$ rpki-client -vvf rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft File: lufMd6OOPhgL91JrodlTIYBONeY.mft (raw, json) Hash identifier: GfMaqLihbGkSJVBnmh7RC2vDo++ZIg2nh52lXM4/FPg= Subject key identifier: 4B:AF:4E:2B:FD:7C:91:E5:72:81:4A:E2:A2:99:88:B7:6F:DD:AA:F1 Authority key identifier: 96:E7:CC:77:A3:8E:3E:18:0B:F7:52:6B:A1:D9:53:21:80:4E:35:E6 Certificate issuer: /CN=A916C4FA/serialNumber=96E7CC77A38E3E180BF7526BA1D95321804E35E6 Certificate serial: 01FC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft Manifest number: 0590 Signing time: Sun 19 Oct 2025 02:47:22 +0000 Manifest this update: Sun 19 Oct 2025 02:47:21 +0000 Manifest next update: Sun 26 Oct 2025 02:47:21 +0000 Files and hashes: 1: lufMd6OOPhgL91JrodlTIYBONeY.crl (hash: Ccz+i74RvWuWtQsCp/0/Q92RRdDqm8bh8Gs7iHF6kk8=) 2: C310EE5AACD311ED84BAA06EC4F9AE02.roa (hash: puxNQ3IQMgK+455LW/i47TSp2iaIUiKVoUSQH0z/5bw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.crl rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 02:47:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 508 (0x1fc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916C4FA, serialNumber=96E7CC77A38E3E180BF7526BA1D95321804E35E6 Validity Not Before: Oct 19 02:47:21 2025 GMT Not After : Oct 26 02:47:21 2025 GMT Subject: CN=68f45139-14e1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:f7:d8:28:04:fa:94:69:07:67:b8:21:4e:81: 48:e1:b5:9a:d9:d0:e2:3e:6c:40:1d:b3:49:75:5f: b6:27:4f:73:16:a5:e0:26:6c:44:22:6a:c7:63:c9: 92:f2:97:94:86:49:d0:4e:6f:8f:7e:18:02:1d:c0: 04:12:ba:9a:9a:a0:72:b9:83:d3:7c:be:38:00:15: aa:f8:93:86:b6:9a:dd:22:26:0e:d6:c4:b3:38:97: 64:bf:9a:d9:a6:c0:d5:09:56:d0:94:58:b2:98:39: d7:8b:01:75:60:89:4f:6a:49:bc:c1:11:90:95:6f: 75:6e:ca:5f:90:75:57:61:dd:18:79:3d:60:0c:ae: 49:18:a7:fb:e8:c8:69:85:c7:c2:a5:3f:dc:ba:d6: b7:0e:0b:33:84:9b:6e:73:14:80:d6:1a:04:24:2a: 15:d7:4d:0c:d4:ee:c0:ba:19:17:ba:d1:f0:94:e6: 86:5f:7d:00:9a:01:5d:11:4b:4e:4e:3a:e2:f5:a5: 9c:9f:73:46:f6:21:2e:ee:f2:ea:88:1d:74:5e:ed: b9:c4:b7:8a:0d:8f:d7:5e:1b:c7:5f:f5:d6:ab:e7: 82:9f:3f:c4:86:2e:1b:d1:e5:9f:31:d4:8a:9e:60: b2:f0:c8:52:52:d2:86:bf:2d:4c:61:2a:61:8d:41: 38:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:AF:4E:2B:FD:7C:91:E5:72:81:4A:E2:A2:99:88:B7:6F:DD:AA:F1 X509v3 Authority Key Identifier: keyid:96:E7:CC:77:A3:8E:3E:18:0B:F7:52:6B:A1:D9:53:21:80:4E:35:E6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lufMd6OOPhgL91JrodlTIYBONeY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916C4FA/B89BCBF4BA6A11EC82AC0787C4F9AE02/lufMd6OOPhgL91JrodlTIYBONeY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 