$ rpki-client -vvf rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft File: tsh7tYco929vkKCd_WuqGtTnO8o.mft (raw, json) Hash identifier: MuWxjdjEigkG9Hp2zd2+pJM0WGQiqoDm8wi4RyF+AcQ= Subject key identifier: 39:39:6F:3B:2B:C7:DD:69:E0:A8:D4:CC:71:AF:EC:C0:3E:57:C5:07 Authority key identifier: B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA Certificate issuer: /CN=A91B25F2/serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA Certificate serial: 0CCD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft Manifest number: 0CB2 Signing time: Mon 20 Oct 2025 18:52:29 +0000 Manifest this update: Mon 20 Oct 2025 18:52:29 +0000 Manifest next update: Mon 27 Oct 2025 18:52:29 +0000 Files and hashes: 1: tsh7tYco929vkKCd_WuqGtTnO8o.crl (hash: ngSIKQvArNVClPagm6XDKNimzXL7JwWbNPdV0avjueI=) 2: E8F85ED4EC5811EFA9B9C618C4F9AE02.roa (hash: ykoz29uCG/11xDnxQBhHvrkmfn5Ejy8eSvfC/XRGcV0=) 3: 47DADED8EC5211EFBF551F6DC4F9AE02.roa (hash: Ns3EqlAuypXsdC/A5rNqIcQNoK/ntkU/96rQkctaiRc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 27 Oct 2025 18:52:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3277 (0xccd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B25F2, serialNumber=B6C87BB58728F76F6F90A09DFD6BAA1AD4E73BCA Validity Not Before: Oct 20 18:52:29 2025 GMT Not After : Oct 27 18:52:29 2025 GMT Subject: CN=68f684ed-e681 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:d4:3a:fc:77:14:a6:14:2f:b4:f3:a1:b0:21: 80:66:32:29:2f:3a:bf:f2:24:d1:91:0d:c2:6a:0c: c3:d2:c4:0d:eb:ee:be:b2:82:8e:97:a2:81:a2:c3: 7b:66:74:e3:d4:f6:d2:8e:80:f7:f5:35:c3:57:c8: 02:65:b5:bc:27:56:db:8e:a8:58:a6:04:bb:3b:25: e5:b3:fc:fa:d6:45:e4:71:1f:05:f3:b5:39:6b:7c: 51:bd:85:94:41:c3:93:57:2f:ee:91:06:19:71:72: 75:a7:39:82:1d:c2:58:ca:99:5a:e9:e6:5e:88:18: bd:2e:e3:a5:d7:6f:4d:71:57:bc:90:28:19:3d:68: 70:d4:92:d0:c8:0f:5a:3d:d2:da:55:01:d0:ca:91: cb:46:a4:ad:72:fd:04:a1:33:8b:03:e0:e7:f9:a2: a8:ab:4e:ff:96:57:40:0f:69:24:de:6e:74:3c:cb: aa:0c:be:59:1e:bd:30:36:63:1a:ad:4f:fa:c2:1d: 56:53:52:c9:43:ed:b0:d2:60:c1:87:f7:dd:b2:69: c2:ef:d3:b0:99:fc:7b:73:af:53:30:5e:32:3e:0d: 85:49:9d:6e:72:34:9f:53:ca:9a:81:85:0d:60:4a: ed:fd:18:78:d2:b9:e2:1c:d0:11:db:9d:ca:14:7a: 08:3b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:39:6F:3B:2B:C7:DD:69:E0:A8:D4:CC:71:AF:EC:C0:3E:57:C5:07 X509v3 Authority Key Identifier: keyid:B6:C8:7B:B5:87:28:F7:6F:6F:90:A0:9D:FD:6B:AA:1A:D4:E7:3B:CA X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/tsh7tYco929vkKCd_WuqGtTnO8o.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B25F2/EF90CD4E03B011EA85F02934C4F9AE02/tsh7tYco929vkKCd_WuqGtTnO8o.