$ rpki-client -vvf rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft File: TbA103TIQSzmgNnaCtvsBkKdiLg.mft (raw, json) Hash identifier: Nrj3UFmwqZ1A6zoYW9KZR5MhGKrC+wtma68PzfNJGFw= Subject key identifier: 48:B1:2A:4E:7C:97:75:80:7B:EF:6D:BA:A4:CD:86:50:D2:17:B6:7F Authority key identifier: 4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 Certificate issuer: /CN=A917E678/serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Certificate serial: 1A05 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft Manifest number: 17F3 Signing time: Sun 16 Nov 2025 16:22:09 +0000 Manifest this update: Sun 16 Nov 2025 16:22:09 +0000 Manifest next update: Sun 23 Nov 2025 16:22:09 +0000 Files and hashes: 1: TbA103TIQSzmgNnaCtvsBkKdiLg.crl (hash: 5itNXLXO3XWfcPqpbFK/liZlmdURDNlKl1H8apsBUdM=) 2: 1F24033CDF7111EEB534147FC4F9AE02.roa (hash: 5uITBc+pZTop6KZh3NhbY8ifInIc97Y2n3CHN/qqt94=) 3: B62B9156280611ED8BEBC536C4F9AE02.roa (hash: H2LNVWI/4SBtnLIxC+HsKb0Sn6SPu235wjCIk/88N90=) 4: 70E478D0C06D11F0ABA91C6CC4F9AE02.roa (hash: Y+I6xs+Ghxp/nManyHpMLzBR6d+9ACgxr4bM9Tk/9sc=) 5: 0D08636C75D611EB920B5162C4F9AE02.roa (hash: lNqOJJYDQvLu7DRWfBEiDCTTNbz1juAgLIKu2ZnWJwo=) 6: 820BE5609CEE11EF9001717EC4F9AE02.roa (hash: dqGvsBo+O3A3ECQgQGmvroXEzldwim2Z97cn9HnwO7I=) 7: 47AAFC5A661311F09011712CC4F9AE02.roa (hash: nxh+Hkcrac8LqC1HhPwsPG/aZ2MHHIYI4A/3WElmkFc=) 8: A865A1925B1611F083088661C4F9AE02.roa (hash: Rw9T99RuNwJAGQR3ACNuRpkBbGAU9I1LWh2/O8OeLqs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 23 Nov 2025 16:22:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6661 (0x1a05) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E678, serialNumber=4DB035D374C8412CE680D9DA0ADBEC06429D88B8 Validity Not Before: Nov 16 16:22:09 2025 GMT Not After : Nov 23 16:22:09 2025 GMT Subject: CN=6919fa31-8f41 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b1:34:2d:9d:47:84:b6:f2:35:16:dc:38:0b:6e: f9:3b:80:f4:e1:10:8c:85:f5:c4:40:d5:e3:6a:23: 18:04:8e:01:b6:74:fa:28:6d:80:b4:dc:3f:82:83: 47:3b:46:6f:33:a6:af:54:72:09:94:64:f6:99:b8: 1d:e5:3e:db:20:8b:ae:27:8d:0c:cf:e9:3e:60:10: e1:06:d1:f1:b7:a6:b9:aa:de:11:24:54:c4:b2:b7: 06:19:b7:36:e5:d8:6f:c8:3d:40:62:2a:2d:97:2d: cc:52:a9:89:d0:5a:90:be:6a:9c:cd:75:2b:82:ff: 89:d5:cb:43:fd:6f:7d:bf:30:bb:cc:36:25:ab:66: 08:65:2d:55:65:96:39:d5:54:2d:20:4a:ac:22:94: 1b:14:f6:8e:d7:0b:af:26:d9:14:db:2b:8a:4f:52: 2f:1b:3e:08:90:5c:be:89:55:d9:84:58:75:ff:83: f0:e9:09:d2:26:61:e2:71:5c:f9:bb:8d:ad:5f:b0: 78:f7:6c:7f:a2:83:fc:cf:26:80:04:e3:3b:c9:ab: 28:1c:40:49:93:4b:53:dc:ac:14:18:a7:3c:ee:aa: c2:59:6b:c2:26:4d:a1:17:28:95:42:53:e9:0b:6e: 51:04:38:c5:95:51:e0:c6:12:1b:ce:19:a3:4b:23: ad:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 48:B1:2A:4E:7C:97:75:80:7B:EF:6D:BA:A4:CD:86:50:D2:17:B6:7F X509v3 