$ rpki-client -vvf rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft File: 2h2yzTH0VPaVYdhmXck--BLzl7A.mft (raw, json) Hash identifier: iLVafxORZm+jPxjH3dCqWxqvq+y7b0M8hHJqkJ4vvys= Subject key identifier: 41:03:09:55:8B:5B:B4:34:72:B3:6B:67:8D:F3:89:26:ED:B3:92:A3 Authority key identifier: DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 Certificate issuer: /CN=A919A7CA/serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Certificate serial: 0179 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft Manifest number: 016F Signing time: Sun 19 Oct 2025 06:32:59 +0000 Manifest this update: Sun 19 Oct 2025 06:32:58 +0000 Manifest next update: Sun 26 Oct 2025 06:32:58 +0000 Files and hashes: 1: 2h2yzTH0VPaVYdhmXck--BLzl7A.crl (hash: TYkus2202+s5U5+t23S2HnHrz9z4ylVH0A1sMvXsspc=) 2: 730B201A81E911EEAEFE7735C4F9AE02.roa (hash: s0CFqQaJE4zfLQbz4CeHwWhJkg8L6CDsaxGgDdisTeI=) 3: 4317395081E611EE9EFE132BC4F9AE02.roa (hash: tQp/nzqfCovKInVuREO99dY4qu3efR3x/X9HpDvqlY0=) 4: E71AB92A7F7D11EE8C183162C4F9AE02.roa (hash: Dsh7pIT1SQfv6ivkNmsm2ZCHRytBDFAmEgjeRNzC7do=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 06:32:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 377 (0x179) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919A7CA, serialNumber=DA1DB2CD31F454F69561D8665DC93EF812F397B0 Validity Not Before: Oct 19 06:32:58 2025 GMT Not After : Oct 26 06:32:58 2025 GMT Subject: CN=68f4861b-83e6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e5:7d:ab:ff:55:e9:12:00:73:58:e4:63:4d:29: 65:58:3f:fc:fa:a6:ba:77:06:d3:ba:58:de:d6:a2: df:d8:fa:d3:4b:19:a0:50:28:d4:8b:40:a7:39:0d: a1:6f:42:48:63:c8:b3:a7:ef:4b:59:05:f8:6d:82: 25:7d:4e:4e:01:0b:0f:8b:be:b3:23:0e:ed:95:5a: 62:e7:4b:3d:f1:3d:a4:c1:7e:e6:59:99:15:3d:6d: dd:08:52:16:f2:73:16:fb:1c:66:f9:05:76:ae:64: 98:9c:7f:8e:e0:01:af:b2:35:37:73:95:eb:c7:e9: d0:e5:9d:74:be:e9:00:f0:97:1b:12:0d:e0:2b:be: 9a:e6:42:52:94:46:c8:59:2a:87:7d:b9:cf:45:32: 2d:23:87:56:0d:8a:8b:8f:01:cd:68:76:84:05:2e: 7c:0a:cf:3f:c7:28:96:11:be:fe:6a:4a:27:92:00: cc:cd:57:ad:37:33:fd:19:88:4d:8f:32:ec:c8:f5: ad:29:be:4a:5e:4e:60:0a:ce:22:bd:94:47:ad:07: 60:56:e9:85:8d:e6:dd:ea:01:10:35:2f:52:d2:d0: 21:4f:43:e2:17:37:76:fc:f6:2e:32:8e:43:c9:f2: 86:3a:4a:c6:bd:d4:cf:57:05:22:9f:0c:aa:ea:19: 64:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:03:09:55:8B:5B:B4:34:72:B3:6B:67:8D:F3:89:26:ED:B3:92:A3 X509v3 Authority Key Identifier: keyid:DA:1D:B2:CD:31:F4:54:F6:95:61:D8:66:5D:C9:3E:F8:12:F3:97:B0 