$ rpki-client -vvf rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft File: lFlKrsbtZqaAoVv-tc2leC1MLYg.mft (raw, json) Hash identifier: iWk8pfhVR3Wdm1vzHzsMl+kPTdwZOXzEEJW+CyAOVmc= Subject key identifier: B9:47:E9:11:8F:4F:5A:C5:51:03:B9:3A:61:9C:4A:0E:0D:FD:3B:3C Authority key identifier: 94:59:4A:AE:C6:ED:66:A6:80:A1:5B:FE:B5:CD:A5:78:2D:4C:2D:88 Certificate issuer: /CN=A91E2EF9/serialNumber=94594AAEC6ED66A680A15BFEB5CDA5782D4C2D88 Certificate serial: E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft Manifest number: DE Signing time: Sun 19 Oct 2025 08:36:52 +0000 Manifest this update: Sun 19 Oct 2025 08:36:51 +0000 Manifest next update: Sun 26 Oct 2025 08:36:51 +0000 Files and hashes: 1: lFlKrsbtZqaAoVv-tc2leC1MLYg.crl (hash: FUjCaSUhEvN3uRo+7xHYvNzXxo93IbxYLLDpJkTscmk=) 2: D926DBDA605211EF90C2C621C4F9AE02.roa (hash: Cl2PJo7826qehYKKSG2/VdHV6kV/QSQl5KdRQS87oS0=) 3: E7C7DBF8A0E411EF98A7340EC4F9AE02.roa (hash: 7jEw+cOkWTAknu5PcBj2MNehVkDO0rbITl2EdNIaO7o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.crl rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:36:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 226 (0xe2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E2EF9, serialNumber=94594AAEC6ED66A680A15BFEB5CDA5782D4C2D88 Validity Not Before: Oct 19 08:36:51 2025 GMT Not After : Oct 26 08:36:51 2025 GMT Subject: CN=68f4a324-be3c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:12:10:9c:8e:5d:6e:57:81:b9:fa:fa:92:87: 92:a3:fd:83:10:f1:94:9d:8b:8a:ed:63:bd:83:b8: 78:be:30:2b:92:1b:d5:af:9c:ff:a8:f3:f0:4b:d6: cf:fa:e9:ef:29:26:30:e3:18:b0:88:d2:c0:32:5d: 43:5c:df:01:a9:32:8d:30:27:f0:41:02:48:42:3d: cb:05:cb:53:b4:aa:71:46:ed:f8:b5:86:07:be:21: a3:f2:d4:f0:f1:9f:10:7a:05:f0:6e:87:3e:ee:0a: a6:60:f1:e3:98:7a:30:58:8e:e6:3f:f4:bc:e8:16: a6:ec:32:1b:c2:b0:73:a9:75:f7:40:ae:f0:a0:89: 68:89:57:4e:37:a5:28:ba:f5:cf:a5:19:a4:73:5e: ac:3e:da:26:d4:63:b0:84:a6:35:78:30:25:b5:9c: 69:ce:e4:90:68:3b:2e:40:a4:6a:1c:4c:bb:04:11: 47:a7:ea:3c:8f:0d:16:8f:15:b1:18:77:a4:8a:08: a4:03:b6:c0:c8:53:f7:12:bb:bb:fa:fc:85:ef:62: c9:06:e7:99:3a:63:e4:ec:9c:97:9a:a4:a9:70:c0: f9:fd:ba:4e:18:a9:c3:22:3a:cb:9f:9a:05:c5:4d: ec:4d:d0:6b:0b:47:c6:a1:da:df:5e:7d:d0:fd:a0: d4:b7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:47:E9:11:8F:4F:5A:C5:51:03:B9:3A:61:9C:4A:0E:0D:FD:3B:3C X509v3 Authority Key Identifier: keyid:94:59:4A:AE:C6:ED:66:A6:80:A1:5B:FE:B5:CD:A5:78:2D:4C:2D:88 