$ rpki-client -vvf rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft File: nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft (raw, json) Hash identifier: pl0DGzzbT57AzDluYdg4ZujHsR3iF+34XHJKXoOt0ww= Subject key identifier: 5C:F8:CC:7A:62:88:FC:2B:8D:81:8B:ED:0F:40:46:39:00:19:C7:FC Authority key identifier: 9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A Certificate issuer: /CN=A91EF19E/serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Certificate serial: 2A52 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft Manifest number: 2A47 Signing time: Sat 18 Oct 2025 14:25:12 +0000 Manifest this update: Sat 18 Oct 2025 14:25:11 +0000 Manifest next update: Sat 25 Oct 2025 14:25:11 +0000 Files and hashes: 1: nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl (hash: c0nItg6WgZ3gnboA15yrKOBUmQ+IKryiV8piZVhCKmE=) 2: F9722F8255C411E9A0FEF781C4F9AE02.roa (hash: symelOI4KiPwqS+zxOG2abXkQkOu/9Ecrvxkqaxc9Us=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 14:25:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10834 (0x2a52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EF19E, serialNumber=9E1F19A7E18D8BCED23EF2EDAB19E85438E7F08A Validity Not Before: Oct 18 14:25:11 2025 GMT Not After : Oct 25 14:25:11 2025 GMT Subject: CN=68f3a347-50d4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:1f:56:a5:1d:af:11:1b:c3:d7:38:a8:40:09: 37:aa:33:f8:c2:dd:58:d1:40:8e:f4:e7:95:cd:c3: b7:03:c6:20:34:44:bd:e8:a8:64:e2:40:3a:66:70: 05:65:09:9a:1c:18:f5:bd:0d:7f:6e:65:6e:c1:5b: f6:0e:df:dc:99:c9:a7:08:6c:0c:70:b4:ac:93:dd: 2e:1b:f7:df:2a:d0:b6:7f:b5:ee:46:35:66:3f:3a: 48:4d:33:33:ea:52:19:fc:73:0a:c3:5c:27:83:84: 1c:9d:36:2f:9d:fb:cb:fb:92:0f:36:1a:41:56:f1: 94:29:6e:cf:63:f8:01:e3:04:6e:1b:20:8a:f9:d4: 2f:92:de:e8:ad:52:d2:a2:87:94:d2:e9:0f:cb:8b: 01:cc:40:f6:3d:13:2d:48:4d:fe:ef:7a:0f:d1:96: f6:b2:63:ed:b0:e5:d0:5f:41:b6:49:b1:73:37:a6: 9b:95:6b:4b:20:0b:db:2e:2e:f3:28:a5:df:08:98: f2:1f:dd:99:9e:d1:74:95:eb:d4:38:c8:d4:39:cb: a0:c3:5d:8c:8e:ba:dc:94:53:32:16:79:e1:f3:98: 55:15:b3:a7:d4:34:a5:be:b2:19:0d:63:51:d3:b1: 41:b1:2b:ae:0d:f6:a4:b4:1c:19:67:55:14:73:9b: 10:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5C:F8:CC:7A:62:88:FC:2B:8D:81:8B:ED:0F:40:46:39:00:19:C7:FC X509v3 Authority Key Identifier: keyid:9E:1F:19:A7:E1:8D:8B:CE:D2:3E:F2:ED:AB:19:E8:54:38:E7:F0:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/nh8Zp-GNi87SPvLtqxnoVDjn8Io.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EF19E/A93E993E340D11E49EC98163C4F9AE02/nh8Zp-GNi87SPvLtqxnoVDjn8Io.