$ rpki-client -vvf rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft File: 2CVmixrBt_OBXwe82lfnSMSWSpo.mft (raw, json) Hash identifier: VAjk5tzErpGoSzm9lm9Md3nip2OGBZIBgSCdDau7HVU= Subject key identifier: F2:E7:F9:FF:6F:C4:9B:0D:65:1C:38:42:7C:EB:5D:6C:76:73:4C:7A Authority key identifier: D8:25:66:8B:1A:C1:B7:F3:81:5F:07:BC:DA:57:E7:48:C4:96:4A:9A Certificate issuer: /CN=A91756C3/serialNumber=D825668B1AC1B7F3815F07BCDA57E748C4964A9A Certificate serial: 89 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft Manifest number: 87 Signing time: Sun 19 Oct 2025 09:53:45 +0000 Manifest this update: Sun 19 Oct 2025 09:53:44 +0000 Manifest next update: Sun 26 Oct 2025 09:53:44 +0000 Files and hashes: 1: 2CVmixrBt_OBXwe82lfnSMSWSpo.crl (hash: rEcsFJO5oWNJlyi6jl3Tps6Pets3zTKgpELWKgTNiII=) 2: 00078764E06811EF8716401DC4F9AE02.roa (hash: LbImQdZW2RSWgtVHcpBhymJAYl7D/59tKMuTPJC97Bo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.crl rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:53:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 137 (0x89) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91756C3, serialNumber=D825668B1AC1B7F3815F07BCDA57E748C4964A9A Validity Not Before: Oct 19 09:53:44 2025 GMT Not After : Oct 26 09:53:44 2025 GMT Subject: CN=68f4b528-9d07 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:a3:27:5f:41:af:35:3c:ac:5f:9c:ef:9a:41: 46:24:9e:60:e0:c3:c3:2e:26:df:f6:5a:51:78:f9: ef:61:77:35:de:8b:fe:4d:d3:69:95:5d:69:47:9f: fc:76:ba:13:2a:0e:a7:20:d1:a3:45:08:0e:fa:50: 5a:84:88:2e:5d:30:a7:d9:57:17:69:eb:ae:e4:c7: b6:48:20:78:90:fc:5b:5c:0f:6d:6b:92:f7:08:63: ca:e0:47:d6:10:00:39:bf:8c:01:2c:19:71:59:5e: f3:fa:df:a8:de:0a:36:dc:e6:f0:74:d9:2f:7e:09: e9:91:ab:f9:aa:96:d0:4c:34:45:00:2e:1f:03:92: b3:52:1b:32:9c:ee:47:43:10:4d:fe:97:cc:ab:33: 2c:c9:43:ff:13:74:a4:32:c2:06:bb:06:5f:a4:d1: df:97:dd:6f:1e:e0:20:87:e9:a2:a5:a6:15:b8:af: e7:fc:3b:3c:18:2d:59:c4:17:f4:1b:57:c2:d0:fc: 6c:25:ac:bc:32:53:d7:4f:9d:92:00:41:11:2b:f6: 75:2e:a8:7f:f9:c1:78:ed:24:7c:52:83:b4:f6:1d: b7:e7:d7:56:f6:fc:77:17:f9:ea:f2:24:08:99:77: 3a:6d:b4:fd:34:52:9e:44:d7:28:ac:e3:73:83:d8: 09:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F2:E7:F9:FF:6F:C4:9B:0D:65:1C:38:42:7C:EB:5D:6C:76:73:4C:7A X509v3 Authority Key Identifier: keyid:D8:25:66:8B:1A:C1:B7:F3:81:5F:07:BC:DA:57:E7:48:C4:96:4A:9A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2CVmixrBt_OBXwe82lfnSMSWSpo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91756C3/5BF5192AE06711EFBC3D171BC4F9AE02/2CVmixrBt_OBXwe82lfnSMSWSpo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 