$ rpki-client -vvf rpki.apnic.net/member_repository/A91CF848/CADAB7B22E6E11EDAEAB3E36C4F9AE02/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.mft File: 2zU_lsDQLN1MHwjaG8Fp_uWNcyE.mft (raw, json) Hash identifier: gGSIGKrKv/VUwtNgp+FAj/a0nIGolZuIW6MsZiB3/rw= Subject key identifier: 43:5D:EA:30:52:2D:33:DB:FB:F2:67:34:13:06:74:DE:B1:1E:08:51 Authority key identifier: DB:35:3F:96:C0:D0:2C:DD:4C:1F:08:DA:1B:C1:69:FE:E5:8D:73:21 Certificate issuer: /CN=A91CF848/serialNumber=DB353F96C0D02CDD4C1F08DA1BC169FEE58D7321 Certificate serial: 0275 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CF848/CADAB7B22E6E11EDAEAB3E36C4F9AE02/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.mft Manifest number: 0272 Signing time: Mon 03 Nov 2025 01:35:53 +0000 Manifest this update: Mon 03 Nov 2025 01:35:52 +0000 Manifest next update: Mon 10 Nov 2025 01:35:52 +0000 Files and hashes: 1: 2zU_lsDQLN1MHwjaG8Fp_uWNcyE.crl (hash: DDAfK66rStPtUaSTj8bhbZ1Tuk/7b2Kw+0vu6CtcGt4=) 2: E9399E722E7211EDAE100C3DC4F9AE02.roa (hash: D0U/04LVw+4iZc1LWZSDtE7FA2UlXVxHf7VWpO51OsQ=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CF848/CADAB7B22E6E11EDAEAB3E36C4F9AE02/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.crl rsync://rpki.apnic.net/member_repository/A91CF848/CADAB7B22E6E11EDAEAB3E36C4F9AE02/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 01:35:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 629 (0x275) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CF848, serialNumber=DB353F96C0D02CDD4C1F08DA1BC169FEE58D7321 Validity Not Before: Nov 3 01:35:52 2025 GMT Not After : Nov 10 01:35:52 2025 GMT Subject: CN=690806f9-b496 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:6a:26:a4:5e:d4:ad:6d:cb:f8:c8:e1:18:37: 82:ce:90:07:6e:31:3b:2a:8e:ad:1a:64:b4:b3:1f: 87:ac:26:52:dc:d4:5e:43:ef:28:27:6f:aa:4b:3b: 60:c2:46:97:29:21:f0:50:57:ef:bb:a0:41:06:41: 0b:4d:c8:3c:29:a3:df:65:d3:c4:a5:8f:ab:07:d1: 20:20:e0:a5:f8:72:6d:6a:78:af:f7:a8:54:10:27: ed:8b:41:c4:5b:70:97:68:2c:49:2f:8a:74:50:d7: a8:dd:4a:e0:87:3f:b1:38:14:67:9b:6c:13:7f:b8: fa:d3:a8:8f:2a:ad:5e:18:6e:ec:8e:64:18:29:06: 0d:82:94:10:a7:79:80:b6:8c:0e:3a:cf:ae:6d:40: 84:a5:a8:cf:a8:5f:bd:93:c7:78:82:24:2a:43:2e: d2:fb:df:54:8d:cc:b3:6a:ea:f1:d7:bc:1e:28:20: 5d:2c:69:31:02:5e:d7:cb:ad:25:cf:fa:30:ea:87: 29:43:ec:9c:0a:f6:e4:0d:96:f1:ea:62:ca:dd:1a: 57:ab:fd:d2:b3:e9:bb:72:10:84:43:7d:db:1e:00: 13:2a:82:72:42:08:54:6c:08:49:97:74:15:3d:a4: d3:c9:f5:eb:52:d3:62:ce:c5:a6:59:13:be:30:86: 74:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:5D:EA:30:52:2D:33:DB:FB:F2:67:34:13:06:74:DE:B1:1E:08:51 X509v3 Authority Key Identifier: keyid:DB:35:3F:96:C0:D0:2C:DD:4C:1F:08:DA:1B:C1:69:FE:E5:8D:73:21 