$ rpki-client -vvf rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft File: CStU0vnpbT_OHwwNuzGxuCyNLOA.mft (raw, json) Hash identifier: tAEewVcApytPSQkAegNk134ofPu6ghUhQwZ6MRzhMms= Subject key identifier: 7E:63:92:97:79:E7:50:C1:B5:7E:6C:94:81:BF:D5:60:06:CB:EA:38 Authority key identifier: 09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 Certificate issuer: /CN=A9122EA2/serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Certificate serial: 022E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft Manifest number: 0222 Signing time: Wed 05 Nov 2025 02:18:19 +0000 Manifest this update: Wed 05 Nov 2025 02:18:19 +0000 Manifest next update: Wed 12 Nov 2025 02:18:19 +0000 Files and hashes: 1: CStU0vnpbT_OHwwNuzGxuCyNLOA.crl (hash: Ogra/6LvuibOjuaMPxvBQdv6icxuxwRaOHBvzYHpylg=) 2: C20F71E0992A11EEBDE4AF84C4F9AE02.roa (hash: csl85VTomjs4iPv8bKOFHRUkLivByj84d/cWaa81y8A=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:18:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 558 (0x22e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9122EA2, serialNumber=092B54D2F9E96D3FCE1F0C0DBB31B1B82C8D2CE0 Validity Not Before: Nov 5 02:18:19 2025 GMT Not After : Nov 12 02:18:19 2025 GMT Subject: CN=690ab3eb-d7bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:ad:21:3a:df:56:12:98:23:77:51:2a:af:65: c3:9a:44:c5:ab:68:74:f1:d5:b1:90:9e:6b:3c:1d: c1:4a:c6:61:94:1a:91:7d:e4:28:69:6b:7d:ab:c6: a4:7c:2b:80:5f:e6:4f:52:f2:91:21:a7:7c:0d:3f: c0:89:0a:90:e7:04:da:d5:0b:e7:b3:33:3e:2b:d7: dc:87:ac:45:32:58:33:5d:04:1e:51:1e:f0:2f:e1: 0a:9f:2a:07:da:da:6f:8e:49:b0:cf:9a:29:06:3b: ae:6e:84:9e:4a:03:7d:50:6e:86:42:14:39:fd:fc: 93:2e:5e:5e:b3:66:21:ce:16:8a:f2:6c:b0:6b:c7: 62:f3:ea:23:ae:9e:e4:0c:9f:6a:fa:bc:74:55:7e: a9:6a:6a:c6:5c:b3:4f:4d:0b:af:48:b9:2b:7a:be: 41:4e:de:d4:d0:b5:83:05:e9:ff:e5:3c:7b:58:37: ce:7b:fe:b1:ea:9b:6f:ee:84:08:f4:26:0b:f9:03: f1:37:bc:49:11:fd:33:12:53:2e:19:c0:2a:e0:db: 72:bb:07:c5:90:fb:9b:93:b3:fc:88:67:f9:e9:e7: 65:f6:aa:b4:51:96:46:b4:a3:19:b5:08:8e:f0:26: e8:4b:64:6c:ed:8b:6a:1c:cb:2b:67:8d:2f:6a:e8: a5:2d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:63:92:97:79:E7:50:C1:B5:7E:6C:94:81:BF:D5:60:06:CB:EA:38 X509v3 Authority Key Identifier: keyid:09:2B:54:D2:F9:E9:6D:3F:CE:1F:0C:0D:BB:31:B1:B8:2C:8D:2C:E0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CStU0vnpbT_OHwwNuzGxuCyNLOA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9122EA2/15253414856311ED82FB102DC4F9AE02/CStU0vnpbT_OHwwNuzGxuCyNLOA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 