$ rpki-client -vvf rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft File: 1lqglKUeKDl1O1khC2zyxUkVwB4.mft (raw, json) Hash identifier: UI6rhgyoD30+cAGPkDAFGk5Ed2FrmRGcf/z6NV7db9Q= Subject key identifier: FB:F7:7C:7D:24:E9:E2:41:B4:9D:03:09:22:28:A5:2E:EC:BC:5F:AD Authority key identifier: D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E Certificate issuer: /CN=A915C1AA/serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Certificate serial: 0A21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft Manifest number: 0A1A Signing time: Mon 20 Oct 2025 20:34:30 +0000 Manifest this update: Mon 20 Oct 2025 20:34:29 +0000 Manifest next update: Mon 27 Oct 2025 20:34:29 +0000 Files and hashes: 1: 1lqglKUeKDl1O1khC2zyxUkVwB4.crl (hash: X/QXyUmdEnsPikVnHHivA7Kqb4jdk+o15Eqp2Pm3zu4=) 2: 220853047F2211EA8E730F35C4F9AE02.roa (hash: GncSpKfRZkeGl3QwfrF2wdsfNONCmDmNLMd0bZEde3M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 20:34:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2593 (0xa21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A915C1AA, serialNumber=D65AA094A51E2839753B59210B6CF2C54915C01E Validity Not Before: Oct 20 20:34:29 2025 GMT Not After : Oct 27 20:34:29 2025 GMT Subject: CN=68f69cd6-ac5a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:6a:0e:43:95:cb:59:7e:e6:93:18:20:58:8e: 87:d7:74:8d:ff:b5:13:ca:f0:59:6f:33:08:c4:b5: 26:12:1f:b9:74:19:db:b1:43:99:b8:25:29:27:0e: 8a:fd:21:87:dc:3f:b9:19:83:d4:72:6e:59:f3:ed: bc:0e:92:a4:32:ae:8e:9b:33:67:a9:4a:c6:ca:d5: 6a:41:1a:70:4c:b7:91:51:c2:b0:ef:e0:96:65:da: fe:a8:bc:91:c1:b2:3a:3a:37:91:e2:f0:41:16:28: 35:bb:d8:05:75:72:f2:e2:5a:a1:ae:5f:62:d9:07: 2c:e8:55:eb:7e:82:55:d9:4c:96:01:f9:0a:dd:51: 37:46:82:f8:2a:b7:b9:d8:71:69:2c:45:d7:48:61: 54:65:7c:c9:86:7b:36:fb:a1:70:8d:8c:26:36:df: 0f:23:36:19:d1:b1:36:e1:4f:4a:cb:32:28:5a:f7: a0:08:e7:43:7a:96:7b:16:3a:41:3d:4b:57:06:5d: 29:b4:ca:dd:6e:3b:dc:c5:f5:16:af:4a:01:32:09: fc:55:1c:68:6d:b1:57:b0:1f:48:fc:2e:4c:cf:38: 3f:20:c8:87:6f:c4:ba:d0:2c:9f:74:85:a0:75:f9: de:37:84:e7:7b:2d:2b:13:d5:ec:c2:24:42:28:f6: 33:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FB:F7:7C:7D:24:E9:E2:41:B4:9D:03:09:22:28:A5:2E:EC:BC:5F:AD X509v3 Authority Key Identifier: keyid:D6:5A:A0:94:A5:1E:28:39:75:3B:59:21:0B:6C:F2:C5:49:15:C0:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/1lqglKUeKDl1O1khC2zyxUkVwB4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A915C1AA/6C9D26307F2011EAB57D5732C4F9AE02/1lqglKUeKDl1O1khC2zyxUkVwB4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bf:df:ea:1c:62:70:cb:f2:4f:97:bc:42:d2:34:34:7a:d7:ce: c6:e1:7d:77:7d:7a:fa:48:8a:8e:81:86:01:30:c8:66:66:22: 2d:69:60:9e:5c:e4:0d:a4:7a:57:c7:56:72:e4:44:89:d0:16: db:12:b2:f2:68:12:f3:95:a9:42:06:40:dc:db:de:5d:4d:44: f2:24:19:30:30:52:3c:56:da:f2:a5:bc:bb:ad:6f:bd:3f:f4: a3:45:ee:41:ec:f8:4f:4b:68:f4:87:23:b7:5b:66:c2:a6:1e: e4:4d:78:b8:d7:9d:99:14:25:a8:be:71:17:c8:c1:91:e8:92: 1f:06:58:ca:dd:e7:11:54:4b:0d:5b:fc:f3:4d:08:de:f9:95: cb:35:b0:2e:be:82:a6:fe:fd:d8:0e:46:21:ca:41:f4:c8:94: c2:93:d0:ba:7e:52:e6:cb:b2:ab:1b:e9:e2:7a:93:d1:9c:d9: 7f:05:62:e5:8c:4b:b5:e5:a9:95:5f:78:74:4a:cd:65:30:b7: a2:b5:f2:3a:f6:17:1b:40:18:0d:09:05:13:72:18:12:6e:10: ff:ea:98:23:0f:54:0f:c9:ad:5c:36:17:ba:68:7e:f2:3b:bc: 38:79:3d:70:f1:a8:ad:01:41:04:eb:d5:4b:57:c6:25:38:03: 68:88:07:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCiEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NUMxQUExMTAvBgNVBAUTKEQ2NUFBMDk0QTUxRTI4Mzk3NTNCNTkyMTBCNkNGMkM1 NDkxNUMwMUUwHhcNMjUxMDIwMjAzNDI5WhcNMjUxMDI3MjAzNDI5WjAYMRYwFAYD VQQDEw02OGY2OWNkNi1hYzVhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0moOQ5XLWX7mkxggWI6H13SN/7UTyvBZbzMIxLUmEh+5dBnbsUOZuCUpJw6K /SGH3D+5GYPUcm5Z8+28DpKkMq6OmzNnqUrGytVqQRpwTLeRUcKw7+CWZdr+qLyR wbI6OjeR4vBBFig1u9gFdXLy4lqhrl9i2Qcs6FXrfoJV2UyWAfkK3VE3RoL4Kre5 2HFpLEXXSGFUZXzJhns2+6FwjYwmNt8PIzYZ0bE24U9KyzIoWvegCOdDepZ7FjpB PUtXBl0ptMrdbjvcxfUWr0oBMgn8VRxobbFXsB9I/C5Mzzg/IMiHb8S60CyfdIWg dfneN4Tney0rE9XswiRCKPYzDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPv3fH0k 6eJBtJ0DCSIopS7svF+tMB8GA1UdIwQYMBaAFNZaoJSlHig5dTtZIQts8sVJFcAe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1QzFBQS82QzlEMjYzMDdG MjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtEbDFPMWtoQzJ6eXhVa1Z3 QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzFscWdsS1VlS0RsMU8xa2hDMnp5eFVrVndCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 QzFBQS82QzlEMjYzMDdGMjAxMUVBQjU3RDU3MzJDNEY5QUUwMi8xbHFnbEtVZUtE bDFPMWtoQzJ6eXhVa1Z3QjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC/3+ocYnDL8k+XvELSNDR6187G4X13fXr6SIqOgYYBMMhmZiItaWCe XOQNpHpXx1Zy5ESJ0BbbErLyaBLzlalCBkDc295dTUTyJBkwMFI8Vtrypby7rW+9 P/SjRe5B7PhPS2j0hyO3W2bCph7kTXi4152ZFCWovnEXyMGR6JIfBljK3ecRVEsN W/zzTQje+ZXLNbAuvoKm/v3YDkYhykH0yJTCk9C6flLmy7KrG+niepPRnNl/BWLl jEu15amVX3h0Ss1lMLeitfI69hcbQBgNCQUTchgSbhD/6pgjD1QPya1cNhe6aH7y O7w4eT1w8aitAUEE69VLV8YlOANoiAdg -----END CERTIFICATE-----Generated at Tue Oct 21 00:09:52 2025 by rpki-client