$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft File: 1lqglKUeKDl1O1khC2zyxUkVwB4.mft (raw, json) Hash identifier: j8Fqgb8JSTDpjSftZMHsXi4MyLNpKDCV7L88c8FT45k= Subject key identifier: 82:1A:B4:17:26:D4:B2:9B:62:08:70:86:6C:42:D4:22:44:62:4E:F4 Authority key identifier: D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E Certificate issuer: /CN=A915C1AA/serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Certificate serial: 0A29 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft Manifest number: 0A22 Signing time: Tue 04 Nov 2025 19:51:27 +0000 Manifest this update: Tue 04 Nov 2025 19:51:26 +0000 Manifest next update: Tue 11 Nov 2025 19:51:26 +0000 Files and hashes: 1: 1lqglKUeKDl1O1khC2zyxUkVwB4.crl (hash: QxFlQlmz2UOrnNIZhLeY+1mnkzgWCIfAPh1AdBf8RSM=) 2: 220853047F2211EA8E730F35C4F9AE02.roa (hash: GncSpKfRZkeGl3QwfrF2wdsfNONCmDmNLMd0bZEde3M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:51:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2601 (0xa29) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915C1AA, serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Validity Not Before: Nov 4 19:51:26 2025 GMT Not After : Nov 11 19:51:26 2025 GMT Subject: CN=690a593e-3bdc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:18:c0:13:fd:51:ef:09:f7:f4:32:bc:c6:b2: f3:37:7c:55:ce:6d:63:f9:d0:98:de:e6:0c:1f:0c: 6a:37:4d:ce:de:57:93:c9:75:74:cf:20:1b:56:d7: 68:90:62:76:11:50:00:46:2f:56:e2:0d:13:ac:f6: 7c:95:4d:25:77:98:9a:b4:19:db:57:7c:84:99:a9: df:6e:b4:93:76:9f:dc:2f:d9:db:7e:15:29:c5:6f: c1:56:43:ba:96:41:90:c2:74:5c:b2:a0:c5:bf:f1: 5e:67:87:bb:5c:0a:73:95:66:01:fd:bc:bb:19:5c: e4:cf:5b:34:9b:5a:37:3d:c4:c2:29:00:db:49:1e: 3d:00:dd:0d:12:45:4d:a7:2c:99:ad:b7:08:d8:87: e3:fb:1d:b6:18:2b:1e:54:0c:20:59:33:25:a7:53: eb:91:16:1e:3e:d8:27:b4:e7:e5:fe:18:18:95:08: 47:c7:13:fa:8b:46:14:e1:ef:cb:a2:be:5f:19:67: 74:a9:fb:e8:8e:95:5f:b5:1a:0d:9e:f0:14:70:3c: 78:99:67:e0:f6:ae:2d:28:68:87:55:6e:aa:e5:18: 06:f7:d5:c5:22:4a:59:40:8e:37:e7:c7:b8:1a:ec: 0c:40:27:00:3e:ec:ea:a7:eb:77:0f:32:c8:f3:63: 75:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 82:1A:B4:17:26:D4:B2:9B:62:08:70:86:6C:42:D4:22:44:62:4E:F4 X509v3 Authority Key Identifier: keyid:D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 50:ca:02:38:ca:c8:00:83:a0:b4:aa:11:0c:1d:a6:c0:a1:4b: 74:94:26:d3:d3:1d:48:08:18:4d:e2:e3:80:93:a0:36:ea:a0: 8d:f7:86:ce:9e:c7:5d:4f:a2:ab:54:cd:97:c8:63:fd:dd:fe: 66:41:8d:22:07:92:2b:c9:0b:10:ff:d1:49:d7:8a:7e:b5:42: f1:69:15:7b:e0:48:da:30:04:55:b9:b6:44:1e:91:88:05:aa: c6:4f:b9:0e:7c:79:fc:f7:d0:fe:9c:d8:b7:4c:ee:bc:e0:c8: 1d:50:64:93:5d:90:43:a2:bb:1f:62:03:2c:c3:2d:dd:5d:1b: 11:46:c7:9d:6e:4a:47:33:85:eb:46:15:44:14:1b:3b:ae:45: 02:9f:0f:af:01:50:52:99:6d:ba:c9:91:d2:fa:2e:d5:19:10: 0e:d9:0f:67:f0:d1:74:26:56:5e:ca:9a:78:0b:9b:b0:4e:ce: 0d:51:1e:66:c7:61:3e:bb:bb:18:bb:85:f6:ac:9e:c8:eb:61: 86:06:35:58:91:e2:e7:3d:69:7a:78:30:e6:3e:63:20:bf:86: d6:9f:25:42:c4:96:4f:87:3f:3e:14:05:85:d1:b7:cd:0e:2b: 47:b1:cf:c1:a4:b8:13:c4:3a:b2:52:7c:35:47:87:6e:66:02: 8f:dd:59:0e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCikwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUMxQUExMTAvBgNVBAUTKEQ2NUFBMDk0QTUxRTI4Mzk3NTNCNTkyMTBCNkNGMkM1 NDkxNUMwMUUwHhcNMjUxMTA0MTk1MTI2WhcNMjUxMTExMTk1MTI2WjAYMRYwFAYD VQQDEw02OTBhNTkzZS0zYmRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvRjAE/1R7wn39DK8xrLzN3xVzm1j+dCY3uYMHwxqN03O3leTyXV0zyAbVtdo kGJ2EVAARi9W4g0TrPZ8lU0ld5iatBnbV3yEmanfbrSTdp/cL9nbfhUpxW/BVkO6 lkGQwnRcsqDFv/FeZ4e7XApzlWYB/by7GVzkz1s0m1o3PcTCKQDbSR49AN0NEkVN pyyZrbcI2Ifj+x22GCseVAwgWTMlp1PrkRYePtgntOfl/hgYlQhHxxP6i0YU4e/L or5fGWd0qfvojpVftRoNnvAUcDx4mWfg9q4tKGiHVW6q5RgG99XFIkpZQI4358e4 GuwMQCcAPuzqp+t3DzLI82N1swIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIIatBcm 1LKbYghwhmxC1CJEYk70MB8GA1UdIwQYMBaAFNZaoJSlHig5dTtZIQts8sVJFcAe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFBQS82QzlEMjYzMDdG MjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtEbDFPMWtoQzJ6eXhVa1Z3 QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFscWdsS1VlS0RsMU8xa2hDMnp5eFVrVndCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QzFBQS82QzlEMjYzMDdGMjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtE bDFPMWtoQzJ6eXhVa1Z3QjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBQygI4ysgAg6C0qhEMHabAoUt0lCbT0x1ICBhN4uOAk6A26qCN94bO nsddT6KrVM2XyGP93f5mQY0iB5IryQsQ/9FJ14p+tULxaRV74EjaMARVubZEHpGI BarGT7kOfHn899D+nNi3TO684MgdUGSTXZBDorsfYgMswy3dXRsRRsedbkpHM4Xr RhVEFBs7rkUCnw+vAVBSmW26yZHS+i7VGRAO2Q9n8NF0JlZeypp4C5uwTs4NUR5m x2E+u7sYu4X2rJ7I62GGBjVYkeLnPWl6eDDmPmMgv4bWnyVCxJZPhz8+FAWF0bfN DitHsc/BpLgTxDqyUnw1R4duZgKP3VkO -----END CERTIFICATE-----Generated at Wed Nov 5 05:18:40 2025 by rpki-client