$ rpki-client -vvf rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.mft File: -NaTomlkzTxaGZ0sJu0iZHog534.mft (raw, json) Hash identifier: vn35HP8H6as6X3PFXczf5PiU9dofPmLn1dHvB+XmkpY= Subject key identifier: 43:ED:0D:B3:67:5D:FD:88:01:68:5A:99:4C:10:51:19:B4:DE:38:A9 Authority key identifier: F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E Certificate issuer: /CN=A919EF67/serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E Certificate serial: 0269 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.mft Manifest number: 0257 Signing time: Mon 03 Nov 2025 01:46:02 +0000 Manifest this update: Mon 03 Nov 2025 01:46:02 +0000 Manifest next update: Mon 10 Nov 2025 01:46:02 +0000 Files and hashes: 1: -NaTomlkzTxaGZ0sJu0iZHog534.crl (hash: VpiToTbpoe45BEs47Oram55IWFY6N5OHxXVrPbCmDao=) 2: 256273EE355011EEBCB7D945C4F9AE02.roa (hash: 04Cy+y4IVlv3nSRQiE3T4udS3Y09bNADoSP454aG6f4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:46:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 617 (0x269) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EF67, serialNumber=F8D693A26964CD3C5A199D2C26ED22647A20E77E Validity Not Before: Nov 3 01:46:02 2025 GMT Not After : Nov 10 01:46:02 2025 GMT Subject: CN=6908095a-ae24 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:5a:07:fd:2b:62:1b:c6:ab:0c:1e:ae:60:17: 82:a5:87:c9:0b:37:32:7e:7e:8f:da:28:bf:48:ce: 7f:7c:cb:e4:85:5a:23:96:93:12:d0:25:35:bd:da: 0b:c0:68:c5:25:19:93:ec:d1:61:1b:8c:39:d1:c4: 73:3e:42:e3:c1:0e:3e:23:19:b8:67:02:dc:67:ba: 9e:0a:1c:3e:14:74:76:b3:e4:00:d3:a7:24:7c:c2: a6:18:6f:ef:a3:76:36:db:8d:c5:17:7f:3d:30:f1: 17:96:81:d0:30:e9:8c:8d:5f:13:88:f7:04:99:9e: 23:24:71:87:1f:01:2e:68:c3:52:ab:ff:e7:05:9c: e0:10:4d:eb:04:21:3a:70:66:15:71:54:96:7b:dd: 10:b9:6e:e5:64:41:f0:59:33:f5:86:e0:ac:01:11: 0b:d2:cb:dd:a6:cc:eb:6d:00:c4:b1:26:ec:92:92: e0:5c:38:2e:4a:cc:31:50:b2:63:3f:be:56:c8:87: eb:25:0d:96:93:12:58:3f:63:3b:74:c7:47:db:44: 08:e3:8e:51:ac:84:ad:c1:80:e7:55:18:93:cf:0a: 8b:4f:fb:22:24:28:43:d4:9f:ea:84:65:2a:13:f1: e0:f2:53:a8:38:6f:b6:2c:a9:44:23:c7:4c:2f:e8: 7a:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:ED:0D:B3:67:5D:FD:88:01:68:5A:99:4C:10:51:19:B4:DE:38:A9 X509v3 Authority Key Identifier: keyid:F8:D6:93:A2:69:64:CD:3C:5A:19:9D:2C:26:ED:22:64:7A:20:E7:7E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/-NaTomlkzTxaGZ0sJu0iZHog534.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EF67/12CE58C04BCB11EDBBE5925EC4F9AE02/-NaTomlkzTxaGZ0sJu0iZHog534.