$ rpki-client -vvf rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft File: 2gNU-zgfRSHBCxY-y9IqCD-3omw.mft (raw, json) Hash identifier: eCVIbHQneEchqljKlmItn4ct2+ihvGwEL5bip9zM75k= Subject key identifier: FB:56:46:FC:08:8A:E6:C7:75:8C:C0:43:1C:15:A4:83:3F:C4:CF:41 Authority key identifier: DA:03:54:FB:38:1F:45:21:C1:0B:16:3E:CB:D2:2A:08:3F:B7:A2:6C Certificate issuer: /CN=A91B2CDA/serialNumber=DA0354FB381F4521C10B163ECBD22A083FB7A26C Certificate serial: 1639 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gNU-zgfRSHBCxY-y9IqCD-3omw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft Manifest number: 1628 Signing time: Sun 02 Nov 2025 16:44:27 +0000 Manifest this update: Sun 02 Nov 2025 16:44:26 +0000 Manifest next update: Sun 09 Nov 2025 16:44:26 +0000 Files and hashes: 1: 2gNU-zgfRSHBCxY-y9IqCD-3omw.crl (hash: Nqc6CQ7kiPwwDAoZcHAyJsBHccB+WBu7ojHv4WWQc+I=) 2: 7F3ED5DE9C4411ECBD85CE4FC4F9AE02.roa (hash: IzneJg8uANhMNifeTA7mpjTNJJeW/3cdEs9nqqZnnZs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.crl rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gNU-zgfRSHBCxY-y9IqCD-3omw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 16:44:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5689 (0x1639) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B2CDA, serialNumber=DA0354FB381F4521C10B163ECBD22A083FB7A26C Validity Not Before: Nov 2 16:44:26 2025 GMT Not After : Nov 9 16:44:26 2025 GMT Subject: CN=69078a6b-e552 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:9d:0a:06:da:6f:f6:f5:d8:35:93:3b:23:6f: 83:c8:3d:06:70:0b:86:5b:0f:e4:16:cf:42:1d:6c: 28:e6:fc:ca:97:a4:ed:ed:e9:9a:50:c4:50:7d:ed: 12:fa:ba:b1:ab:2b:e7:7b:c9:0c:3f:c1:63:f1:28: 08:cf:78:e5:b8:f0:6c:3a:16:a1:88:de:ad:e9:ba: f9:7a:e2:1e:c4:2b:00:64:cb:d6:d4:f9:fe:90:e9: a8:e6:30:3b:2b:96:51:4c:6e:4f:6a:0d:9e:d1:dc: 5b:77:75:3c:83:39:a9:ff:1a:4a:fc:5e:ee:ad:3a: a5:4a:81:f6:9c:e5:5d:08:e4:50:dd:5c:be:52:6a: 10:28:66:20:1c:ec:01:9b:2f:f7:2a:77:02:aa:66: 68:d5:8c:af:bb:53:64:a6:19:9c:17:e3:51:6b:15: 17:f6:ae:cb:37:9c:ef:29:1d:12:e1:fa:e6:2a:ec: 0c:1d:e6:94:8f:6b:7f:14:6a:6b:0c:74:ab:5a:b6: 29:ec:39:65:e5:e7:c5:fa:31:ab:7e:4f:ba:6b:5f: 3d:af:37:69:3c:d4:ab:8f:7b:73:62:6b:ff:8e:73: 2c:dc:13:54:8d:67:88:ec:aa:95:4e:76:0c:45:cc: 19:b5:1d:b9:c3:41:67:38:8e:c1:24:49:54:21:42: 00:0d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:56:46:FC:08:8A:E6:C7:75:8C:C0:43:1C:15:A4:83:3F:C4:CF:41 X509v3 Authority Key Identifier: keyid:DA:03:54:FB:38:1F:45:21:C1:0B:16:3E:CB:D2:2A:08:3F:B7:A2:6C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2gNU-zgfRSHBCxY-y9IqCD-3omw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B2CDA/F4E2BAB825C311E8A0714A34C4F9AE02/2gNU-zgfRSHBCxY-y9IqCD-3omw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:0a:99:f7:32:36:94:ff:82:4c:7d:f9:38:59:b4:cb:76:2e: 7d:fa:eb:5e:a6:eb:03:4b:da:1c:eb:6e:9c:ba:9f:ed:43:b1: 0d:e3:07:e7:07:d3:c1:dc:7e:f0:5a:29:1f:89:2a:47:75:96: af:a9:da:cc:28:ca:93:92:11:e9:95:de:f5:5d:32:04:f5:05: a6:45:10:1f:d9:c8:50:73:2b:71:f2:43:1a:41:ab:70:6d:2c: f8:2c:a3:dc:47:2b:30:d7:28:4c:b9:e8:9d:a8:6f:31:47:fe: ac:42:8f:80:be:07:0e:17:8e:f2:4f:84:cd:2b:1a:51:0c:0a: da:10:fc:69:ff:95:ec:00:c6:a9:54:97:d3:8a:40:fe:72:67: 8d:0e:76:a5:1e:2a:10:c5:d2:78:31:70:98:70:d5:f1:13:bc: dd:af:0c:89:22:67:28:6f:48:3c:ae:9a:ce:68:32:b9:45:3d: 8a:34:18:f2:d9:ef:3b:17:c3:cb:57:8d:e1:12:74:5c:94:00: a6:8b:2b:40:c6:ac:db:80:ba:4e:76:4e:ba:29:0d:18:60:3d: e5:66:18:b3:a8:63:d9:69:ca:67:6c:50:47:a2:84:b3:cb:de: be:70:ba:62:51:4e:19:56:5a:43:10:c4:9b:e5:c6:d7:b6:11: 3b:0c:53:88 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFjkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjJDREExMTAvBgNVBAUTKERBMDM1NEZCMzgxRjQ1MjFDMTBCMTYzRUNCRDIyQTA4 M0ZCN0EyNkMwHhcNMjUxMTAyMTY0NDI2WhcNMjUxMTA5MTY0NDI2WjAYMRYwFAYD VQQDEw02OTA3OGE2Yi1lNTUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzJ0KBtpv9vXYNZM7I2+DyD0GcAuGWw/kFs9CHWwo5vzKl6Tt7emaUMRQfe0S +rqxqyvne8kMP8Fj8SgIz3jluPBsOhahiN6t6br5euIexCsAZMvW1Pn+kOmo5jA7 K5ZRTG5Pag2e0dxbd3U8gzmp/xpK/F7urTqlSoH2nOVdCORQ3Vy+UmoQKGYgHOwB my/3KncCqmZo1Yyvu1NkphmcF+NRaxUX9q7LN5zvKR0S4frmKuwMHeaUj2t/FGpr DHSrWrYp7Dll5efF+jGrfk+6a189rzdpPNSrj3tzYmv/jnMs3BNUjWeI7KqVTnYM RcwZtR25w0FnOI7BJElUIUIADQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPtWRvwI iubHdYzAQxwVpIM/xM9BMB8GA1UdIwQYMBaAFNoDVPs4H0UhwQsWPsvSKgg/t6Js MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMkNEQS9GNEUyQkFCODI1 QzMxMUU4QTA3MTRBMzRDNEY5QUUwMi8yZ05VLXpnZlJTSEJDeFkteTlJcUNELTNv bXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJnTlUtemdmUlNIQkN4WS15OUlxQ0QtM29tdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MkNEQS9GNEUyQkFCODI1QzMxMUU4QTA3MTRBMzRDNEY5QUUwMi8yZ05VLXpnZlJT SEJDeFkteTlJcUNELTNvbXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkCpn3MjaU/4JMffk4WbTLdi59+utepusDS9oc626cup/tQ7EN4wfn B9PB3H7wWikfiSpHdZavqdrMKMqTkhHpld71XTIE9QWmRRAf2chQcytx8kMaQatw bSz4LKPcRysw1yhMueidqG8xR/6sQo+AvgcOF47yT4TNKxpRDAraEPxp/5XsAMap VJfTikD+cmeNDnalHioQxdJ4MXCYcNXxE7zdrwyJImcob0g8rprOaDK5RT2KNBjy 2e87F8PLV43hEnRclACmiytAxqzbgLpOdk66KQ0YYD3lZhizqGPZacpnbFBHooSz y96+cLpiUU4ZVlpDEMSb5cbXthE7DFOI -----END CERTIFICATE-----Generated at Mon Nov 3 18:17:07 2025 by rpki-client