4:88:EF:3B:6E:21:25:B8:78:E6:40:72:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/He4XpqM4DuSI7ztuISW4eOZAckg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E8D22/3F7D68A8FDE511ED87841770C4F9AE02/He4XpqM4DuSI7ztuISW4eOZAckg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 85:3e:1f:bc:b9:18:b0:28:35:70:4c:a3:f8:6f:61:34:08:fc: 0b:f1:b0:3d:22:c6:0f:c4:a3:32:43:13:a7:03:5d:62:bd:ab: 90:b4:ae:1b:d9:0c:58:19:fc:ee:a8:89:51:74:93:aa:b4:a7: fc:36:90:74:a8:19:27:f4:02:47:f2:e8:d9:b8:8a:a8:dd:1e: 57:f6:f9:6c:a3:85:52:a2:3b:52:a7:9f:df:67:9b:53:73:be: 2b:2a:7f:f3:6e:0a:60:cf:26:ae:f1:3b:45:d8:a4:c0:d1:42: 25:7f:a5:53:59:8c:89:ed:d2:ee:9b:4c:88:20:b7:75:ec:63: 83:e1:13:b5:80:cd:5a:03:40:c6:c0:c2:38:0b:a0:8d:53:da: 84:0b:aa:0d:fb:a8:2f:8e:40:76:62:8e:99:22:25:13:09:c8: c5:d4:c7:ec:af:0a:5a:df:9d:e8:d3:a4:42:40:aa:b3:f9:3d: 07:25:e3:56:6e:5c:e2:1e:44:e7:de:9e:39:08:01:d0:3e:0c: 3f:fa:f6:5f:3b:38:46:e8:89:3f:48:24:92:bf:fc:17:48:31: ec:fe:78:e1:1d:d0:41:00:80:a3:07:e1:8a:a5:56:5a:51:b6: ed:82:a2:33:3d:63:75:b5:6e:a5:a2:9a:45:3d:81:c4:42:7f: 5f:8f:68:81 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAccwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RThEMjIxMTAvBgNVBAUTKDFERUUxN0E2QTMzODBFRTQ4OEVGM0I2RTIxMjVCODc4 RTY0MDcyNDgwHhcNMjUxMDE5MDUyNzM2WhcNMjUxMDI2MDUyNzM2WjAYMRYwFAYD VQQDEw02OGY0NzZjOC0yNjhmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7pDyBhoWh44FLCKOz6FLiWjxDKkJfn7jfg4aDDDSlJauRThTiIq5/yNvim4x BHd9/e9IDe0L9xcQiwBpg6nIXfirq05NMvR7WoX+j0L2cKCZx5fNLd/O9zXmsEhE U4JoGBiygD8HN0qKovMFge7Y2BSiEF6oDTYW+Quic+8rFUapgKD1YsDmIz41XybR WrAL++iS0XsX/kL3DaPHb5gIRWMC0wpGBMcb1PH/7ExidLvspEYIV/t/FhoRzCFV Z/sVy53adeaCFLI1PxNGvGfnBoZ+qrY1aK+gBkxcJhGnT4CqkuJ3HCf6J7E5+0Se 6v6gSXluUxwOKhnuoq2Ult6UywIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN/CCp/v AN7Ec5icLsnwcUK+IZkGMB8GA1UdIwQYMBaAFB3uF6ajOA7kiO87biEluHjmQHJI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOEQyMi8zRjdENjhBOEZE RTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1U0k3enR1SVNXNGVPWkFj a2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0hlNFhwcU00RHVTSTd6dHVJU1c0ZU9aQWNrZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OEQyMi8zRjdENjhBOEZERTUxMUVEODc4NDE3NzBDNEY5QUUwMi9IZTRYcHFNNER1 U0k3enR1SVNXNGVPWkFja2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCFPh+8uRiwKDVwTKP4b2E0CPwL8bA9IsYPxKMyQxOnA11ivauQtK4b 2QxYGfzuqIlRdJOqtKf8NpB0qBkn9AJH8ujZuIqo3R5X9vlso4VSojtSp5/fZ5tT c74rKn/zbgpgzyau8TtF2KTA0UIlf6VTWYyJ7dLum0yIILd17GOD4RO1gM1aA0DG wMI4C6CNU9qEC6oN+6gvjkB2Yo6ZIiUTCcjF1Mfsrwpa353o06RCQKqz+T0HJeNW blziHkTn3p45CAHQPgw/+vZfOzhG6Ik/SCSSv/wXSDHs/njhHdBBAICjB+GKpVZa UbbtgqIzPWN1tW6loppFPYHEQn9fj2iB -----END CERTIFICATE-----Generated at Mon Oct 20 02:52:59 2025 by rpki-client