$ rpki-client -vvf rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft File: LOCE4B2sa01jSTjXbOraWWNVvVM.mft (raw, json) Hash identifier: SKth1TekCn/SQAR3VS561DDHHKVNc1LYsPhA4E+OFRk= Subject key identifier: BE:24:68:08:D5:E7:9B:26:52:18:1C:04:07:91:F2:B5:16:F9:F0:DD Authority key identifier: 2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 Certificate issuer: /CN=A915EA8F/serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Certificate serial: 0291 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft Manifest number: 028D Signing time: Mon 03 Nov 2025 01:32:09 +0000 Manifest this update: Mon 03 Nov 2025 01:32:08 +0000 Manifest next update: Mon 10 Nov 2025 01:32:08 +0000 Files and hashes: 1: LOCE4B2sa01jSTjXbOraWWNVvVM.crl (hash: X3RrdEeF4OnMAbnGZWnvSi6WoY5kFdTVkW+YIs4Ca3o=) 2: 028640A8242B11ED9547B486C4F9AE02.roa (hash: dsbPmjXp/oYWvfHXOZsMcI3WqL8KWucAeTqSoUbpKas=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:32:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 657 (0x291) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915EA8F, serialNumber=2CE084E01DAC6B4D634938D76CEADA596355BD53 Validity Not Before: Nov 3 01:32:08 2025 GMT Not After : Nov 10 01:32:08 2025 GMT Subject: CN=69080618-28ec Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:b4:74:2d:76:c1:71:84:22:63:0c:d6:ad:6c: 7d:c4:e8:90:94:39:b2:e6:ed:0d:88:b5:d6:7b:cb: 8f:ce:22:8f:a1:6b:c1:9f:86:9e:36:12:c6:a3:de: 80:1b:f3:1c:8b:6b:e7:db:4f:62:35:a9:45:e4:58: b5:cc:a8:2e:83:38:72:88:c8:82:dc:ad:a4:c5:b9: 07:94:4f:01:80:30:42:05:b4:e6:18:2a:12:8e:b2: 17:ee:86:a5:20:ac:23:e8:9d:39:49:4c:b5:51:c9: 41:e4:fa:d4:1b:e3:4d:b2:f9:28:5e:39:a6:26:53: 31:66:bb:d8:8f:9e:65:ff:24:62:5d:0a:89:df:a5: 87:8d:11:14:37:3f:10:94:d3:24:36:93:11:8e:96: ec:57:1c:6a:bf:b1:29:b3:12:b9:68:79:c1:c0:40: b7:b6:3d:95:83:89:d2:fc:c8:7d:87:44:65:5c:dd: b8:0c:3e:dc:ce:ae:8d:8b:f3:5a:bc:0f:67:40:10: c1:74:e4:75:cd:2d:c7:3b:52:ad:4c:05:a2:2d:51: 46:66:9f:2d:49:00:d6:12:8c:ae:2d:5a:8e:79:31: 2d:9a:24:cd:df:f3:d0:16:54:9a:f7:61:3c:15:eb: d2:e6:d4:fa:8c:7c:53:cb:5b:6c:67:55:53:47:46: 83:07 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BE:24:68:08:D5:E7:9B:26:52:18:1C:04:07:91:F2:B5:16:F9:F0:DD X509v3 Authority Key Identifier: keyid:2C:E0:84:E0:1D:AC:6B:4D:63:49:38:D7:6C:EA:DA:59:63:55:BD:53 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LOCE4B2sa01jSTjXbOraWWNVvVM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915EA8F/E3A35BB4242811ED8FD24C86C4F9AE02/LOCE4B2sa01jSTjXbOraWWNVvVM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 