$ rpki-client -vvf rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft File: ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft (raw, json) Hash identifier: IjHz8lgZCqPOL5HRpJ6JyooaR1h70kgS+4pHQmprO6o= Subject key identifier: 7A:C7:10:18:B7:89:67:56:CC:ED:6E:C1:40:5C:60:37:8A:85:B3:70 Authority key identifier: 21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC Certificate issuer: /CN=A912382E/serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Certificate serial: 18F6 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft Manifest number: 18ED Signing time: Tue 04 Nov 2025 16:33:15 +0000 Manifest this update: Tue 04 Nov 2025 16:33:14 +0000 Manifest next update: Tue 11 Nov 2025 16:33:14 +0000 Files and hashes: 1: ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl (hash: JRUQbhYtfJmrmTTL6UZjes38aZAurXPTegcdj/9hsY8=) 2: BD843CCE984011E79A256C82C4F9AE02.roa (hash: cv0ZUc0lebxpCeCaHLbic5zL6MtIPbL3843SH+qN9Dk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:33:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6390 (0x18f6) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912382E, serialNumber=213436BA23A9AF250BF25DDEA50C762219F906BC Validity Not Before: Nov 4 16:33:14 2025 GMT Not After : Nov 11 16:33:14 2025 GMT Subject: CN=690a2aca-03ce Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d1:65:db:82:6f:30:86:f9:46:49:05:b8:68:74: 75:5b:7b:48:0d:f1:1a:ed:0b:74:bc:08:b1:e6:98: c6:e2:cb:7f:f7:de:d6:ce:41:42:08:2a:c2:23:3e: f0:90:32:83:33:80:a2:3d:4c:55:0d:1d:92:1f:3b: 71:f2:8e:3d:30:6c:b3:fe:df:97:16:d8:b4:76:e5: d8:69:99:35:c1:b4:c9:29:e3:09:65:f5:b0:31:53: bb:9a:44:42:a7:eb:f5:13:0c:f6:57:08:8b:5f:9e: d9:b3:d2:c9:cd:fe:5b:3e:37:89:03:09:bc:29:a7: c6:bc:81:e0:e3:6c:0f:3c:2a:5f:29:bd:55:a3:8a: 6a:48:d0:64:5c:42:54:0a:15:37:e5:36:4d:f8:85: b9:e1:f5:a7:f7:09:d5:df:4f:c1:01:2c:38:12:5f: 94:82:7f:3d:0a:a8:8b:e4:1d:86:bd:bb:aa:d8:9b: cf:e9:87:93:c7:22:b2:81:21:94:0d:5b:8b:ab:f9: 33:d4:e6:ef:eb:26:ae:79:cb:7f:15:86:9c:4e:08: 62:a4:35:31:8c:6a:5e:57:27:f0:0c:78:ce:72:16: 7f:66:91:d5:e5:4c:ee:f0:2d:e0:8a:51:9a:02:bb: be:93:b3:af:be:ff:fc:b9:fa:c9:39:09:1f:89:58: 09:47 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7A:C7:10:18:B7:89:67:56:CC:ED:6E:C1:40:5C:60:37:8A:85:B3:70 X509v3 Authority Key Identifier: keyid:21:34:36:BA:23:A9:AF:25:0B:F2:5D:DE:A5:0C:76:22:19:F9:06:BC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/ITQ2uiOpryUL8l3epQx2Ihn5Brw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912382E/311EAC56984011E7B768EB81C4F9AE02/ITQ2uiOpryUL8l3epQx2Ihn5Brw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 