$ rpki-client -vvf rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft File: tg1afDY_D02TL-MXuQzmz4DSg8k.mft (raw, json) Hash identifier: eAZzQbCs7oVdmmaNN9IsH8Z24g9OP7Jbc5vSCfCF3GA= Subject key identifier: 20:FE:23:05:F8:89:E6:AE:26:C8:0A:5A:A3:60:E3:92:39:29:0F:FC Authority key identifier: B6:0D:5A:7C:36:3F:0F:4D:93:2F:E3:17:B9:0C:E6:CF:80:D2:83:C9 Certificate issuer: /CN=A9118309/serialNumber=B60D5A7C363F0F4D932FE317B90CE6CF80D283C9 Certificate serial: 0A7D Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft Manifest number: 0A75 Signing time: Tue 04 Nov 2025 19:43:15 +0000 Manifest this update: Tue 04 Nov 2025 19:43:14 +0000 Manifest next update: Tue 11 Nov 2025 19:43:14 +0000 Files and hashes: 1: tg1afDY_D02TL-MXuQzmz4DSg8k.crl (hash: f7raIBtI8Xue0XaqwUU+jpO3Gdcc9oktmwii9s3LDt4=) 2: 59AA22D06FFD11EA9160902DC4F9AE02.roa (hash: 3RxABu3KC/9hSKHYQMzVVe4gdoAQgiDaudG41V9QJ3s=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.crl rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 19:43:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2685 (0xa7d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9118309, serialNumber=B60D5A7C363F0F4D932FE317B90CE6CF80D283C9 Validity Not Before: Nov 4 19:43:14 2025 GMT Not After : Nov 11 19:43:14 2025 GMT Subject: CN=690a5753-2e9f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:a6:db:35:7e:37:c4:92:e7:44:aa:cf:a0:a5: b6:e1:99:33:75:38:fc:e6:81:fc:fd:ed:b0:00:ae: 28:19:3f:c5:f5:8c:67:2d:5a:44:c9:9c:a4:d4:77: f7:f3:57:f1:5d:64:8e:f6:a1:8e:c6:87:d1:00:3d: 98:21:35:a5:27:e5:11:6b:09:40:53:15:d9:ef:b7: e5:2f:9c:74:36:e5:89:60:38:c0:cc:45:c1:ae:c7: f4:9b:f6:ca:25:6f:b3:46:6b:6e:85:6e:59:41:b9: 4b:9c:d7:b0:cf:9f:ad:88:1d:74:98:b9:74:69:15: dd:a0:0e:a3:1d:8b:d4:3e:b1:af:cc:83:d5:ca:fa: 85:5b:9f:83:a7:7b:3b:5d:4e:94:37:03:45:12:31: 13:ce:d4:5f:a5:94:47:52:07:dd:07:db:61:23:4d: d1:95:74:b9:b8:20:f5:89:59:3c:98:dc:52:26:6c: 74:87:ac:38:dd:24:84:71:cb:37:a1:3a:93:f3:3d: fd:bf:7b:8b:89:63:f5:90:1a:2b:31:c5:01:fb:3e: 35:0c:37:1d:f2:58:cd:78:ae:20:f2:bd:60:10:4f: 4a:34:87:ce:d9:50:f8:2b:7a:36:0b:06:b2:d2:81: 09:4c:4d:bf:9e:41:f3:39:e4:22:19:18:c6:84:73: d1:63 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:FE:23:05:F8:89:E6:AE:26:C8:0A:5A:A3:60:E3:92:39:29:0F:FC X509v3 Authority Key Identifier: keyid:B6:0D:5A:7C:36:3F:0F:4D:93:2F:E3:17:B9:0C:E6:CF:80:D2:83:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tg1afDY_D02TL-MXuQzmz4DSg8k.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9118309/1A48DC866FFC11EA88F3D22BC4F9AE02/tg1afDY_D02TL-MXuQzmz4DSg8k.