54:13:a9:da:d1:a4:0e:a5:b6:e8:3d:9a:51:5f:de:43:49:d0: a1:26:06:89:bb:b1:ae:3d:63:75:3a:53:0b:d2:6b:d8:ae:0d: 1d:e0:25:68:1d:cc:15:52:94:0b:1d:57:b8:50:bd:ab:14:a2: bb:a8:09:f6:c9:46:78:e3:d5:f7:89:01:00:6b:28:fe:75:e4: ff:83:dd:27:ac:14:13:31:dd:1e:71:d4:9f:7e:d6:e4:45:ea: dc:86:f5:b6:84:dd:9d:eb:12:1f:d0:c2:23:32:39:4b:52:8c: 0e:44:b5:19:54:d4:39:08:77:fe:12:71:58:1e:b3:df:30:d6: a7:43:58:bd:2f:ad:b9:c5:74:b4:c4:76:ad:d4:ca:96:af:5a: b0:45:71:d9:ee:02:23:6f:38:a1:20:5a:f6:f9:d0:a9:e4:7f: 48:71:5e:df:ca:dd:38:36:61:ae:fb:26:66:32:aa:9d:1f:b7: 18:6f:de:57:8d:cb:41:70:43:9c:36:a8:27:41:ff:ca:3d:0a: 8a:e6:e9:0d:bd:8a:d9:16:c0:a6:29:0c:df:64:9f:1e:8e:2a: 4f:48:34:4a:b7:f5:c3:49:84:a4:42:f3:cf:ea:f8:2b:8c:0d: 1d:a6:b3:dc:04:e3:47:93:fc:0d:67:6d:a9:e6:70:06:19:e1: ca:f7:d4:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUVBOEYxMTAvBgNVBAUTKDJDRTA4NEUwMURBQzZCNEQ2MzQ5MzhENzZDRUFEQTU5 NjM1NUJENTMwHhcNMjUxMTAzMDEzMjA4WhcNMjUxMTEwMDEzMjA4WjAYMRYwFAYD VQQDEw02OTA4MDYxOC0yOGVjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxbR0LXbBcYQiYwzWrWx9xOiQlDmy5u0NiLXWe8uPziKPoWvBn4aeNhLGo96A G/Mci2vn209iNalF5Fi1zKgugzhyiMiC3K2kxbkHlE8BgDBCBbTmGCoSjrIX7oal IKwj6J05SUy1UclB5PrUG+NNsvkoXjmmJlMxZrvYj55l/yRiXQqJ36WHjREUNz8Q lNMkNpMRjpbsVxxqv7EpsxK5aHnBwEC3tj2Vg4nS/Mh9h0RlXN24DD7czq6Ni/Na vA9nQBDBdOR1zS3HO1KtTAWiLVFGZp8tSQDWEoyuLVqOeTEtmiTN3/PQFlSa92E8 FevS5tT6jHxTy1tsZ1VTR0aDBwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL4kaAjV 55smUhgcBAeR8rUW+fDdMB8GA1UdIwQYMBaAFCzghOAdrGtNY0k412zq2lljVb1T MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1RUE4Ri9FM0EzNUJCNDI0 MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2EwMWpTVGpYYk9yYVdXTlZ2 Vk0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xPQ0U0QjJzYTAxalNUalhiT3JhV1dOVnZWTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 RUE4Ri9FM0EzNUJCNDI0MjgxMUVEOEZEMjRDODZDNEY5QUUwMi9MT0NFNEIyc2Ew MWpTVGpYYk9yYVdXTlZ2Vk0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBUE6na0aQOpbboPZpRX95DSdChJgaJu7GuPWN1OlML0mvYrg0d4CVo HcwVUpQLHVe4UL2rFKK7qAn2yUZ449X3iQEAayj+deT/g90nrBQTMd0ecdSfftbk RerchvW2hN2d6xIf0MIjMjlLUowORLUZVNQ5CHf+EnFYHrPfMNanQ1i9L625xXS0 xHat1MqWr1qwRXHZ7gIjbzihIFr2+dCp5H9IcV7fyt04NmGu+yZmMqqdH7cYb95X jctBcEOcNqgnQf/KPQqK5ukNvYrZFsCmKQzfZJ8ejipPSDRKt/XDSYSkQvPP6vgr jA0dprPcBONHk/wNZ22p5nAGGeHK99Tf -----END CERTIFICATE-----Generated at Mon Nov 3 18:07:08 2025 by rpki-client