$ rpki-client -vvf rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft File: 2QhrDfk0LcKwkbrobLd5_GJZvXs.mft (raw, json) Hash identifier: Yxx1cJjf0xDrgEkSiCOwyQ5VdP7EBHf5lElvqk5CJ3I= Subject key identifier: CE:63:D6:15:9E:A2:29:33:FE:F8:3C:DB:DF:AB:52:8E:62:C1:C5:74 Authority key identifier: D9:08:6B:0D:F9:34:2D:C2:B0:91:BA:E8:6C:B7:79:FC:62:59:BD:7B Certificate issuer: /CN=A914F2EC/serialNumber=D9086B0DF9342DC2B091BAE86CB779FC6259BD7B Certificate serial: 34DE Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft Manifest number: 34D5 Signing time: Sat 18 Oct 2025 15:06:20 +0000 Manifest this update: Sat 18 Oct 2025 15:06:20 +0000 Manifest next update: Sat 25 Oct 2025 15:06:20 +0000 Files and hashes: 1: 2QhrDfk0LcKwkbrobLd5_GJZvXs.crl (hash: WzndG9LKQ3relGELhUbNBEPQMEfHWl383RA/bSLHhZM=) 2: 588BD7269A1211E8B97A623AC4F9AE02.roa (hash: KKbAooYir9kiM+kQeIhamjhStk+gbSQk/A73xTUucXs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.crl rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 15:06:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13534 (0x34de) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F2EC, serialNumber=D9086B0DF9342DC2B091BAE86CB779FC6259BD7B Validity Not Before: Oct 18 15:06:20 2025 GMT Not After : Oct 25 15:06:20 2025 GMT Subject: CN=68f3acec-d3bc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:82:b6:12:93:ce:03:35:02:fc:db:8f:fa:4e: b3:38:85:59:62:25:02:fc:87:d0:16:1e:f2:43:a7: 82:54:07:e3:e0:79:a4:a6:32:ea:85:fc:d6:67:4a: 74:a6:8d:a8:1e:1a:d8:55:98:d0:ef:42:a9:d7:d1: 8d:0f:e1:93:b7:6b:bf:37:63:0b:24:c6:9f:9d:97: 56:79:0c:e8:c9:14:2c:4a:a9:42:00:f2:3a:98:c6: 9e:04:2e:65:f1:72:0e:32:58:96:58:42:4b:d0:ab: d9:3b:c6:be:cb:5c:c3:16:ee:17:d2:3e:f9:1d:02: 04:79:1b:08:cc:ea:04:7a:d5:a1:fa:27:d5:97:b1: e3:95:aa:aa:24:f1:a0:00:ba:5b:c7:13:c2:ee:7e: 15:65:76:e0:cc:ff:86:66:1c:b5:0b:c3:91:53:47: e2:6c:80:15:f4:a1:c8:c6:ec:49:a4:59:da:8d:19: fc:e9:c7:7e:35:12:73:3c:d5:e8:0b:03:b6:92:26: e3:f2:08:f0:aa:5a:e0:90:7d:a3:06:cf:49:73:e4: bb:8d:e9:f9:6b:e0:e7:86:4d:ab:ff:18:93:3b:f9: 59:19:2e:d1:8a:09:53:ef:31:36:01:5e:8b:97:ed: 9d:b6:79:02:bf:38:e3:a7:8e:30:77:e3:7b:b2:d2: fd:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CE:63:D6:15:9E:A2:29:33:FE:F8:3C:DB:DF:AB:52:8E:62:C1:C5:74 X509v3 Authority Key Identifier: keyid:D9:08:6B:0D:F9:34:2D:C2:B0:91:BA:E8:6C:B7:79:FC:62:59:BD:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhrDfk0LcKwkbrobLd5_GJZvXs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F2EC/D58A226C1D9C11E29BC3B28B08B02CD2/2QhrDfk0LcKwkbrobLd5_GJZvXs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:31:11:21:b7:66:0c:fc:0a:8b:42:a3:da:ce:db:93:6f:a1: a7:a4:2e:92:cf:56:70:71:63:85:95:ec:2f:cd:57:cd:a4:65: fa:b9:3b:a1:c8:b1:b9:54:f0:d0:ab:1f:48:36:45:65:61:a4: e8:39:6c:b0:01:ca:3f:de:fb:f0:31:d6:f3:af:92:8f:9b:ab: 5a:1a:d1:44:5c:6f:ac:51:a9:b9:89:be:f7:7a:8c:b6:e8:84: 25:c9:e5:6f:39:78:b3:47:ed:3a:a6:60:67:63:e7:3e:a3:0c: ea:15:94:b8:a3:fa:d2:87:a8:e2:6d:cb:32:da:64:b9:b1:d9: 0e:a5:3e:6e:de:79:dd:e9:9d:fe:be:f0:15:52:f1:ec:5b:bd: 41:43:43:1d:94:6d:a5:5b:d5:aa:0e:7c:7b:af:74:63:43:01: 3f:a0:25:f2:6d:ce:75:1f:00:52:ab:d1:6f:65:7f:45:9a:08: b2:57:ce:aa:5a:a9:92:42:db:57:6d:8a:4f:84:26:43:cc:d2: c7:f9:01:7c:7a:66:04:f8:53:a3:ef:80:9b:29:1b:21:05:33: 69:b9:10:67:5d:0f:40:15:28:16:6f:ed:11:3d:13:0e:5f:a7: 42:7e:d3:92:09:86:23:9c:05:7a:56:8c:1d:e8:f1:dc:c3:27: 52:2d:07:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNN4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEYyRUMxMTAvBgNVBAUTKEQ5MDg2QjBERjkzNDJEQzJCMDkxQkFFODZDQjc3OUZD NjI1OUJEN0IwHhcNMjUxMDE4MTUwNjIwWhcNMjUxMDI1MTUwNjIwWjAYMRYwFAYD VQQDEw02OGYzYWNlYy1kM2JjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw4K2EpPOAzUC/NuP+k6zOIVZYiUC/IfQFh7yQ6eCVAfj4HmkpjLqhfzWZ0p0 po2oHhrYVZjQ70Kp19GND+GTt2u/N2MLJMafnZdWeQzoyRQsSqlCAPI6mMaeBC5l 8XIOMliWWEJL0KvZO8a+y1zDFu4X0j75HQIEeRsIzOoEetWh+ifVl7HjlaqqJPGg ALpbxxPC7n4VZXbgzP+GZhy1C8ORU0fibIAV9KHIxuxJpFnajRn86cd+NRJzPNXo CwO2kibj8gjwqlrgkH2jBs9Jc+S7jen5a+Dnhk2r/xiTO/lZGS7RiglT7zE2AV6L l+2dtnkCvzjjp44wd+N7stL9EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM5j1hWe oikz/vg829+rUo5iwcV0MB8GA1UdIwQYMBaAFNkIaw35NC3CsJG66Gy3efxiWb17 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjJFQy9ENThBMjI2QzFE OUMxMUUyOUJDM0IyOEIwOEIwMkNEMi8yUWhyRGZrMExjS3drYnJvYkxkNV9HSlp2 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRaHJEZmswTGNLd2ticm9iTGQ1X0dKWnZYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjJFQy9ENThBMjI2QzFEOUMxMUUyOUJDM0IyOEIwOEIwMkNEMi8yUWhyRGZrMExj S3drYnJvYkxkNV9HSlp2WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCgMREht2YM/AqLQqPaztuTb6GnpC6Sz1ZwcWOFlewvzVfNpGX6uTuh yLG5VPDQqx9INkVlYaToOWywAco/3vvwMdbzr5KPm6taGtFEXG+sUam5ib73eoy2 6IQlyeVvOXizR+06pmBnY+c+owzqFZS4o/rSh6jibcsy2mS5sdkOpT5u3nnd6Z3+ vvAVUvHsW71BQ0MdlG2lW9WqDnx7r3RjQwE/oCXybc51HwBSq9FvZX9FmgiyV86q WqmSQttXbYpPhCZDzNLH+QF8emYE+FOj74CbKRshBTNpuRBnXQ9AFSgWb+0RPRMO X6dCftOSCYYjnAV6Vowd6PHcwydSLQf8 -----END CERTIFICATE-----Generated at Mon Oct 20 01:44:59 2025 by rpki-client