$ rpki-client -vvf rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft File: tUMZgoesmRJSAHhil7k2l_jySK4.mft (raw, json) Hash identifier: ia6JgZNBJNVAFAvKGp3XQg/uwW9L0Go9lYRigLS6XPM= Subject key identifier: 1B:3D:B9:E9:4C:1F:FA:00:EB:FC:51:D6:45:4F:BE:74:B8:0A:5A:6D Authority key identifier: B5:43:19:82:87:AC:99:12:52:00:78:62:97:B9:36:97:F8:F2:48:AE Certificate issuer: /CN=A9142DBC/serialNumber=B543198287AC99125200786297B93697F8F248AE Certificate serial: 0C8B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tUMZgoesmRJSAHhil7k2l_jySK4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft Manifest number: 0C7E Signing time: Sun 02 Nov 2025 18:28:03 +0000 Manifest this update: Sun 02 Nov 2025 18:28:02 +0000 Manifest next update: Sun 09 Nov 2025 18:28:02 +0000 Files and hashes: 1: tUMZgoesmRJSAHhil7k2l_jySK4.crl (hash: AT9GMgPen3rvYCpj2uqRSzyr/4OJHSMA4aMtzpluSwM=) 2: DBE709060AA511EA86C8E31DC4F9AE02.roa (hash: YQqO3/GsQMAf9ewsQANIfWPP9RflccXF2o5PRECWCc4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.crl rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tUMZgoesmRJSAHhil7k2l_jySK4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:28:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3211 (0xc8b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9142DBC, serialNumber=B543198287AC99125200786297B93697F8F248AE Validity Not Before: Nov 2 18:28:02 2025 GMT Not After : Nov 9 18:28:02 2025 GMT Subject: CN=6907a2b2-c217 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a8:24:bf:0f:c1:b5:27:e1:d3:4a:64:cd:c6:f4: 72:ba:e1:72:4e:b0:4e:ec:34:4e:a5:42:cb:7c:e8: f6:2c:36:c2:4e:09:98:60:60:ff:54:2c:15:7e:9b: 98:85:65:59:5e:bd:bd:6a:7d:37:16:4e:26:6f:0e: 7d:5b:f5:25:2c:b7:29:3a:b9:2d:02:8c:d4:88:58: c7:e3:f8:a1:1d:bb:a3:b1:28:cb:5a:d7:4e:56:1a: 8e:27:70:68:a8:3f:b5:8e:d5:a2:9f:44:bc:55:df: 05:7d:07:8f:68:07:de:e4:3e:e3:a8:18:3f:e3:d9: 69:00:63:83:b8:cc:3d:e1:97:9e:36:ef:c9:e8:5a: fe:5c:0d:c2:6f:ee:8c:8b:a3:90:0b:5b:78:5d:6b: 2f:6f:85:37:d4:f7:73:8c:71:62:42:cb:84:51:22: 9e:f8:4e:81:0e:58:95:19:88:6b:b4:81:21:c2:fc: 6d:cf:5c:91:7f:d9:f9:ba:9c:44:f2:43:2c:50:67: 63:2c:80:2b:96:10:1f:7c:5f:a9:78:33:78:d1:82: 02:35:b6:d6:cd:93:9f:5c:a1:18:f0:22:e6:63:ef: 50:6d:ad:fd:7a:86:b7:e2:f9:05:c0:28:f3:e5:38: f8:33:15:2b:2a:a0:7a:f6:cb:23:03:2a:fe:39:eb: 30:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:3D:B9:E9:4C:1F:FA:00:EB:FC:51:D6:45:4F:BE:74:B8:0A:5A:6D X509v3 Authority Key Identifier: keyid:B5:43:19:82:87:AC:99:12:52:00:78:62:97:B9:36:97:F8:F2:48:AE