$ rpki-client -vvf rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft File: HQ2sEe2C41wjsMvv--4AYmOwmVc.mft (raw, json) Hash identifier: Ywb7jqUhs9PBiuxaRcZLYWjWcNfoXFllm5u2gu5uTos= Subject key identifier: E8:1E:B7:90:4B:64:05:6D:17:57:93:9F:92:24:94:3C:AE:B6:CF:38 Authority key identifier: 1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 Certificate issuer: /CN=A91EA9C0/serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Certificate serial: 4D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft Manifest number: 4D Signing time: Sun 19 Oct 2025 10:43:28 +0000 Manifest this update: Sun 19 Oct 2025 10:43:27 +0000 Manifest next update: Sun 26 Oct 2025 10:43:27 +0000 Files and hashes: 1: HQ2sEe2C41wjsMvv--4AYmOwmVc.crl (hash: 5oH+gtoEjNQ5Gzjzw+MkBS1g43rWBwPqfcmjzFB8D1o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:43:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 77 (0x4d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EA9C0, serialNumber=1D0DAC11ED82E35C23B0CBEFFBEE006263B09957 Validity Not Before: Oct 19 10:43:27 2025 GMT Not After : Oct 26 10:43:27 2025 GMT Subject: CN=68f4c0cf-7617 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:51:07:b0:5a:35:61:67:5f:e9:3e:eb:2e:7c: 65:0d:63:31:f2:92:90:e1:3c:ca:f3:94:6d:00:fd: 4d:26:95:d8:8f:6b:18:3f:5e:10:72:f9:61:8e:ae: 1d:11:a5:b6:b7:65:d8:a7:d6:bb:76:47:ab:44:eb: 96:b8:05:ef:e5:74:53:fa:c6:42:f7:e5:b0:b5:f6: 92:2d:bb:f3:c2:e1:45:d0:67:54:f6:73:66:d9:b0: db:f4:1e:20:ff:53:9e:07:3e:0b:cf:b7:35:ff:f7: a9:9b:61:ed:77:ba:7b:96:9b:20:00:58:ba:f0:ca: 64:5c:f9:8c:ad:37:4b:c0:57:6b:a3:38:e8:ac:7b: 9c:41:33:55:91:69:28:60:fa:c4:5d:34:45:a3:3f: 49:f7:2b:e9:5f:a7:72:1e:86:fd:52:14:f3:e5:f8: 49:00:05:31:5d:78:7f:87:ba:66:ec:67:21:73:a0: ac:7f:73:66:41:7a:9d:5f:b1:fb:98:d6:b6:76:35: fd:7d:f4:6d:a8:44:6e:b0:70:34:54:dc:81:fa:37: 04:f6:65:5a:e5:2b:33:b2:78:ba:40:e9:85:4a:24: 33:de:8f:b7:27:34:ca:bd:fb:36:80:1c:85:00:92: b8:12:30:69:2d:d3:4e:af:00:97:2b:53:aa:c6:98: b0:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:1E:B7:90:4B:64:05:6D:17:57:93:9F:92:24:94:3C:AE:B6:CF:38 X509v3 Authority Key Identifier: keyid:1D:0D:AC:11:ED:82:E3:5C:23:B0:CB:EF:FB:EE:00:62:63:B0:99:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/HQ2sEe2C41wjsMvv--4AYmOwmVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EA9C0/5AFB148E388211F08CCB1866C4F9AE02/HQ2sEe2C41wjsMvv--4AYmOwmVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 