$ rpki-client -vvf rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft File: MhTiYKePfRZ36DATfBBlcwAxz2Y.mft (raw, json) Hash identifier: HEGW19WzthuNTstklK6/fYB+hTJjPeFTwoFXZ+MUQYE= Subject key identifier: ED:7C:75:2F:65:3F:A6:88:79:24:C8:89:F9:12:B1:37:B5:2C:AC:F4 Authority key identifier: 32:14:E2:60:A7:8F:7D:16:77:E8:30:13:7C:10:65:73:00:31:CF:66 Certificate issuer: /CN=A91F8981/serialNumber=3214E260A78F7D1677E830137C1065730031CF66 Certificate serial: D4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MhTiYKePfRZ36DATfBBlcwAxz2Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft Manifest number: D2 Signing time: Sun 19 Oct 2025 08:44:47 +0000 Manifest this update: Sun 19 Oct 2025 08:44:47 +0000 Manifest next update: Sun 26 Oct 2025 08:44:47 +0000 Files and hashes: 1: MhTiYKePfRZ36DATfBBlcwAxz2Y.crl (hash: 0zfBEtCjjqjEgstldsZSxw9IOnvUN4pBEoOxCTquPMo=) 2: D80D96066C7F11EF92105459C4F9AE02.roa (hash: OkcwSLx62N14Khc7pixM+04Kss5uqBIS1Fg1GMXXo9I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.crl rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MhTiYKePfRZ36DATfBBlcwAxz2Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:44:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 212 (0xd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F8981, serialNumber=3214E260A78F7D1677E830137C1065730031CF66 Validity Not Before: Oct 19 08:44:47 2025 GMT Not After : Oct 26 08:44:47 2025 GMT Subject: CN=68f4a4ff-8294 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:05:e1:41:83:42:cc:23:7b:68:1d:ee:07:16: 52:23:b5:6d:74:79:db:42:11:4d:01:36:4b:43:d1: d5:ca:34:f7:25:b7:a2:dc:77:1b:e9:cf:bf:09:cd: 85:bb:41:2d:32:e6:9d:10:21:83:55:aa:be:36:cb: 69:1d:ab:38:74:36:f8:c4:21:10:89:15:69:06:3f: 2c:70:8d:f3:1d:9b:df:b7:c6:47:22:3c:65:bd:76: 1e:a8:a7:73:b0:73:7b:a0:84:9e:62:c3:63:a4:4e: 5e:e6:0a:f5:cf:3d:6a:23:19:78:08:85:d0:fe:9b: 90:09:fc:b8:35:97:1a:1a:47:dc:c6:ae:00:4f:98: 44:6d:a2:24:11:ee:04:ee:3e:e1:03:d5:7e:9e:ac: 17:26:f2:b8:36:bc:90:18:cf:ba:ff:74:75:b9:2f: 56:78:eb:be:83:ad:16:76:38:d2:64:34:05:e4:81: 0d:b0:36:0e:7a:98:40:fe:f8:ea:43:a2:cd:d4:03: 40:e0:1e:a5:79:b8:ef:8f:d8:3a:66:fd:98:c3:a0: 9b:9e:0d:27:3f:aa:73:ad:06:25:46:bb:cd:ce:58: cc:c7:68:b7:65:78:ee:fa:dd:3c:8f:b2:88:77:4f: cb:32:ba:48:69:6c:39:7e:93:81:cf:48:0a:52:55: c2:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:7C:75:2F:65:3F:A6:88:79:24:C8:89:F9:12:B1:37:B5:2C:AC:F4 X509v3 Authority Key Identifier: keyid:32:14:E2:60:A7:8F:7D:16:77:E8:30:13:7C:10:65:73:00:31:CF:66 