$ rpki-client -vvf rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft File: lSpNx8TWEJWYvu5awKIG0nuFxWo.mft (raw, json) Hash identifier: 3LR+c1pkxRTrGk+GQ/bodQoTygEOwVJo4yg70+64ipk= Subject key identifier: 3A:E0:68:DA:D1:D3:FA:69:E0:55:9E:98:34:F2:53:75:90:22:FB:95 Authority key identifier: 95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A Certificate issuer: /CN=A912D71D/serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Certificate serial: 51 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft Manifest number: 4F Signing time: Sun 19 Oct 2025 10:42:37 +0000 Manifest this update: Sun 19 Oct 2025 10:42:37 +0000 Manifest next update: Sun 26 Oct 2025 10:42:37 +0000 Files and hashes: 1: lSpNx8TWEJWYvu5awKIG0nuFxWo.crl (hash: +qalVjzzIz6vFuJd5yd0Zm4qe+uOdnvkYGl4u+ok5LQ=) 2: 4002AE6236CF11F0AA705D26C4F9AE02.roa (hash: BjUqiPeyqOJL7zi1VC/yuEDToWrbr9Hg82ANTKNIKSc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 10:42:36 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 81 (0x51) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912D71D, serialNumber=952A4DC7C4D6109598BEEE5AC0A206D27B85C56A Validity Not Before: Oct 19 10:42:37 2025 GMT Not After : Oct 26 10:42:37 2025 GMT Subject: CN=68f4c09d-d0e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:b9:67:40:1c:d8:33:00:5d:03:87:fc:d8:a7: 15:da:53:3e:6b:14:48:4e:e5:ca:ce:95:fa:47:8a: 3d:65:6b:00:c1:1e:08:c3:4d:e9:b7:87:37:00:e1: 49:38:77:65:7c:1a:ae:d5:a6:4d:35:0e:03:79:dc: 93:b6:7a:f3:7d:63:dc:e0:b4:37:cc:84:70:a6:47: 5e:04:b7:7a:fd:3e:b9:e3:2f:c0:f2:75:83:77:82: e5:96:25:5d:0d:2f:04:be:8b:f6:8c:34:bc:f1:05: 62:31:47:df:11:6c:0f:e8:3d:b7:7d:1f:66:a8:3c: 0e:43:e1:5d:84:51:9c:2c:bb:3c:b8:d3:91:18:4b: 3a:19:5e:45:b8:d6:d2:2b:00:14:75:1a:76:42:32: a2:cb:01:83:07:fa:0a:94:04:04:7f:18:fc:48:4e: 45:75:82:dd:d5:b1:79:4a:4b:a5:69:db:a0:4c:b7: 2b:6c:e6:c4:d7:d4:be:2f:b4:09:e3:8f:2f:9c:c2: 2b:8e:e4:56:19:c3:b8:6f:9f:b7:86:37:a8:da:95: 9f:ac:28:92:e5:70:a5:c6:b6:37:d2:9f:97:90:06: 76:78:01:ff:70:0e:cf:29:53:af:8b:ac:67:ec:f9: fa:27:c1:8f:d1:0a:a0:b5:c1:cf:75:f2:49:7d:00: dc:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3A:E0:68:DA:D1:D3:FA:69:E0:55:9E:98:34:F2:53:75:90:22:FB:95 X509v3 Authority Key Identifier: keyid:95:2A:4D:C7:C4:D6:10:95:98:BE:EE:5A:C0:A2:06:D2:7B:85:C5:6A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/lSpNx8TWEJWYvu5awKIG0nuFxWo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912D71D/1E0F992E36CE11F0A2A69C1FC4F9AE02/lSpNx8TWEJWYvu5awKIG0nuFxWo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 