$ rpki-client -vvf rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft File: lyuQ2cUZIlatlkdbOSurGnp5zC0.mft (raw, json) Hash identifier: As14BINqETWCFb4IznyUyGX/f6O9eCtlChpINSgAvGg= Subject key identifier: 65:60:8C:F5:58:1E:CF:93:9B:BF:91:DA:FB:AC:1A:9A:A3:A8:01:E5 Authority key identifier: 97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D Certificate issuer: /CN=A9132FD9/serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Certificate serial: 65 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft Manifest number: 61 Signing time: Wed 05 Nov 2025 07:18:14 +0000 Manifest this update: Wed 05 Nov 2025 07:18:13 +0000 Manifest next update: Wed 12 Nov 2025 07:18:13 +0000 Files and hashes: 1: lyuQ2cUZIlatlkdbOSurGnp5zC0.crl (hash: wyic/nIu6JitLzjYFtXvH/rNx1Kt+wJBPNt54R/iJ7M=) 2: DCC2224A313011F0BE214A64C4F9AE02.roa (hash: boAAaQY0nzMtC8MdALGWU7uiMFPgsCoPJLOiVmNOgmU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 06:50:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 101 (0x65) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132FD9, serialNumber=972B90D9C5192256AD96475B392BAB1A7A79CC2D Validity Not Before: Nov 5 07:18:13 2025 GMT Not After : Nov 12 07:18:13 2025 GMT Subject: CN=690afa36-478a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:23:a6:1e:1e:b7:c7:21:43:05:79:dd:40:d8: 3f:29:c8:9a:f2:c5:a7:61:f6:54:54:28:7c:44:e9: c2:e4:b4:a1:0e:cc:1b:21:ca:c5:4c:20:4a:d2:7f: 8c:29:df:83:4e:9a:71:97:d2:26:73:3e:f1:22:13: d8:e3:dc:61:6d:a2:78:31:08:0f:14:b1:06:8a:18: 87:55:b5:23:72:3b:ad:10:fb:a5:49:04:b6:72:81: 2e:c8:0d:44:ec:60:b4:38:cb:14:4c:2d:fa:b9:b0: bf:3c:60:5a:fe:ff:6d:3c:fd:e0:ed:7e:bd:52:8a: 2d:35:ea:34:33:b1:bf:1b:01:cd:fa:a6:fd:f5:d5: 9a:15:7e:94:41:40:49:2b:bd:08:76:69:24:10:df: a5:77:18:ca:09:2d:bb:b3:2a:7c:51:46:6e:ee:b1: c5:39:24:65:1a:90:94:f9:b7:56:54:3d:44:d8:d2: 94:bf:ec:88:3e:66:d4:5d:14:23:f8:5f:7c:47:5f: 14:58:4c:66:81:73:08:da:89:26:d9:7b:db:99:dd: 64:aa:a2:f3:d0:34:c2:0d:91:5f:a3:65:8f:f5:ff: 66:04:90:08:5c:72:a9:34:7f:87:40:1b:ef:47:91: 1a:f9:3f:8b:d6:87:dd:3f:5f:c9:34:4a:e3:e1:2f: b9:dd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:60:8C:F5:58:1E:CF:93:9B:BF:91:DA:FB:AC:1A:9A:A3:A8:01:E5 X509v3 Authority Key Identifier: keyid:97:2B:90:D9:C5:19:22:56:AD:96:47:5B:39:2B:AB:1A:7A:79:CC:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lyuQ2cUZIlatlkdbOSurGnp5zC0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132FD9/7F9A70342BB511F09DE5BA4EC4F9AE02/lyuQ2cUZIlatlkdbOSurGnp5zC0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:3f:2f:6a:c2:2d:83:61:80:eb:34:47:51:0b:f7:cc:4c:43: 