$ rpki-client -vvf rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft File: 2zfNKCxsfbw6kLEDt6I53NFY_2A.mft (raw, json) Hash identifier: e5R0bN1XL9Dfo0ushet7h369A79mwlwjOekEXKMylU4= Subject key identifier: 90:98:38:14:EC:C8:41:13:D4:6F:C7:C3:96:6D:C0:03:2F:89:45:3F Authority key identifier: DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 Certificate issuer: /CN=A913E652/serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Certificate serial: 0921 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft Manifest number: 091A Signing time: Tue 04 Nov 2025 20:22:05 +0000 Manifest this update: Tue 04 Nov 2025 20:22:05 +0000 Manifest next update: Tue 11 Nov 2025 20:22:05 +0000 Files and hashes: 1: 2zfNKCxsfbw6kLEDt6I53NFY_2A.crl (hash: KYJlQOKVD7wRd51HVTSk4WpdV4AlgsCkuIx31kbwENg=) 2: 6154A3B0B2B611EAA5884016C4F9AE02.roa (hash: m3vZJbIZBtxTaQynxqIVLeVn+IvoTb+bYR9Z6G9kdLY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:22:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2337 (0x921) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A913E652, serialNumber=DB37CD282C6C7DBC3A90B103B7A239DCD158FF60 Validity Not Before: Nov 4 20:22:05 2025 GMT Not After : Nov 11 20:22:05 2025 GMT Subject: CN=690a606d-2f2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:b3:30:93:d1:99:a6:b4:96:d9:4c:a7:e3:b8: 9c:cf:c7:79:d6:ec:8e:a8:41:1e:ff:e7:37:d9:9e: 4d:96:6c:8e:47:31:70:f3:d9:5f:83:41:9b:0b:16: 28:db:f1:48:c8:e5:96:06:cd:bb:9c:f6:fd:0d:55: f8:c4:ff:4c:21:fe:66:60:a5:90:71:5a:9e:e4:f2: 01:b0:86:03:c2:72:16:e9:7c:5a:88:68:ce:e8:96: a5:60:96:c8:3e:e2:18:b1:88:28:3b:d3:19:e2:71: 2a:5c:6e:28:57:1d:db:58:05:86:29:5d:e3:8e:8c: 73:75:68:f2:e2:2e:09:ba:94:d3:b9:a1:1c:b0:a3: b9:47:be:d8:4e:8b:01:e7:54:7f:3e:e0:f1:bd:32: f8:82:e3:4b:f3:bb:49:01:a7:23:af:07:20:f5:18: 06:6c:b1:e7:92:c1:98:06:1f:d6:94:d2:58:e4:f5: dc:9f:05:a6:04:66:e7:62:82:fd:64:69:03:85:39: 5e:f6:d3:c7:c2:5d:49:03:08:b8:fa:ba:45:3a:dc: 8a:e6:43:4c:89:f7:09:3f:db:4d:7e:8d:1e:af:c9: be:1f:ca:22:10:a8:e7:77:11:86:7a:64:a5:4e:3d: a6:4a:34:02:2f:be:59:f8:33:c0:8e:db:30:6f:7d: f1:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 90:98:38:14:EC:C8:41:13:D4:6F:C7:C3:96:6D:C0:03:2F:89:45:3F X509v3 Authority Key Identifier: keyid:DB:37:CD:28:2C:6C:7D:BC:3A:90:B1:03:B7:A2:39:DC:D1:58:FF:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zfNKCxsfbw6kLEDt6I53NFY_2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A913E652/600AB464B2B511EA8ADC4415C4F9AE02/2zfNKCxsfbw6kLEDt6I53NFY_2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:ac:fd:36:f0:b8:28:ed:5d:a3:2e:e5:f0:16:91:41:f6:c5: 