$ rpki-client -vvf rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft File: 2-bH-ZCQRq41ohWw4hVErlIjfoo.mft (raw, json) Hash identifier: RtUv/ijMMRGkD+rjDQx0Lp9QpVg5aL9rF9qJhW+Rcts= Subject key identifier: DC:57:BF:DF:07:9C:38:CC:3E:C1:3A:F7:56:3B:EE:79:AA:8E:B2:D6 Authority key identifier: DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A Certificate issuer: /CN=A914F697/serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Certificate serial: 06C4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft Manifest number: 07F2 Signing time: Sat 18 Oct 2025 21:58:23 +0000 Manifest this update: Sat 18 Oct 2025 21:58:22 +0000 Manifest next update: Sat 25 Oct 2025 21:58:22 +0000 Files and hashes: 1: 2-bH-ZCQRq41ohWw4hVErlIjfoo.crl (hash: QwspIaNajeTVYKwJ4Udy6RIu+ri7tZtTm1FTnwPWu8Y=) 2: 1AA7504A92DD11EB9B9E993FC4F9AE02.roa (hash: C75Vrv4Uz+C6zFOBFG0FQ16ertvfsDBJQmC7BROeKb0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:58:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1732 (0x6c4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F697, serialNumber=DBE6C7F9909046AE35A215B0E21544AE52237E8A Validity Not Before: Oct 18 21:58:22 2025 GMT Not After : Oct 25 21:58:22 2025 GMT Subject: CN=68f40d7e-d5e8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:5d:c8:ae:1c:9a:f0:65:a4:a3:6f:cd:78:ad: 26:b4:9e:2f:fd:e9:0e:c1:a3:1e:f7:83:aa:fc:ea: 0a:a4:8d:8a:8d:9d:8f:27:01:87:90:32:c7:46:30: 50:19:c2:32:59:8b:6b:cf:b9:a1:fb:d0:56:12:3b: 96:bc:0e:e0:f4:e6:d3:2a:93:3c:9a:bc:c6:92:1d: df:7e:e1:3e:f8:9b:6d:04:c2:cb:5a:b2:fb:55:5b: f0:55:a1:89:7f:a0:77:bb:e9:8f:96:f2:37:83:14: 6c:0c:95:bd:7c:5b:d9:45:e7:a6:5f:86:25:e2:ff: 39:2f:76:be:3a:5c:10:fb:ba:80:88:87:78:5e:fc: 0f:94:1e:34:a4:48:74:bd:62:c8:53:e4:76:2f:53: fe:e7:3d:d0:d1:da:12:56:b1:fb:89:d0:c2:24:0d: a4:bb:5c:04:96:0f:62:0a:8c:46:29:68:ba:82:dd: f4:e6:bb:74:6b:29:fd:18:fb:66:84:7e:48:f9:35: 44:68:c9:2f:cf:9d:13:c6:24:04:3e:f8:cf:03:5c: 64:df:45:8a:51:13:76:ff:a5:3f:7d:da:a5:ce:8e: b6:ce:1e:b0:af:89:a3:77:35:93:e0:f2:e8:e8:c5: a2:ef:4d:b1:bc:a1:25:a8:62:ea:90:8d:fe:85:bd: 21:09 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:57:BF:DF:07:9C:38:CC:3E:C1:3A:F7:56:3B:EE:79:AA:8E:B2:D6 X509v3 Authority Key Identifier: keyid:DB:E6:C7:F9:90:90:46:AE:35:A2:15:B0:E2:15:44:AE:52:23:7E:8A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2-bH-ZCQRq41ohWw4hVErlIjfoo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F697/7521DFC0E85D11EAB23C8F87C4F9AE02/2-bH-ZCQRq41ohWw4hVErlIjfoo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:20:7d:6f:10:74:e1:c8:37:d6:9f:ff:c1:0e:0e:e2:46:58: eb:72:ee:22:2a:5d:52:55:ae:74:24:83:43:04:a5:50:44:bb: 5a:20:92:55:e0:a2:7b:94:0e:b2:25:c8:bc:ce:f2:0b:88:65: 6d:e9:94:82:73:87:c5:2d:9a:f0:65:11:f8:4d:66:3b:a1:87: dd:bd:a2:f8:2e:fc:33:0d:f9:d0:b1:e4:a6:44:f0:dc:1b:6c: eb:49:8d:1f:d3:32:ef:a8:f9:2b:71:ab:87:4b:67:4f:72:d8: fd:ec:1e:71:ff:1c:68:df:a9:ce:a2:37:16:83:d0:79:f4:1f: f1:5a:31:46:34:0f:1b:0f:b4:18:99:b6:6f:d1:37:6c:47:62: 64:a4:02:7a:ba:15:3a:cd:5d:b1:2b:34:e9:90:7d:5d:4a:d8: 6c:cc:cc:7e:0b:e8:75:fc:a6:92:1b:14:a2:83:92:50:49:7e: 86:bd:06:9f:47:df:8e:be:1b:dc:59:fa:d6:17:7a:e8:79:ae: a0:36:2b:31:fc:46:5e:29:64:61:3d:76:77:95:dc:15:b9:a5: 81:94:ba:03:29:ab:38:98:46:44:66:9f:da:e3:1c:a4:ae:32: cf:c3:3c:eb:da:cd:5f:61:7f:40:bd:d0:58:00:d6:5e:2e:41: f9:54:76:b3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBsQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY2OTcxMTAvBgNVBAUTKERCRTZDN0Y5OTA5MDQ2QUUzNUEyMTVCMEUyMTU0NEFF NTIyMzdFOEEwHhcNMjUxMDE4MjE1ODIyWhcNMjUxMDI1MjE1ODIyWjAYMRYwFAYD VQQDEw02OGY0MGQ3ZS1kNWU4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAz13Irhya8GWko2/NeK0mtJ4v/ekOwaMe94Oq/OoKpI2KjZ2PJwGHkDLHRjBQ GcIyWYtrz7mh+9BWEjuWvA7g9ObTKpM8mrzGkh3ffuE++JttBMLLWrL7VVvwVaGJ f6B3u+mPlvI3gxRsDJW9fFvZReemX4Yl4v85L3a+OlwQ+7qAiId4XvwPlB40pEh0 vWLIU+R2L1P+5z3Q0doSVrH7idDCJA2ku1wElg9iCoxGKWi6gt305rt0ayn9GPtm hH5I+TVEaMkvz50TxiQEPvjPA1xk30WKURN2/6U/fdqlzo62zh6wr4mjdzWT4PLo 6MWi702xvKElqGLqkI3+hb0hCQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNxXv98H nDjMPsE691Y77nmqjrLWMB8GA1UdIwQYMBaAFNvmx/mQkEauNaIVsOIVRK5SI36K MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjY5Ny83NTIxREZDMEU4 NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJxNDFvaFd3NGhWRXJsSWpm b28uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzItYkgtWkNRUnE0MW9oV3c0aFZFcmxJamZvby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjY5Ny83NTIxREZDMEU4NUQxMUVBQjIzQzhGODdDNEY5QUUwMi8yLWJILVpDUVJx NDFvaFd3NGhWRXJsSWpmb28ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACIH1vEHThyDfWn//BDg7iRljrcu4iKl1SVa50JINDBKVQRLtaIJJV 4KJ7lA6yJci8zvILiGVt6ZSCc4fFLZrwZRH4TWY7oYfdvaL4LvwzDfnQseSmRPDc G2zrSY0f0zLvqPkrcauHS2dPctj97B5x/xxo36nOojcWg9B59B/xWjFGNA8bD7QY mbZv0TdsR2JkpAJ6uhU6zV2xKzTpkH1dSthszMx+C+h1/KaSGxSig5JQSX6GvQaf R9+OvhvcWfrWF3roea6gNisx/EZeKWRhPXZ3ldwVuaWBlLoDKas4mEZEZp/a4xyk rjLPwzzr2s1fYX9AvdBYANZeLkH5VHaz -----END CERTIFICATE-----Generated at Mon Oct 20 21:40:59 2025 by rpki-client