$ rpki-client -vvf rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft File: GxesPclsojRSUCPv02J-ks2IR0g.mft (raw, json) Hash identifier: Y6CZm4IEQXOzszGkFYjqp09g9DO7u4aBTxaAJTJ530Q= Subject key identifier: 51:BA:CC:0F:A2:1C:B5:09:30:7B:DA:58:38:67:EF:B2:A3:7C:DA:87 Authority key identifier: 1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 Certificate issuer: /CN=A917DBF2/serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Certificate serial: 1D83 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft Manifest number: 1D44 Signing time: Sun 26 Oct 2025 16:18:19 +0000 Manifest this update: Sun 26 Oct 2025 16:18:18 +0000 Manifest next update: Sun 02 Nov 2025 16:18:18 +0000 Files and hashes: 1: GxesPclsojRSUCPv02J-ks2IR0g.crl (hash: JaMGAtXmR2JYRLbQ/jTWggW5ceDHIrL6kz+9Ll0jH/w=) 2: 8A1AF86E94BC11EC9E49DB41C4F9AE02.roa (hash: n6ab3BTwAcpH4LegBC83qaXuTY61rSuzXQeixKGRCQ8=) 3: C154DA14E85C11EBA2171A25C4F9AE02.roa (hash: ZoYRtsKN6J+JTMHnmtPtNWovLxxrXzjOLNI6FTTDrJk=) 4: 907B9B20E8AD11EBAA895D0AC4F9AE02.roa (hash: Yy12wxP/cM0LLNtHiB2aLkhSaVEMx94WCa7jMCYf9WM=) 5: 89654CDAB83B11EFAA80DD09C4F9AE02.roa (hash: wZqrfI6axJ6OhiwV+iuxvLbJgC05OEzm0nCXJ1L7s34=) 6: 4D609E86FF3B11EB910E8847C4F9AE02.roa (hash: IlNlaUUrIO5psWG9zVe/2cJLa9A72orRKr8ki0wRJ+c=) 7: C2EECBA0E85C11EBA2171A25C4F9AE02.roa (hash: i8SkLvPy/XtXc4ZuxfbQ0jMccOT4jPJgyB/aqJ2e6A0=) 8: 4E2669F4FF3B11EB910E8847C4F9AE02.roa (hash: RxEjxFNvI0DOGeP3888S1tn030BuNHUdNfLt3di15l4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 16:16:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 7555 (0x1d83) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917DBF2, serialNumber=1B17AC3DC96CA234525023EFD3627E92CD884748 Validity Not Before: Oct 26 16:18:18 2025 GMT Not After : Nov 2 16:18:18 2025 GMT Subject: CN=68fe49cb-4c5f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:8c:73:f4:91:8b:62:e6:42:1e:fa:2a:b4:f1: 19:0f:78:c3:b3:c0:77:46:26:1c:87:91:2c:72:35: 92:b2:ed:45:d6:b9:47:e2:46:a5:39:b5:97:c4:d0: f9:29:9d:12:c1:8f:04:2c:af:c3:ef:08:ac:77:28: f1:5f:b8:59:16:67:ec:a7:a2:71:14:52:6a:a5:21: e2:8d:25:27:f2:ab:48:15:c3:0d:d1:bd:6d:c4:ca: 76:c3:dc:a2:f2:37:35:c4:97:cc:0b:38:33:85:4b: b8:26:4d:b3:1d:17:dc:3b:a9:30:27:4e:72:cc:c8: b2:42:b5:4e:a2:5d:cd:22:97:23:70:db:fc:c8:f1: d1:9f:7f:71:88:41:55:ef:7e:d7:e8:bb:5f:77:a9: 3e:27:9f:0a:e9:4b:6b:52:50:fc:fa:a8:35:a3:a7: 6d:45:52:51:fb:a3:05:64:5d:a8:4f:3e:03:db:33: fc:6b:03:8b:6e:41:25:1d:5b:c6:58:c9:4c:f9:b6: 4b:2d:ee:1a:32:5d:9a:73:7d:1d:68:71:1b:cf:50: 0c:48:cc:fd:59:fc:95:ff:bf:e0:22:0d:4a:f1:f2: ad:63:39:0b:66:b7:42:a9:9a:ca:f7:c4:60:91:58: 2b:90:05:58:bb:e2:57:3e:d1:ee:4d:7d:20:0b:db: b9:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 51:BA:CC:0F:A2:1C:B5:09:30:7B:DA:58:38:67:EF:B2:A3:7C:DA:87 X509v3 Authority Key Identifier: keyid:1B:17:AC:3D:C9:6C:A2:34:52:50:23:EF:D3:62:7E:92:CD:88:47:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/GxesPclsojRSUCPv02J-ks2IR0g.