85:7e:c6:27:2e:2a:29:a2:13:d4:9b:e3:a6:1a:a6:57:19:96: a0:ee:ef:73:06:d4:0d:af:71:64:2a:29:da:25:ef:77:cd:15: db:0c:37:b9:6d:f5:29:d4:f7:87:fd:26:81:ed:d8:0f:9b:0e: 67:13:3a:78:c9:13:67:ba:7f:fd:3d:15:ac:78:e4:5f:eb:03: e9:60:43:e0:86:0d:99:04:5e:21:dc:3e:1d:07:1a:62:07:de: dc:fc:03:55:d2:4f:dc:e8:af:f6:7e:4b:11:58:d0:bd:5a:a2: 03:42:3b:ac:6e:99:c6:de:01:3b:80:fc:fa:eb:b4:75:db:c2: f2:78:17:b5:ba:5b:69:dc:71:d3:9e:c1:3c:9b:d1:5f:07:ac: 66:87:71:67:c3:48:fe:06:8f:6c:aa:71:6a:91:a0:34:8b:e6: f1:8b:b0:c7:98:1d:c4:94:21:9e:e2:26:4e:15:7e:08:aa:b0: 6f:4d:d4:54:b7:6d:c5:04:18:c5:32:4b:e4:9c:19:f9:25:bc: e7:4f:6c:63:b2:ec:db:75:31:e2:21:36:fd:c8:f2:ea:ee:42: 60:1c:ea:78:4a:90:b2:60:f3:90:ad:ad:ea:77:9e:d9:eb:bc: 95:c3:12:7d -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBZTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEz MkZEOTExMC8GA1UEBRMoOTcyQjkwRDlDNTE5MjI1NkFEOTY0NzVCMzkyQkFCMUE3 QTc5Q0MyRDAeFw0yNTExMDUwNzE4MTNaFw0yNTExMTIwNzE4MTNaMBgxFjAUBgNV BAMTDTY5MGFmYTM2LTQ3OGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDOI6YeHrfHIUMFed1A2D8pyJryxadh9lRUKHxE6cLktKEOzBshysVMIErSf4wp 34NOmnGX0iZzPvEiE9jj3GFtongxCA8UsQaKGIdVtSNyO60Q+6VJBLZygS7IDUTs YLQ4yxRMLfq5sL88YFr+/208/eDtfr1Sii016jQzsb8bAc36pv311ZoVfpRBQEkr vQh2aSQQ36V3GMoJLbuzKnxRRm7uscU5JGUakJT5t1ZUPUTY0pS/7Ig+ZtRdFCP4 X3xHXxRYTGaBcwjaiSbZe9uZ3WSqovPQNMINkV+jZY/1/2YEkAhccqk0f4dAG+9H kRr5P4vWh90/X8k0SuPhL7ndAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZWCM9Vge z5Obv5Ha+6wamqOoAeUwHwYDVR0jBBgwFoAUlyuQ2cUZIlatlkdbOSurGnp5zC0w DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMyRkQ5LzdGOUE3MDM0MkJC NTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxhdGxrZGJPU3VyR25wNXpD MC5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvbHl1UTJjVVpJbGF0bGtkYk9TdXJHbnA1ekMwLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTMy RkQ5LzdGOUE3MDM0MkJCNTExRjA5REU1QkE0RUM0RjlBRTAyL2x5dVEyY1VaSWxh dGxrZGJPU3VyR25wNXpDMC5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABs/L2rCLYNhgOs0R1EL98xMQ4V+xicuKimiE9Sb46YaplcZlqDu73MG 1A2vcWQqKdol73fNFdsMN7lt9SnU94f9JoHt2A+bDmcTOnjJE2e6f/09Fax45F/r A+lgQ+CGDZkEXiHcPh0HGmIH3tz8A1XST9zor/Z+SxFY0L1aogNCO6xumcbeATuA /PrrtHXbwvJ4F7W6W2nccdOewTyb0V8HrGaHcWfDSP4Gj2yqcWqRoDSL5vGLsMeY HcSUIZ7iJk4VfgiqsG9N1FS3bcUEGMUyS+ScGfklvOdPbGOy7Nt1MeIhNv3I8uru QmAc6nhKkLJg85Ctrep3ntnrvJXDEn0= -----END CERTIFICATE-----Generated at Wed Nov 5 08:58:52 2025 by rpki-client