$ rpki-client -vvf rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft File: KOAXfHClckcH27FJ7VV8D4FW4Ok.mft (raw, json) Hash identifier: /987u9PihzBU8VDeP4QoufT4eB+de5LKqe9GRj3FzPk= Subject key identifier: 19:24:A7:67:17:8E:8C:41:ED:77:52:B7:72:EB:04:A7:C8:A5:02:60 Authority key identifier: 28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9 Certificate issuer: /CN=A9136109/serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9 Certificate serial: 0626 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft Manifest number: 0617 Signing time: Sun 26 Oct 2025 23:47:16 +0000 Manifest this update: Sun 26 Oct 2025 23:47:15 +0000 Manifest next update: Sun 02 Nov 2025 23:47:15 +0000 Files and hashes: 1: KOAXfHClckcH27FJ7VV8D4FW4Ok.crl (hash: aqI2vGh1aRj7ZTovJLJRGarMiXgkt3frT2tp/zkBRhI=) 2: 590697D6465611EE8128031BC4F9AE02.roa (hash: D/6BYkGqlNOLOYOgY8KQs7LafMiP8Rro2RlyCrKrnhM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 02 Nov 2025 23:47:15 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1574 (0x626) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9136109, serialNumber=28E0177C70A5724707DBB149ED557C0F8156E0E9 Validity Not Before: Oct 26 23:47:15 2025 GMT Not After : Nov 2 23:47:15 2025 GMT Subject: CN=68feb304-3b65 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:40:ea:85:87:38:94:64:02:38:58:ec:1e:21: 39:3f:79:23:a2:82:fd:89:1a:fa:91:74:44:3b:30: d8:c1:32:73:09:12:3a:45:fd:bb:58:ab:67:a4:11: 21:eb:ec:2f:53:3f:3e:e5:83:3a:4b:1c:d4:51:32: 07:a1:ef:0e:30:16:e5:29:d4:8e:58:95:65:30:68: 65:47:52:75:46:9e:01:56:62:d8:d5:28:7e:27:59: 99:01:35:1d:3f:88:be:cc:8e:d2:26:32:a2:4c:52: 06:c0:d4:b9:cd:8d:4a:3a:c3:fe:fe:55:7a:15:fa: 73:67:cd:9f:e5:db:bb:00:45:a5:15:d3:60:e6:69: ec:f1:34:31:88:30:a3:40:82:98:4c:3d:c9:b4:f9: bd:7d:2f:80:52:b9:fe:e0:45:87:b6:4f:77:ba:bd: 48:36:54:a1:74:f6:59:b8:7f:1f:6f:f2:7a:61:43: 20:ed:40:a5:f7:2d:6c:72:bb:e7:2b:8e:b7:68:51: a0:1f:46:64:81:51:6f:d1:a7:a9:7b:34:a4:25:e2: 40:24:43:8f:d3:04:90:0e:66:1d:07:21:a0:bf:bc: 40:c1:d5:cb:20:ef:7d:b1:e3:9f:f5:f9:d7:b4:80: 05:e9:ae:1e:f8:60:94:d9:6e:bf:e0:2f:53:cf:7f: 73:41 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 19:24:A7:67:17:8E:8C:41:ED:77:52:B7:72:EB:04:A7:C8:A5:02:60 X509v3 Authority Key Identifier: keyid:28:E0:17:7C:70:A5:72:47:07:DB:B1:49:ED:55:7C:0F:81:56:E0:E9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KOAXfHClckcH27FJ7VV8D4FW4Ok.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9136109/C8207212C50D11EB9AAEE87BC4F9AE02/KOAXfHClckcH27FJ7VV8D4FW4Ok.