56:ad:cc:74:92:99:33:78:ce:96:13:31:0f:ca:8b:63:7f:b7: 3b:83:9a:95:76:df:27:8e:75:88:57:62:e1:43:27:b0:e4:9e: 0a:6a:ce:7f:e7:d2:f9:eb:b6:52:93:b7:31:a6:8e:12:d1:61: 7b:f9:28:4c:d5:98:bc:cc:0d:2c:31:46:bc:6e:fd:44:6c:bf: 1c:2b:b9:9f:be:e0:f1:39:c4:46:ee:ee:e5:43:df:9e:6f:9a: 01:00:6f:7b:b0:a8:53:d2:35:8d:03:07:aa:88:ae:d0:3f:54: 81:92:4e:d7:17:5c:0a:ce:d2:49:b9:94:98:61:84:ae:0e:97: 91:98:3a:97:13:e3:13:45:77:3a:89:c7:79:cc:cc:32:ab:9f: b7:c6:4b:c4:04:90:ba:0e:d1:59:cc:a6:ef:8b:59:d9:1e:6b: ba:b6:63:56:d0:38:8d:a2:1b:68:12:8e:30:93:0e:7e:9e:a2: 61:5c:ba:ca:11:c4:82:ac:1d:c8:ee:ff:92:61:25:9a:99:01: 05:cd:4e:29:0c:19:9c:92:fd:b8:e5:59:99:fa:69:2a:0f:d3: 58:a7:43:5b:b0:43:28:c0:ff:c0:ca:41:cb:8d:ad:a1:0b:15: 1f:16:dc:ff:71:63:10:00:48:5f:2c:79:6b:0b:2e:ef:3a:08: 29:2c:68:67 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEy RDcxRDExMC8GA1UEBRMoOTUyQTREQzdDNEQ2MTA5NTk4QkVFRTVBQzBBMjA2RDI3 Qjg1QzU2QTAeFw0yNTEwMTkxMDQyMzdaFw0yNTEwMjYxMDQyMzdaMBgxFjAUBgNV BAMTDTY4ZjRjMDlkLWQwZTYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCfuWdAHNgzAF0Dh/zYpxXaUz5rFEhO5crOlfpHij1lawDBHgjDTem3hzcA4Uk4 d2V8Gq7Vpk01DgN53JO2evN9Y9zgtDfMhHCmR14Et3r9PrnjL8DydYN3guWWJV0N LwS+i/aMNLzxBWIxR98RbA/oPbd9H2aoPA5D4V2EUZwsuzy405EYSzoZXkW41tIr ABR1GnZCMqLLAYMH+gqUBAR/GPxITkV1gt3VsXlKS6Vp26BMtyts5sTX1L4vtAnj jy+cwiuO5FYZw7hvn7eGN6jalZ+sKJLlcKXGtjfSn5eQBnZ4Af9wDs8pU6+LrGfs +fonwY/RCqC1wc918kl9ANw7AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUOuBo2tHT +mngVZ6YNPJTdZAi+5UwHwYDVR0jBBgwFoAUlSpNx8TWEJWYvu5awKIG0nuFxWow DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJENzFELzFFMEY5OTJFMzZD RTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpXWXZ1NWF3S0lHMG51RnhX by5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvbFNwTng4VFdFSldZdnU1YXdLSUcwbnVGeFdvLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTJE NzFELzFFMEY5OTJFMzZDRTExRjBBMkE2OUMxRkM0RjlBRTAyL2xTcE54OFRXRUpX WXZ1NWF3S0lHMG51RnhXby5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFatzHSSmTN4zpYTMQ/Ki2N/tzuDmpV23yeOdYhXYuFDJ7Dkngpqzn/n 0vnrtlKTtzGmjhLRYXv5KEzVmLzMDSwxRrxu/URsvxwruZ++4PE5xEbu7uVD355v mgEAb3uwqFPSNY0DB6qIrtA/VIGSTtcXXArO0km5lJhhhK4Ol5GYOpcT4xNFdzqJ x3nMzDKrn7fGS8QEkLoO0VnMpu+LWdkea7q2Y1bQOI2iG2gSjjCTDn6eomFcusoR xIKsHcju/5JhJZqZAQXNTikMGZyS/bjlWZn6aSoP01inQ1uwQyjA/8DKQcuNraEL FR8W3P9xYxAASF8seWsLLu86CCksaGc= -----END CERTIFICATE-----Generated at Mon Oct 20 21:26:30 2025 by rpki-client