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 24:cf:c2:df:1e:e0:26:11:ec:4a:9c:6b:c1:07:99:37:9d:5d: 9a:79:2b:ea:fd:3c:7a:24:4f:15:f9:3f:af:71:89:b5:11:b6: a0:8c:dd:c0:77:8a:67:e4:c7:4f:ea:9c:8b:1f:c2:90:d8:ca: 33:26:a5:89:18:42:e6:1d:b0:d5:0e:50:62:dc:52:62:35:d4: 4b:23:61:0e:3b:7d:d2:df:d6:bd:9b:6c:fe:60:b8:c5:c3:88: 91:64:6d:2b:e9:ca:e5:63:05:b0:2b:7a:55:af:43:b4:6e:67: e8:93:5c:50:e1:04:2a:21:33:af:59:18:53:cf:70:1f:55:a7: 1d:9b:84:26:bc:f7:ee:ae:c0:09:15:c8:a9:f8:82:62:f6:28: 27:f2:49:0b:f8:a2:91:7a:b4:79:3c:d9:e5:e6:43:d1:41:01: 14:19:4e:a7:49:9f:aa:c3:0b:95:fd:0f:bd:01:cf:5f:83:de: e6:73:b8:14:18:0f:2d:8d:a5:51:a3:02:9c:d1:3e:f9:3f:41: 6d:d7:0b:ff:1d:af:bc:af:e8:d3:b1:9a:42:84:af:df:09:48: 01:31:38:0a:ba:8d:42:7c:47:04:e3:90:1f:a7:a6:de:87:dc: b7:1c:b6:b0:95:0d:73:a8:c4:6f:ec:fb:37:6e:64:3d:0a:88: cf:e5:bc:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCn0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTgzMDkxMTAvBgNVBAUTKEI2MEQ1QTdDMzYzRjBGNEQ5MzJGRTMxN0I5MENFNkNG ODBEMjgzQzkwHhcNMjUxMTA0MTk0MzE0WhcNMjUxMTExMTk0MzE0WjAYMRYwFAYD VQQDEw02OTBhNTc1My0yZTlmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw6bbNX43xJLnRKrPoKW24ZkzdTj85oH8/e2wAK4oGT/F9YxnLVpEyZyk1Hf3 81fxXWSO9qGOxofRAD2YITWlJ+URawlAUxXZ77flL5x0NuWJYDjAzEXBrsf0m/bK JW+zRmtuhW5ZQblLnNewz5+tiB10mLl0aRXdoA6jHYvUPrGvzIPVyvqFW5+Dp3s7 XU6UNwNFEjETztRfpZRHUgfdB9thI03RlXS5uCD1iVk8mNxSJmx0h6w43SSEccs3 oTqT8z39v3uLiWP1kBorMcUB+z41DDcd8ljNeK4g8r1gEE9KNIfO2VD4K3o2Cway 0oEJTE2/nkHzOeQiGRjGhHPRYwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCD+IwX4 ieauJsgKWqNg45I5KQ/8MB8GA1UdIwQYMBaAFLYNWnw2Pw9Nky/jF7kM5s+A0oPJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExODMwOS8xQTQ4REM4NjZG RkMxMUVBODhGM0QyMkJDNEY5QUUwMi90ZzFhZkRZX0QwMlRMLU1YdVF6bXo0RFNn OGsuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RnMWFmRFlfRDAyVEwtTVh1UXptejREU2c4ay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx ODMwOS8xQTQ4REM4NjZGRkMxMUVBODhGM0QyMkJDNEY5QUUwMi90ZzFhZkRZX0Qw MlRMLU1YdVF6bXo0RFNnOGsubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAkz8LfHuAmEexKnGvBB5k3nV2aeSvq/Tx6JE8V+T+vcYm1EbagjN3A d4pn5MdP6pyLH8KQ2MozJqWJGELmHbDVDlBi3FJiNdRLI2EOO33S39a9m2z+YLjF w4iRZG0r6crlYwWwK3pVr0O0bmfok1xQ4QQqITOvWRhTz3AfVacdm4QmvPfursAJ Fcip+IJi9ign8kkL+KKRerR5PNnl5kPRQQEUGU6nSZ+qwwuV/Q+9Ac9fg97mc7gU GA8tjaVRowKc0T75P0Ft1wv/Ha+8r+jTsZpChK/fCUgBMTgKuo1CfEcE45Afp6be h9y3HLawlQ1zqMRv7Ps3bmQ9CojP5bxl -----END CERTIFICATE-----Generated at Wed Nov 5 08:10:09 2025 by rpki-client