$ rpki-client -vvf rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft File: gez_R_JbIULxDfbUmuDiGf7XR_g.mft (raw, json) Hash identifier: X1KUby7xDFiExb1MQfrnnFCyPKWgjz4NkoGo3VZi9BY= Subject key identifier: B0:FC:02:2A:04:A9:E3:BE:CE:76:8B:E1:AF:4A:1B:4C:4E:16:E2:AA Authority key identifier: 81:EC:FF:47:F2:5B:21:42:F1:0D:F6:D4:9A:E0:E2:19:FE:D7:47:F8 Certificate issuer: /CN=A913E5D6/serialNumber=81ECFF47F25B2142F10DF6D49AE0E219FED747F8 Certificate serial: 0858 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft Manifest number: 084B Signing time: Tue 04 Nov 2025 20:50:03 +0000 Manifest this update: Tue 04 Nov 2025 20:50:03 +0000 Manifest next update: Tue 11 Nov 2025 20:50:03 +0000 Files and hashes: 1: gez_R_JbIULxDfbUmuDiGf7XR_g.crl (hash: urOl+LfnVcRaokqV3mdAst78B/nh8NR4qktGHXcO3J8=) 2: B287525CE81011EA926BE66FC4F9AE02.roa (hash: sFHCJw5BrykaJrt5HBvIuIZlR2YHVfxWnMrA0b3Zjo0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.crl rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:50:02 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2136 (0x858) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E5D6, serialNumber=81ECFF47F25B2142F10DF6D49AE0E219FED747F8 Validity Not Before: Nov 4 20:50:03 2025 GMT Not After : Nov 11 20:50:03 2025 GMT Subject: CN=690a66fb-f640 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ed:53:8e:4c:be:0a:36:3d:51:9d:d9:bd:e2: 3a:93:79:43:d3:49:fd:da:1c:70:02:8b:68:8b:74: 9e:f6:ed:58:b2:85:7f:b0:aa:29:6e:25:ea:31:fc: 03:3c:33:db:8a:a1:69:ce:43:7b:d8:c2:59:c8:26: cf:51:8b:17:fc:b8:5e:fc:50:ea:2a:e0:94:07:c9: 29:bb:59:36:74:27:16:55:26:31:94:f3:bc:03:e4: 79:e6:ce:33:f8:c2:1d:1b:da:fd:38:cb:25:51:cb: ee:e8:21:81:3c:4e:e4:ab:b9:54:a1:c6:c1:72:bb: 12:98:bf:20:18:69:c9:05:fb:5f:64:7f:a9:00:d8: e6:90:70:c8:3f:f9:1d:c0:6c:2a:3a:d2:5d:84:ad: a3:ed:d3:ce:9f:e3:aa:46:2a:69:c8:92:c7:fb:d7: 49:31:c9:93:b5:5f:dc:ed:b3:5d:e2:48:17:14:9a: 68:4d:3d:b8:bd:fb:e9:c9:7f:ea:18:f7:f4:1a:94: d2:8b:2f:42:1f:83:8f:12:14:d6:6c:a0:cf:c2:d5: 38:1f:53:31:d0:cb:81:28:ad:71:40:95:da:a4:4f: 85:ff:de:74:ca:21:ad:d7:3d:ce:32:65:84:ea:3e: ab:34:49:da:70:44:85:ec:05:70:62:50:31:01:d0: c7:b1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B0:FC:02:2A:04:A9:E3:BE:CE:76:8B:E1:AF:4A:1B:4C:4E:16:E2:AA X509v3 Authority Key Identifier: keyid:81:EC:FF:47:F2:5B:21:42:F1:0D:F6:D4:9A:E0:E2:19:FE:D7:47:F8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/gez_R_JbIULxDfbUmuDiGf7XR_g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E5D6/5A52F912E75A11EAB96F9D60C4F9AE02/gez_R_JbIULxDfbUmuDiGf7XR_g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a6:de:43:10:d1:31:f5:80:96:20:ff:bf:19:a8:3f:14:d3:2a: 