$ rpki-client -vvf rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft File: kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft (raw, json) Hash identifier: l+UY4SLETrmpouYjSUTo8vTyl1pEuASuYkSbsuOXuK4= Subject key identifier: BC:71:39:BC:D7:B8:E2:22:CC:7D:55:EB:B6:2D:7D:04:DE:E9:F9:65 Authority key identifier: 90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72 Certificate issuer: /CN=A91248C9/serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672 Certificate serial: 0182 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft Manifest number: 017F Signing time: Wed 05 Nov 2025 03:50:38 +0000 Manifest this update: Wed 05 Nov 2025 03:50:37 +0000 Manifest next update: Wed 12 Nov 2025 03:50:37 +0000 Files and hashes: 1: kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl (hash: z+mFK49k8UCXKF540eue9iWtv9XsJLlqc5Dstcbx7QQ=) 2: 4B3C43EA6EF011EE84DC9B0EC4F9AE02.roa (hash: 75EuXED/Rvqy0Mw85Z/q36XD2zcpbxDlIxOgsx3A+Yc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:50:37 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 386 (0x182) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91248C9, serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672 Validity Not Before: Nov 5 03:50:37 2025 GMT Not After : Nov 12 03:50:37 2025 GMT Subject: CN=690ac98e-cd32 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:19:24:70:26:77:87:62:05:7f:7b:76:c9:8f: cf:45:4b:ea:96:de:23:61:a8:71:2f:12:0f:1f:48: 0f:c6:11:12:5f:58:38:ef:92:26:7b:b2:4a:b9:70: 39:49:dd:c3:9d:c1:26:70:b9:89:3b:7b:e9:a1:ef: 6a:8e:95:64:b8:5a:ce:0b:8f:93:6c:cc:3b:58:60: ca:8a:23:98:91:42:98:da:0b:d4:f3:bc:bd:cd:ba: f4:2d:b7:a9:14:d2:d9:a5:c9:cb:df:6c:11:4a:a8: b3:ea:17:73:69:99:25:02:74:92:f3:2b:67:0c:0d: f8:7e:96:95:70:8b:d2:1e:64:31:ca:6f:75:05:79: b5:3f:79:19:c9:68:8d:73:80:22:a2:b5:d1:36:78: da:16:c5:c2:f5:d3:d1:3d:c6:c0:34:c4:2a:1e:e8: db:74:f3:94:18:df:e0:3d:f3:4e:78:06:f7:5d:94: c5:52:8b:ac:2f:5b:ad:c1:2a:d3:a7:e3:ea:59:d6: 8e:72:f4:77:54:a6:b1:df:3b:b7:cc:f6:87:f1:28: 58:52:55:16:1a:ae:6c:eb:08:17:c5:04:1b:15:61: 94:d8:5a:c9:7c:96:71:db:12:e0:33:71:c2:c6:37: 71:93:a6:e9:df:85:75:e0:61:77:5a:55:9e:03:e3: 3e:05 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BC:71:39:BC:D7:B8:E2:22:CC:7D:55:EB:B6:2D:7D:04:DE:E9:F9:65 X509v3 Authority Key Identifier: keyid:90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:13:57:f1:32:5e:5e:39:fe:cd:16:fc:05:11:bc:3a:8a:42: b1:bf:9c:b0:06:cc:df:d8:31:2f:07:8c:33:59:72:48:e0:d6: aa:7c:98:d4:b2:2d:f0:69:f2:17:0f:d7:23:e4:ca:e4:7d:0e: 79:0e:a7:8f:ed:53:14:a8:1d:86:af:ef:5c:d4:78:e2:29:f7: ce:a1:f7:96:52:5c:67:c4:9e:c5:9d:71:25:4e:da:a0:56:7a: ba:8e:3b:72:33:3c:0f:25:a9:dd:c2:79:f2:57:57:f5:65:f8: 67:f7:bb:b1:ef:61:23:6f:40:a9:cd:8f:9d:43:ec:7c:c8:0f: 2d:63:56:ee:7f:2e:d5:4f:47:08:ef:e2:3e:2f:53:69:6b:b9: f8:0c:12:ee:f7:1c:03:02:c8:f3:19:01:36:09:48:58:27:33: d0:55:d0:95:53:89:43:a4:35:21:22:93:38:02:ff:8e:28:21: 3c:13:b0:e8:57:8c:0a:95:ca:09:9d:aa:e0:ce:ab:9b:ea:ab: 46:e8:a5:e4:d0:cb:df:1f:cb:68:07:c2:95:a4:cb:4c:88:3f: ed:39:56:44:d1:5d:9e:42:48:33:2b:ab:36:a5:bb:e1:10:ca: 10:45:83:04:0f:b6:5f:f9:33:38:cf:12:eb:22:52:76:e5:3c: 7c:c3:61:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAYIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQ4QzkxMTAvBgNVBAUTKDkwRjY4MEZDQTdDOTMwRkQxRkRDNTMzNjc1Mzg1QUU5 MEZCNDE2NzIwHhcNMjUxMTA1MDM1MDM3WhcNMjUxMTEyMDM1MDM3WjAYMRYwFAYD VQQDEw02OTBhYzk4ZS1jZDMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyBkkcCZ3h2IFf3t2yY/PRUvqlt4jYahxLxIPH0gPxhESX1g475Ime7JKuXA5 Sd3DncEmcLmJO3vpoe9qjpVkuFrOC4+TbMw7WGDKiiOYkUKY2gvU87y9zbr0Lbep FNLZpcnL32wRSqiz6hdzaZklAnSS8ytnDA34fpaVcIvSHmQxym91BXm1P3kZyWiN c4AiorXRNnjaFsXC9dPRPcbANMQqHujbdPOUGN/gPfNOeAb3XZTFUousL1utwSrT p+PqWdaOcvR3VKax3zu3zPaH8ShYUlUWGq5s6wgXxQQbFWGU2FrJfJZx2xLgM3HC xjdxk6bp34V14GF3WlWeA+M+BQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLxxObzX uOIizH1V67YtfQTe6fllMB8GA1UdIwQYMBaAFJD2gPynyTD9H9xTNnU4WukPtBZy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDhDOS9BMDU1QjVCMjZF RUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tmSk1QMGYzRk0yZFRoYTZRLTBG bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tQYUFfS2ZKTVAwZjNGTTJkVGhhNlEtMEZuSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NDhDOS9BMDU1QjVCMjZFRUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tmSk1Q MGYzRk0yZFRoYTZRLTBGbkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClE1fxMl5eOf7NFvwFEbw6ikKxv5ywBszf2DEvB4wzWXJI4NaqfJjU si3wafIXD9cj5MrkfQ55DqeP7VMUqB2Gr+9c1HjiKffOofeWUlxnxJ7FnXElTtqg Vnq6jjtyMzwPJandwnnyV1f1Zfhn97ux72Ejb0CpzY+dQ+x8yA8tY1bufy7VT0cI 7+I+L1Npa7n4DBLu9xwDAsjzGQE2CUhYJzPQVdCVU4lDpDUhIpM4Av+OKCE8E7Do V4wKlcoJnargzqub6qtG6KXk0MvfH8toB8KVpMtMiD/tOVZE0V2eQkgzK6s2pbvh EMoQRYMED7Zf+TM4zxLrIlJ25Tx8w2Hu -----END CERTIFICATE-----Generated at Wed Nov 5 19:28:19 2025 by rpki-client