$ rpki-client -vvf rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft File: 2QhMrcO-yMIAxalrcu2v1KAOrug.mft (raw, json) Hash identifier: F0NFFIS9hQ0dyoGHrJwnOfJNkSoIC3WMQC9Ats6ZVrw= Subject key identifier: DE:E9:3C:95:28:A0:7B:4C:6A:50:56:60:DB:E1:C6:61:CC:37:96:8A Authority key identifier: D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8 Certificate issuer: /CN=A91719F1/serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8 Certificate serial: 0295 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft Manifest number: 028E Signing time: Sun 19 Oct 2025 03:47:39 +0000 Manifest this update: Sun 19 Oct 2025 03:47:39 +0000 Manifest next update: Sun 26 Oct 2025 03:47:38 +0000 Files and hashes: 1: 2QhMrcO-yMIAxalrcu2v1KAOrug.crl (hash: Avi2lF44RKWPtM1HKQejN1ou2yaqYtrJgZSP1mIMR60=) 2: 00724F9621F111ED93774B6EC4F9AE02.roa (hash: 1MS8BgQSeLxFZfjzI2XVs+BA1y3N2nYBN3Uvkoalvq8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 03:47:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 661 (0x295) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91719F1, serialNumber=D9084CADC3BEC8C200C5A96B72EDAFD4A00EAEE8 Validity Not Before: Oct 19 03:47:39 2025 GMT Not After : Oct 26 03:47:38 2025 GMT Subject: CN=68f45f5b-ee78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:95:16:09:19:b0:d8:3e:cd:13:29:6a:54:b3: ed:29:9e:62:de:f0:92:17:79:23:37:32:20:0c:9f: d1:72:57:2f:8b:5f:9c:b9:ef:30:d9:8a:44:ed:96: 4c:72:34:9d:90:40:c2:1a:42:0c:46:a4:63:f2:15: 01:92:b0:de:17:bb:f3:78:54:ec:11:83:ae:50:ad: 8a:29:6b:17:b7:a7:e3:ed:fb:74:26:77:b4:2a:db: 82:42:70:98:1f:3b:36:52:52:71:06:f4:2f:85:2a: c1:ac:16:fa:7f:57:84:1d:99:61:b4:ce:bc:26:73: 9f:c2:8a:b4:5d:34:c5:ab:e0:94:fd:dd:01:68:ca: 9a:c5:5c:ee:4d:59:76:22:1b:60:cb:10:2a:20:2f: c3:60:42:f7:f1:46:5d:99:98:45:2c:19:5a:81:8f: 6a:6c:56:72:27:6b:86:26:9b:ba:b5:67:ba:46:70: 7a:f8:9a:6f:f3:b5:e9:92:37:85:ff:79:85:fa:93: 99:ce:10:64:cf:a8:20:fe:36:ab:c1:98:8b:c1:ea: 42:cd:f6:14:09:5f:3d:49:d7:55:d7:ea:f6:96:29: e6:42:d7:d1:76:50:24:d5:c4:a4:3d:01:57:bf:75: c9:88:fc:dd:b1:9a:eb:85:0f:5f:99:99:7e:24:39: 44:e3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DE:E9:3C:95:28:A0:7B:4C:6A:50:56:60:DB:E1:C6:61:CC:37:96:8A X509v3 Authority Key Identifier: keyid:D9:08:4C:AD:C3:BE:C8:C2:00:C5:A9:6B:72:ED:AF:D4:A0:0E:AE:E8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2QhMrcO-yMIAxalrcu2v1KAOrug.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91719F1/695F93FE21EE11EDB4C8BD6CC4F9AE02/2QhMrcO-yMIAxalrcu2v1KAOrug.