$ rpki-client -vvf rpki.apnic.net/member_repository/A9140E66/70639EFCFF6E11E985A88C67C4F9AE02/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.mft File: 2lR-1pKKrR7PtoR6GwdDK9h7Ge8.mft (raw, json) Hash identifier: mM3h9dMUi4NHMQz8wqrsMs9v3D6i4BgicaRovz0QcMo= Subject key identifier: 2F:43:8D:8C:34:55:D2:65:F4:97:88:41:FD:1D:1F:94:33:88:20:3D Authority key identifier: DA:54:7E:D6:92:8A:AD:1E:CF:B6:84:7A:1B:07:43:2B:D8:7B:19:EF Certificate issuer: /CN=A9140E66/serialNumber=DA547ED6928AAD1ECFB6847A1B07432BD87B19EF Certificate serial: 0CB8 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9140E66/70639EFCFF6E11E985A88C67C4F9AE02/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.mft Manifest number: 0CAE Signing time: Sat 18 Oct 2025 18:54:55 +0000 Manifest this update: Sat 18 Oct 2025 18:54:54 +0000 Manifest next update: Sat 25 Oct 2025 18:54:54 +0000 Files and hashes: 1: 2lR-1pKKrR7PtoR6GwdDK9h7Ge8.crl (hash: kl50TwD0DdIB43/6wISkvbSP79RNdIPnrURwH/0whAM=) 2: 44FEC394589711F0B981A181C4F9AE02.roa (hash: czF1g9Ex6VYm+KxfQ/94CmFck1ccrgeMZN09KqEwv5g=) 3: C21D3A065B7E11F0A8B76B2EC4F9AE02.roa (hash: 84DuWQA+97cDdeAiob2yXUJKVlhHSu21Cq4u1ZPXmWs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9140E66/70639EFCFF6E11E985A88C67C4F9AE02/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.crl rsync://rpki.apnic.net/member_repository/A9140E66/70639EFCFF6E11E985A88C67C4F9AE02/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:54:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3256 (0xcb8) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9140E66, serialNumber=DA547ED6928AAD1ECFB6847A1B07432BD87B19EF Validity Not Before: Oct 18 18:54:54 2025 GMT Not After : Oct 25 18:54:54 2025 GMT Subject: CN=68f3e27e-6b25 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:59:1a:e7:8f:98:86:3b:33:01:97:6a:d3:44: e2:7e:0e:3f:25:4d:e0:81:8e:d2:8a:41:be:06:65: e5:b4:75:b2:79:e8:56:ff:1d:5a:fd:99:3d:c6:d3: 17:b5:b1:0a:90:03:21:57:e7:f5:71:48:f1:3d:7b: df:da:68:a5:8d:d2:4a:b2:c6:f4:ec:4e:af:a3:84: 97:08:66:42:51:da:67:3a:dd:9f:4e:f8:e3:85:c4: 96:db:58:73:6a:f7:bd:28:39:15:1c:04:44:11:84: e0:79:b5:ac:bf:44:31:30:0c:67:90:d5:c3:32:a9: 62:f0:a0:15:40:54:d8:f1:2e:2b:30:47:5b:88:99: 4e:db:0d:b9:bb:4a:81:4a:48:3b:c0:9e:6d:2c:d4: a5:fc:18:98:20:f4:44:e3:7b:86:10:68:b9:1d:ab: ea:9c:3e:48:02:25:58:6c:e4:98:c4:17:ff:c0:88: 8f:fd:ad:06:f0:94:e9:2e:58:0b:8b:50:05:b6:12: 3b:81:fe:d2:3d:27:fe:8c:78:1f:23:3b:0c:c2:c7: 94:9b:3d:4b:61:70:fb:bd:03:d4:df:c9:ad:08:68: 54:8f:02:1f:a8:42:60:b0:17:7c:b5:ae:95:7b:28: 00:b4:2b:d4:8f:e4:3b:e6:f9:8a:81:f6:32:65:ad: 92:9f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:43:8D:8C:34:55:D2:65:F4:97:88:41:FD:1D:1F:94:33:88:20:3D X509v3 Authority Key Identifier: keyid:DA:54:7E:D6:92:8A:AD:1E:CF:B6:84:7A:1B:07:43:2B:D8:7B:19:EF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9140E66/70639EFCFF6E11E985A88C67C4F9AE02/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9140E66/70639EFCFF6E11E985A88C67C4F9AE02/2lR-1pKKrR7PtoR6GwdDK9h7Ge8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 35:59:6e:86:58:08:ea:a6:e2:96:5b:f0:ab:a3:a1:39:2c:29: 07:31:9e:a0:e3:63:8f:79:db:81:7f:74:3f:26:2e:6b:31:4e: 5e:d0:bb:a8:68:30:91:c0:c8:6d:29:45:64:31:75:af:08:3e: 79:b0:51:bc:94:0b:4d:91:ae:c6:bc:76:36:95:8a:b9:e5:d1: b0:24:0e:1a:65:52:eb:22:2a:ae:d6:0f:ab:e1:b3:2c:17:ea: df:a4:c4:41:8a:29:f9:31:99:ec:55:6b:92:d8:e4:98:06:4c: e3:31:51:88:33:26:f0:bd:e1:5f:ae:19:76:73:d9:41:5b:17: 6b:f5:9c:b3:c0:4c:4d:66:ef:69:15:5c:96:23:0a:1e:4e:c3: d6:11:9b:93:6b:3b:64:5f:04:d8:75:88:6e:48:bb:85:6f:a2: f7:c3:fb:68:85:c9:ef:ca:1c:90:9c:fe:8c:07:ca:f7:e1:cc: 49:ad:56:f6:42:17:fa:14:09:5b:b6:bc:9a:b8:3a:aa:08:20: d0:ee:c4:1d:a7:15:59:e1:da:8b:3f:f4:2f:a5:c5:b4:c2:b4: b1:09:f8:9c:4d:76:cd:b4:43:a5:eb:a9:f8:cb:3f:53:0b:0f: 29:b1:59:93:18:f2:66:bf:d3:e2:12:df:02:6e:5e:ca:2a:0b: 9f:60:7f:d5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDLgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDBFNjYxMTAvBgNVBAUTKERBNTQ3RUQ2OTI4QUFEMUVDRkI2ODQ3QTFCMDc0MzJC RDg3QjE5RUYwHhcNMjUxMDE4MTg1NDU0WhcNMjUxMDI1MTg1NDU0WjAYMRYwFAYD VQQDEw02OGYzZTI3ZS02YjI1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArVka54+YhjszAZdq00Tifg4/JU3ggY7SikG+BmXltHWyeehW/x1a/Zk9xtMX tbEKkAMhV+f1cUjxPXvf2miljdJKssb07E6vo4SXCGZCUdpnOt2fTvjjhcSW21hz ave9KDkVHAREEYTgebWsv0QxMAxnkNXDMqli8KAVQFTY8S4rMEdbiJlO2w25u0qB Skg7wJ5tLNSl/BiYIPRE43uGEGi5HavqnD5IAiVYbOSYxBf/wIiP/a0G8JTpLlgL i1AFthI7gf7SPSf+jHgfIzsMwseUmz1LYXD7vQPU38mtCGhUjwIfqEJgsBd8ta6V eygAtCvUj+Q75vmKgfYyZa2SnwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC9DjYw0 VdJl9JeIQf0dH5QziCA9MB8GA1UdIwQYMBaAFNpUftaSiq0ez7aEehsHQyvYexnv MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MEU2Ni83MDYzOUVGQ0ZG NkUxMUU5ODVBODhDNjdDNEY5QUUwMi8ybFItMXBLS3JSN1B0b1I2R3dkREs5aDdH ZTguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJsUi0xcEtLclI3UHRvUjZHd2RESzloN0dlOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MEU2Ni83MDYzOUVGQ0ZGNkUxMUU5ODVBODhDNjdDNEY5QUUwMi8ybFItMXBLS3JS N1B0b1I2R3dkREs5aDdHZTgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA1WW6GWAjqpuKWW/Cro6E5LCkHMZ6g42OPeduBf3Q/Ji5rMU5e0Luo aDCRwMhtKUVkMXWvCD55sFG8lAtNka7GvHY2lYq55dGwJA4aZVLrIiqu1g+r4bMs F+rfpMRBiin5MZnsVWuS2OSYBkzjMVGIMybwveFfrhl2c9lBWxdr9ZyzwExNZu9p FVyWIwoeTsPWEZuTaztkXwTYdYhuSLuFb6L3w/tohcnvyhyQnP6MB8r34cxJrVb2 Qhf6FAlbtryauDqqCCDQ7sQdpxVZ4dqLP/QvpcW0wrSxCficTXbNtEOl66n4yz9T Cw8psVmTGPJmv9PiEt8Cbl7KKgufYH/V -----END CERTIFICATE-----Generated at Mon Oct 20 14:07:12 2025 by rpki-client