00:af:0d:30:e1:8c:d0:78:2b:51:2d:c8:f5:87:6f:bc:33:c3: a3:84:8a:fa:5d:0c:11:8b:4c:76:74:6c:84:af:42:6b:a0:9e: f2:82:4a:c3:a9:54:a6:ce:95:97:18:10:18:6d:d8:18:69:b8: ca:3d:01:3c:80:34:70:8f:11:bf:10:5c:47:fe:1f:03:0b:c8: 8e:d0:3e:6b:30:a8:0a:71:06:b7:00:53:34:54:c5:52:e3:1f: df:67:f5:81:13:65:5f:a4:a4:4e:d7:d6:d4:43:f1:10:e6:0b: e7:b3:e3:80:59:75:74:4f:15:2f:e1:59:7c:df:c8:0d:89:26: 36:ff:58:68:be:9e:b2:7c:81:f8:81:a9:53:1f:08:ae:72:7f: f2:78:43:7d:05:72:82:07:25:ba:10:0a:ab:f0:67:2c:7a:fe: 43:97:c2:dd:2d:d6:99:f9:b9:46:33:d3:4d:a5:c9:e7:e9:c7: d4:0e:ab:bc:e1:20:c4:2e:3b:87:56:d7:d3:85:1d:21:e6:53: 2d:a3:44:17:c0:96:56:e5:a4:ce:26:64:ac:77:02:87:bb:40: 6c:2d:16:2e:70:34:9a:7a:07:db:4f:81:0a:e0:c5:b9:23:8d: 97:ec:83:35 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCSEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx M0U2NTIxMTAvBgNVBAUTKERCMzdDRDI4MkM2QzdEQkMzQTkwQjEwM0I3QTIzOURD RDE1OEZGNjAwHhcNMjUxMTA0MjAyMjA1WhcNMjUxMTExMjAyMjA1WjAYMRYwFAYD VQQDEw02OTBhNjA2ZC0yZjJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1rMwk9GZprSW2Uyn47icz8d51uyOqEEe/+c32Z5NlmyORzFw89lfg0GbCxYo 2/FIyOWWBs27nPb9DVX4xP9MIf5mYKWQcVqe5PIBsIYDwnIW6XxaiGjO6JalYJbI PuIYsYgoO9MZ4nEqXG4oVx3bWAWGKV3jjoxzdWjy4i4JupTTuaEcsKO5R77YTosB 51R/PuDxvTL4guNL87tJAacjrwcg9RgGbLHnksGYBh/WlNJY5PXcnwWmBGbnYoL9 ZGkDhTle9tPHwl1JAwi4+rpFOtyK5kNMifcJP9tNfo0er8m+H8oiEKjndxGGemSl Tj2mSjQCL75Z+DPAjtswb33xQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJCYOBTs yEET1G/Hw5ZtwAMviUU/MB8GA1UdIwQYMBaAFNs3zSgsbH28OpCxA7eiOdzRWP9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzRTY1Mi82MDBBQjQ2NEIy QjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2ZidzZrTEVEdDZJNTNORllf MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ6Zk5LQ3hzZmJ3NmtMRUR0Nkk1M05GWV8yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz RTY1Mi82MDBBQjQ2NEIyQjUxMUVBOEFEQzQ0MTVDNEY5QUUwMi8yemZOS0N4c2Zi dzZrTEVEdDZJNTNORllfMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBSrP028Lgo7V2jLuXwFpFB9sUArw0w4YzQeCtRLcj1h2+8M8OjhIr6 XQwRi0x2dGyEr0JroJ7ygkrDqVSmzpWXGBAYbdgYabjKPQE8gDRwjxG/EFxH/h8D C8iO0D5rMKgKcQa3AFM0VMVS4x/fZ/WBE2VfpKRO19bUQ/EQ5gvns+OAWXV0TxUv 4Vl838gNiSY2/1hovp6yfIH4galTHwiucn/yeEN9BXKCByW6EAqr8Gcsev5Dl8Ld LdaZ+blGM9NNpcnn6cfUDqu84SDELjuHVtfThR0h5lMto0QXwJZW5aTOJmSsdwKH u0BsLRYucDSaegfbT4EK4MW5I42X7IM1 -----END CERTIFICATE-----Generated at Wed Nov 5 13:37:09 2025 by rpki-client