$ rpki-client -vvf rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft File: 2OexX5y5FnTlEn_UBtfZ5xjgirA.mft (raw, json) Hash identifier: 7rpdG6I9fYV7rVDzfy2U2P7LKbXHNp0vv2Flqk899wA= Subject key identifier: 7E:89:2B:B7:AE:2E:C6:BB:19:D3:36:D0:8E:7F:05:E2:77:C3:91:42 Authority key identifier: D8:E7:B1:5F:9C:B9:16:74:E5:12:7F:D4:06:D7:D9:E7:18:E0:8A:B0 Certificate issuer: /CN=A917E27F/serialNumber=D8E7B15F9CB91674E5127FD406D7D9E718E08AB0 Certificate serial: 2B Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2OexX5y5FnTlEn_UBtfZ5xjgirA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft Manifest number: 2A Signing time: Sun 19 Oct 2025 11:15:31 +0000 Manifest this update: Sun 19 Oct 2025 11:15:30 +0000 Manifest next update: Sun 26 Oct 2025 11:15:30 +0000 Files and hashes: 1: 2OexX5y5FnTlEn_UBtfZ5xjgirA.crl (hash: NK4nlQmasyw/dWpl52zZNcOB/nBscrN0igx6/rnUKmA=) 2: 4197AB74735611F080D68151C4F9AE02.roa (hash: uw93y6FGovmGq+bi/XnqUmoXwqLRFeM+9sTlrsvluUo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.crl rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2OexX5y5FnTlEn_UBtfZ5xjgirA.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 11:15:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 43 (0x2b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917E27F, serialNumber=D8E7B15F9CB91674E5127FD406D7D9E718E08AB0 Validity Not Before: Oct 19 11:15:30 2025 GMT Not After : Oct 26 11:15:30 2025 GMT Subject: CN=68f4c853-4884 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:1f:e7:76:4f:3e:a4:66:ea:a4:06:c7:de:fb: 80:fa:75:77:a6:98:2a:c8:a0:24:fb:21:55:04:12: 48:2e:19:48:8c:56:a6:06:7d:ef:e2:55:8b:73:2e: 37:6c:95:00:a2:34:10:3d:78:f0:a2:b6:ad:90:0e: 89:f1:2c:c8:91:48:dd:be:83:04:9d:58:6f:e3:e9: ab:0e:25:f3:a2:36:89:d1:84:24:6a:59:63:33:af: cd:67:67:13:cc:4d:c6:7e:60:bc:da:d5:c6:83:a3: 69:57:76:56:54:4d:de:be:e2:a3:ff:26:d9:0a:04: 9e:10:c0:3e:68:56:2b:58:7b:c2:19:af:f8:17:30: 2c:6c:73:94:ce:aa:01:80:d3:9a:b7:b4:68:f4:0d: 3f:ae:61:ab:84:53:e5:f0:46:3c:76:d2:4e:a3:cd: e4:e8:fe:54:ec:9d:81:df:a4:5d:bd:52:58:f3:cd: c5:a0:ad:76:83:c7:56:0f:55:47:b2:43:6f:33:d4: b6:65:19:e5:4f:5d:db:28:1f:9d:3c:9f:cc:bd:67: 6a:7a:67:45:3f:ee:94:05:2f:37:22:79:8e:00:44: fd:8b:14:49:18:44:04:8a:66:44:43:49:40:ed:e4: da:a5:c2:18:bb:bb:34:68:a7:5e:eb:c0:d7:93:45: 7d:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7E:89:2B:B7:AE:2E:C6:BB:19:D3:36:D0:8E:7F:05:E2:77:C3:91:42 X509v3 Authority Key Identifier: keyid:D8:E7:B1:5F:9C:B9:16:74:E5:12:7F:D4:06:D7:D9:E7:18:E0:8A:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/2OexX5y5FnTlEn_UBtfZ5xjgirA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917E27F/769D2D6672B711F09C04690DC4F9AE02/2OexX5y5FnTlEn_UBtfZ5xjgirA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5b:8e:e7:5e:8e:57:c2:27:24:c4:0b:47:f9:7a:c0:1c:7c:fc: a2:e6:da:4e:e7:79:0c:dc:1b:b2:94:48:93:ae:10:8c:59:24: 28:ec:1d:ea:a9:01:dc:31:92:6f:c5:12:f1:d0:7e:fc:09:24: b5:e9:20:ab:7a:07:0d:01:34:1f:15:14:61:a6:61:f0:9d:25: 02:05:dd:82:9f:81:2e:0f:bd:dc:97:e9:55:06:da:84:76:92: 81:cc:bf:6d:00:7e:46:fe:c7:9b:b5:0b:63:dd:76:2d:cc:ed: 24:13:55:2f:8c:67:d8:83:47:ef:57:11:1b:19:c5:7a:12:25: ae:2b:36:6d:64:d4:4d:6c:dd:b7:e8:d2:31:ea:bc:f7:31:e1: 49:e0:be:d1:b0:da:b5:3b:5d:94:6b:1b:90:df:78:78:ba:1d: 1f:67:2d:3e:d4:06:c2:3d:fd:a1:4f:37:50:bd:ae:b6:6d:1c: a1:57:9e:1d:a3:d7:f3:bb:5b:9c:cb:c9:d8:23:9e:02:00:34: b3:36:d1:ee:fb:4e:b5:43:61:c9:96:d1:fb:a4:6a:3a:06:6b: ea:99:be:87:76:bc:9f:6d:5a:79:04:82:dc:e3:08:22:1f:31: 7f:53:46:51:4a:6d:5d:d2:6a:c7:fa:8e:9e:9f:bd:1e:22:5c: 82:4c:e8:5b -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBKzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE3 RTI3RjExMC8GA1UEBRMoRDhFN0IxNUY5Q0I5MTY3NEU1MTI3RkQ0MDZEN0Q5RTcx OEUwOEFCMDAeFw0yNTEwMTkxMTE1MzBaFw0yNTEwMjYxMTE1MzBaMBgxFjAUBgNV BAMTDTY4ZjRjODUzLTQ4ODQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC3H+d2Tz6kZuqkBsfe+4D6dXemmCrIoCT7IVUEEkguGUiMVqYGfe/iVYtzLjds lQCiNBA9ePCitq2QDonxLMiRSN2+gwSdWG/j6asOJfOiNonRhCRqWWMzr81nZxPM TcZ+YLza1caDo2lXdlZUTd6+4qP/JtkKBJ4QwD5oVitYe8IZr/gXMCxsc5TOqgGA 05q3tGj0DT+uYauEU+XwRjx20k6jzeTo/lTsnYHfpF29UljzzcWgrXaDx1YPVUey Q28z1LZlGeVPXdsoH508n8y9Z2p6Z0U/7pQFLzcieY4ARP2LFEkYRASKZkRDSUDt 5Nqlwhi7uzRop17rwNeTRX39AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUfokrt64u xrsZ0zbQjn8F4nfDkUIwHwYDVR0jBBgwFoAU2OexX5y5FnTlEn/UBtfZ5xjgirAw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdFMjdGLzc2OUQyRDY2NzJC NzExRjA5QzA0NjkwREM0RjlBRTAyLzJPZXhYNXk1Rm5UbEVuX1VCdGZaNXhqZ2ly QS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvMk9leFg1eTVGblRsRW5fVUJ0Zlo1eGpnaXJBLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTdF MjdGLzc2OUQyRDY2NzJCNzExRjA5QzA0NjkwREM0RjlBRTAyLzJPZXhYNXk1Rm5U bEVuX1VCdGZaNXhqZ2lyQS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFuO516OV8InJMQLR/l6wBx8/KLm2k7neQzcG7KUSJOuEIxZJCjsHeqp Adwxkm/FEvHQfvwJJLXpIKt6Bw0BNB8VFGGmYfCdJQIF3YKfgS4PvdyX6VUG2oR2 koHMv20Afkb+x5u1C2Pddi3M7SQTVS+MZ9iDR+9XERsZxXoSJa4rNm1k1E1s3bfo 0jHqvPcx4UngvtGw2rU7XZRrG5DfeHi6HR9nLT7UBsI9/aFPN1C9rrZtHKFXnh2j 1/O7W5zLydgjngIANLM20e77TrVDYcmW0fukajoGa+qZvod2vJ9tWnkEgtzjCCIf MX9TRlFKbV3Sasf6jp6fvR4iXIJM6Fs= -----END CERTIFICATE-----Generated at Mon Oct 20 21:01:25 2025 by rpki-client