$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft File: 2H4ClpVGrcVaesygjK2yh5vGmck.mft (raw, json) Hash identifier: 4/ii1u8kdgcP6na/qp3YLCvv2uFk+ahBGphWXNOOXFo= Subject key identifier: 4B:82:B9:D2:BB:7C:89:1E:A2:1C:38:FF:1B:EA:B8:F8:33:9D:80:A9 Authority key identifier: D8:7E:02:96:95:46:AD:C5:5A:7A:CC:A0:8C:AD:B2:87:9B:C6:99:C9 Certificate issuer: /CN=A9185B5F/serialNumber=D87E02969546ADC55A7ACCA08CADB2879BC699C9 Certificate serial: 01CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft Manifest number: 01CB Signing time: Sun 19 Oct 2025 05:21:09 +0000 Manifest this update: Sun 19 Oct 2025 05:21:09 +0000 Manifest next update: Sun 26 Oct 2025 05:21:09 +0000 Files and hashes: 1: 2H4ClpVGrcVaesygjK2yh5vGmck.crl (hash: zLxyLZ5tj5oxutYAjSolaFziir6D2h0ecmbTZM+nWFQ=) 2: A4B0D326F0A311ED99A1471CC4F9AE02.roa (hash: 0/Ic5iho+pqF4si9nqRdEW+r600hwTvuyP9trzSoxtE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.crl rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 05:21:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 463 (0x1cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B5F, serialNumber=D87E02969546ADC55A7ACCA08CADB2879BC699C9 Validity Not Before: Oct 19 05:21:09 2025 GMT Not After : Oct 26 05:21:09 2025 GMT Subject: CN=68f47545-c137 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:da:51:f0:e4:33:de:84:d2:a5:f0:51:46:2e: a6:4a:0b:d7:ac:82:78:7d:0a:bc:2e:7c:f3:cc:95: 4b:b8:36:66:bc:ce:7d:a7:b1:da:6d:b4:fc:89:f1: b3:55:19:90:47:a9:8e:26:c9:ec:ba:cd:d1:a4:43: e0:ce:e3:6f:54:c5:36:fa:9b:3f:79:9a:76:61:9d: ca:f2:e3:a7:91:c5:38:b7:3f:c6:e7:86:e6:3f:e6: 7c:ad:7d:de:b7:d6:ac:d8:c6:49:8f:cc:21:f1:c1: 5d:60:ea:2b:e3:1c:20:7e:9e:6b:e6:88:fd:09:47: cf:6c:ff:9e:cc:38:96:6b:46:e5:00:83:fe:54:08: 89:e0:86:29:69:0e:55:c3:b8:ec:95:1a:db:76:90: 8e:ef:a6:fe:4e:b2:43:5e:e3:cd:d1:25:36:0f:e0: 6d:64:46:27:47:d8:aa:87:5b:a4:94:53:03:b3:36: 3d:d0:4b:f6:49:2b:36:7a:02:b4:e2:b1:af:ad:05: 19:c0:d9:ec:b3:00:da:76:dd:57:14:78:a7:f2:9f: b7:42:e4:99:cb:f0:b9:1e:9c:e0:d2:f9:98:65:9f: 7d:e5:4e:eb:2a:11:cd:f1:70:de:8d:a4:1d:41:f7: 3a:03:b2:d6:f5:31:52:b9:88:17:eb:5f:61:67:9c: 88:7d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4B:82:B9:D2:BB:7C:89:1E:A2:1C:38:FF:1B:EA:B8:F8:33:9D:80:A9 X509v3 Authority Key Identifier: keyid:D8:7E:02:96:95:46:AD:C5:5A:7A:CC:A0:8C:AD:B2:87:9B:C6:99:C9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2H4ClpVGrcVaesygjK2yh5vGmck.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B5F/8E418020F09B11EDA606BD62C4F9AE02/2H4ClpVGrcVaesygjK2yh5vGmck.