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 71:a5:15:86:e0:c2:0e:50:58:1f:dc:1e:44:96:aa:0e:c7:a2: c7:59:ee:e3:17:d0:45:18:e3:87:b7:c9:63:33:b3:ca:47:f8: 99:5f:ef:e4:e4:1a:c0:53:84:d2:af:69:bd:b5:a0:96:63:56: a0:41:73:6a:2f:2c:48:08:38:50:14:1a:41:b8:4f:ee:ea:80: 86:41:01:89:10:cb:65:5e:a1:f4:d5:8e:e4:cf:93:67:39:a2: 50:38:48:d4:f0:f6:d5:95:03:b7:32:e7:fa:68:a6:2a:80:54: 2e:27:42:67:9c:5b:3a:09:22:9f:5c:69:38:b1:5c:d6:f2:b9: 3f:68:c4:fa:74:c5:b1:ec:34:19:2d:38:2a:44:bf:33:95:43: 05:0a:a2:28:4b:63:9c:c3:b4:06:97:ae:da:81:e6:5d:ba:f0: e8:4a:4e:37:36:45:6c:9d:7f:07:ba:be:c9:e5:8f:96:cc:72: 02:c9:c5:a6:8a:d2:fe:82:84:2a:b0:a4:93:dc:7d:7b:56:9f: f1:e1:83:c0:6b:7e:81:0f:43:94:dd:2c:4e:e7:a2:54:70:88: c2:8c:26:1a:0d:60:64:15:ac:1c:0d:01:91:5a:eb:bc:92:a8: 52:c4:6b:20:f8:6e:dc:f6:c1:1b:91:e6:08:48:37:de:a4:1e: 51:12:cf:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBiYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzYxMDkxMTAvBgNVBAUTKDI4RTAxNzdDNzBBNTcyNDcwN0RCQjE0OUVENTU3QzBG ODE1NkUwRTkwHhcNMjUxMDI2MjM0NzE1WhcNMjUxMTAyMjM0NzE1WjAYMRYwFAYD VQQDEw02OGZlYjMwNC0zYjY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA60DqhYc4lGQCOFjsHiE5P3kjooL9iRr6kXREOzDYwTJzCRI6Rf27WKtnpBEh 6+wvUz8+5YM6SxzUUTIHoe8OMBblKdSOWJVlMGhlR1J1Rp4BVmLY1Sh+J1mZATUd P4i+zI7SJjKiTFIGwNS5zY1KOsP+/lV6FfpzZ82f5du7AEWlFdNg5mns8TQxiDCj QIKYTD3JtPm9fS+AUrn+4EWHtk93ur1INlShdPZZuH8fb/J6YUMg7UCl9y1scrvn K463aFGgH0ZkgVFv0aepezSkJeJAJEOP0wSQDmYdByGgv7xAwdXLIO99seOf9fnX tIAF6a4e+GCU2W6/4C9Tz39zQQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBkkp2cX joxB7XdSt3LrBKfIpQJgMB8GA1UdIwQYMBaAFCjgF3xwpXJHB9uxSe1VfA+BVuDp MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzNjEwOS9DODIwNzIxMkM1 MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNrY0gyN0ZKN1ZWOEQ0Rlc0 T2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tPQVhmSENsY2tjSDI3Rko3VlY4RDRGVzRPay5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz NjEwOS9DODIwNzIxMkM1MEQxMUVCOUFBRUU4N0JDNEY5QUUwMi9LT0FYZkhDbGNr Y0gyN0ZKN1ZWOEQ0Rlc0T2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBxpRWG4MIOUFgf3B5ElqoOx6LHWe7jF9BFGOOHt8ljM7PKR/iZX+/k 5BrAU4TSr2m9taCWY1agQXNqLyxICDhQFBpBuE/u6oCGQQGJEMtlXqH01Y7kz5Nn OaJQOEjU8PbVlQO3Muf6aKYqgFQuJ0JnnFs6CSKfXGk4sVzW8rk/aMT6dMWx7DQZ LTgqRL8zlUMFCqIoS2Ocw7QGl67ageZduvDoSk43NkVsnX8Hur7J5Y+WzHICycWm itL+goQqsKST3H17Vp/x4YPAa36BD0OU3SxO56JUcIjCjCYaDWBkFawcDQGRWuu8 kqhSxGsg+G7c9sEbkeYISDfepB5REs9H -----END CERTIFICATE-----Generated at Mon Oct 27 20:59:16 2025 by rpki-client