$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: pD76ffOWcKS90XN7QAJu6UYqRSaC96+dZUuDcojSjL4= Subject key identifier: 8B:26:3D:F8:7C:F1:28:B2:45:8F:D1:85:DB:20:70:07:B8:85:8F:45 Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 022E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 022A Signing time: Mon 03 Nov 2025 01:54:38 +0000 Manifest this update: Mon 03 Nov 2025 01:54:38 +0000 Manifest next update: Mon 10 Nov 2025 01:54:38 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: r17S5RGGw8Qxwt9TyU+hgcCnRtRy34XIbC6HH0fNMAE=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: 23rCyoR4WnNChFU7ymH391h0HiIrF4JQy1l5v2pbquM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:54:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 558 (0x22e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: Nov 3 01:54:38 2025 GMT Not After : Nov 10 01:54:38 2025 GMT Subject: CN=69080b5e-ddca Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d6:aa:4e:91:bc:b0:15:19:3d:6d:de:11:e7:05: 44:d2:c1:ef:0e:8b:86:0a:49:c6:e6:95:0c:4f:76: 05:16:65:11:94:4b:e4:af:30:e9:26:2a:21:9d:e4: ac:a1:0f:88:31:6f:c7:48:1e:0a:ce:18:75:4a:ca: 5a:33:8c:b2:3b:b3:fa:ea:53:75:b6:3f:9c:c9:fb: bb:b5:51:75:4b:1f:99:3d:1c:86:94:77:a5:5d:d4: d0:44:86:06:07:0f:a3:38:96:5e:4c:5c:07:f1:63: 1c:bd:d1:36:5e:c6:0d:ba:d5:a5:cf:b5:9e:d7:d9: 96:29:6b:f8:fa:78:64:30:b7:f5:c6:4e:4d:29:8f: 6a:0d:0e:f4:33:03:29:c9:5b:d7:c9:16:a6:c9:af: 25:4e:05:a9:60:5d:97:6b:9f:aa:03:1c:dd:3c:eb: 0c:37:de:48:b6:44:08:77:63:6f:1e:ad:97:7c:42: 9c:e1:9b:b6:1c:aa:50:ea:e7:49:d8:4b:4c:9f:1d: b7:83:c0:9f:a5:30:4a:95:68:a6:af:70:19:35:13: bd:6c:08:76:57:54:28:ef:08:a5:bb:6e:13:7b:1b: eb:da:de:03:e2:b3:bb:8e:b8:77:8f:8b:7d:d2:e5: 7b:b1:0d:97:bb:c2:16:c6:e4:2c:19:f1:e9:4e:fd: 00:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:26:3D:F8:7C:F1:28:B2:45:8F:D1:85:DB:20:70:07:B8:85:8F:45 X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 12:7b:fd:9a:a8:b6:f2:34:7d:7c:d9:d2:21:8f:a4:51:90:e7: 55:41:d9:25:d5:10:0c:f2:86:3c:d3:18:60:91:36:26:45:12: 13:9d:0e:78:37:58:f6:c9:e5:7a:f4:c1:bd:91:42:c5:d2:f5: c6:46:2c:da:df:9d:fc:a2:8b:1d:d8:a7:4d:d2:1a:eb:72:9a: 1c:f5:1d:41:6d:f2:c5:7d:1f:35:ea:80:31:85:94:a8:96:91: 2f:9b:27:25:f1:2f:68:de:18:7c:b2:7c:95:cc:28:40:62:48: c2:45:65:01:17:a6:50:36:8a:8c:84:c1:17:82:a9:38:a4:a5: d4:74:f7:eb:af:00:4a:07:3d:5d:0d:e9:a4:39:06:83:64:32: 99:10:dc:3a:a3:c6:98:23:ac:84:88:fb:63:88:8c:d3:c5:e3: c0:1f:da:ec:a5:39:f4:2f:17:d2:b6:95:79:cb:84:f1:36:e4: ec:ad:fa:f4:01:a3:d9:c0:66:5d:b2:b9:f1:9f:3f:a0:2a:40: f8:34:29:1e:80:fa:f4:31:2d:77:a7:fb:d1:8d:4b:33:40:37: b9:2a:bb:3c:c3:b1:93:71:2a:c0:44:a9:14:ae:ef:95:fb:d8: e8:e4:40:06:12:a5:cc:4d:9e:ce:d6:f1:a1:a8:4f:2a:27:63: aa:9d:48:7c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAi4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUxMTAzMDE1NDM4WhcNMjUxMTEwMDE1NDM4WjAYMRYwFAYD VQQDEw02OTA4MGI1ZS1kZGNhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1qpOkbywFRk9bd4R5wVE0sHvDouGCknG5pUMT3YFFmURlEvkrzDpJiohneSs oQ+IMW/HSB4Kzhh1SspaM4yyO7P66lN1tj+cyfu7tVF1Sx+ZPRyGlHelXdTQRIYG Bw+jOJZeTFwH8WMcvdE2XsYNutWlz7We19mWKWv4+nhkMLf1xk5NKY9qDQ70MwMp yVvXyRamya8lTgWpYF2Xa5+qAxzdPOsMN95ItkQId2NvHq2XfEKc4Zu2HKpQ6udJ 2EtMnx23g8CfpTBKlWimr3AZNRO9bAh2V1Qo7wilu24Texvr2t4D4rO7jrh3j4t9 0uV7sQ2Xu8IWxuQsGfHpTv0A9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIsmPfh8 8SiyRY/RhdsgcAe4hY9FMB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQASe/2aqLbyNH182dIhj6RRkOdVQdkl1RAM8oY80xhgkTYmRRITnQ54 N1j2yeV69MG9kULF0vXGRiza3538oosd2KdN0hrrcpoc9R1BbfLFfR816oAxhZSo lpEvmycl8S9o3hh8snyVzChAYkjCRWUBF6ZQNoqMhMEXgqk4pKXUdPfrrwBKBz1d DemkOQaDZDKZENw6o8aYI6yEiPtjiIzTxePAH9rspTn0LxfStpV5y4TxNuTsrfr0 AaPZwGZdsrnxnz+gKkD4NCkegPr0MS13p/vRjUszQDe5Krs8w7GTcSrARKkUru+V +9jo5EAGEqXMTZ7O1vGhqE8qJ2OqnUh8 -----END CERTIFICATE-----Generated at Mon Nov 3 18:10:53 2025 by rpki-client