$ rpki-client -vvf rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft File: 2-bH-ZCQRq41ohWw4hVErlIjfoo.mft (raw, json) Hash identifier: c4yjV0VJWZeeTctflGaVRqyRE4M4/fhBAAaxGJ0Bzoo= Subject key identifier: 01:07:3C:23:EC:70:A5:D8:E0:B5:AE:DE:04:65:B9:A4:4F:7D:F4:55 Authority key identifier: DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A Certificate issuer: /CN=A914F697/serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Certificate serial: 06CC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft Manifest number: 07FA Signing time: Tue 04 Nov 2025 20:50:31 +0000 Manifest this update: Tue 04 Nov 2025 20:50:31 +0000 Manifest next update: Tue 11 Nov 2025 20:50:31 +0000 Files and hashes: 1: 2-bH-ZCQRq41ohWw4hVErlIjfoo.crl (hash: l15yleN7m8/fPipv3cUFOmQxthJeR/i6iv9m7KNNkC0=) 2: 1AA7504A92DD11EB9B9E993FC4F9AE02.roa (hash: C75Vrv4Uz+C6zFOBFG0FQ16ertvfsDBJQmC7BROeKb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 20:50:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1740 (0x6cc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F697, serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Validity Not Before: Nov 4 20:50:31 2025 GMT Not After : Nov 11 20:50:31 2025 GMT Subject: CN=690a6717-14b9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7c:3f:ec:5d:00:b9:c9:8a:31:c4:31:39:74: cc:69:f6:c4:78:d0:9a:19:a9:3e:0d:59:33:d7:61: e6:8a:a4:39:2c:21:f6:75:14:4a:b6:0f:87:01:f0: 02:a6:76:98:e5:79:41:8d:ba:78:e9:a6:57:96:be: f3:67:28:f3:c4:6a:b2:12:14:79:52:19:fe:8b:6b: 5a:6e:20:2d:a0:66:72:33:55:b7:37:bd:58:d4:59: cb:2b:fa:bb:b1:db:08:75:a0:62:92:4a:96:f4:4f: 86:c4:fb:6e:46:74:4e:ed:ae:5d:cf:69:d5:4d:53: ad:58:ad:0e:7f:6e:cf:15:e4:19:2f:77:0f:a2:9c: ab:0a:8c:3d:30:92:48:9d:55:7c:6a:1e:5d:23:fb: 03:06:d5:97:07:8a:52:72:cd:e3:09:e3:67:92:b2: b0:70:4c:00:24:c7:6f:f4:07:dc:a7:6e:80:75:33: 0b:5f:d9:55:1a:38:64:88:2a:7c:09:18:53:8c:e3: 64:b3:41:05:af:ac:34:48:53:17:c1:8f:ed:8f:a4: 6c:e0:33:81:28:04:3d:2b:91:52:bd:d0:66:4c:57: 1d:bf:32:c8:59:2e:e6:93:44:ef:f3:47:9a:21:89: 1e:9c:50:c7:b6:41:11:a9:ab:b8:46:1e:85:67:8a: cc:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:07:3C:23:EC:70:A5:D8:E0:B5:AE:DE:04:65:B9:A4:4F:7D:F4:55 X509v3 Authority Key Identifier: keyid:DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:75:59:81:3e:2e:c2:73:eb:52:a5:01:20:af:0a:52:e0:a2: d1:a7:e3:46:cc:76:7e:0e:5a:05:b9:5b:12:00:c0:66:58:3d: dc:63:d7:3c:67:69:32:70:1d:a5:3d:3c:1e:f2:8e:eb:3b:d1: 6f:60:1d:88:f7:8e:ad:cd:8a:fc:d5:61:bd:c7:84:80:1e:3e: 8a:ac:3a:c7:4d:58:35:bb:73:cb:28:fa:91:42:69:b3:6f:a6: 0d:d2:70:f1:9d:fa:53:10:b7:04:24:25:fb:f3:3a:02:ce:57: 91:be:24:7b:23:14:8a:70:ca:10:70:54:c2:40:9e:bd:39:fd: 59:42:a1:33:a9:94:29:f2:34:43:26:e6:07:a9:c8:5e:fd:06: 77:f2:48:29:40:56:9e:ac:07:19:2e:6f:c2:da:7f:d1:75:d1: 48:3c:6c:28:a7:87:14:8c:21:04:54:e6:34:53:70:29:c1:30: 74:e8:b9:3d:b2:bf:09:04:c7:a5:28:32:7a:88:38:89:ad:35: 4a:02:1f:ac:8c:ec:63:fb:e8:2b:50:45:01:a0:eb:b1:a5:e8: 93:ad:41:8e:b8:fd:1f:c0:72:97:01:78:5f:ae:dd:98:e6:40: 0b:8e:00:e2:8c:ee:26:7a:03:1f:50:9d:ad:d1:f7:03:95:b0: cb:11:3c:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBswwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY2OTcxMTAvBgNVBAUTKERCRTZDN0Y5OTA5MDQ2QUUzNUEyMTVCMEUyMTU0NEFF NTIyMzdFOEEwHhcNMjUxMTA0MjA1MDMxWhcNMjUxMTExMjA1MDMxWjAYMRYwFAYD VQQDEw02OTBhNjcxNy0xNGI5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtHw/7F0AucmKMcQxOXTMafbEeNCaGak+DVkz12HmiqQ5LCH2dRRKtg+HAfAC pnaY5XlBjbp46aZXlr7zZyjzxGqyEhR5Uhn+i2tabiAtoGZyM1W3N71Y1FnLK/q7 sdsIdaBikkqW9E+GxPtuRnRO7a5dz2nVTVOtWK0Of27PFeQZL3cPopyrCow9MJJI nVV8ah5dI/sDBtWXB4pScs3jCeNnkrKwcEwAJMdv9Afcp26AdTMLX9lVGjhkiCp8 CRhTjONks0EFr6w0SFMXwY/tj6Rs4DOBKAQ9K5FSvdBmTFcdvzLIWS7mk0Tv80ea IYkenFDHtkERqau4Rh6FZ4rMEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAEHPCPs cKXY4LWu3gRluaRPffRVMB8GA1UdIwQYMBaAFNvmx/mQkEauNaIVsOIVRK5SI36K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjY5Ny83NTIxREZDMEU4 NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJxNDFvaFd3NGhWRXJsSWpm b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzItYkgtWkNRUnE0MW9oV3c0aFZFcmxJamZvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjY5Ny83NTIxREZDMEU4NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJx NDFvaFd3NGhWRXJsSWpmb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfdVmBPi7Cc+tSpQEgrwpS4KLRp+NGzHZ+DloFuVsSAMBmWD3cY9c8 Z2kycB2lPTwe8o7rO9FvYB2I946tzYr81WG9x4SAHj6KrDrHTVg1u3PLKPqRQmmz b6YN0nDxnfpTELcEJCX78zoCzleRviR7IxSKcMoQcFTCQJ69Of1ZQqEzqZQp8jRD JuYHqche/QZ38kgpQFaerAcZLm/C2n/RddFIPGwop4cUjCEEVOY0U3ApwTB06Lk9 sr8JBMelKDJ6iDiJrTVKAh+sjOxj++grUEUBoOuxpeiTrUGOuP0fwHKXAXhfrt2Y 5kALjgDijO4megMfUJ2t0fcDlbDLETwo -----END CERTIFICATE-----Generated at Wed Nov 5 11:57:40 2025 by rpki-client