$ rpki-client -vvf rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.mft File: plb2DT8RZBpXG9H_rSRg3UV2My0.mft (raw, json) Hash identifier: HwihKV1t5GrcpqnCC77MFbimFNGgNMTF85mvry3lp7M= Subject key identifier: ED:FE:09:8B:FD:48:E2:9B:3F:CB:FE:29:DA:D2:41:7D:13:58:51:E5 Authority key identifier: A6:56:F6:0D:3F:11:64:1A:57:1B:D1:FF:AD:24:60:DD:45:76:33:2D Certificate issuer: /CN=A919986F/serialNumber=A656F60D3F11641A571BD1FFAD2460DD4576332D Certificate serial: 2871 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/plb2DT8RZBpXG9H_rSRg3UV2My0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.mft Manifest number: 286C Signing time: Tue 04 Nov 2025 15:40:54 +0000 Manifest this update: Tue 04 Nov 2025 15:40:54 +0000 Manifest next update: Tue 11 Nov 2025 15:40:54 +0000 Files and hashes: 1: plb2DT8RZBpXG9H_rSRg3UV2My0.crl (hash: JhS/qgvQOuefFew1lXTwfvF4Gs0WdurxKnAPx0yu9Mc=) 2: 27F621183B5D11EB97506B7AC4F9AE02.roa (hash: +GMl4Xu8VPkNDBOVR1baOfDzoyBidluum1AgF508r2s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.crl rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/plb2DT8RZBpXG9H_rSRg3UV2My0.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 15:40:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 10353 (0x2871) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919986F, serialNumber=A656F60D3F11641A571BD1FFAD2460DD4576332D Validity Not Before: Nov 4 15:40:54 2025 GMT Not After : Nov 11 15:40:54 2025 GMT Subject: CN=690a1e86-04fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:3c:a3:7d:d2:bd:ee:af:02:f6:f6:fe:e3:0e: fe:24:33:04:17:3e:44:0e:01:d8:33:32:ee:e5:d7: 20:aa:3d:2f:e7:5d:2b:c1:bf:90:a9:f1:7f:1a:5f: 01:1f:c9:ad:db:3d:68:61:ac:cf:9d:7c:6d:d2:fb: 03:eb:1f:00:5f:3a:64:0a:c7:29:ae:ea:9d:ee:51: 4b:49:e4:65:9c:7e:6e:dc:c2:52:7f:f1:0c:bf:93: 5a:eb:ff:95:10:21:b1:c8:c8:ec:01:73:fd:98:95: 64:07:f5:67:f9:81:df:1b:b0:43:7b:08:4c:f9:60: 0b:0a:83:fb:b9:71:8b:c6:3c:89:38:ec:a7:d6:fb: 69:29:9c:b5:12:0a:6e:a4:20:9e:f0:3e:ec:8d:d1: 53:b3:b5:7a:8d:85:d8:c5:cf:d2:47:be:a7:48:65: 9f:0b:39:2d:57:bd:f6:cf:3c:5c:0d:27:21:bb:f1: 98:80:e3:be:ce:e3:30:e0:57:e1:13:86:7b:ae:32: 3b:20:08:af:ff:03:68:ea:61:9b:32:7d:f3:a4:30: b8:f9:a0:80:6d:7a:ca:a1:86:24:b3:b6:94:2e:2e: 2c:aa:8a:7b:b6:13:6d:d4:de:9d:0c:f1:6b:d9:ff: a0:06:5f:4b:c4:08:0b:8e:ca:a6:ba:f9:a6:a8:af: b7:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: ED:FE:09:8B:FD:48:E2:9B:3F:CB:FE:29:DA:D2:41:7D:13:58:51:E5 X509v3 Authority Key Identifier: keyid:A6:56:F6:0D:3F:11:64:1A:57:1B:D1:FF:AD:24:60:DD:45:76:33:2D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/plb2DT8RZBpXG9H_rSRg3UV2My0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919986F/EC870B868F2A11E4BF98B432C4F9AE02/plb2DT8RZBpXG9H_rSRg3UV2My0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ba:55:af:36:0d:5c:60:33:59:67:86:e2:6d:81:1c:7d:b7:b6: 98:93:bc:71:62:4d:1d:56:0d:31:f8:ef:56:ed:90:3f:6e:8f: 6d:cb:2a:3c:15:e5:a3:bd:80:04:cd:f5:26:9c:b4:ac:99:7b: 38:9b:48:f5:85:cc:63:68:9e:a5:cf:37:86:3a:aa:21:76:27: e3:bf:39:14:4a:56:22:07:32:83:7c:50:56:19:45:31:3e:4e: c3:0e:e8:2c:f6:bb:c2:a2:1e:fb:fe:e2:33:4e:ed:48:ff:f5: 2e:6e:36:9d:55:ee:4f:7a:a9:03:2e:64:a1:59:04:d6:1a:b8: 31:ca:e4:7e:1f:89:4d:2f:26:ad:bc:84:2d:c1:af:ac:02:fa: 3b:0f:ce:a7:71:64:3d:e9:d1:be:bd:9f:71:46:ed:ef:b6:be: d4:8b:0b:a8:b4:d4:70:d3:04:25:92:2e:18:2b:d6:3b:3d:80: 51:3c:86:54:68:21:ee:8e:0c:28:b8:cb:91:2c:46:b0:6f:c6: 6a:77:bd:69:e3:d5:4c:7a:a8:2e:a8:3b:c7:27:5f:9f:5e:98: db:07:b7:e4:9e:87:67:8c:5d:0d:47:71:cc:50:ff:5b:1c:f4: c9:95:3f:b3:44:36:fd:9f:9b:7e:8e:ef:9b:9e:09:e1:77:ab: 04:81:44:1c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICKHEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTk4NkYxMTAvBgNVBAUTKEE2NTZGNjBEM0YxMTY0MUE1NzFCRDFGRkFEMjQ2MERE NDU3NjMzMkQwHhcNMjUxMTA0MTU0MDU0WhcNMjUxMTExMTU0MDU0WjAYMRYwFAYD VQQDEw02OTBhMWU4Ni0wNGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4DyjfdK97q8C9vb+4w7+JDMEFz5EDgHYMzLu5dcgqj0v510rwb+QqfF/Gl8B H8mt2z1oYazPnXxt0vsD6x8AXzpkCscpruqd7lFLSeRlnH5u3MJSf/EMv5Na6/+V ECGxyMjsAXP9mJVkB/Vn+YHfG7BDewhM+WALCoP7uXGLxjyJOOyn1vtpKZy1Egpu pCCe8D7sjdFTs7V6jYXYxc/SR76nSGWfCzktV732zzxcDSchu/GYgOO+zuMw4Ffh E4Z7rjI7IAiv/wNo6mGbMn3zpDC4+aCAbXrKoYYks7aULi4sqop7thNt1N6dDPFr 2f+gBl9LxAgLjsqmuvmmqK+3YQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO3+CYv9 SOKbP8v+KdrSQX0TWFHlMB8GA1UdIwQYMBaAFKZW9g0/EWQaVxvR/60kYN1FdjMt MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTg2Ri9FQzg3MEI4NjhG MkExMUU0QkY5OEI0MzJDNEY5QUUwMi9wbGIyRFQ4UlpCcFhHOUhfclNSZzNVVjJN eTAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3BsYjJEVDhSWkJwWEc5SF9yU1JnM1VWMk15MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTg2Ri9FQzg3MEI4NjhGMkExMUU0QkY5OEI0MzJDNEY5QUUwMi9wbGIyRFQ4UlpC cFhHOUhfclNSZzNVVjJNeTAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC6Va82DVxgM1lnhuJtgRx9t7aYk7xxYk0dVg0x+O9W7ZA/bo9tyyo8 FeWjvYAEzfUmnLSsmXs4m0j1hcxjaJ6lzzeGOqohdifjvzkUSlYiBzKDfFBWGUUx Pk7DDugs9rvCoh77/uIzTu1I//UubjadVe5PeqkDLmShWQTWGrgxyuR+H4lNLyat vIQtwa+sAvo7D86ncWQ96dG+vZ9xRu3vtr7UiwuotNRw0wQlki4YK9Y7PYBRPIZU aCHujgwouMuRLEawb8Zqd71p49VMeqguqDvHJ1+fXpjbB7fknodnjF0NR3HMUP9b HPTJlT+zRDb9n5t+ju+bngnhd6sEgUQc -----END CERTIFICATE-----Generated at Wed Nov 5 10:05:58 2025 by rpki-client