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917DBF2/E3445016C2F811E6997AEB6BC4F9AE02/GxesPclsojRSUCPv02J-ks2IR0g.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:b9:a8:fb:63:07:4e:08:c9:0d:45:e8:99:0d:45:d9:b7:65: ea:69:50:90:23:b5:8d:06:86:7f:25:b6:ac:a8:f2:87:f3:96: 82:5d:06:99:f7:bf:31:98:98:9a:17:23:93:79:2e:ab:94:20: 04:00:0c:7a:c1:55:b7:2d:87:d9:97:27:ca:44:bc:3d:7f:03: aa:0d:6a:98:65:f3:30:dd:dd:d4:16:bd:d6:ac:8b:24:a3:b7: 98:33:2b:91:0a:37:1b:85:a0:4d:d0:bb:06:9d:29:c7:66:f1: 13:f6:5c:46:2e:a5:e7:54:66:65:af:ce:9e:b6:b8:ff:a3:bc: 9a:a4:30:c9:86:78:88:19:5c:eb:b0:cd:aa:44:93:5a:66:63: 46:5a:f4:8b:f9:b3:0a:4b:bb:02:e4:8c:e8:0b:52:20:40:ee: 55:63:63:be:53:60:8b:8c:59:be:6e:30:53:1a:02:2c:04:4c: db:6f:d5:d8:76:66:30:e4:fe:b3:6b:46:90:89:bd:16:8d:3e: a9:19:3e:ab:31:c8:a4:b1:af:2c:8a:5d:e1:1b:e5:87:da:1d: 58:f9:52:0e:0c:29:fa:d3:e6:c8:e8:13:1c:20:81:4a:5e:0f: fc:be:0e:0b:89:b1:f4:7f:88:a3:54:d6:a4:17:55:c5:b8:f1: 29:50:34:03 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICHYMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0RCRjIxMTAvBgNVBAUTKDFCMTdBQzNEQzk2Q0EyMzQ1MjUwMjNFRkQzNjI3RTky Q0Q4ODQ3NDgwHhcNMjUxMDI2MTYxODE4WhcNMjUxMTAyMTYxODE4WjAYMRYwFAYD VQQDEw02OGZlNDljYi00YzVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsYxz9JGLYuZCHvoqtPEZD3jDs8B3RiYch5EscjWSsu1F1rlH4kalObWXxND5 KZ0SwY8ELK/D7wisdyjxX7hZFmfsp6JxFFJqpSHijSUn8qtIFcMN0b1txMp2w9yi 8jc1xJfMCzgzhUu4Jk2zHRfcO6kwJ05yzMiyQrVOol3NIpcjcNv8yPHRn39xiEFV 737X6Ltfd6k+J58K6UtrUlD8+qg1o6dtRVJR+6MFZF2oTz4D2zP8awOLbkElHVvG WMlM+bZLLe4aMl2ac30daHEbz1AMSMz9WfyV/7/gIg1K8fKtYzkLZrdCqZrK98Rg kVgrkAVYu+JXPtHuTX0gC9u5EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFG6zA+i HLUJMHvaWDhn77KjfNqHMB8GA1UdIwQYMBaAFBsXrD3JbKI0UlAj79NifpLNiEdI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3REJGMi9FMzQ0NTAxNkMy RjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29qUlNVQ1B2MDJKLWtzMklS MGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0d4ZXNQY2xzb2pSU1VDUHYwMkota3MySVIwZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 REJGMi9FMzQ0NTAxNkMyRjgxMUU2OTk3QUVCNkJDNEY5QUUwMi9HeGVzUGNsc29q UlNVQ1B2MDJKLWtzMklSMGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9uaj7YwdOCMkNReiZDUXZt2XqaVCQI7WNBoZ/JbasqPKH85aCXQaZ 978xmJiaFyOTeS6rlCAEAAx6wVW3LYfZlyfKRLw9fwOqDWqYZfMw3d3UFr3WrIsk o7eYMyuRCjcbhaBN0LsGnSnHZvET9lxGLqXnVGZlr86etrj/o7yapDDJhniIGVzr sM2qRJNaZmNGWvSL+bMKS7sC5IzoC1IgQO5VY2O+U2CLjFm+bjBTGgIsBEzbb9XY dmYw5P6za0aQib0WjT6pGT6rMciksa8sil3hG+WH2h1Y+VIODCn60+bI6BMcIIFK Xg/8vg4LibH0f4ijVNakF1XFuPEpUDQD -----END CERTIFICATE-----Generated at Sun Oct 26 18:32:23 2025 by rpki-client