46:cc:6e:5b:63:02:ad:09:48:20:79:be:41:4e:83:1a:34:11: c2:4b:78:94:c8:11:dc:59:b8:fb:d7:a3:94:ce:4e:ae:f4:9c: 1a:df:73:35:b3:4b:e5:39:0b:91:e3:19:4b:4b:5b:f3:ab:6c: 96:73:39:da:b6:68:52:d0:c4:ad:2a:b7:41:9e:59:d9:38:49: ae:5d:73:83:da:96:0f:ae:36:9d:04:7c:0e:17:f7:9e:07:b0: d0:ff:57:4b:f4:f3:7e:49:e2:f1:08:90:03:77:d9:5b:f4:68: fb:b5:67:9c:56:13:ad:d8:9f:bb:db:f7:4e:6d:dd:70:85:b5: 41:15:00:c0:13:73:5f:a9:a6:5d:ed:c7:3f:95:c6:f2:09:f0: 8d:b6:2e:73:28:e5:30:80:47:d3:ae:74:4c:5f:26:7e:a7:71: 7a:52:da:37:73:9a:57:d8:bf:6d:e2:5f:50:65:a6:3c:3c:b8: d0:a7:11:69:1a:e8:c4:ff:c4:8f:ba:86:da:c7:48:8f:36:f9: d4:a6:98:9e:d8:c4:6e:1f:ec:06:f2:4c:b4:b1:26:c0:d5:ce: 6b:ec:03:d4:c2:a5:5e:a6:c8:99:a3:92:77:cf:0b:e9:8d:2d: 3b:06:08:4d:c3:1b:f1:a4:01:29:7f:cc:b0:fe:52:71:02:18: 23:f5:ad:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAIkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzU2QzMxMTAvBgNVBAUTKEQ4MjU2NjhCMUFDMUI3RjM4MTVGMDdCQ0RBNTdFNzQ4 QzQ5NjRBOUEwHhcNMjUxMDE5MDk1MzQ0WhcNMjUxMDI2MDk1MzQ0WjAYMRYwFAYD VQQDEw02OGY0YjUyOC05ZDA3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAraMnX0GvNTysX5zvmkFGJJ5g4MPDLibf9lpRePnvYXc13ov+TdNplV1pR5/8 droTKg6nINGjRQgO+lBahIguXTCn2VcXaeuu5Me2SCB4kPxbXA9ta5L3CGPK4EfW EAA5v4wBLBlxWV7z+t+o3go23ObwdNkvfgnpkav5qpbQTDRFAC4fA5KzUhsynO5H QxBN/pfMqzMsyUP/E3SkMsIGuwZfpNHfl91vHuAgh+mipaYVuK/n/Ds8GC1ZxBf0 G1fC0PxsJay8MlPXT52SAEERK/Z1Lqh/+cF47SR8UoO09h2359dW9vx3F/nq8iQI mXc6bbT9NFKeRNcorONzg9gJbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPLn+f9v xJsNZRw4QnzrXWx2c0x6MB8GA1UdIwQYMBaAFNglZosawbfzgV8HvNpX50jElkqa MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3NTZDMy81QkY1MTkyQUUw NjcxMUVGQkMzRDE3MUJDNEY5QUUwMi8yQ1ZtaXhyQnRfT0JYd2U4MmxmblNNU1dT cG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJDVm1peHJCdF9PQlh3ZTgybGZuU01TV1Nwby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 NTZDMy81QkY1MTkyQUUwNjcxMUVGQkMzRDE3MUJDNEY5QUUwMi8yQ1ZtaXhyQnRf T0JYd2U4MmxmblNNU1dTcG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBGzG5bYwKtCUggeb5BToMaNBHCS3iUyBHcWbj716OUzk6u9Jwa33M1 s0vlOQuR4xlLS1vzq2yWcznatmhS0MStKrdBnlnZOEmuXXOD2pYPrjadBHwOF/ee B7DQ/1dL9PN+SeLxCJADd9lb9Gj7tWecVhOt2J+72/dObd1whbVBFQDAE3NfqaZd 7cc/lcbyCfCNti5zKOUwgEfTrnRMXyZ+p3F6Uto3c5pX2L9t4l9QZaY8PLjQpxFp GujE/8SPuobax0iPNvnUppie2MRuH+wG8ky0sSbA1c5r7APUwqVepsiZo5J3zwvp jS07BghNwxvxpAEpf8yw/lJxAhgj9a0F -----END CERTIFICATE-----Generated at Mon Oct 20 13:56:56 2025 by rpki-client