$ rpki-client -vvf rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft File: R2lFsh8liffnEnUf50f6IUOlI1s.mft (raw, json) Hash identifier: r8AY+vn5iVBTRu/r1dhKXiHn0VFr7wNPzYQNM88AUh0= Subject key identifier: 9B:D0:3F:A4:81:B3:48:45:05:79:B3:DC:AD:D0:67:9C:C8:5D:78:28 Authority key identifier: 47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B Certificate issuer: /CN=A9132B1D/serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Certificate serial: 02B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft Manifest number: 02B2 Signing time: Wed 05 Nov 2025 01:35:30 +0000 Manifest this update: Wed 05 Nov 2025 01:35:29 +0000 Manifest next update: Wed 12 Nov 2025 01:35:29 +0000 Files and hashes: 1: R2lFsh8liffnEnUf50f6IUOlI1s.crl (hash: ZZxc+KGUPtF+/1cOe/+9KCmdY2wEswUJfHhClXza8W8=) 2: A917D87217A711ED8D17FC7CC4F9AE02.roa (hash: z4fSX+HgysFgztcLVSgzgNzcCLSP4fk+TSQS6+LuYQI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 01:35:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 695 (0x2b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132B1D, serialNumber=476945B21F2589F7E712751FE747FA2143A5235B Validity Not Before: Nov 5 01:35:29 2025 GMT Not After : Nov 12 01:35:29 2025 GMT Subject: CN=690aa9e1-d9e0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:83:b7:49:0d:b6:96:dd:cd:d6:c1:7a:9b:d5: 61:39:00:5d:2f:72:d5:1a:c2:c9:2c:c8:5d:33:d6: 05:06:0c:31:89:5c:f3:47:21:87:99:16:b4:83:18: 69:65:75:33:8c:3b:00:58:5f:4a:c0:ea:c2:0b:3c: c8:c8:16:40:e0:79:e8:74:5a:cf:d3:dc:fa:4c:59: 22:16:40:f0:a8:3f:6b:38:4a:0c:47:69:7b:09:09: f7:c7:32:36:51:75:59:82:f6:ef:2d:8a:34:da:c6: c1:89:60:d8:d5:f2:c9:6d:8e:18:be:7a:ed:4e:d3: 67:73:84:4a:63:47:f4:2e:7d:dd:b5:be:92:03:68: d0:2b:00:40:53:ba:b7:a2:47:5d:a1:49:6e:08:97: f8:d2:b3:21:22:45:27:df:7b:97:16:c8:5a:3c:c1: ac:c8:01:ef:b9:20:5a:f1:59:d1:ff:17:72:40:f2: e0:e6:79:45:b5:44:a2:04:33:d2:9f:1b:b6:1b:38: 4e:97:79:7b:20:05:b1:e6:3b:34:73:3e:c6:83:5b: fa:76:ab:f5:36:08:c8:65:2c:20:8d:91:c7:1b:ee: a6:86:f4:8f:24:97:59:96:24:3e:fb:60:33:10:2f: 06:d9:4c:6f:9a:88:b9:fc:c7:fb:ad:bc:94:51:3d: 6a:6b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9B:D0:3F:A4:81:B3:48:45:05:79:B3:DC:AD:D0:67:9C:C8:5D:78:28 X509v3 Authority Key Identifier: keyid:47:69:45:B2:1F:25:89:F7:E7:12:75:1F:E7:47:FA:21:43:A5:23:5B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/R2lFsh8liffnEnUf50f6IUOlI1s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132B1D/30203ED017A411EDB3601564C4F9AE02/R2lFsh8liffnEnUf50f6IUOlI1s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0e:51:b4:97:fa:9b:d8:14:21:37:9f:a8:92:0a:2d:89:0a:9f: a5:76:13:32:6d:55:67:04:8e:d2:cd:c3:46:27:2d:38:23:1d: c8:a1:93:4c:be:3a:71:24:c3:28:b0:a2:2f:e9:82:aa:33:63: 17:65:d0:28:91:0b:21:32:74:f6:d2:7b:a7:db:27:f9:ab:a0: a7:1c:83:72:e4:18:3c:dc:f7:a5:60:dc:f3:17:c0:31:49:79: dc:da:d9:04:51:12:d4:89:c0:83:a8:e7:27:fc:1b:2a:00:6e: 60:91:cf:1c:f5:93:4e:d6:6f:18:f6:a8:91:ff:f7:25:56:b1: db:f8:9b:27:bd:61:c4:8c:31:28:dc:23:52:34:00:ba:9c:dc: 7d:d5:d1:4a:9f:d0:04:ec:8a:9c:a0:ac:ad:37:f3:b5:20:88: 94:5e:81:55:71:39:45:56:62:fc:08:48:41:5a:c0:90:8a:38: d5:fa:31:b0:03:7d:31:5d:a5:a9:37:36:fb:38:f8:b9:b2:48: 95:a2:68:6e:e4:d0:45:75:23:40:11:ad:c0:cf:7a:d2:1f:6c: 35:27:c8:4c:7c:7c:cd:58:de:fd:e3:2b:20:86:05:4b:d6:0e: cc:bb:c3:88:f6:da:cc:63:79:56:8c:54:8e:8d:e7:2d:ea:0f: 47:92:04:ac -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICArcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJCMUQxMTAvBgNVBAUTKDQ3Njk0NUIyMUYyNTg5RjdFNzEyNzUxRkU3NDdGQTIx NDNBNTIzNUIwHhcNMjUxMTA1MDEzNTI5WhcNMjUxMTEyMDEzNTI5WjAYMRYwFAYD VQQDEw02OTBhYTllMS1kOWUwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuYO3SQ22lt3N1sF6m9VhOQBdL3LVGsLJLMhdM9YFBgwxiVzzRyGHmRa0gxhp ZXUzjDsAWF9KwOrCCzzIyBZA4HnodFrP09z6TFkiFkDwqD9rOEoMR2l7CQn3xzI2 UXVZgvbvLYo02sbBiWDY1fLJbY4YvnrtTtNnc4RKY0f0Ln3dtb6SA2jQKwBAU7q3 okddoUluCJf40rMhIkUn33uXFshaPMGsyAHvuSBa8VnR/xdyQPLg5nlFtUSiBDPS nxu2GzhOl3l7IAWx5js0cz7Gg1v6dqv1NgjIZSwgjZHHG+6mhvSPJJdZliQ++2Az EC8G2Uxvmoi5/Mf7rbyUUT1qawIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJvQP6SB s0hFBXmz3K3QZ5zIXXgoMB8GA1UdIwQYMBaAFEdpRbIfJYn35xJ1H+dH+iFDpSNb MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkIxRC8zMDIwM0VEMDE3 QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlmZm5FblVmNTBmNklVT2xJ MXMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1IybEZzaDhsaWZmbkVuVWY1MGY2SVVPbEkxcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkIxRC8zMDIwM0VEMDE3QTQxMUVEQjM2MDE1NjRDNEY5QUUwMi9SMmxGc2g4bGlm Zm5FblVmNTBmNklVT2xJMXMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAOUbSX+pvYFCE3n6iSCi2JCp+ldhMybVVnBI7SzcNGJy04Ix3IoZNM vjpxJMMosKIv6YKqM2MXZdAokQshMnT20nun2yf5q6CnHINy5Bg83PelYNzzF8Ax SXnc2tkEURLUicCDqOcn/BsqAG5gkc8c9ZNO1m8Y9qiR//clVrHb+JsnvWHEjDEo 3CNSNAC6nNx91dFKn9AE7IqcoKytN/O1IIiUXoFVcTlFVmL8CEhBWsCQijjV+jGw A30xXaWpNzb7OPi5skiVomhu5NBFdSNAEa3Az3rSH2w1J8hMfHzNWN794ysghgVL 1g7Mu8OI9trMY3lWjFSOject6g9HkgSs -----END CERTIFICATE-----Generated at Wed Nov 5 20:58:13 2025 by rpki-client