$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: lt6TKzcXApKRnzeWqEmPQsQPQqWjVWjVTmGRyIXEsd4= Subject key identifier: 31:FF:82:B4:EB:85:BC:51:4A:D4:F0:DC:B3:A5:3A:F4:E3:F9:D4:03 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 1378 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 136F Signing time: Sun 02 Nov 2025 16:59:15 +0000 Manifest this update: Sun 02 Nov 2025 16:59:14 +0000 Manifest next update: Sun 09 Nov 2025 16:59:14 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: 9195oeHOqP53omXfzkrHoM+2xL46tUFchlvZOMTAADY=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: 7JGYiU3kiC6kUGQIsQnoyjTh5wnU3N3mh36JHRhfnlU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 16:59:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4984 (0x1378) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC, serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: Nov 2 16:59:14 2025 GMT Not After : Nov 9 16:59:14 2025 GMT Subject: CN=69078de3-1527 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9d:92:a9:35:57:70:f0:b2:d4:da:6b:77:5a:fa: c2:bf:c6:48:e1:2c:f3:4b:da:0a:99:44:61:1b:f3: a5:fa:c8:35:89:e4:27:eb:e3:e1:84:96:4b:64:4e: 07:d3:b7:f9:41:9a:24:83:b1:64:05:92:7b:b6:6b: 58:1c:af:79:24:cb:78:7c:b6:84:97:a5:97:05:f3: 37:c1:d9:9e:09:9f:20:f3:50:37:d5:74:33:0e:13: 14:f3:c6:dc:5a:1e:f7:1a:1f:4a:66:82:00:45:bd: 68:53:15:2a:f4:c9:11:64:bc:a6:4a:a6:82:7c:41: ca:02:22:88:44:79:5b:3d:d2:a8:d4:87:8e:44:85: 8e:7b:d9:c5:d3:e6:75:b0:44:24:44:f8:34:3e:1f: 7f:1e:17:61:22:96:92:3e:be:51:57:29:25:92:58: 26:48:a4:08:35:b6:ce:dd:76:8e:e1:69:b5:cf:15: 90:ab:1b:60:ef:6d:00:50:07:55:0d:ec:08:39:ee: 13:9c:52:d5:63:19:d9:68:70:9b:fe:ba:4a:55:32: a7:0d:f2:9c:2a:73:2e:03:63:8c:78:a2:34:4e:99: 78:b2:2f:5d:83:e3:4d:9f:68:d0:17:8d:a1:e9:b9: 31:1b:63:f6:d2:bf:a5:24:f1:9e:1f:ff:58:88:62: 7c:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 31:FF:82:B4:EB:85:BC:51:4A:D4:F0:DC:B3:A5:3A:F4:E3:F9:D4:03 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:c0:bc:09:2e:6f:38:70:b8:b2:f1:fe:f1:54:7f:c7:f9:4e: d1:1a:91:bc:74:57:57:f9:84:db:d0:e9:91:6f:87:5d:9c:1f: e1:a1:27:a5:24:c1:9e:8c:1e:08:1e:c7:36:10:c7:5f:60:b1: dc:78:f7:e2:92:01:79:aa:78:46:88:3b:d3:25:f6:c6:3e:29: 26:95:b7:dd:6e:0a:69:5d:bb:ee:55:1a:ce:61:7e:2a:94:8e: 75:11:bb:c2:01:93:22:6b:14:63:60:ee:35:ef:a4:ee:c8:af: 31:26:d6:3f:bc:8c:d5:ec:0d:dd:94:56:40:af:b0:06:22:52: 65:14:09:28:fa:2a:22:a1:4e:c4:a9:eb:24:f5:59:3f:a8:90: 28:da:8b:29:8f:28:2f:8e:d5:0f:ce:e8:bf:8d:57:6c:5c:2f: da:f2:e1:a1:ae:e7:1e:80:d0:f7:e3:22:02:e7:81:74:84:d3: 8a:f0:79:dd:6e:eb:0f:52:0d:2c:5c:a0:f2:4c:0c:8b:e0:8a: 8b:dc:ef:d4:6c:93:ff:8e:90:58:7d:62:03:de:74:3a:ea:54: ee:35:2d:75:93:ce:61:cc:63:fb:0c:84:b5:06:ed:2f:19:b6: 99:10:c4:c0:1a:e9:e4:9b:f9:03:fc:9c:0e:05:4d:73:74:5a: b1:e7:b0:bf -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE3gwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjUxMTAyMTY1OTE0WhcNMjUxMTA5MTY1OTE0WjAYMRYwFAYD VQQDEw02OTA3OGRlMy0xNTI3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnZKpNVdw8LLU2mt3WvrCv8ZI4SzzS9oKmURhG/Ol+sg1ieQn6+PhhJZLZE4H 07f5QZokg7FkBZJ7tmtYHK95JMt4fLaEl6WXBfM3wdmeCZ8g81A31XQzDhMU88bc Wh73Gh9KZoIARb1oUxUq9MkRZLymSqaCfEHKAiKIRHlbPdKo1IeORIWOe9nF0+Z1 sEQkRPg0Ph9/HhdhIpaSPr5RVyklklgmSKQINbbO3XaO4Wm1zxWQqxtg720AUAdV DewIOe4TnFLVYxnZaHCb/rpKVTKnDfKcKnMuA2OMeKI0Tpl4si9dg+NNn2jQF42h 6bkxG2P20r+lJPGeH/9YiGJ8oQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDH/grTr hbxRStTw3LOlOvTj+dQDMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAzwLwJLm84cLiy8f7xVH/H+U7RGpG8dFdX+YTb0OmRb4ddnB/hoSel JMGejB4IHsc2EMdfYLHcePfikgF5qnhGiDvTJfbGPikmlbfdbgppXbvuVRrOYX4q lI51EbvCAZMiaxRjYO4176TuyK8xJtY/vIzV7A3dlFZAr7AGIlJlFAko+ioioU7E qesk9Vk/qJAo2ospjygvjtUPzui/jVdsXC/a8uGhrucegND34yIC54F0hNOK8Hnd busPUg0sXKDyTAyL4IqL3O/UbJP/jpBYfWID3nQ66lTuNS11k85hzGP7DIS1Bu0v GbaZEMTAGunkm/kD/JwOBU1zdFqx57C/ -----END CERTIFICATE-----Generated at Mon Nov 3 18:10:53 2025 by rpki-client