$ rpki-client -vvf rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft File: kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft (raw, json) Hash identifier: rTJN687nxKa9o7x7kKVl9of0N3t60qNbfzaVUNB1fxA= Subject key identifier: FF:FE:DF:2E:7A:08:B1:EC:86:75:78:DB:96:03:4E:48:D6:06:C0:84 Authority key identifier: 90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72 Certificate issuer: /CN=A91248C9/serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672 Certificate serial: 016A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft Manifest number: 0167 Signing time: Wed 17 Sep 2025 04:30:22 +0000 Manifest this update: Wed 17 Sep 2025 04:30:21 +0000 Manifest next update: Wed 24 Sep 2025 04:30:21 +0000 Files and hashes: 1: kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl (hash: xbsMyGjFaa7upXiJZow7XGTuiUSpx/ZB6rOn7t13m9I=) 2: 4B3C43EA6EF011EE84DC9B0EC4F9AE02.roa (hash: 75EuXED/Rvqy0Mw85Z/q36XD2zcpbxDlIxOgsx3A+Yc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 04:30:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 362 (0x16a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91248C9, serialNumber=90F680FCA7C930FD1FDC533675385AE90FB41672 Validity Not Before: Sep 17 04:30:21 2025 GMT Not After : Sep 24 04:30:21 2025 GMT Subject: CN=68ca395d-45df Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cb:22:9a:77:97:06:bd:9e:74:3b:25:f4:03:81: c1:9e:d5:1a:ed:04:3f:1d:b3:30:16:dd:13:6e:33: 95:ce:7d:f2:81:57:e4:95:58:37:14:bf:fa:6f:96: 12:1e:f7:00:99:54:84:a4:e1:cf:e3:f3:11:39:1a: 62:b7:ef:0c:3f:b8:e5:0c:58:81:3d:ad:19:c6:df: 43:d8:2f:c0:f5:fc:20:7d:b8:16:8b:5e:27:4f:f3: e7:8e:85:c5:4e:08:c8:97:61:1e:74:5a:b9:9f:27: 84:42:ae:65:f6:75:76:c5:39:1e:99:75:58:17:9e: 96:d5:6d:62:70:ea:65:c2:b7:33:59:cf:7f:26:3d: c9:3a:65:62:31:85:04:26:cc:4c:87:01:32:08:6b: 66:7e:04:d4:52:a4:52:75:91:e3:91:76:63:18:fc: 6a:fa:73:6e:5d:38:46:9b:a3:bd:a3:25:6a:3f:70: 18:52:04:7b:c2:e3:64:3b:05:dd:c2:ad:57:ea:6b: 9a:34:b3:82:8a:5e:f5:55:a8:4f:97:39:38:6d:f8: 24:bb:fa:f9:6b:df:df:75:0c:15:46:81:4c:98:35: 39:37:fc:02:23:19:29:0a:91:91:e2:86:36:73:cb: 96:e5:d3:d7:1d:28:ce:c4:fd:3b:8a:45:bc:8e:04: d6:35 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FF:FE:DF:2E:7A:08:B1:EC:86:75:78:DB:96:03:4E:48:D6:06:C0:84 X509v3 Authority Key Identifier: keyid:90:F6:80:FC:A7:C9:30:FD:1F:DC:53:36:75:38:5A:E9:0F:B4:16:72 