08:50:05:65:a0:f0:f2:f0:37:66:6a:0f:63:b5:d0:d7:db:89: 61:fc:a4:ee:b3:b4:80:d9:84:5d:4d:4e:7c:12:44:db:7a:58: 16:9e:ec:15:23:4f:10:e0:7c:b7:4f:88:c8:c3:03:c1:9b:b3: 53:00:7f:d6:cb:12:4b:56:7b:58:cf:03:e3:54:cd:d3:69:7e: 5d:5e:48:ec:23:fa:f9:5e:bc:1d:6f:8f:fc:17:35:29:9a:2c: 86:ac:16:5a:5b:ec:ee:3f:4b:b8:d9:06:3d:d5:2c:a5:41:1c: 41:3f:96:3b:64:ad:ad:e5:60:c2:84:e1:90:65:a0:2d:76:2f: 46:12:40:fb:e8:c6:56:be:45:01:a5:e7:f8:ed:69:73:42:1d: 51:42:ea:21:1f:bf:b3:c9:fa:8b:88:09:8f:e8:4a:3a:4f:2b: 8a:21:d9:68:52:55:26:f0:3a:1a:9f:b7:f8:58:a9:7f:90:72: 74:68:e5:e8:d6:ef:50:a6:38:75:fe:8c:72:48:f9:bc:3b:81: b1:72:2b:ef:01:f1:8a:79:7f:9e:d5:fc:8b:28:94:f1:d6:90: 11:20:20:97:9f:c3:b0:1e:26:76:04:21:4b:99:28:c0:e8:86: c0:a1:9a:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCFgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U1RDYxMTAvBgNVBAUTKDgxRUNGRjQ3RjI1QjIxNDJGMTBERjZENDlBRTBFMjE5 RkVENzQ3RjgwHhcNMjUxMTA0MjA1MDAzWhcNMjUxMTExMjA1MDAzWjAYMRYwFAYD VQQDEw02OTBhNjZmYi1mNjQwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtO1Tjky+CjY9UZ3ZveI6k3lD00n92hxwAotoi3Se9u1YsoV/sKopbiXqMfwD PDPbiqFpzkN72MJZyCbPUYsX/Lhe/FDqKuCUB8kpu1k2dCcWVSYxlPO8A+R55s4z +MIdG9r9OMslUcvu6CGBPE7kq7lUocbBcrsSmL8gGGnJBftfZH+pANjmkHDIP/kd wGwqOtJdhK2j7dPOn+OqRippyJLH+9dJMcmTtV/c7bNd4kgXFJpoTT24vfvpyX/q GPf0GpTSiy9CH4OPEhTWbKDPwtU4H1Mx0MuBKK1xQJXapE+F/950yiGt1z3OMmWE 6j6rNEnacESF7AVwYlAxAdDHsQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLD8AioE qeO+znaL4a9KG0xOFuKqMB8GA1UdIwQYMBaAFIHs/0fyWyFC8Q321Jrg4hn+10f4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTVENi81QTUyRjkxMkU3 NUExMUVBQjk2RjlENjBDNEY5QUUwMi9nZXpfUl9KYklVTHhEZmJVbXVEaUdmN1hS X2cuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2dlel9SX0piSVVMeERmYlVtdURpR2Y3WFJfZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTVENi81QTUyRjkxMkU3NUExMUVBQjk2RjlENjBDNEY5QUUwMi9nZXpfUl9KYklV THhEZmJVbXVEaUdmN1hSX2cubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCm3kMQ0TH1gJYg/78ZqD8U0yoIUAVloPDy8Ddmag9jtdDX24lh/KTu s7SA2YRdTU58EkTbelgWnuwVI08Q4Hy3T4jIwwPBm7NTAH/WyxJLVntYzwPjVM3T aX5dXkjsI/r5Xrwdb4/8FzUpmiyGrBZaW+zuP0u42QY91SylQRxBP5Y7ZK2t5WDC hOGQZaAtdi9GEkD76MZWvkUBpef47WlzQh1RQuohH7+zyfqLiAmP6Eo6TyuKIdlo UlUm8Doan7f4WKl/kHJ0aOXo1u9Qpjh1/oxySPm8O4GxcivvAfGKeX+e1fyLKJTx 1pARICCXn8OwHiZ2BCFLmSjA6IbAoZqz -----END CERTIFICATE-----Generated at Wed Nov 5 15:13:06 2025 by rpki-client