$ rpki-client -vvf rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.mft File: NUOeC_NciIu4TRsk7N5wYM90TpE.mft (raw, json) Hash identifier: dBnFm+406/J9nnhI8Ba2a1c0pzZqia7AEUM4XrqHAxg= Subject key identifier: 27:61:85:A9:21:D2:92:F2:06:13:1B:72:0E:7F:AC:E3:06:F6:4B:02 Authority key identifier: 35:43:9E:0B:F3:5C:88:8B:B8:4D:1B:24:EC:DE:70:60:CF:74:4E:91 Certificate issuer: /CN=A917C422/serialNumber=35439E0BF35C888BB84D1B24ECDE7060CF744E91 Certificate serial: 2BBB Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NUOeC_NciIu4TRsk7N5wYM90TpE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.mft Manifest number: 2BA5 Signing time: Mon 20 Oct 2025 14:27:18 +0000 Manifest this update: Mon 20 Oct 2025 14:27:17 +0000 Manifest next update: Mon 27 Oct 2025 14:27:17 +0000 Files and hashes: 1: NUOeC_NciIu4TRsk7N5wYM90TpE.crl (hash: XQyDManQFCNQdEJFDGhLR7Sq3EYUh/DrVPi4m5keyrs=) 2: F645F318500C11EBA2295426C4F9AE02.roa (hash: NK9ND6m4XQQdYJfdTkVni6Vzs2GTwmWQ7OeeG3lJVUs=) 3: 6313DADA500011EBB74A2C2AC4F9AE02.roa (hash: Dh1mpv4UoWbEEeCnj4hWDVua0Kb3Ya4BmP9+TVk00i8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.crl rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NUOeC_NciIu4TRsk7N5wYM90TpE.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 14:27:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 11195 (0x2bbb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917C422, serialNumber=35439E0BF35C888BB84D1B24ECDE7060CF744E91 Validity Not Before: Oct 20 14:27:17 2025 GMT Not After : Oct 27 14:27:17 2025 GMT Subject: CN=68f646c5-bd98 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:40:67:d4:8d:83:b1:83:91:17:1d:5f:1b:93: 51:21:aa:1b:a2:6f:4c:d7:4d:af:ad:c1:55:45:d1: b4:70:20:95:94:3f:e3:e1:ad:13:cf:a5:f1:ed:14: e7:c3:af:d8:4c:ff:43:51:6b:e7:73:83:37:b8:7f: a8:fc:e6:ed:f0:d7:ba:20:9b:c2:da:d5:21:23:46: 62:b0:ae:71:93:b7:8c:93:e7:d5:b5:1a:c0:cf:6f: 51:1b:76:e7:25:72:1d:cd:09:24:46:74:26:ff:41: 14:09:cd:16:f7:a0:48:a8:f4:14:35:6f:65:c3:bf: 67:f8:d9:5b:40:3e:59:6d:24:32:19:00:0e:3c:b8: 08:51:fe:89:69:c0:13:68:fc:b1:5a:86:6b:03:55: 92:16:55:b1:c4:e6:35:56:57:36:d6:75:9c:82:ba: d5:29:4f:83:11:e4:b8:09:9c:73:93:a4:7e:c1:9a: 0e:b8:be:9b:f9:31:78:5f:74:5b:bc:b3:f5:f4:ab: 0c:df:29:ee:20:1d:90:24:2f:16:93:eb:0c:a0:b5: 31:a0:67:61:76:ad:ea:af:48:d6:7a:08:9e:9e:34: bc:b4:24:78:1a:88:f3:55:d8:24:a2:6c:33:c5:c5: b1:56:20:87:fd:4e:dd:16:e6:73:83:ec:d6:89:09: 14:0f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 27:61:85:A9:21:D2:92:F2:06:13:1B:72:0E:7F:AC:E3:06:F6:4B:02 X509v3 Authority Key Identifier: keyid:35:43:9E:0B:F3:5C:88:8B:B8:4D:1B:24:EC:DE:70:60:CF:74:4E:91 