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:30:9f:95:29:3e:b3:19:ad:05:d6:40:0b:b3:55:94:2f:3a: 3a:00:a1:4f:62:37:83:d9:70:fe:42:d4:c8:f3:ab:54:cf:a8: e0:5c:13:4d:00:c9:67:64:19:72:a6:7e:ce:77:cd:84:d3:1e: 3a:7c:6d:ba:95:8f:3d:2f:d8:9d:4b:ff:ee:e4:db:67:eb:9c: 57:a4:ce:ec:f5:d7:48:a3:2e:42:94:9b:8f:1f:d1:f7:81:14: e1:b6:83:6c:c4:39:ab:9f:62:59:93:cf:0b:34:62:12:ea:59: c8:40:11:a7:d2:25:54:52:60:03:29:31:b5:3e:82:ae:32:f6: e7:b2:11:fb:ec:bb:3c:33:13:1d:f7:92:5f:f7:50:ce:a7:57: d5:14:08:4b:28:91:e6:58:da:a2:4e:a9:4d:1a:5c:df:dd:e5: 96:b2:1c:a2:02:74:75:a7:f5:ef:03:88:1e:c8:ac:0e:69:ae: 65:8b:fb:3b:31:84:57:de:b9:8e:97:1b:0a:ee:75:00:df:9e: 2e:74:1f:6b:c0:98:16:49:84:3c:95:5a:45:ea:7e:76:03:49: 82:62:17:87:96:dd:32:bb:c0:51:cd:c2:bb:54:9a:39:e6:7c: 29:59:60:e3:16:f1:ad:a3:de:3f:fd:cf:a3:bd:9c:86:82:02: 08:8c:08:e3 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAc8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCNUYxMTAvBgNVBAUTKEQ4N0UwMjk2OTU0NkFEQzU1QTdBQ0NBMDhDQURCMjg3 OUJDNjk5QzkwHhcNMjUxMDE5MDUyMTA5WhcNMjUxMDI2MDUyMTA5WjAYMRYwFAYD VQQDEw02OGY0NzU0NS1jMTM3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA29pR8OQz3oTSpfBRRi6mSgvXrIJ4fQq8LnzzzJVLuDZmvM59p7HabbT8ifGz VRmQR6mOJsnsus3RpEPgzuNvVMU2+ps/eZp2YZ3K8uOnkcU4tz/G54bmP+Z8rX3e t9as2MZJj8wh8cFdYOor4xwgfp5r5oj9CUfPbP+ezDiWa0blAIP+VAiJ4IYpaQ5V w7jslRrbdpCO76b+TrJDXuPN0SU2D+BtZEYnR9iqh1uklFMDszY90Ev2SSs2egK0 4rGvrQUZwNnsswDadt1XFHin8p+3QuSZy/C5Hpzg0vmYZZ995U7rKhHN8XDejaQd Qfc6A7LW9TFSuYgX619hZ5yIfQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEuCudK7 fIkeohw4/xvquPgznYCpMB8GA1UdIwQYMBaAFNh+ApaVRq3FWnrMoIytsoebxpnJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUI1Ri84RTQxODAyMEYw OUIxMUVEQTYwNkJENjJDNEY5QUUwMi8ySDRDbHBWR3JjVmFlc3lnaksyeWg1dkdt Y2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJINENscFZHcmNWYWVzeWdqSzJ5aDV2R21jay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUI1Ri84RTQxODAyMEYwOUIxMUVEQTYwNkJENjJDNEY5QUUwMi8ySDRDbHBWR3Jj VmFlc3lnaksyeWg1dkdtY2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoMJ+VKT6zGa0F1kALs1WULzo6AKFPYjeD2XD+QtTI86tUz6jgXBNN AMlnZBlypn7Od82E0x46fG26lY89L9idS//u5Ntn65xXpM7s9ddIoy5ClJuPH9H3 gRThtoNsxDmrn2JZk88LNGIS6lnIQBGn0iVUUmADKTG1PoKuMvbnshH77Ls8MxMd 95Jf91DOp1fVFAhLKJHmWNqiTqlNGlzf3eWWshyiAnR1p/XvA4geyKwOaa5li/s7 MYRX3rmOlxsK7nUA354udB9rwJgWSYQ8lVpF6n52A0mCYheHlt0yu8BRzcK7VJo5 5nwpWWDjFvGto94//c+jvZyGggIIjAjj -----END CERTIFICATE-----Generated at Tue Oct 21 00:11:00 2025 by rpki-client