$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: FHuJrxBbuNcHovsYORD9xfYYLvxBOI6deK41H8xbT+w= Subject key identifier: A3:84:16:E3:C4:03:A8:22:2E:05:EB:A3:96:C0:03:74:5F:33:CD:20 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DF3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DD6 Signing time: Thu 18 Sep 2025 18:04:20 +0000 Manifest this update: Thu 18 Sep 2025 18:04:19 +0000 Manifest next update: Thu 25 Sep 2025 18:04:19 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: fukmGF2ubvwfFyLf5Udcy/Y7In0DnIWm7qzLnSjIkYo=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 25 Sep 2025 18:04:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3571 (0xdf3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Sep 18 18:04:19 2025 GMT Not After : Sep 25 18:04:19 2025 GMT Subject: CN=68cc49a4-d0fe Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:2f:7c:08:c6:f1:d0:71:b0:fe:47:f7:19:25: 32:20:35:f4:66:9f:b4:03:ea:69:ab:1b:ff:e9:bd: 20:ae:9c:3e:ba:2c:ed:3c:e0:e2:c6:49:79:9c:6c: 4e:50:95:91:65:17:d5:ee:03:4a:46:1c:0a:49:c7: d9:74:ed:07:ea:cd:a0:23:68:49:53:6b:38:0f:91: 14:56:17:6b:4a:26:70:53:3a:2e:04:af:9e:64:f7: fd:33:f8:16:54:6f:bc:b5:7c:b4:6f:b3:71:d7:c5: a4:86:36:a3:f0:62:25:85:41:54:83:b8:98:78:65: 6e:bd:bb:af:15:1e:9c:d3:4c:3c:63:5d:ba:b0:8d: c2:f8:de:d6:e8:5d:c5:72:7e:af:b3:58:f2:8e:6d: 0b:4e:cb:52:13:a5:55:d1:f3:04:06:8e:8c:85:bb: dd:7e:f8:01:b2:a4:95:26:29:c9:d7:c3:0d:7a:9b: 4f:9b:5f:8a:f0:c0:93:8c:3f:18:f9:0a:93:0b:b3: 73:0f:76:69:29:56:5e:9b:41:43:56:5c:a6:34:dc: 5f:df:65:b8:ce:49:ed:6b:5b:eb:02:29:a5:4a:64: 94:e4:39:22:74:cf:7b:ec:25:09:9e:e5:d4:fb:f7: 5c:20:dd:9d:82:a2:4f:34:29:af:8a:24:9d:e2:1e: c5:fb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:84:16:E3:C4:03:A8:22:2E:05:EB:A3:96:C0:03:74:5F:33:CD:20 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:aa:e3:d4:1c:fa:2a:05:a6:21:e5:94:e7:68:3d:b7:6c:8b: 02:b8:cd:e3:6c:b2:00:27:be:33:0e:f2:ee:bb:c4:ac:24:1c: f3:c6:16:1a:30:0f:13:b2:54:55:62:47:6c:98:a8:0c:61:bb: c3:26:16:9b:bf:f5:b1:0c:62:6f:85:57:4f:4f:ec:31:d7:ff: 4e:4b:08:9b:7c:23:91:bf:c2:a2:bf:41:47:a3:0e:11:38:bd: f1:a7:3c:61:e3:96:87:52:b0:f9:fe:fd:8c:a4:36:73:c9:81: 23:75:b2:38:8c:91:9c:3d:e1:fd:8a:bf:8a:af:9c:18:82:3d: de:0d:d9:fc:4d:58:96:60:3a:7c:7a:9d:02:2e:90:d2:14:e8: 02:09:ed:8e:74:3a:20:42:c4:ad:53:ac:92:73:5c:1b:c0:72: c3:0e:b0:62:fb:a3:c3:b4:8e:b6:50:e6:7a:1b:61:cd:a2:8f: bd:2f:70:e5:f4:5d:b7:19:d7:5e:be:da:a1:f8:24:70:50:a2: 1c:3d:00:0e:19:b7:f1:45:f4:27:9b:96:8b:a1:22:fb:2c:74: b0:2e:87:c9:56:81:dd:fb:db:60:50:14:91:64:41:91:26:e8: f7:3e:9c:93:a4:c9:38:ba:4a:88:30:5a:71:5a:d4:d8:86:82: 48:62:99:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDfMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwOTE4MTgwNDE5WhcNMjUwOTI1MTgwNDE5WjAYMRYwFAYD VQQDEw02OGNjNDlhNC1kMGZlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAti98CMbx0HGw/kf3GSUyIDX0Zp+0A+ppqxv/6b0grpw+uiztPODixkl5nGxO UJWRZRfV7gNKRhwKScfZdO0H6s2gI2hJU2s4D5EUVhdrSiZwUzouBK+eZPf9M/gW VG+8tXy0b7Nx18Wkhjaj8GIlhUFUg7iYeGVuvbuvFR6c00w8Y126sI3C+N7W6F3F cn6vs1jyjm0LTstSE6VV0fMEBo6MhbvdfvgBsqSVJinJ18MNeptPm1+K8MCTjD8Y +QqTC7NzD3ZpKVZem0FDVlymNNxf32W4zknta1vrAimlSmSU5DkidM977CUJnuXU +/dcIN2dgqJPNCmviiSd4h7F+wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKOEFuPE A6giLgXro5bAA3RfM80gMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB1quPUHPoqBaYh5ZTnaD23bIsCuM3jbLIAJ74zDvLuu8SsJBzzxhYa MA8TslRVYkdsmKgMYbvDJhabv/WxDGJvhVdPT+wx1/9OSwibfCORv8Kiv0FHow4R OL3xpzxh45aHUrD5/v2MpDZzyYEjdbI4jJGcPeH9ir+Kr5wYgj3eDdn8TViWYDp8 ep0CLpDSFOgCCe2OdDogQsStU6ySc1wbwHLDDrBi+6PDtI62UOZ6G2HNoo+9L3Dl 9F23Gddevtqh+CRwUKIcPQAOGbfxRfQnm5aLoSL7LHSwLofJVoHd+9tgUBSRZEGR Juj3PpyTpMk4ukqIMFpxWtTYhoJIYpkV -----END CERTIFICATE-----Generated at Fri Sep 19 01:20:54 2025 by rpki-client