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2h2yzTH0VPaVYdhmXck--BLzl7A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919A7CA/4CF7F1587EB711EE9623E91AC4F9AE02/2h2yzTH0VPaVYdhmXck--BLzl7A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 98:2f:c6:c4:5b:dc:d7:e2:6b:1b:c2:48:7a:6c:3f:6b:7c:88: f1:ff:28:59:c3:fc:37:20:81:5a:65:9f:68:93:bf:99:80:12: e7:d4:58:8e:59:48:37:09:f8:fc:dd:65:ba:99:96:ba:09:9f: 84:f5:a5:cc:f9:9c:47:69:1c:a4:ce:01:c8:10:0c:be:25:aa: 35:18:56:ed:04:3b:b9:2c:ae:93:40:8d:e2:6d:e5:c2:8d:b9: 86:07:d0:ff:48:ea:e1:61:05:7b:9c:02:4b:3e:56:af:15:26: 86:18:95:0a:56:d0:57:74:42:6b:e8:f8:a3:93:89:c9:9e:a3: ef:50:64:78:7b:38:ae:fa:8a:8c:2e:cb:cf:8a:b2:b7:ae:6d: 6d:46:49:1b:97:33:0b:b0:8a:da:a1:7c:ea:b1:64:ad:72:bf: e0:79:13:85:36:da:d3:42:b1:35:c0:f3:61:ca:15:cf:6a:33: 96:f4:84:31:ff:8b:15:0c:15:83:b2:0d:30:ab:69:43:54:f4: 04:37:31:fd:96:79:f2:ae:70:63:83:f1:09:28:af:c9:0f:bd: 1c:92:0f:f2:46:bd:3a:02:46:44:d3:42:56:e9:b1:3f:f4:0a: 8c:db:cd:88:a6:fc:a9:14:c2:7e:73:df:b2:e6:01:16:9a:5f: 35:6f:72:af -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAXkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUE3Q0ExMTAvBgNVBAUTKERBMURCMkNEMzFGNDU0RjY5NTYxRDg2NjVEQzkzRUY4 MTJGMzk3QjAwHhcNMjUxMDE5MDYzMjU4WhcNMjUxMDI2MDYzMjU4WjAYMRYwFAYD VQQDEw02OGY0ODYxYi04M2U2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5X2r/1XpEgBzWORjTSllWD/8+qa6dwbTulje1qLf2PrTSxmgUCjUi0CnOQ2h b0JIY8izp+9LWQX4bYIlfU5OAQsPi76zIw7tlVpi50s98T2kwX7mWZkVPW3dCFIW 8nMW+xxm+QV2rmSYnH+O4AGvsjU3c5Xrx+nQ5Z10vukA8JcbEg3gK76a5kJSlEbI WSqHfbnPRTItI4dWDYqLjwHNaHaEBS58Cs8/xyiWEb7+akonkgDMzVetNzP9GYhN jzLsyPWtKb5KXk5gCs4ivZRHrQdgVumFjebd6gEQNS9S0tAhT0PiFzd2/PYuMo5D yfKGOkrGvdTPVwUinwyq6hlkpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEEDCVWL W7Q0crNrZ43ziSbts5KjMB8GA1UdIwQYMBaAFNodss0x9FT2lWHYZl3JPvgS85ew MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QTdDQS80Q0Y3RjE1ODdF QjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQYVZZZGhtWGNrLS1CTHps N0EuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJoMnl6VEgwVlBhVllkaG1YY2stLUJMemw3QS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QTdDQS80Q0Y3RjE1ODdFQjcxMUVFOTYyM0U5MUFDNEY5QUUwMi8yaDJ5elRIMFZQ YVZZZGhtWGNrLS1CTHpsN0EubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCYL8bEW9zX4msbwkh6bD9rfIjx/yhZw/w3IIFaZZ9ok7+ZgBLn1FiO WUg3Cfj83WW6mZa6CZ+E9aXM+ZxHaRykzgHIEAy+Jao1GFbtBDu5LK6TQI3ibeXC jbmGB9D/SOrhYQV7nAJLPlavFSaGGJUKVtBXdEJr6Pijk4nJnqPvUGR4eziu+oqM LsvPirK3rm1tRkkblzMLsIraoXzqsWStcr/geROFNtrTQrE1wPNhyhXPajOW9IQx /4sVDBWDsg0wq2lDVPQENzH9lnnyrnBjg/EJKK/JD70ckg/yRr06AkZE00JW6bE/ 9AqM282IpvypFMJ+c9+y5gEWml81b3Kv -----END CERTIFICATE-----Generated at Mon Oct 20 19:25:05 2025 by rpki-client