49:e8:63:61:cd:52:67:1e:27:d8:0d:3d:c1:34:d8:7b:b8:34: 92:7f:1f:00:25:7c:04:04:e3:f1:fd:bc:2e:d4:18:69:19:aa: 84:28:f4:a5:df:81:6e:10:4c:6f:6b:db:8b:d9:a0:2c:66:a1: b8:a5:df:de:a7:a5:8c:0d:22:41:28:84:86:45:96:59:27:84: 53:c9:ea:c4:60:34:da:38:0f:21:60:05:e1:07:7f:b8:1b:04: 7a:84:2e:71:ae:38:12:09:3f:72:08:8e:5f:76:c0:09:4f:5d: db:74:ad:dd:1d:76:53:54:a7:4d:16:da:dc:22:2b:43:db:5a: 1c:69:30:0d:80:ea:cd:b4:c3:a9:39:20:0a:43:fc:9a:62:58: f2:c5:d5:45:c5:9e:91:9d:c6:0a:14:a6:3e:28:e2:5f:99:3a: ae:7f:53:b8:13:0e:21:67:bf:55:ac:56:63:23:85:a9:8d:9c: 3e:ae:bf:8b:57:06:35:49:89:9a:d7:71:12:3f:1e:fb:71:47: a2:07:c6:25:04:5c:da:2c:b7:15:3a:62:2f:b8:d5:8f:51:61: 83:62:1d:d5:f1:c3:05:b5:99:15:e0:74:c5:52:5c:e5:19:6b: 42:ff:43:f0:f7:3e:6d:0b:80:42:b0:90:35:6a:60:69:10:b1: ca:6b:45:98 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjJFQTIxMTAvBgNVBAUTKDA5MkI1NEQyRjlFOTZEM0ZDRTFGMEMwREJCMzFCMUI4 MkM4RDJDRTAwHhcNMjUxMTA1MDIxODE5WhcNMjUxMTEyMDIxODE5WjAYMRYwFAYD VQQDEw02OTBhYjNlYi1kN2JiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuq0hOt9WEpgjd1Eqr2XDmkTFq2h08dWxkJ5rPB3BSsZhlBqRfeQoaWt9q8ak fCuAX+ZPUvKRIad8DT/AiQqQ5wTa1QvnszM+K9fch6xFMlgzXQQeUR7wL+EKnyoH 2tpvjkmwz5opBjuuboSeSgN9UG6GQhQ5/fyTLl5es2YhzhaK8mywa8di8+ojrp7k DJ9q+rx0VX6pamrGXLNPTQuvSLkrer5BTt7U0LWDBen/5Tx7WDfOe/6x6ptv7oQI 9CYL+QPxN7xJEf0zElMuGcAq4NtyuwfFkPubk7P8iGf56edl9qq0UZZGtKMZtQiO 8CboS2Rs7YtqHMsrZ40vauilLQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFH5jkpd5 51DBtX5slIG/1WAGy+o4MB8GA1UdIwQYMBaAFAkrVNL56W0/zh8MDbsxsbgsjSzg MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyMkVBMi8xNTI1MzQxNDg1 NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJUX09Id3dOdXpHeHVDeU5M T0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NTdFUwdm5wYlRfT0h3d051ekd4dUN5TkxPQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy MkVBMi8xNTI1MzQxNDg1NjMxMUVEODJGQjEwMkRDNEY5QUUwMi9DU3RVMHZucGJU X09Id3dOdXpHeHVDeU5MT0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBJ6GNhzVJnHifYDT3BNNh7uDSSfx8AJXwEBOPx/bwu1BhpGaqEKPSl 34FuEExva9uL2aAsZqG4pd/ep6WMDSJBKISGRZZZJ4RTyerEYDTaOA8hYAXhB3+4 GwR6hC5xrjgSCT9yCI5fdsAJT13bdK3dHXZTVKdNFtrcIitD21ocaTANgOrNtMOp OSAKQ/yaYljyxdVFxZ6RncYKFKY+KOJfmTquf1O4Ew4hZ79VrFZjI4WpjZw+rr+L VwY1SYma13ESPx77cUeiB8YlBFzaLLcVOmIvuNWPUWGDYh3V8cMFtZkV4HTFUlzl GWtC/0Pw9z5tC4BCsJA1amBpELHKa0WY -----END CERTIFICATE-----Generated at Wed Nov 5 16:41:01 2025 by rpki-client