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/NUOeC_NciIu4TRsk7N5wYM90TpE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917C422/3E745368ED5511E38072C57E5911EA32/NUOeC_NciIu4TRsk7N5wYM90TpE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 29:66:e8:de:89:67:a3:69:b5:8e:d9:9a:70:fd:ef:a5:08:1a: ba:f8:47:0a:28:5d:96:25:d2:44:44:50:49:1a:12:6d:ef:77: ba:a5:6f:37:11:32:8b:73:c6:8a:ba:20:1d:c4:cb:32:8f:5a: 15:5a:ae:c1:11:4e:91:e2:8d:c5:65:fb:99:cf:96:69:25:68: 0f:61:50:12:0c:42:02:b8:ab:46:d0:06:da:de:17:cd:a4:39: 86:3c:95:b9:ff:1a:dd:d0:87:64:a0:00:54:99:b1:c1:19:e8: a6:af:40:09:70:5e:64:f5:64:08:0e:2c:d5:4a:85:f2:79:36: d6:0e:0f:ca:62:16:10:59:7e:e4:ff:70:f2:44:f5:9e:4c:8c: f1:ee:c4:69:21:69:91:98:9c:e9:47:14:41:13:36:c8:ec:30: 00:fe:f4:a7:79:4b:73:32:8d:bb:d5:f1:f2:23:5a:10:74:8a: 06:fc:13:2b:fc:6b:18:03:4d:94:58:dc:be:c2:cd:d5:58:57: 29:61:a8:da:40:38:19:ac:23:75:a6:62:3b:2c:e7:da:ef:69: 4c:1e:2f:ea:1f:93:d7:95:da:74:b1:3c:0f:d6:94:29:aa:47: cd:27:d5:89:29:a1:28:a3:db:3f:ae:12:42:d5:7a:53:d9:6b: 16:5a:78:eb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICK7swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx N0M0MjIxMTAvBgNVBAUTKDM1NDM5RTBCRjM1Qzg4OEJCODREMUIyNEVDREU3MDYw Q0Y3NDRFOTEwHhcNMjUxMDIwMTQyNzE3WhcNMjUxMDI3MTQyNzE3WjAYMRYwFAYD VQQDEw02OGY2NDZjNS1iZDk4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuUBn1I2DsYORFx1fG5NRIaobom9M102vrcFVRdG0cCCVlD/j4a0Tz6Xx7RTn w6/YTP9DUWvnc4M3uH+o/Obt8Ne6IJvC2tUhI0ZisK5xk7eMk+fVtRrAz29RG3bn JXIdzQkkRnQm/0EUCc0W96BIqPQUNW9lw79n+NlbQD5ZbSQyGQAOPLgIUf6JacAT aPyxWoZrA1WSFlWxxOY1Vlc21nWcgrrVKU+DEeS4CZxzk6R+wZoOuL6b+TF4X3Rb vLP19KsM3ynuIB2QJC8Wk+sMoLUxoGdhdq3qr0jWegienjS8tCR4GojzVdgkomwz xcWxViCH/U7dFuZzg+zWiQkUDwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCdhhakh 0pLyBhMbcg5/rOMG9ksCMB8GA1UdIwQYMBaAFDVDngvzXIiLuE0bJOzecGDPdE6R MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3QzQyMi8zRTc0NTM2OEVE NTUxMUUzODA3MkM1N0U1OTExRUEzMi9OVU9lQ19OY2lJdTRUUnNrN041d1lNOTBU cEUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL05VT2VDX05jaUl1NFRSc2s3TjV3WU05MFRwRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 QzQyMi8zRTc0NTM2OEVENTUxMUUzODA3MkM1N0U1OTExRUEzMi9OVU9lQ19OY2lJ dTRUUnNrN041d1lNOTBUcEUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQApZujeiWejabWO2Zpw/e+lCBq6+EcKKF2WJdJERFBJGhJt73e6pW83 ETKLc8aKuiAdxMsyj1oVWq7BEU6R4o3FZfuZz5ZpJWgPYVASDEICuKtG0Aba3hfN pDmGPJW5/xrd0IdkoABUmbHBGeimr0AJcF5k9WQIDizVSoXyeTbWDg/KYhYQWX7k /3DyRPWeTIzx7sRpIWmRmJzpRxRBEzbI7DAA/vSneUtzMo271fHyI1oQdIoG/BMr /GsYA02UWNy+ws3VWFcpYajaQDgZrCN1pmI7LOfa72lMHi/qH5PXldp0sTwP1pQp qkfNJ9WJKaEoo9s/rhJC1XpT2WsWWnjr -----END CERTIFICATE-----Generated at Tue Oct 21 10:42:11 2025 by rpki-client