Authority Key Identifier: keyid:4D:B0:35:D3:74:C8:41:2C:E6:80:D9:DA:0A:DB:EC:06:42:9D:88:B8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/TbA103TIQSzmgNnaCtvsBkKdiLg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E678/72583AFA695711E8A42BE680C4F9AE02/TbA103TIQSzmgNnaCtvsBkKdiLg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:f2:da:68:f2:e0:9a:52:4a:c7:81:3b:3e:cf:4e:de:29:de: de:56:55:34:9a:dd:09:e4:7d:da:61:f8:ed:82:a2:e2:4d:85: 8c:85:15:6b:af:33:79:d0:8b:3a:68:6e:c9:c1:99:1a:5e:fb: c3:e6:26:42:66:4e:2e:27:a6:48:61:3f:3e:85:89:34:90:c5: 67:7e:52:15:7a:a0:b9:a3:e1:dc:7f:d5:82:90:56:a6:8b:e9: 80:71:fa:e2:9a:9b:78:42:dc:97:b4:d8:19:c3:5d:ce:d4:4b: dc:29:bf:ee:6e:88:b7:1e:1a:f7:11:1d:b4:72:84:29:a2:94: a3:6b:3a:f2:f0:17:7a:e3:21:a1:8e:cc:8d:53:95:6c:34:b9: 3e:6b:45:93:63:58:06:94:0e:c2:5e:6c:ba:30:3e:a9:28:ac: 4a:00:fa:9f:62:69:96:18:9b:2f:27:e6:d5:13:87:35:ae:c6: 88:ee:4b:1e:39:f4:ad:ea:a4:0f:9b:32:df:d6:cd:1b:56:46: c9:db:d8:90:24:57:88:91:56:04:93:01:33:c5:f5:2e:22:de: c9:ee:cb:c3:3e:c6:2c:9b:09:5f:8b:57:5e:37:85:c7:b7:11: 4e:87:08:62:55:04:6d:90:1c:99:77:2d:bd:68:03:73:50:29: 15:ab:a2:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGgUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0U2NzgxMTAvBgNVBAUTKDREQjAzNUQzNzRDODQxMkNFNjgwRDlEQTBBREJFQzA2 NDI5RDg4QjgwHhcNMjUxMTE2MTYyMjA5WhcNMjUxMTIzMTYyMjA5WjAYMRYwFAYD VQQDEw02OTE5ZmEzMS04ZjQxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsTQtnUeEtvI1Ftw4C275O4D04RCMhfXEQNXjaiMYBI4BtnT6KG2AtNw/goNH O0ZvM6avVHIJlGT2mbgd5T7bIIuuJ40Mz+k+YBDhBtHxt6a5qt4RJFTEsrcGGbc2 5dhvyD1AYiotly3MUqmJ0FqQvmqczXUrgv+J1ctD/W99vzC7zDYlq2YIZS1VZZY5 1VQtIEqsIpQbFPaO1wuvJtkU2yuKT1IvGz4IkFy+iVXZhFh1/4Pw6QnSJmHicVz5 u42tX7B492x/ooP8zyaABOM7yasoHEBJk0tT3KwUGKc87qrCWWvCJk2hFyiVQlPp C25RBDjFlVHgxhIbzhmjSyOtmQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEixKk58 l3WAe+9tuqTNhlDSF7Z/MB8GA1UdIwQYMBaAFE2wNdN0yEEs5oDZ2grb7AZCnYi4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3RTY3OC83MjU4M0FGQTY5 NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFTem1nTm5hQ3R2c0JrS2Rp TGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL1RiQTEwM1RJUVN6bWdObmFDdHZzQmtLZGlMZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 RTY3OC83MjU4M0FGQTY5NTcxMUU4QTQyQkU2ODBDNEY5QUUwMi9UYkExMDNUSVFT em1nTm5hQ3R2c0JrS2RpTGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCi8tpo8uCaUkrHgTs+z07eKd7eVlU0mt0J5H3aYfjtgqLiTYWMhRVr rzN50Is6aG7JwZkaXvvD5iZCZk4uJ6ZIYT8+hYk0kMVnflIVeqC5o+Hcf9WCkFam i+mAcfrimpt4QtyXtNgZw13O1EvcKb/uboi3Hhr3ER20coQpopSjazry8Bd64yGh jsyNU5VsNLk+a0WTY1gGlA7CXmy6MD6pKKxKAPqfYmmWGJsvJ+bVE4c1rsaI7kse OfSt6qQPmzLf1s0bVkbJ29iQJFeIkVYEkwEzxfUuIt7J7svDPsYsmwlfi1deN4XH txFOhwhiVQRtkByZdy29aANzUCkVq6IZ -----END CERTIFICATE-----Generated at Tue Nov 18 08:23:30 2025 by rpki-client