$ rpki-client -vvf rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.mft File: cLDwRtLzp0OW6Cx56OPazyYLOe4.mft (raw, json) Hash identifier: Pppnhbrz1FvBomTmIBFECf2PKtUPW6SRp5NVsOWkDKE= Subject key identifier: 02:DD:06:67:83:DB:96:7E:AA:46:2B:97:09:A9:70:78:EA:AA:5E:D1 Authority key identifier: 70:B0:F0:46:D2:F3:A7:43:96:E8:2C:79:E8:E3:DA:CF:26:0B:39:EE Certificate issuer: /CN=A916B6AA/serialNumber=70B0F046D2F3A74396E82C79E8E3DACF260B39EE Certificate serial: 24F0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cLDwRtLzp0OW6Cx56OPazyYLOe4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.mft Manifest number: 24AD Signing time: Tue 04 Nov 2025 15:51:32 +0000 Manifest this update: Tue 04 Nov 2025 15:51:31 +0000 Manifest next update: Tue 11 Nov 2025 15:51:31 +0000 Files and hashes: 1: cLDwRtLzp0OW6Cx56OPazyYLOe4.crl (hash: 87lNqARjhb91GpPV7DB1xXOOfWlVdBOIZg5mt2G/mxw=) 2: 83684F548DF411E7A230506DC4F9AE02.roa (hash: 7rwSXJvv/HshNFddgboHnncSidkclYa/NvGMbxx8LFA=) 3: 1A8324E28DF311E7B616ED66C4F9AE02.roa (hash: nq0Uzk8SuEDu3ZbDp3B41hYz4SbibvM9axOdjGoUmDE=) 4: E080F3508DFC11E7A7F08785C4F9AE02.roa (hash: 4MVhPeL89L4iqif2jjx8A1Zl5rTPkTTCl8RIrLHaD+o=) 5: 19C92BC88DF311E7B616ED66C4F9AE02.roa (hash: aaC6AltbMVKLhQjXZ7dpspAxhJD3m7klJ08VK8NpfEI=) 6: B2ED9AEE913311E79B98C45BC4F9AE02.roa (hash: RYNGA3H5ydUqwQnOMshPikkHHM7bQr9sFSWMotIy4S0=) 7: 5C9B073691CD11E7AD932563C4F9AE02.roa (hash: +cU9ydF4cWSQqI/mYS8fYBUIoo4803uhA7oc0s3jgaU=) 8: 027532E6385F11EAA879692AC4F9AE02.roa (hash: CM6RIxM9JHHGhZC10urcCuophC6TNcTlTYu0C+8d5wc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.crl rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cLDwRtLzp0OW6Cx56OPazyYLOe4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:51:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9456 (0x24f0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916B6AA, serialNumber=70B0F046D2F3A74396E82C79E8E3DACF260B39EE Validity Not Before: Nov 4 15:51:31 2025 GMT Not After : Nov 11 15:51:31 2025 GMT Subject: CN=690a2104-d094 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:52:a9:6c:13:1b:85:00:15:26:fb:2e:24:66: ba:47:67:ef:f5:26:76:37:f5:fe:68:28:bb:22:5d: 54:18:ea:17:55:10:9d:af:66:cc:57:de:cb:38:4b: 93:e3:b3:5f:59:a4:79:40:e7:43:44:0b:7f:ab:55: 3f:75:c3:3b:cc:76:54:a3:5c:20:8d:74:38:0c:f3: 78:62:59:ca:e2:36:de:cf:f9:dd:7c:ae:6c:8a:63: 3b:0d:de:f5:5c:f7:a3:5e:af:c3:67:11:f1:f3:22: 5a:00:05:b3:45:3d:8f:ca:38:43:e0:47:bb:53:e8: ff:b3:e0:db:ac:fc:85:4c:2a:e0:23:35:f3:ea:b2: fd:69:15:f0:e8:7f:38:82:5c:d1:42:48:e7:1c:46: 2a:30:9c:7a:3c:fd:23:13:0b:b7:73:82:ad:bf:53: 03:9d:f2:a9:53:36:7a:97:e1:ed:55:20:56:b2:7e: 02:5b:7d:92:17:56:d2:4a:c0:33:76:d1:4a:b1:09: ca:4f:43:95:cd:a6:78:18:b3:f3:00:06:82:95:f1: 1e:60:00:00:4d:cc:cb:45:62:1e:47:2d:a8:7b:0c: 83:d7:61:eb:f7:5f:b6:a6:fc:4f:58:b4:b1:d3:0e: a7:30:de:37:ed:c6:34:43:35:c5:73:1c:01:8b:ad: 