$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft File: GxesPclsojRSUCPv02J-ks2IR0g.mft (raw, json) Hash identifier: KjO7h5I+dudsBvUkg2PSVJuyccMzu3+gem0J9CcIW64= Subject key identifier: 32:EA:74:16:B5:9C:DF:0F:81:FA:39:E6:CF:49:97:29:EC:92:F4:AE Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Certificate serial: 1D88 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft Manifest number: 1D49 Signing time: Tue 04 Nov 2025 16:14:45 +0000 Manifest this update: Tue 04 Nov 2025 16:14:44 +0000 Manifest next update: Tue 11 Nov 2025 16:14:44 +0000 Files and hashes: 1: GxesPclsojRSUCPv02J-ks2IR0g.crl (hash: 4FUHdUgMjfrm/kdsHrccup5kpUz/a30iF0R5FrAC2TA=) 2: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (hash: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=) 3: C154DA14E85C11EBA2171A25C4F9AE02.roa (hash: ZoYRtsKN6J+JTMHnmtPtNWovLxxrXzjOLNI6FTTDrJk=) 4: 907B9B20E8AD11EBAA895D0AC4F9AE02.roa (hash: Yy12wxP/cM0LLNtHiB2aLkhSaVEMx94WCa7jMCYf9WM=) 5: 89654CDAB83B11EFAA80DD09C4F9AE02.roa (hash: wZqrfI6axJ6OhiwV+iuxvLbJgC05OEzm0nCXJ1L7s34=) 6: 4D609E86FF3B11EB910E8847C4F9AE02.roa (hash: IlNlaUUrIO5psWG9zVe/2cJLa9A72orRKr8ki0wRJ+c=) 7: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (hash: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=) 8: 4E2669F4FF3B11EB910E8847C4F9AE02.roa (hash: RxEjxFNvI0DOGeP3888S1tn030BuNHUdNfLt3di15l4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:14:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7560 (0x1d88) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DBF2, serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Validity Not Before: Nov 4 16:14:44 2025 GMT Not After : Nov 11 16:14:44 2025 GMT Subject: CN=690a2674-5531 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:ff:b7:dc:a2:2b:f0:80:32:1e:ce:15:65:b7: 71:e0:c5:d3:22:a5:27:14:40:01:d3:fe:e5:ed:cd: 66:d5:bf:fa:ef:60:81:dd:c6:cc:6f:be:05:a0:7a: d7:b3:27:31:08:d8:ed:72:5a:11:4d:8c:58:33:fe: 1a:38:99:99:0f:6b:8f:23:0e:0b:a8:67:de:67:b2: de:6c:34:2b:0a:b4:87:7c:4b:b0:a4:7d:41:ad:a1: 64:0b:64:79:69:89:40:13:d2:f5:9f:b8:0e:17:60: 1d:dd:ef:4f:bd:5b:3f:f6:37:89:46:3c:cd:86:bc: be:03:ff:8b:e5:89:26:6f:52:47:f7:75:d2:3b:9d: 77:c9:d4:57:cd:c2:d9:c1:28:c7:fd:ed:a9:e4:3d: 7a:41:78:57:12:7d:ab:6e:33:0a:7c:7e:03:a3:bd: d3:04:b6:53:8a:bb:bb:79:69:2d:81:a9:3f:2b:b6: 53:af:99:55:46:1d:2f:e4:c3:48:2b:45:04:68:11: 8f:00:5a:14:8f:f0:22:f5:6f:f8:74:cf:68:d0:92: a8:16:67:23:a2:2d:c7:55:80:37:a1:fd:db:e4:60: 69:39:ea:73:f0:37:8f:27:be:3f:d3:16:bd:1c:b2: 91:1c:1c:e0:79:a5:49:d7:4a:6c:b4:7a:51:b2:98: 56:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 32:EA:74:16:B5:9C:DF:0F:81:FA:39:E6:CF:49:97:29:EC:92:F4:AE X509v3 Authority Key Identifier: keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:13:2e:e7:0b:c8:24:47:b9:d1:46:a5:4c:ba:41:1a:69:42: 30:8d:d9:40:03:e9:c4:a0:7d:cc:9c:f1:f7:18:8d:c2:5e:9d: 52:0b:15:9c:c9:2e:b0:65:58:c4:e0:d7:e3:cb:79:a6:fb:d0: 8a:b8:c9:ec:0c:4e:fa:a9:93:84:d2:99:df:f8:bc:a2:8a:37: 4d:dc:9d:4a:26:74:4b:ba:64:47:ad:a7:21:d4:e9:45:7b:73: c6:12:5d:14:09:94:5d:71:da:45:13:ad:a8:ee:9f:74:c0:3e: 06:26:b8:cf:31:ae:2c:b8:96:b1:eb:36:9c:1c:00:7d:47:cb: 5b:9c:ed:f5:09:40:05:bb:47:cb:0a:bb:68:92:22:4e:eb:3b: 8e:63:48:70:2f:43:e4:a4:fe:3b:6d:f9:3f:1d:8c:51:eb:ba: 12:65:8b:93:de:b8:a7:2b:f4:68:2f:57:31:e6:70:93:78:ab: 36:50:17:ed:c7:cc:cb:2a:b7:6c:88:66:0b:af:79:80:cf:45: 00:01:06:29:e3:00:68:48:85:1b:15:8a:c6:b3:03:00:c5:3d: db:72:0e:ee:f9:a8:eb:73:86:4b:c4:68:71:01:ee:05:bc:0b: 27:ab:62:78:f2:80:72:ce:00:8e:c2:84:3f:4c:e2:4c:9b:e8: d4:fa:f0:37 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHYgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky Q0Q4ODQ3NDgwHhcNMjUxMTA0MTYxNDQ0WhcNMjUxMTExMTYxNDQ0WjAYMRYwFAYD VQQDEw02OTBhMjY3NC01NTMxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAp/+33KIr8IAyHs4VZbdx4MXTIqUnFEAB0/7l7c1m1b/672CB3cbMb74FoHrX sycxCNjtcloRTYxYM/4aOJmZD2uPIw4LqGfeZ7LebDQrCrSHfEuwpH1BraFkC2R5 aYlAE9L1n7gOF2Ad3e9PvVs/9jeJRjzNhry+A/+L5Ykmb1JH93XSO513ydRXzcLZ wSjH/e2p5D16QXhXEn2rbjMKfH4Do73TBLZTiru7eWktgak/K7ZTr5lVRh0v5MNI K0UEaBGPAFoUj/Ai9W/4dM9o0JKoFmcjoi3HVYA3of3b5GBpOepz8DePJ74/0xa9 HLKRHBzgeaVJ10pstHpRsphW0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDLqdBa1 nN8Pgfo55s9JlynskvSuMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REJGMi9FMzQ0NTAxNkMyRjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29q UlNVQ1B2MDJKLWtzMklSMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdEy7nC8gkR7nRRqVMukEaaUIwjdlAA+nEoH3MnPH3GI3CXp1SCxWc yS6wZVjE4Nfjy3mm+9CKuMnsDE76qZOE0pnf+LyiijdN3J1KJnRLumRHrach1OlF e3PGEl0UCZRdcdpFE62o7p90wD4GJrjPMa4suJax6zacHAB9R8tbnO31CUAFu0fL CrtokiJO6zuOY0hwL0PkpP47bfk/HYxR67oSZYuT3rinK/RoL1cx5nCTeKs2UBft x8zLKrdsiGYLr3mAz0UAAQYp4wBoSIUbFYrGswMAxT3bcg7u+ajrc4ZLxGhxAe4F vAsnq2J48oByzgCOwoQ/TOJMm+jU+vA3 -----END CERTIFICATE-----Generated at Tue Nov 4 21:25:21 2025 by rpki-client