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 2d:48:cc:8b:5b:13:01:bc:77:7e:4a:27:bd:f2:da:d6:87:55: 75:6e:d8:e3:bf:bd:9c:58:51:49:92:9c:c3:d3:ff:36:bf:c3: 17:d7:24:ce:84:41:e4:1a:8b:08:2a:f1:d3:41:f9:ce:5c:f7: 9d:a7:4f:ff:04:35:0b:73:b4:66:d4:2b:11:89:d3:a2:bb:75: 59:69:74:80:20:60:ab:14:0e:7f:bd:c8:80:dc:c0:a5:e9:ce: 6a:c2:c5:6a:54:d3:d0:75:47:2d:ea:51:5d:5d:e9:aa:e5:aa: ac:6a:e1:d0:0d:09:8a:b2:e5:32:bb:2a:f2:12:f1:42:99:18: f5:9f:7a:b4:43:54:d5:81:1d:0e:3f:f6:ff:14:71:8a:b0:83: 57:ff:88:7c:76:17:f2:8c:51:56:ee:f9:d8:80:fd:a8:d1:88: ce:f8:77:3c:6e:a1:63:1f:ef:dc:d8:b2:7b:3a:6d:ae:26:e3: 56:e3:07:7c:2b:30:cb:1c:b2:10:25:9a:a4:d7:9f:50:b4:0c: bb:13:d2:c8:fa:d5:12:7e:42:55:45:35:d2:a0:25:96:dc:92: 7f:14:7b:73:7a:97:78:84:ef:4f:22:a2:b9:d9:db:27:f0:98: da:9b:eb:16:c8:5e:d3:bc:9d:3f:37:dc:24:b5:fa:fd:f2:d4: 95:b5:43:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE5RjExMTAvBgNVBAUTKEQ5MDg0Q0FEQzNCRUM4QzIwMEM1QTk2QjcyRURBRkQ0 QTAwRUFFRTgwHhcNMjUxMDE5MDM0NzM5WhcNMjUxMDI2MDM0NzM4WjAYMRYwFAYD VQQDEw02OGY0NWY1Yi1lZTc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAppUWCRmw2D7NEylqVLPtKZ5i3vCSF3kjNzIgDJ/Rclcvi1+cue8w2YpE7ZZM cjSdkEDCGkIMRqRj8hUBkrDeF7vzeFTsEYOuUK2KKWsXt6fj7ft0Jne0KtuCQnCY Hzs2UlJxBvQvhSrBrBb6f1eEHZlhtM68JnOfwoq0XTTFq+CU/d0BaMqaxVzuTVl2 IhtgyxAqIC/DYEL38UZdmZhFLBlagY9qbFZyJ2uGJpu6tWe6RnB6+Jpv87XpkjeF /3mF+pOZzhBkz6gg/jarwZiLwepCzfYUCV89SddV1+r2linmQtfRdlAk1cSkPQFX v3XJiPzdsZrrhQ9fmZl+JDlE4wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFN7pPJUo oHtMalBWYNvhxmHMN5aKMB8GA1UdIwQYMBaAFNkITK3DvsjCAMWpa3Ltr9SgDq7o MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTlGMS82OTVGOTNGRTIx RUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlNSUF4YWxyY3UydjFLQU9y dWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJRaE1yY08teU1JQXhhbHJjdTJ2MUtBT3J1Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTlGMS82OTVGOTNGRTIxRUUxMUVEQjRDOEJENkNDNEY5QUUwMi8yUWhNcmNPLXlN SUF4YWxyY3UydjFLQU9ydWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAtSMyLWxMBvHd+Sie98trWh1V1btjjv72cWFFJkpzD0/82v8MX1yTO hEHkGosIKvHTQfnOXPedp0//BDULc7Rm1CsRidOiu3VZaXSAIGCrFA5/vciA3MCl 6c5qwsVqVNPQdUct6lFdXemq5aqsauHQDQmKsuUyuyryEvFCmRj1n3q0Q1TVgR0O P/b/FHGKsINX/4h8dhfyjFFW7vnYgP2o0YjO+Hc8bqFjH+/c2LJ7Om2uJuNW4wd8 KzDLHLIQJZqk159QtAy7E9LI+tUSfkJVRTXSoCWW3JJ/FHtzepd4hO9PIqK52dsn 8Jjam+sWyF7TvJ0/N9wktfr98tSVtUOv -----END CERTIFICATE-----Generated at Mon Oct 20 01:44:53 2025 by rpki-client