02:d5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:DD:06:67:83:DB:96:7E:AA:46:2B:97:09:A9:70:78:EA:AA:5E:D1 X509v3 Authority Key Identifier: keyid:70:B0:F0:46:D2:F3:A7:43:96:E8:2C:79:E8:E3:DA:CF:26:0B:39:EE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/cLDwRtLzp0OW6Cx56OPazyYLOe4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916B6AA/46C7F1724F1611E58D2A3327C4F9AE02/cLDwRtLzp0OW6Cx56OPazyYLOe4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 32:d6:9f:4e:5c:38:33:8d:5b:52:e7:d7:ea:2b:a3:58:dd:37: 07:0c:ae:52:80:fb:44:31:5b:ff:98:a6:77:92:db:eb:09:c3: a2:31:67:eb:b1:bf:84:a6:1a:7b:91:57:55:e3:11:0a:dd:95: 77:4a:c8:49:bd:42:ae:47:62:a1:ff:e6:8a:28:12:9e:bc:02: 33:f4:f6:85:b7:4f:38:4b:3a:a0:1d:a5:0c:ed:bb:03:77:3a: 72:0b:28:10:bb:ae:f5:61:16:6a:b5:6d:42:e8:b6:30:24:93: ba:42:17:8a:e4:d1:2b:95:e1:9b:ea:d3:3b:b3:58:db:96:3c: d9:7a:7a:c8:36:fc:d7:25:3b:46:04:96:0d:a4:75:b1:a3:ec: 5d:c0:27:5d:c0:e6:35:31:ff:7d:6e:36:bc:12:ae:33:7d:ae: af:7d:b8:ac:17:39:f2:5c:ed:1a:e0:90:10:e4:73:ae:2b:64: 97:90:98:f6:eb:0b:95:8d:d9:e3:90:0a:36:5d:3c:7e:34:fe: 6e:ba:9d:eb:1e:55:66:44:8a:91:cf:38:fc:a0:fc:a6:cf:a4: d8:4c:ce:ab:20:92:64:88:bd:9a:65:ee:25:c0:ac:c8:64:02: 42:73:63:ed:1d:a3:0a:6b:a4:6d:36:53:b2:8a:aa:3b:47:41: 9a:04:07:62 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJPAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkI2QUExMTAvBgNVBAUTKDcwQjBGMDQ2RDJGM0E3NDM5NkU4MkM3OUU4RTNEQUNG MjYwQjM5RUUwHhcNMjUxMTA0MTU1MTMxWhcNMjUxMTExMTU1MTMxWjAYMRYwFAYD VQQDEw02OTBhMjEwNC1kMDk0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtFKpbBMbhQAVJvsuJGa6R2fv9SZ2N/X+aCi7Il1UGOoXVRCdr2bMV97LOEuT 47NfWaR5QOdDRAt/q1U/dcM7zHZUo1wgjXQ4DPN4YlnK4jbez/ndfK5simM7Dd71 XPejXq/DZxHx8yJaAAWzRT2PyjhD4Ee7U+j/s+DbrPyFTCrgIzXz6rL9aRXw6H84 glzRQkjnHEYqMJx6PP0jEwu3c4Ktv1MDnfKpUzZ6l+HtVSBWsn4CW32SF1bSSsAz dtFKsQnKT0OVzaZ4GLPzAAaClfEeYAAATczLRWIeRy2oewyD12Hr91+2pvxPWLSx 0w6nMN437cY0QzXFcxwBi60C1QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFALdBmeD 25Z+qkYrlwmpcHjqql7RMB8GA1UdIwQYMBaAFHCw8EbS86dDlugseejj2s8mCznu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QjZBQS80NkM3RjE3MjRG MTYxMUU1OEQyQTMzMjdDNEY5QUUwMi9jTER3UnRMenAwT1c2Q3g1Nk9QYXp5WUxP ZTQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2NMRHdSdEx6cDBPVzZDeDU2T1BhenlZTE9lNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QjZBQS80NkM3RjE3MjRGMTYxMUU1OEQyQTMzMjdDNEY5QUUwMi9jTER3UnRMenAw T1c2Q3g1Nk9QYXp5WUxPZTQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAy1p9OXDgzjVtS59fqK6NY3TcHDK5SgPtEMVv/mKZ3ktvrCcOiMWfr sb+Ephp7kVdV4xEK3ZV3SshJvUKuR2Kh/+aKKBKevAIz9PaFt084SzqgHaUM7bsD dzpyCygQu671YRZqtW1C6LYwJJO6QheK5NErleGb6tM7s1jbljzZenrINvzXJTtG BJYNpHWxo+xdwCddwOY1Mf99bja8Eq4zfa6vfbisFznyXO0a4JAQ5HOuK2SXkJj2 6wuVjdnjkAo2XTx+NP5uup3rHlVmRIqRzzj8oPymz6TYTM6rIJJkiL2aZe4lwKzI ZAJCc2PtHaMKa6RtNlOyiqo7R0GaBAdi -----END CERTIFICATE-----Generated at Wed Nov 5 13:07:51 2025 by rpki-client