78:0a:ae:e2:13:ab:e4:8c:81:a0:a7:ca:f1:bc:5c:42:31:8e: 72:e7:3c:5a:cf:2f:92:71:51:0a:ab:43:32:88:a9:c7:0f:f1: 2a:fd:af:a2:cd:12:6d:59:c1:e9:1c:c9:b9:10:70:dc:70:c4: 67:19:08:a4:0e:42:4b:13:f6:3d:1e:e6:b9:e9:66:ba:e0:4d: db:be:01:2b:dd:4c:88:b8:32:f3:e3:c2:0d:ed:28:8b:90:09: 02:da:7b:1b:1b:15:3d:c9:c7:23:51:21:22:c9:ce:f9:b4:20: 8e:96:82:51:8f:97:55:d5:f8:9c:c1:26:d8:63:c9:73:09:2b: c4:a7:d4:d5:a4:14:59:04:c8:8b:9d:76:bb:f2:d9:80:ec:e7: c5:12:08:4e:7e:2f:f3:d3:49:da:00:a9:b9:02:3a:48:ae:67: 81:7c:05:98:1c:d4:8c:4e:e2:48:5f:eb:ed:06:07:2e:02:c6: 40:2f:99:60:e8:02:d1:83:f3:8d:a9:7a:45:95:5b:3e:da:49: 91:76:2f:ae:97:99:e8:5b:a4:be:22:08:09:53:ed:01:91:b4: 24:de:93:26:bf:d5:68:26:2d:be:ee:79:2f:40:f7:f8:e4:ea: b6:7a:cc:76:d6:df:72:f3:5f:41:7f:d0:9e:b5:a3:59:d7:20: 8e:fa:82:32 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGPYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjM4MkUxMTAvBgNVBAUTKDIxMzQzNkJBMjNBOUFGMjUwQkYyNURERUE1MEM3NjIy MTlGOTA2QkMwHhcNMjUxMTA0MTYzMzE0WhcNMjUxMTExMTYzMzE0WjAYMRYwFAYD VQQDEw02OTBhMmFjYS0wM2NlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0WXbgm8whvlGSQW4aHR1W3tIDfEa7Qt0vAix5pjG4st/997WzkFCCCrCIz7w kDKDM4CiPUxVDR2SHztx8o49MGyz/t+XFti0duXYaZk1wbTJKeMJZfWwMVO7mkRC p+v1Ewz2VwiLX57Zs9LJzf5bPjeJAwm8KafGvIHg42wPPCpfKb1Vo4pqSNBkXEJU ChU35TZN+IW54fWn9wnV30/BASw4El+Ugn89CqiL5B2Gvbuq2JvP6YeTxyKygSGU DVuLq/kz1Obv6yauect/FYacTghipDUxjGpeVyfwDHjOchZ/ZpHV5Uzu8C3gilGa Aru+k7Ovvv/8ufrJOQkfiVgJRwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHrHEBi3 iWdWzO1uwUBcYDeKhbNwMB8GA1UdIwQYMBaAFCE0Nrojqa8lC/Jd3qUMdiIZ+Qa8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMzgyRS8zMTFFQUM1Njk4 NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5VUw4bDNlcFF4MklobjVC cncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0lUUTJ1aU9wcnlVTDhsM2VwUXgySWhuNUJydy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MzgyRS8zMTFFQUM1Njk4NDAxMUU3Qjc2OEVCODFDNEY5QUUwMi9JVFEydWlPcHJ5 VUw4bDNlcFF4MklobjVCcncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB4Cq7iE6vkjIGgp8rxvFxCMY5y5zxazy+ScVEKq0MyiKnHD/Eq/a+i zRJtWcHpHMm5EHDccMRnGQikDkJLE/Y9Hua56Wa64E3bvgEr3UyIuDLz48IN7SiL kAkC2nsbGxU9yccjUSEiyc75tCCOloJRj5dV1ficwSbYY8lzCSvEp9TVpBRZBMiL nXa78tmA7OfFEghOfi/z00naAKm5AjpIrmeBfAWYHNSMTuJIX+vtBgcuAsZAL5lg 6ALRg/ONqXpFlVs+2kmRdi+ul5noW6S+IggJU+0BkbQk3pMmv9VoJi2+7nkvQPf4 5Oq2esx21t9y819Bf9CetaNZ1yCO+oIy -----END CERTIFICATE-----Generated at Wed Nov 5 12:27:45 2025 by rpki-client