$ rpki-client -vvf rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft File: FION2NTh_gMXFCZnF24W4KW2hlE.mft (raw, json) Hash identifier: bqxe5wOU9IZB+zcHiMlLiNbDiWuACkzxpOpd5+IIIUY= Subject key identifier: 4D:CA:85:E9:45:C3:4E:63:6D:11:99:3C:63:B0:E5:9D:D7:28:98:67 Authority key identifier: 14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 Certificate issuer: /CN=A91991D9/serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Certificate serial: 0E38 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft Manifest number: 0E30 Signing time: Sun 02 Nov 2025 17:49:13 +0000 Manifest this update: Sun 02 Nov 2025 17:49:12 +0000 Manifest next update: Sun 09 Nov 2025 17:49:12 +0000 Files and hashes: 1: FION2NTh_gMXFCZnF24W4KW2hlE.crl (hash: NtSqeJ/f31AJRYHAam3FJCDbfJU6yQiail0rLbjM8o0=) 2: 14E68648B42D11E9A44FF25BC4F9AE02.roa (hash: aOcvKXW2OwUSyFzRq5Kiuga5ndEep1PmMp0UDb+8XIg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:49:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3640 (0xe38) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91991D9, serialNumber=14838DD8D4E1FE0317142667176E16E0A5B68651 Validity Not Before: Nov 2 17:49:12 2025 GMT Not After : Nov 9 17:49:12 2025 GMT Subject: CN=69079998-8a07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:cb:14:e0:eb:46:7a:61:d4:10:9a:1f:59:66: b1:17:2e:ca:58:44:19:56:71:72:ec:0c:99:f4:65: aa:e0:f7:d9:ba:39:19:bb:69:94:2f:40:7f:f0:2d: 2b:39:b3:20:92:f8:d7:88:89:cc:64:e1:d0:d3:7b: e7:43:ea:aa:a5:54:74:95:6d:28:93:c4:ea:25:b8: fc:e5:57:61:df:bc:7e:80:c2:1e:cd:54:9f:f3:b1: 4e:df:d2:0e:85:c8:b8:b6:c5:91:bf:83:22:ed:0c: 82:27:65:3c:b4:24:fd:39:26:f0:56:0b:4e:c0:97: 51:f0:8a:13:52:5f:c5:52:42:b7:06:e4:6e:57:b9: f9:5d:eb:61:2d:62:ed:c8:47:72:60:e1:fb:ae:cc: 95:93:b3:7f:2f:8a:d9:bd:21:f8:c3:d8:4f:2c:86: c9:e9:dd:48:a0:6d:2b:d0:3e:48:4f:e5:a2:b7:a2: 79:d8:de:61:6c:5f:bb:1e:a9:2c:c9:5f:75:75:6f: 61:b9:ba:27:af:85:9d:6c:37:74:2a:9d:1c:b9:28: b1:df:86:f3:23:5e:29:fb:16:9a:11:bd:91:f2:83: 4a:9d:0f:ee:37:05:35:24:88:0a:c0:15:7a:a3:b4: a7:d6:fb:2f:96:f4:c0:17:45:f0:d5:0b:51:c2:ad: e5:29 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:CA:85:E9:45:C3:4E:63:6D:11:99:3C:63:B0:E5:9D:D7:28:98:67 X509v3 Authority Key Identifier: keyid:14:83:8D:D8:D4:E1:FE:03:17:14:26:67:17:6E:16:E0:A5:B6:86:51 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FION2NTh_gMXFCZnF24W4KW2hlE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91991D9/1C3DD966B42611E98DE0884AC4F9AE02/FION2NTh_gMXFCZnF24W4KW2hlE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6d:5e:9f:d3:e6:5b:dc:4d:5c:39:8a:3e:60:b3:e4:75:d3:5c: 