$ rpki-client -vvf rpki.apnic.net/member_repository/A917C0F5/1EC4E09ADB7111E9B6105353C4F9AE02/g2LSOGrBMH7vi7_YdPc45tqjVXI.mft File: g2LSOGrBMH7vi7_YdPc45tqjVXI.mft (raw, json) Hash identifier: CGGFT3TH23AvhnnQbZhHcMbcjt6Z6V5+4ofUgBv24H0= Subject key identifier: CD:2D:5B:63:84:71:BC:72:BD:6C:7D:F3:11:71:F8:BE:B0:73:23:C8 Authority key identifier: 83:62:D2:38:6A:C1:30:7E:EF:8B:BF:D8:74:F7:38:E6:DA:A3:55:72 Certificate issuer: /CN=A917C0F5/serialNumber=8362D2386AC1307EEF8BBFD874F738E6DAA35572 Certificate serial: 0D6E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g2LSOGrBMH7vi7_YdPc45tqjVXI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C0F5/1EC4E09ADB7111E9B6105353C4F9AE02/g2LSOGrBMH7vi7_YdPc45tqjVXI.mft Manifest number: 0D67 Signing time: Tue 04 Nov 2025 18:03:08 +0000 Manifest this update: Tue 04 Nov 2025 18:03:08 +0000 Manifest next update: Tue 11 Nov 2025 18:03:08 +0000 Files and hashes: 1: g2LSOGrBMH7vi7_YdPc45tqjVXI.crl (hash: oU4QZRp+Hz7rCC6qhu39Jp3KOxJS2T1HiKNhDWrn+3g=) 2: D11C8B12DB7111E981104A54C4F9AE02.roa (hash: b+YvMULskW1aqcLGiau9z7PDlxuascZM6xtTvuLKH/M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C0F5/1EC4E09ADB7111E9B6105353C4F9AE02/g2LSOGrBMH7vi7_YdPc45tqjVXI.crl rsync://rpki.apnic.net/member_repository/A917C0F5/1EC4E09ADB7111E9B6105353C4F9AE02/g2LSOGrBMH7vi7_YdPc45tqjVXI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g2LSOGrBMH7vi7_YdPc45tqjVXI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:03:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3438 (0xd6e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C0F5, serialNumber=8362D2386AC1307EEF8BBFD874F738E6DAA35572 Validity Not Before: Nov 4 18:03:08 2025 GMT Not After : Nov 11 18:03:08 2025 GMT Subject: CN=690a3fdc-769d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:23:9e:5a:26:a8:8c:ec:c8:1b:4d:d4:23:a0: b3:42:d4:5d:3a:f8:42:09:95:64:e4:8f:56:08:29: 79:82:b4:1b:8b:55:d6:0a:fe:6e:61:14:11:a0:0d: 0e:13:78:8e:56:dc:14:45:17:bd:23:07:27:05:8c: 7a:79:19:f4:4e:39:7d:b1:a5:16:27:33:91:43:71: f6:3c:a8:ec:ef:55:b8:a2:96:73:a6:1a:07:03:93: 52:10:cb:c4:d9:69:21:c4:ad:bd:fa:2d:73:3d:af: 8c:3c:d5:5a:a5:de:e9:48:23:d7:ba:a6:39:b3:8f: c1:d5:fa:ee:5a:37:25:ae:a9:b9:a6:14:b0:75:9d: 03:f3:e5:01:db:35:23:23:f7:91:80:d9:6c:3f:40: a5:bb:9e:91:7a:f0:82:35:f2:f8:20:4f:15:8e:bd: 60:47:e2:f5:80:40:1b:f1:57:0e:3c:d9:bb:71:db: fb:54:d7:92:6e:c3:38:f4:23:f7:12:86:2b:e4:b8: 3c:2c:8b:35:0b:7e:62:d1:1f:76:06:e3:ff:5e:4c: d0:c5:59:8a:dd:96:f0:91:f4:1d:02:95:e5:7c:42: d6:af:6b:20:ed:66:da:d0:0e:36:53:dd:73:2c:32: 5b:60:11:bd:52:c8:ee:7e:01:1e:94:35:9a:4c:d4: b0:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:2D:5B:63:84:71:BC:72:BD:6C:7D:F3:11:71:F8:BE:B0:73:23:C8 X509v3 Authority Key Identifier: keyid:83:62:D2:38:6A:C1:30:7E:EF:8B:BF:D8:74:F7:38:E6:DA:A3:55:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C0F5/1EC4E09ADB7111E9B6105353C4F9AE02/g2LSOGrBMH7vi7_YdPc45tqjVXI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/g2LSOGrBMH7vi7_YdPc45tqjVXI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C0F5/1EC4E09ADB7111E9B6105353C4F9AE02/g2LSOGrBMH7vi7_YdPc45tqjVXI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 11:0f:b2:31:5d:ee:77:72:d3:ec:c9:10:b0:dc:a1:c7:10:3c: 61:86:b9:1d:56:ec:c7:dd:93:11:0c:3c:cf:10:50:7f:b5:ce: 0e:95:b9:3c:ac:68:ee:37:9b:71:b4:d4:87:ff:c8:b9:35:02: ff:1a:79:09:46:29:61:e3:86:cb:fd:17:e2:ea:fc:98:f9:06: 79:67:4a:f2:45:8d:c4:73:2d:f9:d5:9e:13:b0:94:f1:77:45: dc:d5:50:c3:93:50:86:26:71:f1:ec:d4:e3:8f:55:bb:11:41: 53:6f:a9:76:5a:e4:8e:fe:57:40:78:9d:bf:c4:7a:f2:12:30: 15:be:c2:5e:ff:82:e7:bd:5d:73:15:f5:72:c7:0c:81:f5:ef: 04:0c:85:0c:fc:75:4b:34:84:a4:13:04:6f:94:ac:6e:cc:4e: ac:e3:cc:4a:b8:81:f4:c6:3c:a8:52:ca:89:55:1e:0a:ef:0b: ad:ba:4c:22:91:01:c7:c2:e6:32:1d:63:2b:68:9d:48:30:bf: f8:d9:22:ee:a3:06:a7:c3:4f:5d:33:9e:22:e6:67:4e:97:6f: 04:f2:df:b5:79:56:5e:e9:1e:8a:03:fd:3c:06:75:fd:27:1d: 7c:96:8f:85:ed:f2:f1:df:8a:b4:fe:03:f6:e8:53:40:ee:25: 57:25:4e:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDW4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0MwRjUxMTAvBgNVBAUTKDgzNjJEMjM4NkFDMTMwN0VFRjhCQkZEODc0RjczOEU2 REFBMzU1NzIwHhcNMjUxMTA0MTgwMzA4WhcNMjUxMTExMTgwMzA4WjAYMRYwFAYD VQQDEw02OTBhM2ZkYy03NjlkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuyOeWiaojOzIG03UI6CzQtRdOvhCCZVk5I9WCCl5grQbi1XWCv5uYRQRoA0O E3iOVtwURRe9IwcnBYx6eRn0Tjl9saUWJzORQ3H2PKjs71W4opZzphoHA5NSEMvE 2WkhxK29+i1zPa+MPNVapd7pSCPXuqY5s4/B1fruWjclrqm5phSwdZ0D8+UB2zUj I/eRgNlsP0Clu56RevCCNfL4IE8Vjr1gR+L1gEAb8VcOPNm7cdv7VNeSbsM49CP3 EoYr5Lg8LIs1C35i0R92BuP/XkzQxVmK3ZbwkfQdApXlfELWr2sg7Wba0A42U91z LDJbYBG9UsjufgEelDWaTNSwmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0tW2OE cbxyvWx98xFx+L6wcyPIMB8GA1UdIwQYMBaAFINi0jhqwTB+74u/2HT3OObao1Vy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzBGNS8xRUM0RTA5QURC NzExMUU5QjYxMDUzNTNDNEY5QUUwMi9nMkxTT0dyQk1IN3ZpN19ZZFBjNDV0cWpW WEkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2cyTFNPR3JCTUg3dmk3X1lkUGM0NXRxalZYSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzBGNS8xRUM0RTA5QURCNzExMUU5QjYxMDUzNTNDNEY5QUUwMi9nMkxTT0dyQk1I N3ZpN19ZZFBjNDV0cWpWWEkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQARD7IxXe53ctPsyRCw3KHHEDxhhrkdVuzH3ZMRDDzPEFB/tc4Olbk8 rGjuN5txtNSH/8i5NQL/GnkJRilh44bL/Rfi6vyY+QZ5Z0ryRY3Ecy351Z4TsJTx d0Xc1VDDk1CGJnHx7NTjj1W7EUFTb6l2WuSO/ldAeJ2/xHryEjAVvsJe/4LnvV1z FfVyxwyB9e8EDIUM/HVLNISkEwRvlKxuzE6s48xKuIH0xjyoUsqJVR4K7wutukwi kQHHwuYyHWMraJ1IML/42SLuowanw09dM54i5mdOl28E8t+1eVZe6R6KA/08BnX9 Jx18lo+F7fLx34q0/gP26FNA7iVXJU5g -----END CERTIFICATE-----Generated at Wed Nov 5 10:01:29 2025 by rpki-client