$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft File: KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json) Hash identifier: 1l2DqUCdRVrfe+UzCf4VXaMCjMD1kW7ataslXkvEoqI= Subject key identifier: B9:7D:64:AC:AA:32:8B:B1:30:5D:AB:4C:99:6F:EF:7C:64:34:00:54 Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF Certificate issuer: /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Certificate serial: 03D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft Manifest number: 03D1 Signing time: Mon 03 Nov 2025 00:35:38 +0000 Manifest this update: Mon 03 Nov 2025 00:35:37 +0000 Manifest next update: Mon 10 Nov 2025 00:35:37 +0000 Files and hashes: 1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: esM9foOY7uY1vUfGDZs9URynCALsgBxIv4EEZIE59ZI=) 2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: 3k13Zb4rUCPiQVhmHXmV79sBuRx9W6om0fkw2CRWuLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 00:35:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 983 (0x3d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911972D, serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Validity Not Before: Nov 3 00:35:37 2025 GMT Not After : Nov 10 00:35:37 2025 GMT Subject: CN=6907f8d9-fc09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:1e:af:05:73:1f:cc:63:a7:fe:cc:c9:a4:a6: ee:e4:e4:a3:69:ea:d6:9d:c8:58:70:5d:95:23:73: cc:19:83:72:52:17:c1:88:31:cc:ca:cf:e9:04:21: d0:0f:3c:24:c2:c0:35:ff:4f:9e:ae:bb:d7:e1:ca: d7:6d:0d:a1:39:a4:b9:5e:03:df:eb:f1:3d:4a:39: 00:fc:7b:b7:84:c7:5e:35:cb:56:34:0c:9c:2c:dc: b2:9c:c0:71:20:7b:1f:57:b8:7d:3f:df:f9:0c:e2: 12:de:e0:1f:0f:d6:cc:80:91:27:61:03:96:db:7d: b6:01:5e:e4:43:0f:49:8f:9f:3a:e1:7c:39:81:41: d9:0a:f5:5e:24:08:35:6f:23:dd:1f:93:ea:25:de: 05:6f:f9:21:48:18:c5:73:7e:fb:f3:66:bd:b6:fa: 11:f6:7e:95:17:9b:44:e4:ec:0a:76:5c:2e:2c:c2: 16:94:df:69:c5:7f:25:fd:51:66:3f:b0:86:68:6c: 39:46:78:35:df:bc:83:70:8f:28:ce:ae:a1:e4:d8: 08:20:e0:4f:82:9b:68:a9:12:0f:9b:a2:33:a5:32: 63:c8:c6:e9:96:2a:a2:4f:cb:3f:41:84:d2:6c:15: db:1c:fd:43:7b:c8:40:87:8e:1e:b1:4c:2c:81:49: e0:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B9:7D:64:AC:AA:32:8B:B1:30:5D:AB:4C:99:6F:EF:7C:64:34:00:54 X509v3 Authority Key Identifier: keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a7:a6:1a:92:cf:8a:c9:e8:26:c7:dc:9f:bb:80:55:f4:96:15: 85:9e:db:9e:ee:ee:0a:72:a6:e6:ff:1a:2a:60:ba:f8:80:7c: 14:99:a1:18:c9:d0:32:0c:28:71:b3:03:83:50:e4:28:6e:8b: 6a:6e:ce:be:31:b3:74:62:5d:59:bd:a3:86:9f:3c:88:5d:28: da:87:cd:c5:55:a4:e5:23:c5:07:31:ce:eb:ce:57:97:e4:9a: 26:4b:2c:19:f2:0c:62:25:9e:2d:31:8a:af:dc:cd:5b:9e:4b: ac:49:a4:3d:d3:a7:1c:4e:46:5b:fd:54:02:90:9d:c1:0f:02: 24:07:c0:56:04:13:57:55:99:a0:f0:fc:85:4d:10:a7:28:ce: 97:79:27:7e:c7:a9:f4:72:33:54:47:47:90:26:16:8b:75:5e: fb:8d:2a:b8:59:7c:4b:18:2f:67:50:7f:59:1c:cb:08:e6:c0: 85:eb:a5:3b:eb:e6:c6:8e:83:2b:f5:a0:3c:cb:73:f2:90:45: ea:69:ce:c2:85:4f:5f:71:33:ab:71:ec:65:54:bc:0a:4f:55: c9:f9:52:80:4e:9e:fe:fd:93:3f:87:33:47:83:78:fe:71:70: 82:ac:35:6e:96:8e:b0:52:83:ea:ba:00:a2:57:9e:12:bd:6b: e6:8b:6c:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA9cwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4 NzExM0ExREYwHhcNMjUxMTAzMDAzNTM3WhcNMjUxMTEwMDAzNTM3WjAYMRYwFAYD VQQDEw02OTA3ZjhkOS1mYzA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzh6vBXMfzGOn/szJpKbu5OSjaerWnchYcF2VI3PMGYNyUhfBiDHMys/pBCHQ DzwkwsA1/0+errvX4crXbQ2hOaS5XgPf6/E9SjkA/Hu3hMdeNctWNAycLNyynMBx IHsfV7h9P9/5DOIS3uAfD9bMgJEnYQOW2322AV7kQw9Jj5864Xw5gUHZCvVeJAg1 byPdH5PqJd4Fb/khSBjFc37782a9tvoR9n6VF5tE5OwKdlwuLMIWlN9pxX8l/VFm P7CGaGw5Rng137yDcI8ozq6h5NgIIOBPgptoqRIPm6IzpTJjyMbpliqiT8s/QYTS bBXbHP1De8hAh44esUwsgUngMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLl9ZKyq MouxMF2rTJlv73xkNABUMB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2 ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCnphqSz4rJ6CbH3J+7gFX0lhWFntue7u4Kcqbm/xoqYLr4gHwUmaEY ydAyDChxswODUOQobotqbs6+MbN0Yl1ZvaOGnzyIXSjah83FVaTlI8UHMc7rzleX 5JomSywZ8gxiJZ4tMYqv3M1bnkusSaQ906ccTkZb/VQCkJ3BDwIkB8BWBBNXVZmg 8PyFTRCnKM6XeSd+x6n0cjNUR0eQJhaLdV77jSq4WXxLGC9nUH9ZHMsI5sCF66U7 6+bGjoMr9aA8y3PykEXqac7ChU9fcTOrcexlVLwKT1XJ+VKATp7+/ZM/hzNHg3j+ cXCCrDVulo6wUoPqugCiV54SvWvmi2y5 -----END CERTIFICATE-----Generated at Mon Nov 3 18:11:12 2025 by rpki-client