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/MhTiYKePfRZ36DATfBBlcwAxz2Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F8981/272B4C706C7F11EF914D7D57C4F9AE02/MhTiYKePfRZ36DATfBBlcwAxz2Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 76:6e:e8:e1:0d:68:a6:f3:45:f8:a0:2d:90:fd:df:a4:b4:9c: f9:b9:76:d5:ff:98:e5:24:b9:37:80:e8:88:6d:95:ba:da:d1: 3a:92:b1:91:37:c2:81:0c:b8:50:af:d7:21:5e:a8:1e:15:e0: 5b:cf:2a:6a:33:0d:79:4d:be:9a:5d:f4:0b:4e:50:02:a5:2e: 43:a7:e9:3b:75:94:23:47:06:70:6c:7b:f7:79:37:c7:b7:8d: ff:25:dc:a4:14:cd:93:d7:de:bd:d0:5f:22:65:40:3a:d5:9f: 37:f8:1a:ac:80:42:02:b1:d0:78:8a:9d:7c:9b:8f:de:57:c5: a8:3d:95:cb:d8:a2:b0:ac:2b:5d:c9:8d:01:41:e2:07:62:3f: e1:31:00:80:f0:08:17:f9:77:b6:c7:17:25:42:85:54:07:44: df:9e:8d:66:35:c5:ad:4e:73:58:bd:64:36:0e:ba:b0:87:c4: b9:ac:79:4f:99:0d:23:a7:da:5f:7a:2d:fe:12:5b:cb:c4:34: f1:79:34:23:0d:09:c6:93:e7:a7:3c:24:d0:2a:78:8f:d2:d8: cf:e3:86:77:be:b9:4a:f1:f8:2d:35:54:4a:ba:2b:24:0b:6b: 41:1c:42:ff:90:1a:56:3c:ef:e3:32:8c:30:c9:50:1b:d7:bf: c8:8f:d0:e7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Rjg5ODExMTAvBgNVBAUTKDMyMTRFMjYwQTc4RjdEMTY3N0U4MzAxMzdDMTA2NTcz MDAzMUNGNjYwHhcNMjUxMDE5MDg0NDQ3WhcNMjUxMDI2MDg0NDQ3WjAYMRYwFAYD VQQDEw02OGY0YTRmZi04Mjk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtQXhQYNCzCN7aB3uBxZSI7VtdHnbQhFNATZLQ9HVyjT3Jbei3Hcb6c+/Cc2F u0EtMuadECGDVaq+NstpHas4dDb4xCEQiRVpBj8scI3zHZvft8ZHIjxlvXYeqKdz sHN7oISeYsNjpE5e5gr1zz1qIxl4CIXQ/puQCfy4NZcaGkfcxq4AT5hEbaIkEe4E 7j7hA9V+nqwXJvK4NryQGM+6/3R1uS9WeOu+g60WdjjSZDQF5IENsDYOephA/vjq Q6LN1ANA4B6lebjvj9g6Zv2Yw6Cbng0nP6pzrQYlRrvNzljMx2i3ZXju+t08j7KI d0/LMrpIaWw5fpOBz0gKUlXCBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO18dS9l P6aIeSTIifkSsTe1LKz0MB8GA1UdIwQYMBaAFDIU4mCnj30Wd+gwE3wQZXMAMc9m MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGODk4MS8yNzJCNEM3MDZD N0YxMUVGOTE0RDdENTdDNEY5QUUwMi9NaFRpWUtlUGZSWjM2REFUZkJCbGN3QXh6 MlkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL01oVGlZS2VQZlJaMzZEQVRmQkJsY3dBeHoyWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG ODk4MS8yNzJCNEM3MDZDN0YxMUVGOTE0RDdENTdDNEY5QUUwMi9NaFRpWUtlUGZS WjM2REFUZkJCbGN3QXh6MlkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB2bujhDWim80X4oC2Q/d+ktJz5uXbV/5jlJLk3gOiIbZW62tE6krGR N8KBDLhQr9chXqgeFeBbzypqMw15Tb6aXfQLTlACpS5Dp+k7dZQjRwZwbHv3eTfH t43/JdykFM2T19690F8iZUA61Z83+BqsgEICsdB4ip18m4/eV8WoPZXL2KKwrCtd yY0BQeIHYj/hMQCA8AgX+Xe2xxclQoVUB0Tfno1mNcWtTnNYvWQ2Drqwh8S5rHlP mQ0jp9pfei3+ElvLxDTxeTQjDQnGk+enPCTQKniP0tjP44Z3vrlK8fgtNVRKuisk C2tBHEL/kBpWPO/jMowwyVAb17/Ij9Dn -----END CERTIFICATE-----Generated at Mon Oct 20 07:13:10 2025 by rpki-client