4c:a1:37:5d:6c:a2:84:de:7d:85:6a:89:ae:e6:38:51:e7:f1: 07:9f:25:e9:c1:be:a8:f9:c3:57:a6:a2:e1:d8:86:9a:35:1f: 36:12:04:a6:46:c5:1c:27:66:f7:c5:2b:7e:8e:27:f3:58:31: c0:55:13:4f:86:86:10:fe:54:47:2c:57:76:4c:0b:79:7a:34: ff:6e:50:d7:76:38:82:36:23:d5:a7:dd:01:e0:77:3a:61:62: 48:20:fa:be:3e:c7:42:bd:0e:01:f4:ae:00:fc:dd:61:cf:6e: e0:cc:59:ba:62:b6:dd:a7:8f:57:b4:9e:eb:40:64:d7:08:84: 9c:94:97:d0:90:95:5d:e4:6d:76:d7:74:5d:47:9a:a1:7a:a8: 9c:a2:23:d7:63:06:18:07:20:4d:57:56:1a:6f:18:b5:ee:71: a0:ee:b0:ae:1d:0a:83:c3:d2:90:b7:f2:77:3d:02:4c:10:4f: a1:df:28:a1:ff:0d:30:89:b6:99:5d:f4:b6:5e:21:e5:4b:0d: 28:59:37:28:6e:ea:f5:30:d5:b4:2d:7c:34:8c:a8:c8:52:1a: 69:3d:cf:47:9e:44:48:f6:ee:b5:82:02:f5:f8:4b:45:9a:f4: ec:06:97:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDjgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTkxRDkxMTAvBgNVBAUTKDE0ODM4REQ4RDRFMUZFMDMxNzE0MjY2NzE3NkUxNkUw QTVCNjg2NTEwHhcNMjUxMTAyMTc0OTEyWhcNMjUxMTA5MTc0OTEyWjAYMRYwFAYD VQQDEw02OTA3OTk5OC04YTA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwssU4OtGemHUEJofWWaxFy7KWEQZVnFy7AyZ9GWq4PfZujkZu2mUL0B/8C0r ObMgkvjXiInMZOHQ03vnQ+qqpVR0lW0ok8TqJbj85Vdh37x+gMIezVSf87FO39IO hci4tsWRv4Mi7QyCJ2U8tCT9OSbwVgtOwJdR8IoTUl/FUkK3BuRuV7n5XethLWLt yEdyYOH7rsyVk7N/L4rZvSH4w9hPLIbJ6d1IoG0r0D5IT+Wit6J52N5hbF+7Hqks yV91dW9hubonr4WdbDd0Kp0cuSix34bzI14p+xaaEb2R8oNKnQ/uNwU1JIgKwBV6 o7Sn1vsvlvTAF0Xw1QtRwq3lKQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE3KhelF w05jbRGZPGOw5Z3XKJhnMB8GA1UdIwQYMBaAFBSDjdjU4f4DFxQmZxduFuCltoZR MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5OTFEOS8xQzNERDk2NkI0 MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9nTVhGQ1puRjI0VzRLVzJo bEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ZJT04yTlRoX2dNWEZDWm5GMjRXNEtXMmhsRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 OTFEOS8xQzNERDk2NkI0MjYxMUU5OERFMDg4NEFDNEY5QUUwMi9GSU9OMk5UaF9n TVhGQ1puRjI0VzRLVzJobEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBtXp/T5lvcTVw5ij5gs+R101xMoTddbKKE3n2Faomu5jhR5/EHnyXp wb6o+cNXpqLh2IaaNR82EgSmRsUcJ2b3xSt+jifzWDHAVRNPhoYQ/lRHLFd2TAt5 ejT/blDXdjiCNiPVp90B4Hc6YWJIIPq+PsdCvQ4B9K4A/N1hz27gzFm6Yrbdp49X tJ7rQGTXCISclJfQkJVd5G1213RdR5qheqicoiPXYwYYByBNV1Yabxi17nGg7rCu HQqDw9KQt/J3PQJMEE+h3yih/w0wibaZXfS2XiHlSw0oWTcobur1MNW0LXw0jKjI UhppPc9HnkRI9u61ggL1+EtFmvTsBpdO -----END CERTIFICATE-----Generated at Mon Nov 3 18:20:05 2025 by rpki-client