$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json) Hash identifier: ZVWJJh9RJFolBaZ0srSwDfX1aWj5+IijaVXmSRPBWuQ= Subject key identifier: 2A:F0:31:77:DD:80:29:FA:1B:FB:CF:B4:3A:8D:12:A1:A2:91:B6:DC Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Certificate serial: 19FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft Manifest number: 17EC Signing time: Thu 06 Nov 2025 16:24:27 +0000 Manifest this update: Thu 06 Nov 2025 16:24:26 +0000 Manifest next update: Thu 13 Nov 2025 16:24:26 +0000 Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: eIV+sFGuRbtnWjEeovMWfpPYFCjLa5nDIyGicSBjupk=) 2: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 5uITBc+pZTop6KZh3NhbY8ifInIc97Y2n3CHN/qqt94=) 3: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: H2LNVWI/4SBtnLIxC+HsKb0Sn6SPu235wjCIk/88N90=) 4: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: lNqOJJYDQvLu7DRWfBEiDCTTNbz1juAgLIKu2ZnWJwo=) 5: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: dqGvsBo+O3A3ECQgQGmvroXEzldwim2Z97cn9HnwO7I=) 6: 47AAFC5A661311F09011712CC4F9AE02.roa (hash: sUeRjo4iDMTXRx9Mx6pxSJQSkY/CAgqRLrQP/NoXcBs=) 7: A865A1925B1611F083088661C4F9AE02.roa (hash: Rw9T99RuNwJAGQR3ACNuRpkBbGAU9I1LWh2/O8OeLqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 13 Nov 2025 16:24:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6652 (0x19fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Validity Not Before: Nov 6 16:24:26 2025 GMT Not After : Nov 13 16:24:26 2025 GMT Subject: CN=690ccbba-7c4e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cd:c4:fe:41:ea:92:e3:f6:05:25:21:00:22:c8: 7f:fc:81:c5:cb:f5:fb:21:e2:65:18:d1:70:1d:1f: b1:62:9e:fb:49:fb:b8:30:81:d1:fd:19:4a:9b:30: 6e:bc:4d:1a:cc:2f:95:d0:03:ca:17:37:40:2e:c4: 90:6b:a9:f7:fd:9b:64:f1:d1:6d:3f:64:97:30:34: 7b:96:c1:cd:0b:32:29:46:39:6f:a8:42:ee:ea:54: 8d:85:13:d0:0b:5a:e3:61:f1:34:8b:6d:72:0f:95: ea:9f:5a:20:a4:f0:d2:64:0a:11:84:2d:5e:6e:c6: 49:07:96:67:2e:8b:d9:2d:e1:45:a9:76:0c:69:20: 73:30:e7:ab:51:eb:39:f8:1f:97:90:75:8a:75:09: 00:af:93:a7:a1:02:b7:0f:dc:56:79:d7:0f:35:b1: 7d:7c:2c:d4:31:69:8a:31:c0:4c:8d:41:7f:cc:63: 8b:2d:4b:b0:3f:d7:05:f2:be:45:5f:97:e6:fe:48: c6:0b:41:08:56:0b:da:6a:e8:bb:9d:32:9f:a9:af: 51:72:12:98:8b:90:93:47:16:f3:10:07:d0:2e:f3: 3b:29:9f:a4:29:84:a1:19:19:2f:f8:16:28:21:62: a7:5e:24:e6:7f:1f:f6:e1:56:d9:d9:7f:8e:31:df: ce:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2A:F0:31:77:DD:80:29:FA:1B:FB:CF:B4:3A:8D:12:A1:A2:91:B6:DC X509v3 Authority Key Identifier: keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b9:50:7a:d3:54:ea:76:e9:3f:b7:53:a1:c2:34:f9:1c:a8:2e: a4:13:cc:52:9b:ff:fd:41:ce:c9:ca:8d:19:3d:b7:b3:6d:a4: 9c:98:e7:14:cb:d1:79:4c:e0:9e:03:7b:76:b4:a5:82:1a:3f: dd:01:97:bd:76:a0:5e:b0:3e:cf:de:32:fe:8a:d8:44:89:11: d3:c1:63:c8:bb:8f:c0:8d:c9:fc:59:c4:1c:3e:bb:18:46:30: e3:fa:b1:5e:df:54:35:1d:68:80:06:77:cf:a1:18:bb:c2:7c: b3:d4:48:63:5a:99:c6:4b:6b:af:6f:8d:fd:b7:18:24:d8:e6: f8:97:b9:a0:fb:32:ba:ab:17:21:2a:8b:b7:f0:8e:b4:c8:42: ba:4d:8d:b9:1c:b4:3c:4c:4c:bb:c4:41:72:83:f7:70:57:54: d3:52:30:f5:15:a8:49:f5:81:1c:68:ca:72:53:b3:b1:ef:85: ea:d8:6e:61:3c:b4:7f:9f:46:34:be:2f:fa:61:58:b1:55:e1: 1b:22:91:d6:22:2a:67:08:0a:96:80:d4:05:86:68:c5:b4:a8: 73:8c:f8:6f:a9:32:e4:ef:a4:ba:b6:3e:4c:43:45:05:83:ea: ac:a2:70:e7:4a:54:1f:ca:5b:f1:ad:cc:e4:7a:43:23:41:3f: 4a:59:45:90 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2 NDI5RDg4QjgwHhcNMjUxMTA2MTYyNDI2WhcNMjUxMTEzMTYyNDI2WjAYMRYwFAYD VQQDEw02OTBjY2JiYS03YzRlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzcT+QeqS4/YFJSEAIsh//IHFy/X7IeJlGNFwHR+xYp77Sfu4MIHR/RlKmzBu vE0azC+V0APKFzdALsSQa6n3/Ztk8dFtP2SXMDR7lsHNCzIpRjlvqELu6lSNhRPQ C1rjYfE0i21yD5Xqn1ogpPDSZAoRhC1ebsZJB5ZnLovZLeFFqXYMaSBzMOerUes5 +B+XkHWKdQkAr5OnoQK3D9xWedcPNbF9fCzUMWmKMcBMjUF/zGOLLUuwP9cF8r5F X5fm/kjGC0EIVgvaaui7nTKfqa9RchKYi5CTRxbzEAfQLvM7KZ+kKYShGRkv+BYo IWKnXiTmfx/24VbZ2X+OMd/OqwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCrwMXfd gCn6G/vPtDqNEqGikbbcMB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT em1nTm5hQ3R2c0JrS2RpTGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC5UHrTVOp26T+3U6HCNPkcqC6kE8xSm//9Qc7Jyo0ZPbezbaScmOcU y9F5TOCeA3t2tKWCGj/dAZe9dqBesD7P3jL+ithEiRHTwWPIu4/Ajcn8WcQcPrsY RjDj+rFe31Q1HWiABnfPoRi7wnyz1EhjWpnGS2uvb439txgk2Ob4l7mg+zK6qxch Kou38I60yEK6TY25HLQ8TEy7xEFyg/dwV1TTUjD1FahJ9YEcaMpyU7Ox74Xq2G5h PLR/n0Y0vi/6YVixVeEbIpHWIipnCAqWgNQFhmjFtKhzjPhvqTLk76S6tj5MQ0UF g+qsonDnSlQfylvxrczkekMjQT9KWUWQ -----END CERTIFICATE-----Generated at Fri Nov 7 23:25:35 2025 by rpki-client