$ rpki-client -vvf rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft File: 2QhMrcO-yMIAxalrcu2v1KAOrug.mft (raw, json) Hash identifier: OfFgFJy32z+drRk5pOYlHguG59KMQg/gMBDEKe/znzY= Subject key identifier: D4:8F:08:DD:B5:A8:85:D1:F1:07:82:B0:B8:00:1B:B6:DB:8F:E0:43 Authority key identifier: D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8 Certificate issuer: /CN=A91719F1/serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8 Certificate serial: 0298 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft Manifest number: 0291 Signing time: Mon 27 Oct 2025 03:03:49 +0000 Manifest this update: Mon 27 Oct 2025 03:03:48 +0000 Manifest next update: Mon 03 Nov 2025 03:03:48 +0000 Files and hashes: 1: 2QhMrcO-yMIAxalrcu2v1KAOrug.crl (hash: ys061WoTkeOAKfw77GgIZm+u3AEnptpcceqGkmz9ASA=) 2: 00724F9621F111ED93774B6EC4F9AE02.roa (hash: 1MS8BgQSeLxFZfjzI2XVs+BA1y3N2nYBN3Uvkoalvq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 03 Nov 2025 03:03:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 664 (0x298) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91719F1, serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8 Validity Not Before: Oct 27 03:03:48 2025 GMT Not After : Nov 3 03:03:48 2025 GMT Subject: CN=68fee114-28fc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:ab:92:84:c3:8e:43:9a:1e:75:d4:66:35:c8: 74:26:f9:0b:d0:09:40:97:9c:22:cc:32:b5:33:d4: 20:a2:e0:e5:47:a7:4d:c9:84:64:1f:ce:f2:d6:9e: a1:51:18:88:2c:59:27:70:e1:27:eb:fc:ac:f8:37: 85:80:c6:5d:9d:19:e0:fb:71:a1:dd:27:4f:95:00: 52:0d:cc:60:b0:6d:4b:ce:a8:a8:14:41:74:a4:d0: cb:b9:af:80:8e:25:5c:ef:de:b2:f8:30:19:8c:ef: c2:4a:9e:48:75:88:c6:8a:39:ab:e0:df:ac:2f:07: f8:2d:0f:74:35:41:27:72:e2:0b:cc:99:32:7e:40: 13:bd:51:93:ce:78:fc:73:0d:65:e0:9e:5b:33:53: ff:f0:66:b1:aa:f5:86:d7:43:94:6f:de:aa:17:aa: ec:c0:c9:a6:42:45:30:00:0b:88:9e:8c:fb:13:bd: 1b:9e:52:52:ae:38:f7:e7:6f:fe:b4:a0:a4:4b:e0: b3:3d:b0:a5:3c:86:23:99:a9:e8:cf:30:31:a5:4d: a3:22:14:dc:a5:22:43:e6:86:fa:c4:09:7d:5a:f7: 1a:2e:5c:2f:ae:91:ab:60:06:09:e7:42:19:13:ee: 77:8a:67:1d:a4:b4:66:b2:8c:5c:d6:de:91:c2:d4: aa:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:8F:08:DD:B5:A8:85:D1:F1:07:82:B0:B8:00:1B:B6:DB:8F:E0:43 X509v3 Authority Key Identifier: keyid:D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7a:2c:e0:bb:12:59:7c:11:b3:84:6c:1d:d3:ef:9a:c7:11:08: 51:e8:11:b2:a8:c7:d5:0c:ef:53:83:c5:b5:e7:9d:31:ba:57: 84:ec:f9:8b:b2:2c:89:b2:0a:08:01:f6:7d:02:79:b9:5e:b4: 5f:36:ab:42:b8:92:cd:c4:a0:f7:90:5a:e4:01:1f:93:46:6f: 7d:fe:26:92:d8:02:61:fd:9b:8b:72:53:97:68:2d:14:5b:4c: ce:9b:e5:ee:5c:7c:b4:35:fb:1f:92:66:74:47:b2:1b:43:1f: 74:95:e4:c3:29:ca:e5:96:2d:a3:d1:d3:28:ff:ec:fb:c0:8b: 80:3d:fc:3b:57:be:d9:5d:82:cd:04:d2:9c:fb:af:3c:f3:2a: 4c:58:94:c6:1b:ed:52:12:bc:40:71:45:46:f9:9c:69:07:f6: 73:f2:09:e2:c8:02:34:66:78:3c:86:91:f6:29:27:84:24:b4: 00:3b:34:c0:38:22:2b:9b:3c:bb:c6:f2:92:bc:42:d2:eb:b3: d7:46:bb:32:db:ff:f5:60:14:42:2f:24:cc:5d:78:60:a1:3a: 99:61:ea:1f:eb:ce:0a:59:55:84:97:94:ef:24:a6:67:b5:da: d8:f2:40:87:a7:c5:e5:75:26:95:fe:91:2f:92:3d:67:58:77: 10:35:56:27 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE5RjExMTAvBgNVBAUTKEQ5MDg0Q0FEQzNCRUM4QzIwMEM1QTk2QjcyRURBRkQ0 QTAwRUFFRTgwHhcNMjUxMDI3MDMwMzQ4WhcNMjUxMTAzMDMwMzQ4WjAYMRYwFAYD VQQDEw02OGZlZTExNC0yOGZjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyKuShMOOQ5oeddRmNch0JvkL0AlAl5wizDK1M9QgouDlR6dNyYRkH87y1p6h URiILFkncOEn6/ys+DeFgMZdnRng+3Gh3SdPlQBSDcxgsG1LzqioFEF0pNDLua+A jiVc796y+DAZjO/CSp5IdYjGijmr4N+sLwf4LQ90NUEncuILzJkyfkATvVGTznj8 cw1l4J5bM1P/8GaxqvWG10OUb96qF6rswMmmQkUwAAuInoz7E70bnlJSrjj352/+ tKCkS+CzPbClPIYjmanozzAxpU2jIhTcpSJD5ob6xAl9WvcaLlwvrpGrYAYJ50IZ E+53imcdpLRmsoxc1t6RwtSqFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNSPCN21 qIXR8QeCsLgAG7bbj+BDMB8GA1UdIwQYMBaAFNkITK3DvsjCAMWpa3Ltr9SgDq7o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTlGMS82OTVGOTNGRTIx RUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlNSUF4YWxyY3UydjFLQU9y dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRaE1yY08teU1JQXhhbHJjdTJ2MUtBT3J1Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTlGMS82OTVGOTNGRTIxRUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlN SUF4YWxyY3UydjFLQU9ydWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB6LOC7Ell8EbOEbB3T75rHEQhR6BGyqMfVDO9Tg8W1550xuleE7PmL siyJsgoIAfZ9Anm5XrRfNqtCuJLNxKD3kFrkAR+TRm99/iaS2AJh/ZuLclOXaC0U W0zOm+XuXHy0NfsfkmZ0R7IbQx90leTDKcrlli2j0dMo/+z7wIuAPfw7V77ZXYLN BNKc+6888ypMWJTGG+1SErxAcUVG+ZxpB/Zz8gniyAI0Zng8hpH2KSeEJLQAOzTA OCIrmzy7xvKSvELS67PXRrsy2//1YBRCLyTMXXhgoTqZYeof684KWVWEl5TvJKZn tdrY8kCHp8XldSaV/pEvkj1nWHcQNVYn -----END CERTIFICATE-----Generated at Tue Oct 28 07:36:09 2025 by rpki-client