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5d:1d:ec:f5:f4:df:bb:ee:61:cc:e5:09:e4:17:4a:1f:bc:47: 5a:5f:8b:d1:1e:eb:d0:13:b3:a5:88:97:b1:94:c3:af:36:c6: ac:bd:e4:f3:0c:d1:15:81:3f:69:ad:0b:e7:5c:48:75:e4:d6: 0b:fe:7d:fa:99:c0:97:06:de:f6:1e:9e:86:c5:d6:3d:31:de: 43:76:08:f6:f5:0e:45:56:0b:4e:5b:d1:86:bc:15:d6:ab:83: e5:8e:6d:42:6a:c1:4f:f0:39:a5:81:b5:d3:e5:9e:96:7e:0b: f8:e1:35:e0:07:a6:99:5a:df:f5:68:43:eb:48:a1:d3:ca:88: ed:ff:b0:73:36:5a:fb:ca:ba:5d:88:8c:16:0d:06:d4:11:7a: 54:3a:dd:45:2b:e2:01:2e:69:c6:2f:af:09:e3:d9:bf:a3:99: ad:50:5c:fc:4b:39:18:9b:47:6c:59:ff:79:ac:2f:85:bc:18: be:26:4b:21:8b:41:c6:79:4e:cf:7d:43:e0:b7:30:a5:cf:0a: 15:17:95:b6:2b:e1:68:77:35:07:55:51:e6:9a:65:ab:83:38: 00:88:dc:74:e0:6d:8c:b7:e6:f5:41:f4:87:da:5e:f1:8b:e9: 0f:a5:ca:0d:b9:aa:82:55:47:94:50:c7:b8:e1:5a:ac:a8:a9: 41:b7:5f:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDM0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QjI1RjIxMTAvBgNVBAUTKEI2Qzg3QkI1ODcyOEY3NkY2RjkwQTA5REZENkJBQTFB RDRFNzNCQ0EwHhcNMjUxMDIwMTg1MjI5WhcNMjUxMDI3MTg1MjI5WjAYMRYwFAYD VQQDEw02OGY2ODRlZC1lNjgxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvNQ6/HcUphQvtPOhsCGAZjIpLzq/8iTRkQ3CagzD0sQN6+6+soKOl6KBosN7 ZnTj1PbSjoD39TXDV8gCZbW8J1bbjqhYpgS7OyXls/z61kXkcR8F87U5a3xRvYWU QcOTVy/ukQYZcXJ1pzmCHcJYypla6eZeiBi9LuOl129NcVe8kCgZPWhw1JLQyA9a PdLaVQHQypHLRqStcv0EoTOLA+Dn+aKoq07/lldAD2kk3m50PMuqDL5ZHr0wNmMa rU/6wh1WU1LJQ+2w0mDBh/fdsmnC79Owmfx7c69TMF4yPg2FSZ1ucjSfU8qagYUN YErt/Rh40rniHNAR253KFHoIOwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDk5bzsr x91p4KjUzHGv7MA+V8UHMB8GA1UdIwQYMBaAFLbIe7WHKPdvb5Cgnf1rqhrU5zvK MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCMjVGMi9FRjkwQ0Q0RTAz QjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzkyOXZrS0NkX1d1cUd0VG5P OG8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL3RzaDd0WWNvOTI5dmtLQ2RfV3VxR3RUbk84by5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC MjVGMi9FRjkwQ0Q0RTAzQjAxMUVBODVGMDI5MzRDNEY5QUUwMi90c2g3dFljbzky OXZrS0NkX1d1cUd0VG5POG8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBdHez19N+77mHM5QnkF0ofvEdaX4vRHuvQE7OliJexlMOvNsasveTz DNEVgT9prQvnXEh15NYL/n36mcCXBt72Hp6GxdY9Md5Ddgj29Q5FVgtOW9GGvBXW q4Pljm1CasFP8DmlgbXT5Z6Wfgv44TXgB6aZWt/1aEPrSKHTyojt/7BzNlr7yrpd iIwWDQbUEXpUOt1FK+IBLmnGL68J49m/o5mtUFz8SzkYm0dsWf95rC+FvBi+Jksh i0HGeU7PfUPgtzClzwoVF5W2K+FodzUHVVHmmmWrgzgAiNx04G2Mt+b1QfSH2l7x i+kPpcoNuaqCVUeUUMe44VqsqKlBt189 -----END CERTIFICATE-----Generated at Tue Oct 21 05:26:01 2025 by rpki-client