X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tUMZgoesmRJSAHhil7k2l_jySK4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9142DBC/69FA25680AA411EA8C5A831BC4F9AE02/tUMZgoesmRJSAHhil7k2l_jySK4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 00:5b:81:ff:f4:17:c0:12:93:a8:31:58:93:80:04:14:31:48: a1:79:5c:19:f9:1e:6d:7a:37:4f:4a:bc:c8:f0:fb:7f:56:0d: c9:95:4d:6b:79:81:5f:94:96:a5:b0:e5:da:f4:66:17:69:aa: ff:cd:b7:37:ff:81:bc:1b:56:23:fb:7e:b2:7e:12:68:a2:50: c3:c6:a2:a8:de:a3:70:ac:1d:79:66:5a:20:df:12:14:f2:51: d7:8a:7d:85:fa:c8:db:3c:ac:f0:3b:fb:97:e5:32:4f:54:00: aa:d3:bc:66:25:5a:87:d2:6a:ab:68:05:66:11:1a:46:38:da: 55:ff:87:24:94:61:7a:ec:05:29:6b:27:d2:24:cf:18:ad:f3: fe:2f:11:bd:07:5d:b7:76:38:7a:63:13:2f:51:07:e1:69:19: 61:34:99:a3:76:5c:67:6e:71:a7:76:ab:cb:3f:1e:81:e1:c6: a3:c3:c4:1f:e1:ec:a4:53:4d:69:53:75:05:3a:34:c0:d4:a3: a4:3a:cc:1a:d2:9b:74:a4:d4:08:bb:4c:0f:0c:0a:e0:c7:d6: be:1b:be:67:28:ae:3d:57:0a:cc:55:41:d3:c6:2b:c2:d1:5f: 46:24:95:fe:f5:71:2a:c9:c2:7a:01:f2:26:d2:bc:47:b8:0f: 2e:b1:21:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDIswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDJEQkMxMTAvBgNVBAUTKEI1NDMxOTgyODdBQzk5MTI1MjAwNzg2Mjk3QjkzNjk3 RjhGMjQ4QUUwHhcNMjUxMTAyMTgyODAyWhcNMjUxMTA5MTgyODAyWjAYMRYwFAYD VQQDEw02OTA3YTJiMi1jMjE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqCS/D8G1J+HTSmTNxvRyuuFyTrBO7DROpULLfOj2LDbCTgmYYGD/VCwVfpuY hWVZXr29an03Fk4mbw59W/UlLLcpOrktAozUiFjH4/ihHbujsSjLWtdOVhqOJ3Bo qD+1jtWin0S8Vd8FfQePaAfe5D7jqBg/49lpAGODuMw94ZeeNu/J6Fr+XA3Cb+6M i6OQC1t4XWsvb4U31PdzjHFiQsuEUSKe+E6BDliVGYhrtIEhwvxtz1yRf9n5upxE 8kMsUGdjLIArlhAffF+peDN40YICNbbWzZOfXKEY8CLmY+9Qba39eoa34vkFwCjz 5Tj4MxUrKqB69ssjAyr+OeswlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBs9uelM H/oA6/xR1kVPvnS4ClptMB8GA1UdIwQYMBaAFLVDGYKHrJkSUgB4Ype5Npf48kiu MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MkRCQy82OUZBMjU2ODBB QTQxMUVBOEM1QTgzMUJDNEY5QUUwMi90VU1aZ29lc21SSlNBSGhpbDdrMmxfanlT SzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RVTVpnb2VzbVJKU0FIaGlsN2sybF9qeVNLNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MkRCQy82OUZBMjU2ODBBQTQxMUVBOEM1QTgzMUJDNEY5QUUwMi90VU1aZ29lc21S SlNBSGhpbDdrMmxfanlTSzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAAW4H/9BfAEpOoMViTgAQUMUiheVwZ+R5tejdPSrzI8Pt/Vg3JlU1r eYFflJalsOXa9GYXaar/zbc3/4G8G1Yj+36yfhJoolDDxqKo3qNwrB15Zlog3xIU 8lHXin2F+sjbPKzwO/uX5TJPVACq07xmJVqH0mqraAVmERpGONpV/4cklGF67AUp ayfSJM8YrfP+LxG9B123djh6YxMvUQfhaRlhNJmjdlxnbnGndqvLPx6B4cajw8Qf 4eykU01pU3UFOjTA1KOkOswa0pt0pNQIu0wPDArgx9a+G75nKK49VwrMVUHTxivC 0V9GJJX+9XEqycJ6AfIm0rxHuA8usSGL -----END CERTIFICATE-----Generated at Mon Nov 3 18:18:38 2025 by rpki-client