48:f6:64:bc:44:7f:15:ff:4e:95:01:0a:29:89:7a:b7:79:8e: f1:54:71:3d:ef:3b:d4:31:62:62:80:42:f2:c3:3d:87:03:2a: 68:aa:ff:d7:1a:a9:84:97:36:d4:55:9e:50:e0:d7:b7:8b:e0: 4e:69:78:15:e1:77:13:1f:11:ff:0f:68:ae:20:80:a6:b1:72: 02:4e:29:2d:1b:f0:b4:cb:6e:36:d4:ad:b0:dd:84:0b:b8:4e: 11:9e:a4:7d:1b:05:26:41:31:a1:36:44:9a:bd:99:69:a4:32: a9:cb:52:7b:41:ba:40:f1:02:28:1e:6b:c7:5a:e5:6c:07:f4: 2c:02:49:56:ce:1f:55:9e:7b:0a:79:0f:c2:58:95:e1:b3:4d: f6:f6:3c:1f:9e:c4:37:d9:0c:2b:14:e7:d5:ab:bd:76:8d:bd: cc:a2:73:9f:38:9b:c0:62:3b:74:13:fc:51:8a:22:32:bf:13: 16:a1:11:98:47:59:0d:c6:46:d3:d9:9c:da:00:f8:98:e5:4d: 7c:34:fe:32:42:5c:a8:55:dd:c5:7f:a7:1a:e8:18:c4:87:45: e6:5f:5c:41:56:69:43:90:e3:30:10:a1:c0:42:b2:3b:b3:3c: f0:70:fd:8c:a9:5a:b1:e7:16:9d:c6:29:f9:a9:ec:1d:c9:95: 2d:2a:30:22 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NkM0RkExMTAvBgNVBAUTKDk2RTdDQzc3QTM4RTNFMTgwQkY3NTI2QkExRDk1MzIx ODA0RTM1RTYwHhcNMjUxMDE5MDI0NzIxWhcNMjUxMDI2MDI0NzIxWjAYMRYwFAYD VQQDEw02OGY0NTEzOS0xNGUxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw/fYKAT6lGkHZ7ghToFI4bWa2dDiPmxAHbNJdV+2J09zFqXgJmxEImrHY8mS 8peUhknQTm+PfhgCHcAEErqamqByuYPTfL44ABWq+JOGtprdIiYO1sSzOJdkv5rZ psDVCVbQlFiymDnXiwF1YIlPakm8wRGQlW91bspfkHVXYd0YeT1gDK5JGKf76Mhp hcfCpT/cuta3DgszhJtucxSA1hoEJCoV100M1O7AuhkXutHwlOaGX30AmgFdEUtO Tjri9aWcn3NG9iEu7vLqiB10Xu25xLeKDY/XXhvHX/XWq+eCnz/Ehi4b0eWfMdSK nmCy8MhSUtKGvy1MYSphjUE4IwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEuvTiv9 fJHlcoFK4qKZiLdv3arxMB8GA1UdIwQYMBaAFJbnzHejjj4YC/dSa6HZUyGATjXm MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2QzRGQS9CODlCQ0JGNEJB NkExMUVDODJBQzA3ODdDNEY5QUUwMi9sdWZNZDZPT1BoZ0w5MUpyb2RsVElZQk9O ZVkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2x1Zk1kNk9PUGhnTDkxSnJvZGxUSVlCT05lWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 QzRGQS9CODlCQ0JGNEJBNkExMUVDODJBQzA3ODdDNEY5QUUwMi9sdWZNZDZPT1Bo Z0w5MUpyb2RsVElZQk9OZVkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBI9mS8RH8V/06VAQopiXq3eY7xVHE97zvUMWJigELywz2HAypoqv/X GqmElzbUVZ5Q4Ne3i+BOaXgV4XcTHxH/D2iuIICmsXICTiktG/C0y2421K2w3YQL uE4RnqR9GwUmQTGhNkSavZlppDKpy1J7QbpA8QIoHmvHWuVsB/QsAklWzh9VnnsK eQ/CWJXhs0329jwfnsQ32QwrFOfVq712jb3MonOfOJvAYjt0E/xRiiIyvxMWoRGY R1kNxkbT2ZzaAPiY5U18NP4yQlyoVd3Ff6ca6BjEh0XmX1xBVmlDkOMwEKHAQrI7 szzwcP2MqVqx5xadxin5qewdyZUtKjAi -----END CERTIFICATE-----Generated at Tue Oct 21 02:26:13 2025 by rpki-client