$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json) Hash identifier: 9Uyk2rFv5AoPp+0kF82uFKHtx9VAHsl2P6rEkLSabvM= Subject key identifier: BF:62:38:55:07:E2:64:C8:6D:A3:4A:F6:8F:D8:68:2D:17:81:A4:D8 Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Certificate serial: 1A04 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft Manifest number: 17F2 Signing time: Fri 14 Nov 2025 16:29:11 +0000 Manifest this update: Fri 14 Nov 2025 16:29:11 +0000 Manifest next update: Fri 21 Nov 2025 16:29:11 +0000 Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: VNewx4w3NvqLH0F6GllKRDTJzlulAMirPTIkygkBrHY=) 2: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 5uITBc+pZTop6KZh3NhbY8ifInIc97Y2n3CHN/qqt94=) 3: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: H2LNVWI/4SBtnLIxC+HsKb0Sn6SPu235wjCIk/88N90=) 4: 70E478D0C06D11F0ABA91C6CC4F9AE02.roa (hash: Y+I6xs+Ghxp/nManyHpMLzBR6d+9ACgxr4bM9Tk/9sc=) 5: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: lNqOJJYDQvLu7DRWfBEiDCTTNbz1juAgLIKu2ZnWJwo=) 6: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: dqGvsBo+O3A3ECQgQGmvroXEzldwim2Z97cn9HnwO7I=) 7: 47AAFC5A661311F09011712CC4F9AE02.roa (hash: nxh+Hkcrac8LqC1HhPwsPG/aZ2MHHIYI4A/3WElmkFc=) 8: A865A1925B1611F083088661C4F9AE02.roa (hash: Rw9T99RuNwJAGQR3ACNuRpkBbGAU9I1LWh2/O8OeLqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 21 Nov 2025 16:29:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6660 (0x1a04) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Validity Not Before: Nov 14 16:29:11 2025 GMT Not After : Nov 21 16:29:11 2025 GMT Subject: CN=691758d7-5cf3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:81:39:4e:90:9c:17:83:d8:73:89:15:e8:1b: da:df:41:85:ac:9b:2e:71:13:5e:53:73:e6:92:4e: 5a:98:e2:75:1a:f4:1c:36:ec:d6:b9:05:54:b2:77: 17:63:6e:59:0f:15:4e:5b:6c:d5:d0:4b:3e:e2:ba: c4:b3:20:92:fd:9c:da:77:77:4b:b6:94:ab:a4:14: 4e:e9:cb:bc:06:5b:27:53:3f:cf:71:dc:ef:32:8a: 63:a5:52:9d:30:5d:22:2a:4b:f1:27:af:f2:f1:ca: d9:b4:7b:b4:55:dc:d2:77:7a:3b:43:63:48:10:b4: c9:b3:f6:5b:93:60:c0:cb:94:20:d8:8e:99:5a:7e: 86:d7:e1:30:40:04:14:18:ed:1e:8e:47:83:27:02: 68:38:ed:b5:42:2e:8d:8d:a1:40:21:d2:ed:51:42: 19:b2:70:53:2b:b2:85:f1:57:3b:0d:1c:96:61:d4: 19:82:c4:ef:cc:7d:a1:18:7a:12:63:fc:a2:0f:eb: 53:47:aa:17:9d:3c:d9:9f:b4:a7:36:84:f0:09:eb: 9e:37:73:75:19:06:90:1b:fe:b1:40:4a:8a:0e:d8: 96:dd:f4:e3:0b:1d:60:95:f0:03:a9:ad:ef:28:2b: 06:a9:ad:7b:72:32:fd:c1:28:99:c5:44:1f:c9:64: 0c:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BF:62:38:55:07:E2:64:C8:6D:A3:4A:F6:8F:D8:68:2D:17:81:A4:D8 X509v3 Authority Key Identifier: keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:e7:46:3c:86:c8:d4:78:3c:f0:ea:6c:91:28:e5:59:9e:44: 1d:7e:fb:64:1c:bf:85:3f:8e:c3:ba:ad:11:d4:e6:70:17:c0: 92:57:c8:c4:a1:0a:a2:4e:c8:ab:7e:24:93:87:45:1e:42:7a: ef:72:34:67:cc:68:28:71:73:04:da:ea:65:a2:e1:e1:5a:06: 1f:b1:9f:85:e5:84:50:39:03:a7:2c:09:5f:fa:a0:ec:22:3b: 78:66:75:f0:4d:0b:d3:1f:b6:79:94:11:5a:04:6f:8e:ec:89: fe:a8:33:fb:14:34:82:7e:87:b7:8d:04:1f:e8:ce:d3:a1:f8: ee:7f:e7:10:07:84:a8:a5:7b:c0:43:63:b5:4d:46:42:16:27: 94:fc:e1:bc:6a:2a:a1:20:09:e9:0f:d6:14:5b:25:5a:19:47: 1a:39:39:c6:e1:31:f8:3f:ac:b4:d1:16:92:f3:67:62:4e:39: 0d:d5:77:71:2a:8a:2f:ba:c0:f2:9f:8d:7f:a9:b6:34:7f:bf: b8:11:d7:4e:ef:b5:2f:01:30:ac:a0:f9:0c:a8:94:1f:88:af: c5:93:69:c9:54:b9:3b:16:18:b4:27:6a:d5:9c:c7:ba:80:02: fe:b1:41:a7:2a:aa:d5:b9:46:4a:39:ba:0f:cc:72:27:9f:d3: 7e:ee:14:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGgQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2 NDI5RDg4QjgwHhcNMjUxMTE0MTYyOTExWhcNMjUxMTIxMTYyOTExWjAYMRYwFAYD VQQDEw02OTE3NThkNy01Y2YzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuoE5TpCcF4PYc4kV6Bva30GFrJsucRNeU3Pmkk5amOJ1GvQcNuzWuQVUsncX Y25ZDxVOW2zV0Es+4rrEsyCS/Zzad3dLtpSrpBRO6cu8BlsnUz/PcdzvMopjpVKd MF0iKkvxJ6/y8crZtHu0VdzSd3o7Q2NIELTJs/Zbk2DAy5Qg2I6ZWn6G1+EwQAQU GO0ejkeDJwJoOO21Qi6NjaFAIdLtUUIZsnBTK7KF8Vc7DRyWYdQZgsTvzH2hGHoS Y/yiD+tTR6oXnTzZn7SnNoTwCeueN3N1GQaQG/6xQEqKDtiW3fTjCx1glfADqa3v KCsGqa17cjL9wSiZxUQfyWQMaQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL9iOFUH 4mTIbaNK9o/YaC0XgaTYMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT em1nTm5hQ3R2c0JrS2RpTGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAK50Y8hsjUeDzw6myRKOVZnkQdfvtkHL+FP47Duq0R1OZwF8CSV8jE oQqiTsirfiSTh0UeQnrvcjRnzGgocXME2uplouHhWgYfsZ+F5YRQOQOnLAlf+qDs Ijt4ZnXwTQvTH7Z5lBFaBG+O7In+qDP7FDSCfoe3jQQf6M7Tofjuf+cQB4SopXvA Q2O1TUZCFieU/OG8aiqhIAnpD9YUWyVaGUcaOTnG4TH4P6y00RaS82diTjkN1Xdx KoovusDyn41/qbY0f7+4EddO77UvATCsoPkMqJQfiK/Fk2nJVLk7Fhi0J2rVnMe6 gAL+sUGnKqrVuUZKOboPzHInn9N+7hQZ -----END CERTIFICATE-----Generated at Fri Nov 14 23:34:11 2025 by rpki-client