$ rpki-client -vvf rpki.apnic.net/member_repository/A91B43F4/17AC2A70419C11E5835FD183C4F9AE02/C2PmOl-jsuPMuZMOj2yM7MJFi0U.mft File: C2PmOl-jsuPMuZMOj2yM7MJFi0U.mft (raw, json) Hash identifier: LH32IJxdpq0gXdqLy+420eoZozH/cpaSBOBcBBzWBPQ= Subject key identifier: 09:F0:91:88:2A:5F:42:C7:69:E6:92:66:4F:C0:5A:93:85:A5:12:B9 Authority key identifier: 0B:63:E6:3A:5F:A3:B2:E3:CC:B9:93:0E:8F:6C:8C:EC:C2:45:8B:45 Certificate issuer: /CN=A91B43F4/serialNumber=0B63E63A5FA3B2E3CCB9930E8F6C8CECC2458B45 Certificate serial: 24FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2PmOl-jsuPMuZMOj2yM7MJFi0U.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B43F4/17AC2A70419C11E5835FD183C4F9AE02/C2PmOl-jsuPMuZMOj2yM7MJFi0U.mft Manifest number: 24E4 Signing time: Mon 20 Oct 2025 15:58:22 +0000 Manifest this update: Mon 20 Oct 2025 15:58:22 +0000 Manifest next update: Mon 27 Oct 2025 15:58:22 +0000 Files and hashes: 1: C2PmOl-jsuPMuZMOj2yM7MJFi0U.crl (hash: PgbTJO+qlRinUN7o+Y7tA5b2L6o7+wlJzSnyjfD3hl4=) 2: EBC23D9A041E11ECA959B779C4F9AE02.roa (hash: gjGyoU6UehPX0w4evr1O57YIj1TJSqlSY6y93UsHPOc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B43F4/17AC2A70419C11E5835FD183C4F9AE02/C2PmOl-jsuPMuZMOj2yM7MJFi0U.crl rsync://rpki.apnic.net/member_repository/A91B43F4/17AC2A70419C11E5835FD183C4F9AE02/C2PmOl-jsuPMuZMOj2yM7MJFi0U.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2PmOl-jsuPMuZMOj2yM7MJFi0U.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 15:58:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 9466 (0x24fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B43F4, serialNumber=0B63E63A5FA3B2E3CCB9930E8F6C8CECC2458B45 Validity Not Before: Oct 20 15:58:22 2025 GMT Not After : Oct 27 15:58:22 2025 GMT Subject: CN=68f65c1e-e6fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:9a:79:1e:de:ff:ec:be:79:75:04:b3:99:98: fb:4e:7a:5c:d2:d7:51:74:7f:8a:29:f6:53:85:8f: fb:23:73:28:3c:e0:bb:ef:ed:5c:2f:e6:67:54:db: 3b:c4:40:99:c5:47:32:57:5c:35:8f:f2:27:27:41: 99:fd:5c:29:db:07:d1:d9:70:bd:c4:76:22:9c:04: 39:61:92:1b:bd:85:a0:5c:50:a9:c0:2d:33:26:67: ff:3e:56:06:e5:78:2f:95:75:d0:6f:ba:d1:52:6b: b3:0c:90:98:4b:da:6e:58:62:aa:48:b2:82:0c:21: 3d:de:43:97:56:97:4c:dc:95:0e:31:41:ef:8c:c9: 86:0f:22:39:30:90:d1:e8:d9:80:4f:98:09:80:15: 4d:6e:95:98:4d:61:ca:da:1c:b1:5c:c2:02:45:56: 80:d2:eb:9b:9a:ee:3d:34:5c:88:a6:80:05:75:81: e4:25:bf:01:e3:76:5f:0b:c2:a0:29:bc:79:e9:3a: f3:fb:11:2d:55:ee:0d:af:3c:45:fd:0c:9e:56:5e: 9f:d8:2c:27:e8:8b:27:04:41:d3:83:c3:cf:fc:fd: 14:fb:41:01:aa:c3:71:0e:c5:14:ec:7e:2f:14:16: a3:9f:15:5b:59:8a:b6:78:2a:39:2b:c3:17:60:11: e9:67 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:F0:91:88:2A:5F:42:C7:69:E6:92:66:4F:C0:5A:93:85:A5:12:B9 X509v3 Authority Key Identifier: keyid:0B:63:E6:3A:5F:A3:B2:E3:CC:B9:93:0E:8F:6C:8C:EC:C2:45:8B:45 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B43F4/17AC2A70419C11E5835FD183C4F9AE02/C2PmOl-jsuPMuZMOj2yM7MJFi0U.