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7f:27:c4:15:bc:1a:21:be:d2:f6:98:c1:b0:29:98:7a:5b:3d: a4:f0:43:73:bc:ac:bb:d4:0b:3c:48:e0:34:31:b7:41:a8:c9: 75:40:a5:5d:6c:c9:82:58:a0:3c:a6:fd:5a:c5:00:9e:ab:67: aa:e4:24:93:d3:b9:8a:a0:59:01:22:23:1f:98:25:f6:68:69: fd:2f:8a:07:dc:ff:38:d9:ed:6f:a1:82:fe:9f:83:f9:51:f6: 6f:2d:3b:c7:91:11:31:f3:d6:d0:c5:49:c5:55:77:81:8e:66: e2:ac:e3:c0:39:73:28:7b:2b:56:47:88:f0:7b:0e:ff:5a:97: e0:b8:4a:89:9f:9a:22:e6:6d:6b:36:ac:17:29:91:5b:ff:d5: 8d:4a:dc:1f:f3:83:45:16:2a:8f:97:c7:8d:03:93:3c:91:79: 91:3b:59:29:e3:a0:b4:ca:c1:9a:7a:16:e3:9a:3a:6f:9b:69: be:7c:76:00:25:41:0c:bd:19:ca:dc:50:5e:07:8c:bb:7d:a2: 0a:07:cb:59:4d:2c:d4:1b:b3:7c:c8:ca:f9:0f:65:83:74:b3: 65:9a:91:f7:6c:e3:8e:35:41:70:ef:f7:4a:02:f3:81:68:fa: 8f:37:0d:1d:06:7a:f6:50:76:dd:9e:9e:6f:af:73:b6:58:8f: e6:56:1d:70 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAmkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVGNjcxMTAvBgNVBAUTKEY4RDY5M0EyNjk2NENEM0M1QTE5OUQyQzI2RUQyMjY0 N0EyMEU3N0UwHhcNMjUxMTAzMDE0NjAyWhcNMjUxMTEwMDE0NjAyWjAYMRYwFAYD VQQDEw02OTA4MDk1YS1hZTI0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz1oH/StiG8arDB6uYBeCpYfJCzcyfn6P2ii/SM5/fMvkhVojlpMS0CU1vdoL wGjFJRmT7NFhG4w50cRzPkLjwQ4+Ixm4ZwLcZ7qeChw+FHR2s+QA06ckfMKmGG/v o3Y2243FF389MPEXloHQMOmMjV8TiPcEmZ4jJHGHHwEuaMNSq//nBZzgEE3rBCE6 cGYVcVSWe90QuW7lZEHwWTP1huCsAREL0svdpszrbQDEsSbskpLgXDguSswxULJj P75WyIfrJQ2WkxJYP2M7dMdH20QI445RrIStwYDnVRiTzwqLT/siJChD1J/qhGUq E/Hg8lOoOG+2LKlEI8dML+h66QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEPtDbNn Xf2IAWhamUwQURm03jipMB8GA1UdIwQYMBaAFPjWk6JpZM08WhmdLCbtImR6IOd+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUY2Ny8xMkNFNThDMDRC Q0IxMUVEQkJFNTkyNUVDNEY5QUUwMi8tTmFUb21sa3pUeGFHWjBzSnUwaVpIb2c1 MzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLy1OYVRvbWxrelR4YUdaMHNKdTBpWkhvZzUzNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RUY2Ny8xMkNFNThDMDRCQ0IxMUVEQkJFNTkyNUVDNEY5QUUwMi8tTmFUb21sa3pU eGFHWjBzSnUwaVpIb2c1MzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB/J8QVvBohvtL2mMGwKZh6Wz2k8ENzvKy71As8SOA0MbdBqMl1QKVd bMmCWKA8pv1axQCeq2eq5CST07mKoFkBIiMfmCX2aGn9L4oH3P842e1voYL+n4P5 UfZvLTvHkREx89bQxUnFVXeBjmbirOPAOXMoeytWR4jwew7/WpfguEqJn5oi5m1r NqwXKZFb/9WNStwf84NFFiqPl8eNA5M8kXmRO1kp46C0ysGaehbjmjpvm2m+fHYA JUEMvRnK3FBeB4y7faIKB8tZTSzUG7N8yMr5D2WDdLNlmpH3bOOONUFw7/dKAvOB aPqPNw0dBnr2UHbdnp5vr3O2WI/mVh1w -----END CERTIFICATE-----Generated at Tue Nov 4 08:30:26 2025 by rpki-client