$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: k89BXHddWk5K6JhYchxXzvPW9PGOHJuCzCqJ8cI6hwI= Subject key identifier: E1:EC:35:21:F3:1F:D9:14:43:EB:89:F4:E1:8F:DA:86:E4:0C:F1:E3 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0E0A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DED Signing time: Sun 02 Nov 2025 17:53:02 +0000 Manifest this update: Sun 02 Nov 2025 17:53:01 +0000 Manifest next update: Sun 09 Nov 2025 17:53:01 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: 104BiisvJZzGMOcE2kvF+L6p3Sl6xBcNf3m2b+75rpE=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 17:53:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3594 (0xe0a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Nov 2 17:53:01 2025 GMT Not After : Nov 9 17:53:01 2025 GMT Subject: CN=69079a7d-f80d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:3e:ee:88:0d:db:4a:14:f5:a2:e6:17:6c:7d: 97:9e:0c:68:31:eb:b1:76:1e:a6:6d:72:06:78:c5: 28:77:d4:8d:e3:10:54:dc:ec:8c:d3:48:d3:79:e9: 99:d3:73:3e:25:1a:b8:44:db:2e:bd:70:56:a4:26: b2:2f:c3:ff:fb:4e:c0:a6:89:14:ce:1e:bd:5d:dd: c5:13:00:0c:8c:71:17:01:6c:72:16:70:38:a5:a1: fd:e3:22:85:46:50:e7:ec:e7:15:b8:f7:75:9b:bb: b8:d9:94:74:03:b7:77:68:bb:83:5e:2f:34:2f:af: 60:9a:f1:46:31:0e:1e:1e:5d:ce:01:d1:75:8f:30: 0d:ba:8a:4d:f9:59:4f:cb:fd:35:21:26:ce:25:77: ad:92:31:4e:50:08:6e:97:28:72:59:8f:68:54:67: f3:e3:e0:b8:c6:e8:6f:99:67:b0:79:67:25:df:34: 34:7e:7e:2d:c2:3d:67:29:8a:d7:6c:2d:f0:69:cf: 40:e8:e8:d6:5a:9d:13:44:e4:48:e4:89:0c:56:62: 4d:50:3a:d6:2d:ff:0e:16:c8:5a:6b:79:b8:dc:8c: 47:e4:0f:e6:b9:c3:e0:ac:9c:2d:d8:bd:62:cf:05: 9b:ee:db:c1:bb:d1:57:c7:a8:83:c6:15:a6:bc:37: db:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E1:EC:35:21:F3:1F:D9:14:43:EB:89:F4:E1:8F:DA:86:E4:0C:F1:E3 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:80:64:fb:a5:71:1d:b9:b3:a4:19:ff:38:0b:a8:db:e1:8f: 9f:7a:65:8a:f3:d5:e4:9e:ad:df:77:de:e8:35:b2:7d:e0:80: 96:2e:84:e0:a9:8b:5b:1a:9e:cf:5a:09:49:9e:bb:14:cb:17: 9f:c5:a2:8c:c8:73:b4:e3:96:12:e7:7d:bb:22:c7:aa:d4:47: 43:28:21:69:f7:be:36:f6:9d:a0:39:1b:4a:fa:65:95:f7:c1: 54:0b:1f:19:95:1d:a3:9c:f4:9b:37:aa:30:39:90:14:68:68: 37:c2:d8:4a:ef:b0:62:70:00:57:94:03:7a:53:3c:4c:50:41: 34:6b:e9:76:64:1f:e1:3e:d4:56:37:49:50:b3:c6:3f:5b:75: a3:ae:45:a0:23:71:dd:fe:26:c6:44:ab:9c:41:30:9a:96:5f: c2:54:27:33:04:ae:5b:c0:ef:f4:a2:cf:79:27:9b:c8:25:ca: 9f:fd:74:8c:1e:ec:bc:aa:8c:f4:e9:3c:44:6d:d7:c6:a3:49: e2:bc:96:e3:9c:48:7c:d1:6c:e9:36:8a:4d:8a:72:d3:68:f0: a5:4b:41:51:27:e6:45:8a:9c:f5:61:ad:78:98:af:26:55:85: bc:fd:57:39:ac:c0:15:c0:a5:cb:29:f6:bb:a9:c1:ba:1e:ee: 98:bc:e8:41 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDgowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUxMTAyMTc1MzAxWhcNMjUxMTA5MTc1MzAxWjAYMRYwFAYD VQQDEw02OTA3OWE3ZC1mODBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuz7uiA3bShT1ouYXbH2XngxoMeuxdh6mbXIGeMUod9SN4xBU3OyM00jTeemZ 03M+JRq4RNsuvXBWpCayL8P/+07ApokUzh69Xd3FEwAMjHEXAWxyFnA4paH94yKF RlDn7OcVuPd1m7u42ZR0A7d3aLuDXi80L69gmvFGMQ4eHl3OAdF1jzANuopN+VlP y/01ISbOJXetkjFOUAhulyhyWY9oVGfz4+C4xuhvmWeweWcl3zQ0fn4twj1nKYrX bC3wac9A6OjWWp0TRORI5IkMVmJNUDrWLf8OFshaa3m43IxH5A/mucPgrJwt2L1i zwWb7tvBu9FXx6iDxhWmvDfbswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOHsNSHz H9kUQ+uJ9OGP2obkDPHjMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfgGT7pXEdubOkGf84C6jb4Y+femWK89Xknq3fd97oNbJ94ICWLoTg qYtbGp7PWglJnrsUyxefxaKMyHO045YS5327Iseq1EdDKCFp97429p2gORtK+mWV 98FUCx8ZlR2jnPSbN6owOZAUaGg3wthK77BicABXlAN6UzxMUEE0a+l2ZB/hPtRW N0lQs8Y/W3WjrkWgI3Hd/ibGRKucQTCall/CVCczBK5bwO/0os95J5vIJcqf/XSM Huy8qoz06TxEbdfGo0nivJbjnEh80WzpNopNinLTaPClS0FRJ+ZFipz1Ya14mK8m VYW8/Vc5rMAVwKXLKfa7qcG6Hu6YvOhB -----END CERTIFICATE-----Generated at Mon Nov 3 18:11:03 2025 by rpki-client