$ rpki-client -vvf rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft File: LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft (raw, json) Hash identifier: alzxC55aHfAt5jJ2lFd6NGRqZSu+ghtxhWt+ML/gw8E= Subject key identifier: 02:D1:D1:79:4B:A7:FF:72:11:2A:EC:F7:6E:42:FF:54:CF:2B:28:26 Authority key identifier: 2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F Certificate issuer: /CN=A9153D75/serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Certificate serial: 0227 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft Manifest number: 0223 Signing time: Sun 19 Oct 2025 04:16:00 +0000 Manifest this update: Sun 19 Oct 2025 04:15:59 +0000 Manifest next update: Sun 26 Oct 2025 04:15:59 +0000 Files and hashes: 1: LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl (hash: gGUPuejQqCPUcN0vea3tphBgRQ8lALdkYmVHTz7RaYc=) 2: 552D155464A711ED99D40117C4F9AE02.roa (hash: 23rCyoR4WnNChFU7ymH391h0HiIrF4JQy1l5v2pbquM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 04:15:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 551 (0x227) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9153D75, serialNumber=2DBC465DA681B5B311897AB6C468C254706E5D2F Validity Not Before: Oct 19 04:15:59 2025 GMT Not After : Oct 26 04:15:59 2025 GMT Subject: CN=68f46600-5172 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:92:b5:20:b7:e9:6b:84:16:0b:2a:33:8a:16: 19:9f:26:fe:e7:e2:75:2b:94:8e:ff:ba:78:10:54: 1c:a7:4a:da:0f:5f:98:a6:75:7b:aa:5c:63:80:d4: 21:04:17:14:6d:ac:d5:76:a0:53:65:0c:a0:df:ab: f0:ad:05:c8:a0:1f:79:f1:46:c7:60:88:7d:59:10: a5:9e:24:03:99:58:f9:87:26:5e:91:11:dd:46:34: 60:f9:37:d8:07:57:e5:4f:a8:99:c8:d8:b4:51:d8: a5:f4:9f:21:73:57:26:4e:b8:06:9a:c7:70:d3:0d: df:ac:7a:97:a2:99:65:99:5a:48:11:52:26:bc:f3: 31:1e:b5:62:9e:0a:57:13:95:6c:6f:b8:f8:d2:88: b3:6b:14:d4:69:99:bf:d7:61:5f:73:aa:a3:d3:4e: f6:9c:7a:6b:29:08:68:45:9f:4d:be:fd:a3:e5:be: 76:4f:2a:b3:28:f9:67:39:44:45:a9:b5:84:46:8b: 64:5b:49:c4:92:e8:9c:ec:80:be:14:9f:a7:41:79: f2:50:e7:f7:97:3b:9d:15:9b:ad:d3:d2:11:18:42: 04:64:38:a8:5f:23:e3:ec:7e:2f:22:90:4b:e1:d3: b0:32:7e:76:d2:f6:a7:95:c9:ee:49:f4:4c:16:f1: 08:d9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 02:D1:D1:79:4B:A7:FF:72:11:2A:EC:F7:6E:42:FF:54:CF:2B:28:26 X509v3 Authority Key Identifier: keyid:2D:BC:46:5D:A6:81:B5:B3:11:89:7A:B6:C4:68:C2:54:70:6E:5D:2F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/LbxGXaaBtbMRiXq2xGjCVHBuXS8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9153D75/52DE4C4A64A311ED82202412C4F9AE02/LbxGXaaBtbMRiXq2xGjCVHBuXS8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:11:1b:44:5d:14:be:93:4b:51:ed:85:b1:ce:21:ad:10:60: af:60:d3:db:fb:41:98:01:22:51:3e:78:d5:2b:d9:a5:9c:29: 76:e3:56:4e:cd:c4:89:34:83:d0:70:a5:ad:f3:ca:04:ee:e3: 83:75:79:6c:5f:1f:68:72:68:57:a5:60:c8:d2:7b:f4:0b:21: ea:27:f3:01:cc:6c:75:7a:77:3d:42:22:8b:c7:9b:5c:88:9c: e4:09:d8:a5:1b:b1:7d:99:55:bf:08:e8:31:c8:c0:09:0f:96: 6a:6b:93:3f:a1:6e:4f:0a:13:b0:0c:24:61:ed:cf:1a:08:ca: 12:1b:35:8a:9f:92:ad:b4:d5:a8:95:75:72:dd:b6:87:49:3f: 10:0e:d7:54:13:b7:0d:e6:fe:e4:b7:00:95:9a:d6:38:0b:b7: a4:96:22:1d:6b:c1:64:d8:f8:2f:1e:6b:77:58:a1:ab:cb:b1: 76:a6:0c:a4:e9:8b:c5:84:b3:11:eb:84:5c:66:fd:34:15:eb: 6a:cf:bd:4f:cf:13:40:a7:2e:ac:08:d3:33:e6:8f:af:80:7e: 78:de:7a:ee:16:19:90:f2:ca:59:7a:8c:d0:cc:57:97:c1:5d: 8a:0c:09:b3:77:8e:f8:d3:0f:41:e0:d7:df:ec:67:5c:83:b2: a5:e1:8d:f0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAicwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTNENzUxMTAvBgNVBAUTKDJEQkM0NjVEQTY4MUI1QjMxMTg5N0FCNkM0NjhDMjU0 NzA2RTVEMkYwHhcNMjUxMDE5MDQxNTU5WhcNMjUxMDI2MDQxNTU5WjAYMRYwFAYD VQQDEw02OGY0NjYwMC01MTcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA15K1ILfpa4QWCyozihYZnyb+5+J1K5SO/7p4EFQcp0raD1+YpnV7qlxjgNQh BBcUbazVdqBTZQyg36vwrQXIoB958UbHYIh9WRClniQDmVj5hyZekRHdRjRg+TfY B1flT6iZyNi0Udil9J8hc1cmTrgGmsdw0w3frHqXopllmVpIEVImvPMxHrVingpX E5Vsb7j40oizaxTUaZm/12Ffc6qj0072nHprKQhoRZ9Nvv2j5b52TyqzKPlnOURF qbWERotkW0nEkuic7IC+FJ+nQXnyUOf3lzudFZut09IRGEIEZDioXyPj7H4vIpBL 4dOwMn520vanlcnuSfRMFvEI2QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFALR0XlL p/9yESrs925C/1TPKygmMB8GA1UdIwQYMBaAFC28Rl2mgbWzEYl6tsRowlRwbl0v MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1M0Q3NS81MkRFNEM0QTY0 QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRiTVJpWHEyeEdqQ1ZIQnVY UzguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0xieEdYYWFCdGJNUmlYcTJ4R2pDVkhCdVhTOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 M0Q3NS81MkRFNEM0QTY0QTMxMUVEODIyMDI0MTJDNEY5QUUwMi9MYnhHWGFhQnRi TVJpWHEyeEdqQ1ZIQnVYUzgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjERtEXRS+k0tR7YWxziGtEGCvYNPb+0GYASJRPnjVK9mlnCl241ZO zcSJNIPQcKWt88oE7uODdXlsXx9ocmhXpWDI0nv0CyHqJ/MBzGx1enc9QiKLx5tc iJzkCdilG7F9mVW/COgxyMAJD5Zqa5M/oW5PChOwDCRh7c8aCMoSGzWKn5KttNWo lXVy3baHST8QDtdUE7cN5v7ktwCVmtY4C7ekliIda8Fk2PgvHmt3WKGry7F2pgyk 6YvFhLMR64RcZv00Fetqz71PzxNApy6sCNMz5o+vgH543nruFhmQ8spZeozQzFeX wV2KDAmzd4740w9B4Nff7Gdcg7Kl4Y3w -----END CERTIFICATE-----Generated at Mon Oct 20 14:15:19 2025 by rpki-client