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/lFlKrsbtZqaAoVv-tc2leC1MLYg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E2EF9/804D6BF0605211EFB286FD20C4F9AE02/lFlKrsbtZqaAoVv-tc2leC1MLYg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:09:28:eb:02:ec:06:a9:af:c6:08:84:a8:c5:96:ae:8c:85: d5:20:db:5a:74:5d:82:92:45:d9:40:82:87:99:76:01:4b:07: c7:dd:38:87:b2:0e:6f:83:57:c3:5a:8c:f4:58:10:f0:66:f5: 1e:86:f7:ef:36:25:21:35:b3:2f:e3:a8:50:73:16:d4:98:bd: 50:48:01:e6:5f:8d:f9:1f:27:be:5b:f7:43:4e:8d:0d:2d:ee: 9e:b3:f4:82:1b:51:ee:9a:d4:39:8f:f7:15:a3:10:1c:de:00: 82:4d:23:25:a7:03:eb:de:41:ad:e8:e2:ac:74:b5:d7:a5:fe: 17:55:98:61:6d:fa:e3:6c:59:5a:02:4c:8c:b3:a0:21:19:00: 92:71:93:43:f4:39:67:d7:48:3e:3d:00:0b:68:1b:07:d6:23: c9:8d:d7:97:9e:9b:19:af:ad:8e:91:97:0a:e3:32:bc:72:5d: 13:1a:54:68:d1:93:05:b9:e5:be:20:da:24:f3:ce:83:3d:02: e7:a2:a4:11:fa:73:f2:4d:1a:53:3c:43:f8:85:70:9e:c0:57: 77:c3:a2:ad:72:97:df:a8:7f:01:f3:d0:75:5e:98:e9:dd:28: 20:27:e9:a6:aa:a9:b1:7c:25:c2:40:35:21:a3:b9:0b:25:40: 8b:23:4c:e9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTJFRjkxMTAvBgNVBAUTKDk0NTk0QUFFQzZFRDY2QTY4MEExNUJGRUI1Q0RBNTc4 MkQ0QzJEODgwHhcNMjUxMDE5MDgzNjUxWhcNMjUxMDI2MDgzNjUxWjAYMRYwFAYD VQQDEw02OGY0YTMyNC1iZTNjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwhIQnI5dbleBufr6koeSo/2DEPGUnYuK7WO9g7h4vjArkhvVr5z/qPPwS9bP +unvKSYw4xiwiNLAMl1DXN8BqTKNMCfwQQJIQj3LBctTtKpxRu34tYYHviGj8tTw 8Z8QegXwboc+7gqmYPHjmHowWI7mP/S86Bam7DIbwrBzqXX3QK7woIloiVdON6Uo uvXPpRmkc16sPtom1GOwhKY1eDAltZxpzuSQaDsuQKRqHEy7BBFHp+o8jw0WjxWx GHekigikA7bAyFP3Eru7+vyF72LJBueZOmPk7JyXmqSpcMD5/bpOGKnDIjrLn5oF xU3sTdBrC0fGodrfXn3Q/aDUtwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLlH6RGP T1rFUQO5OmGcSg4N/Ts8MB8GA1UdIwQYMBaAFJRZSq7G7WamgKFb/rXNpXgtTC2I MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFMkVGOS84MDRENkJGMDYw NTIxMUVGQjI4NkZEMjBDNEY5QUUwMi9sRmxLcnNidFpxYUFvVnYtdGMybGVDMU1M WWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2xGbEtyc2J0WnFhQW9Wdi10YzJsZUMxTUxZZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF MkVGOS84MDRENkJGMDYwNTIxMUVGQjI4NkZEMjBDNEY5QUUwMi9sRmxLcnNidFpx YUFvVnYtdGMybGVDMU1MWWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDICSjrAuwGqa/GCISoxZaujIXVINtadF2CkkXZQIKHmXYBSwfH3TiH sg5vg1fDWoz0WBDwZvUehvfvNiUhNbMv46hQcxbUmL1QSAHmX435Hye+W/dDTo0N Le6es/SCG1HumtQ5j/cVoxAc3gCCTSMlpwPr3kGt6OKsdLXXpf4XVZhhbfrjbFla AkyMs6AhGQCScZND9Dln10g+PQALaBsH1iPJjdeXnpsZr62OkZcK4zK8cl0TGlRo 0ZMFueW+INok886DPQLnoqQR+nPyTRpTPEP4hXCewFd3w6KtcpffqH8B89B1Xpjp 3SggJ+mmqqmxfCXCQDUho7kLJUCLI0zp -----END CERTIFICATE-----Generated at Mon Oct 20 13:56:33 2025 by rpki-client