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CF848/CADAB7B22E6E11EDAEAB3E36C4F9AE02/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CF848/CADAB7B22E6E11EDAEAB3E36C4F9AE02/2zU_lsDQLN1MHwjaG8Fp_uWNcyE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b2:eb:1e:87:b8:87:bd:2e:b3:1d:b1:d1:e9:b6:43:f7:de:d3: 4e:58:e6:d6:ec:15:a0:76:aa:08:d0:9b:85:97:f2:f0:4a:47: f5:95:d1:95:4e:b9:e1:66:75:0a:1f:0b:89:8f:48:18:c0:7e: ba:c7:47:4e:2f:07:6a:bd:0c:6c:f8:cd:56:92:0b:0a:58:92: d1:9e:ad:18:8b:74:6e:d0:98:cc:cc:23:17:b9:03:67:f3:38: 7b:b9:89:77:8d:54:d8:b1:13:e6:da:c1:9a:6c:15:fa:a9:c6: c2:41:51:b0:eb:9d:92:64:17:69:90:07:16:6c:be:21:48:cc: 40:11:a0:0a:4d:c3:68:10:d2:19:cf:0f:4d:72:df:12:c4:67: 67:20:22:ca:ce:30:d0:46:1a:a1:87:82:da:14:54:48:0b:22: b4:44:95:66:23:1c:de:bf:4d:e3:3c:2c:13:2c:d0:bd:e2:61: 00:e1:70:3d:88:70:ab:d4:97:dc:db:81:a4:ef:f9:fc:db:98: f1:41:b1:3d:18:21:28:46:7f:e3:b8:62:23:f8:f9:8b:fc:ee: c1:6b:89:fd:3b:20:b8:ee:c4:6d:0e:76:70:65:49:ed:62:22: de:64:a5:cc:ef:29:d6:0d:27:85:94:e0:14:9d:aa:e9:c8:4d: 96:bc:6b:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0Y4NDgxMTAvBgNVBAUTKERCMzUzRjk2QzBEMDJDREQ0QzFGMDhEQTFCQzE2OUZF RTU4RDczMjEwHhcNMjUxMTAzMDEzNTUyWhcNMjUxMTEwMDEzNTUyWjAYMRYwFAYD VQQDEw02OTA4MDZmOS1iNDk2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAq2ompF7UrW3L+MjhGDeCzpAHbjE7Ko6tGmS0sx+HrCZS3NReQ+8oJ2+qSztg wkaXKSHwUFfvu6BBBkELTcg8KaPfZdPEpY+rB9EgIOCl+HJtaniv96hUECfti0HE W3CXaCxJL4p0UNeo3Urghz+xOBRnm2wTf7j606iPKq1eGG7sjmQYKQYNgpQQp3mA towOOs+ubUCEpajPqF+9k8d4giQqQy7S+99Ujcyzaurx17weKCBdLGkxAl7Xy60l z/ow6ocpQ+ycCvbkDZbx6mLK3RpXq/3Ss+m7chCEQ33bHgATKoJyQghUbAhJl3QV PaTTyfXrUtNizsWmWRO+MIZ0dQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFENd6jBS LTPb+/JnNBMGdN6xHghRMB8GA1UdIwQYMBaAFNs1P5bA0CzdTB8I2hvBaf7ljXMh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRjg0OC9DQURBQjdCMjJF NkUxMUVEQUVBQjNFMzZDNEY5QUUwMi8yelVfbHNEUUxOMU1Id2phRzhGcF91V05j eUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJ6VV9sc0RRTE4xTUh3amFHOEZwX3VXTmN5RS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD Rjg0OC9DQURBQjdCMjJFNkUxMUVEQUVBQjNFMzZDNEY5QUUwMi8yelVfbHNEUUxO MU1Id2phRzhGcF91V05jeUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCy6x6HuIe9LrMdsdHptkP33tNOWObW7BWgdqoI0JuFl/LwSkf1ldGV TrnhZnUKHwuJj0gYwH66x0dOLwdqvQxs+M1WkgsKWJLRnq0Yi3Ru0JjMzCMXuQNn 8zh7uYl3jVTYsRPm2sGabBX6qcbCQVGw652SZBdpkAcWbL4hSMxAEaAKTcNoENIZ zw9Nct8SxGdnICLKzjDQRhqhh4LaFFRICyK0RJVmIxzev03jPCwTLNC94mEA4XA9 iHCr1Jfc24Gk7/n825jxQbE9GCEoRn/juGIj+PmL/O7Ba4n9OyC47sRtDnZwZUnt YiLeZKXM7ynWDSeFlOAUnarpyE2WvGsW -----END CERTIFICATE-----Generated at Mon Nov 3 18:10:28 2025 by rpki-client