97:c6:f4:bf:36:ac:c0:05:38:07:47:75:cb:8e:4a:85:74:9a: 12:32:89:38:e8:b4:d7:5e:72:2d:c5:eb:87:6f:62:6c:b4:f7: a9:7e:95:eb:b2:46:d3:88:13:0b:bf:c8:76:f5:47:d5:18:8d: d4:e6:b3:f7:74:29:fa:c1:e8:dd:84:3b:ce:18:02:7b:cb:27: b2:24:94:75:37:ba:1a:e3:20:d1:2c:62:96:4a:c5:b3:18:28: ef:f8:fe:ae:81:29:a8:9e:3e:bd:1c:2c:b3:62:b0:20:df:8b: cf:5c:a5:9a:17:60:1c:66:f6:e5:16:be:7d:4e:2a:84:fc:e3: 02:97:99:6f:ce:3e:04:55:6a:e7:e1:91:a3:28:d9:46:3a:fb: b2:ed:f8:bf:64:a8:f6:2d:49:1f:7e:e7:5b:9d:4f:7a:de:f3: 69:2b:90:df:93:5d:67:dd:97:35:b0:b6:2c:61:80:21:14:00: 55:95:5b:3a:cc:9e:cd:a9:80:84:2c:c0:0c:8f:17:d9:7e:cb: 89:c2:12:ec:ea:3a:ca:fa:db:6f:02:3f:7c:0f:3e:71:05:c9: 76:c7:b0:2b:b7:f4:b8:31:df:99:f4:94:cf:83:9c:07:d7:9e: 6a:f4:eb:2b:61:1b:9c:a9:40:2b:2f:8a:b8:78:57:e0:b5:a5: 19:2f:5f:bf -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFF QTlDMDExMC8GA1UEBRMoMUQwREFDMTFFRDgyRTM1QzIzQjBDQkVGRkJFRTAwNjI2 M0IwOTk1NzAeFw0yNTEwMTkxMDQzMjdaFw0yNTEwMjYxMDQzMjdaMBgxFjAUBgNV BAMTDTY4ZjRjMGNmLTc2MTcwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDfUQewWjVhZ1/pPusufGUNYzHykpDhPMrzlG0A/U0mldiPaxg/XhBy+WGOrh0R pba3Zdin1rt2R6tE65a4Be/ldFP6xkL35bC19pItu/PC4UXQZ1T2c2bZsNv0HiD/ U54HPgvPtzX/96mbYe13unuWmyAAWLrwymRc+YytN0vAV2ujOOise5xBM1WRaShg +sRdNEWjP0n3K+lfp3Iehv1SFPPl+EkABTFdeH+HumbsZyFzoKx/c2ZBep1fsfuY 1rZ2Nf199G2oRG6wcDRU3IH6NwT2ZVrlKzOyeLpA6YVKJDPej7cnNMq9+zaAHIUA krgSMGkt006vAJcrU6rGmLCvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU6B63kEtk BW0XV5OfkiSUPK62zzgwHwYDVR0jBBgwFoAUHQ2sEe2C41wjsMvv++4AYmOwmVcw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVBOUMwLzVBRkIxNDhFMzg4 MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3anNNdnYtLTRBWW1Pd21W Yy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvSFEyc0VlMkM0MXdqc012di0tNEFZbU93bVZjLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUVB OUMwLzVBRkIxNDhFMzg4MjExRjA4Q0NCMTg2NkM0RjlBRTAyL0hRMnNFZTJDNDF3 anNNdnYtLTRBWW1Pd21WYy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAJfG9L82rMAFOAdHdcuOSoV0mhIyiTjotNdeci3F64dvYmy096l+leuy RtOIEwu/yHb1R9UYjdTms/d0KfrB6N2EO84YAnvLJ7IklHU3uhrjINEsYpZKxbMY KO/4/q6BKaiePr0cLLNisCDfi89cpZoXYBxm9uUWvn1OKoT84wKXmW/OPgRVaufh kaMo2UY6+7Lt+L9kqPYtSR9+51udT3re82krkN+TXWfdlzWwtixhgCEUAFWVWzrM ns2pgIQswAyPF9l+y4nCEuzqOsr6228CP3wPPnEFyXbHsCu39Lgx35n0lM+DnAfX nmr06ythG5ypQCsvirh4V+C1pRkvX78= -----END CERTIFICATE-----Generated at Mon Oct 20 11:36:36 2025 by rpki-client