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/C2PmOl-jsuPMuZMOj2yM7MJFi0U.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B43F4/17AC2A70419C11E5835FD183C4F9AE02/C2PmOl-jsuPMuZMOj2yM7MJFi0U.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 60:a2:68:22:d9:e0:18:dd:69:76:71:99:b0:d0:57:59:6a:68: 30:af:8e:76:98:90:5b:b9:13:bc:95:10:8a:a6:ef:f2:4f:17: 60:29:c4:f7:32:4a:7b:f1:3d:ec:fc:c3:50:33:33:29:ad:11: 39:85:ac:18:73:eb:5f:9f:94:78:f2:fe:bd:39:8b:45:c4:2f: fb:bb:00:65:74:e3:4f:49:4e:6b:28:ec:e1:90:5a:60:62:0e: cb:e0:73:3c:90:cc:a6:a7:6a:f2:9c:ee:74:8c:fd:ac:76:51: 8b:14:41:04:75:da:40:49:30:51:dc:6f:64:30:57:a1:da:40: f6:ca:4c:26:f9:cd:d7:36:58:f7:b2:6b:52:81:49:96:a4:b9: 3f:72:ce:0f:ec:2a:7b:22:e6:f6:70:fe:93:af:88:e3:12:36: e4:61:49:e5:07:25:b5:c1:a4:93:d2:ef:c3:e4:ce:a2:d6:aa: c9:ef:c6:ed:b6:aa:95:cb:3e:f5:6b:84:19:6d:7f:29:5a:08: ea:cd:f8:e3:53:01:d1:29:fc:26:f1:76:6d:68:ac:27:f5:74: fd:a6:bd:e2:3b:9c:27:9d:ee:a7:c2:b5:15:84:d7:c8:db:0e: a5:d8:61:28:81:20:fb:b6:30:95:48:52:33:28:fd:7d:ed:82: d4:14:c0:72 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICJPowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjQzRjQxMTAvBgNVBAUTKDBCNjNFNjNBNUZBM0IyRTNDQ0I5OTMwRThGNkM4Q0VD QzI0NThCNDUwHhcNMjUxMDIwMTU1ODIyWhcNMjUxMDI3MTU1ODIyWjAYMRYwFAYD VQQDEw02OGY2NWMxZS1lNmZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA05p5Ht7/7L55dQSzmZj7Tnpc0tdRdH+KKfZThY/7I3MoPOC77+1cL+ZnVNs7 xECZxUcyV1w1j/InJ0GZ/Vwp2wfR2XC9xHYinAQ5YZIbvYWgXFCpwC0zJmf/PlYG 5XgvlXXQb7rRUmuzDJCYS9puWGKqSLKCDCE93kOXVpdM3JUOMUHvjMmGDyI5MJDR 6NmAT5gJgBVNbpWYTWHK2hyxXMICRVaA0uubmu49NFyIpoAFdYHkJb8B43ZfC8Kg Kbx56Trz+xEtVe4NrzxF/QyeVl6f2Cwn6IsnBEHTg8PP/P0U+0EBqsNxDsUU7H4v FBajnxVbWYq2eCo5K8MXYBHpZwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAnwkYgq X0LHaeaSZk/AWpOFpRK5MB8GA1UdIwQYMBaAFAtj5jpfo7LjzLmTDo9sjOzCRYtF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNDNGNC8xN0FDMkE3MDQx OUMxMUU1ODM1RkQxODNDNEY5QUUwMi9DMlBtT2wtanN1UE11Wk1PajJ5TTdNSkZp MFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0MyUG1PbC1qc3VQTXVaTU9qMnlNN01KRmkwVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC NDNGNC8xN0FDMkE3MDQxOUMxMUU1ODM1RkQxODNDNEY5QUUwMi9DMlBtT2wtanN1 UE11Wk1PajJ5TTdNSkZpMFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBgomgi2eAY3Wl2cZmw0FdZamgwr452mJBbuRO8lRCKpu/yTxdgKcT3 Mkp78T3s/MNQMzMprRE5hawYc+tfn5R48v69OYtFxC/7uwBldONPSU5rKOzhkFpg Yg7L4HM8kMymp2rynO50jP2sdlGLFEEEddpASTBR3G9kMFeh2kD2ykwm+c3XNlj3 smtSgUmWpLk/cs4P7Cp7Iub2cP6Tr4jjEjbkYUnlByW1waST0u/D5M6i1qrJ78bt tqqVyz71a4QZbX8pWgjqzfjjUwHRKfwm8XZtaKwn9XT9pr3iO5wnne6nwrUVhNfI 2w6l2GEogSD7tjCVSFIzKP197YLUFMBy -----END CERTIFICATE-----Generated at Tue Oct 21 21:00:37 2025 by rpki-client