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:50:59:c6:f0:a7:ab:3a:d2:2a:9d:78:84:41:d2:7c:63:24: c1:c8:9c:8f:10:be:f0:58:c2:b2:cc:37:7a:2e:bb:0a:0b:df: a3:49:95:86:15:c2:69:b8:f1:e1:77:22:22:d9:8b:ee:85:db: a5:8d:1f:f5:30:de:5d:74:c3:fa:d7:3f:ea:25:15:2b:63:18: 7a:f7:62:d2:ca:56:12:6d:18:09:cd:94:42:f4:22:9a:1e:72: ca:0e:26:7c:97:6a:02:ec:54:72:b1:5e:28:e0:d7:f5:ff:69: 45:00:d0:f4:4e:97:19:23:82:78:1c:bc:26:61:a5:ca:3b:3c: 6f:d1:50:df:0c:88:cf:65:50:fa:97:af:2a:3a:86:11:a1:d0: 6f:0f:29:f3:0f:a4:76:46:e1:92:6e:63:e4:c9:09:c9:45:04: 41:dc:ad:a0:ab:dd:ab:f0:af:8d:f2:6b:57:f3:1e:18:5d:ad: 67:a1:97:d9:30:fc:4e:54:5a:42:85:8a:20:63:50:95:0c:7c: 9f:ff:c4:b7:95:f0:c5:e8:24:33:4e:bc:4e:f9:4a:2b:d2:09: a7:e1:3d:00:7d:27:0f:29:bf:03:bd:61:84:9c:f2:4c:15:de: 00:cf:67:98:43:f0:b0:e6:50:cd:69:12:a0:43:bf:4b:bb:06: f1:d7:9c:db -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICKlIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUYxOUUxMTAvBgNVBAUTKDlFMUYxOUE3RTE4RDhCQ0VEMjNFRjJFREFCMTlFODU0 MzhFN0YwOEEwHhcNMjUxMDE4MTQyNTExWhcNMjUxMDI1MTQyNTExWjAYMRYwFAYD VQQDEw02OGYzYTM0Ny01MGQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqB9WpR2vERvD1zioQAk3qjP4wt1Y0UCO9OeVzcO3A8YgNES96Khk4kA6ZnAF ZQmaHBj1vQ1/bmVuwVv2Dt/cmcmnCGwMcLSsk90uG/ffKtC2f7XuRjVmPzpITTMz 6lIZ/HMKw1wng4QcnTYvnfvL+5IPNhpBVvGUKW7PY/gB4wRuGyCK+dQvkt7orVLS ooeU0ukPy4sBzED2PRMtSE3+73oP0Zb2smPtsOXQX0G2SbFzN6ablWtLIAvbLi7z KKXfCJjyH92ZntF0levUOMjUOcugw12MjrrclFMyFnnh85hVFbOn1DSlvrIZDWNR 07FBsSuuDfaktBwZZ1UUc5sQvwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFz4zHpi iPwrjYGL7Q9ARjkAGcf8MB8GA1UdIwQYMBaAFJ4fGafhjYvO0j7y7asZ6FQ45/CK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFRjE5RS9BOTNFOTkzRTM0 MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4N1NQdkx0cXhub1ZEam44 SW8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL25oOFpwLUdOaTg3U1B2THRxeG5vVkRqbjhJby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF RjE5RS9BOTNFOTkzRTM0MEQxMUU0OUVDOTgxNjNDNEY5QUUwMi9uaDhacC1HTmk4 N1NQdkx0cXhub1ZEam44SW8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfUFnG8KerOtIqnXiEQdJ8YyTByJyPEL7wWMKyzDd6LrsKC9+jSZWG FcJpuPHhdyIi2YvuhduljR/1MN5ddMP61z/qJRUrYxh692LSylYSbRgJzZRC9CKa HnLKDiZ8l2oC7FRysV4o4Nf1/2lFAND0TpcZI4J4HLwmYaXKOzxv0VDfDIjPZVD6 l68qOoYRodBvDynzD6R2RuGSbmPkyQnJRQRB3K2gq92r8K+N8mtX8x4YXa1noZfZ MPxOVFpChYogY1CVDHyf/8S3lfDF6CQzTrxO+Uor0gmn4T0AfScPKb8DvWGEnPJM Fd4Az2eYQ/Cw5lDNaRKgQ79Luwbx15zb -----END CERTIFICATE-----Generated at Mon Oct 20 16:06:32 2025 by rpki-client