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kPaA_KfJMP0f3FM2dTha6Q-0FnI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91248C9/A055B5B26EED11EEBC1AAB53C4F9AE02/kPaA_KfJMP0f3FM2dTha6Q-0FnI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ae:3e:7f:18:ba:c9:32:a2:cc:7d:01:76:e6:b8:c3:e4:24:d3: f6:38:6e:5f:4a:d0:9c:50:59:26:3f:10:a4:2f:7f:5c:aa:51: 96:50:97:fc:48:d8:ed:c3:08:96:f7:12:8f:3d:42:ab:e3:5b: 96:3f:d8:1d:63:08:f2:ea:a1:a7:94:d4:15:fc:55:11:41:3a: 49:c9:c0:c1:d4:38:d1:2d:19:21:be:48:bb:4d:63:ff:a7:ac: dc:2e:2a:16:41:e7:3a:5e:7e:a9:fb:5f:04:0c:4c:21:ca:57: 78:14:42:a6:e3:63:4f:50:2f:bd:57:a9:f8:5c:5b:d5:3a:bc: 5e:6c:21:3d:e1:ad:cd:99:db:47:d1:99:d6:42:a3:e9:3a:bd: e2:5e:2f:00:e8:52:07:46:de:ce:2a:8e:59:a2:77:ca:2b:a9: 70:99:9f:59:30:1e:23:11:1f:a3:3c:b2:d8:1a:e8:50:88:8a: 15:ca:7b:4b:86:59:20:6a:66:65:51:b2:0f:e6:e7:4f:1a:55: 66:ae:41:0f:e1:02:b8:78:8d:1a:05:20:40:8b:30:ba:8d:d5: 59:fa:91:1a:58:8c:ba:16:7c:f4:8d:ab:9e:bd:ed:8a:65:7a: dd:66:ed:48:b9:e1:f6:fa:05:a2:65:fc:89:b6:3c:20:e5:06: c5:6e:f0:5f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MjQ4QzkxMTAvBgNVBAUTKDkwRjY4MEZDQTdDOTMwRkQxRkRDNTMzNjc1Mzg1QUU5 MEZCNDE2NzIwHhcNMjUwOTE3MDQzMDIxWhcNMjUwOTI0MDQzMDIxWjAYMRYwFAYD VQQDEw02OGNhMzk1ZC00NWRmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyyKad5cGvZ50OyX0A4HBntUa7QQ/HbMwFt0TbjOVzn3ygVfklVg3FL/6b5YS HvcAmVSEpOHP4/MRORpit+8MP7jlDFiBPa0Zxt9D2C/A9fwgfbgWi14nT/PnjoXF TgjIl2EedFq5nyeEQq5l9nV2xTkemXVYF56W1W1icOplwrczWc9/Jj3JOmViMYUE JsxMhwEyCGtmfgTUUqRSdZHjkXZjGPxq+nNuXThGm6O9oyVqP3AYUgR7wuNkOwXd wq1X6muaNLOCil71VahPlzk4bfgku/r5a9/fdQwVRoFMmDU5N/wCIxkpCpGR4oY2 c8uW5dPXHSjOxP07ikW8jgTWNQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP/+3y56 CLHshnV425YDTkjWBsCEMB8GA1UdIwQYMBaAFJD2gPynyTD9H9xTNnU4WukPtBZy MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyNDhDOS9BMDU1QjVCMjZF RUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tmSk1QMGYzRk0yZFRoYTZRLTBG bkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tQYUFfS2ZKTVAwZjNGTTJkVGhhNlEtMEZuSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy NDhDOS9BMDU1QjVCMjZFRUQxMUVFQkMxQUFCNTNDNEY5QUUwMi9rUGFBX0tmSk1Q MGYzRk0yZFRoYTZRLTBGbkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCuPn8Yuskyosx9AXbmuMPkJNP2OG5fStCcUFkmPxCkL39cqlGWUJf8 SNjtwwiW9xKPPUKr41uWP9gdYwjy6qGnlNQV/FURQTpJycDB1DjRLRkhvki7TWP/ p6zcLioWQec6Xn6p+18EDEwhyld4FEKm42NPUC+9V6n4XFvVOrxebCE94a3NmdtH 0ZnWQqPpOr3iXi8A6FIHRt7OKo5ZonfKK6lwmZ9ZMB4jER+jPLLYGuhQiIoVyntL hlkgamZlUbIP5udPGlVmrkEP4QK4eI0aBSBAizC6jdVZ+pEaWIy6Fnz0jaueve2K ZXrdZu1IueH2+gWiZfyJtjwg5QbFbvBf -----END CERTIFICATE-----Generated at Wed Sep 17 20:15:21 2025 by rpki-client