$ rpki-client -vvf rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft File: KL7nBASyQwlkwwKSkNPqYEyRDrE.mft (raw, json) Hash identifier: lrWFS6K5KJumWBvruBzERiIqCxRCrypcTGG9XOzU9jM= Subject key identifier: 99:A7:8E:25:DC:9C:B4:63:0A:A0:18:91:EA:14:07:44:4E:60:FA:7E Authority key identifier: 28:BE:E7:04:04:B2:43:09:64:C3:02:92:90:D3:EA:60:4C:91:0E:B1 Certificate issuer: /CN=A9154E3F/serialNumber=28BEE70404B2430964C3029290D3EA604C910EB1 Certificate serial: 52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KL7nBASyQwlkwwKSkNPqYEyRDrE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft Manifest number: 51 Signing time: Fri 19 Sep 2025 08:00:25 +0000 Manifest this update: Fri 19 Sep 2025 08:00:24 +0000 Manifest next update: Fri 26 Sep 2025 08:00:24 +0000 Files and hashes: 1: KL7nBASyQwlkwwKSkNPqYEyRDrE.crl (hash: QEL8tJQwHx0xr/KbawyV6c9r8bwPWhCJsqJvfcwK46U=) 2: C028C06E18E211F081A75558C4F9AE02.roa (hash: +HdHyMhgt4vT3DS5nsB5YQiE8tKIuj7aqeWwrUFKUm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.crl rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KL7nBASyQwlkwwKSkNPqYEyRDrE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 26 Sep 2025 07:06:26 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 82 (0x52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154E3F, serialNumber=28BEE70404B2430964C3029290D3EA604C910EB1 Validity Not Before: Sep 19 08:00:24 2025 GMT Not After : Sep 26 08:00:24 2025 GMT Subject: CN=68cd0d98-f232 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ab:19:65:96:87:54:14:d6:4f:ff:40:4a:bf:d8: ca:4a:eb:d0:d9:64:1e:77:f3:b3:fd:1c:f2:ae:2c: 53:88:b6:3e:1a:b8:3b:35:14:57:41:c7:c8:98:cf: 0f:97:9b:64:45:5b:b4:ff:07:1e:30:75:2d:da:d7: 11:d9:ab:a8:69:73:6d:1f:5f:99:1f:5c:da:f9:d6: 03:37:c2:e9:c0:35:db:4a:74:c5:6c:d8:71:9e:e9: 08:6a:21:99:0e:4a:f9:17:aa:0e:1f:1f:ee:80:db: e7:e5:b1:b3:2b:5a:8e:10:50:c6:14:21:aa:4f:c7: ca:21:2b:41:4b:2a:9a:c1:06:23:37:77:0c:dc:08: 26:59:22:cd:26:ee:5d:07:9a:d7:91:98:b3:f7:52: f1:3b:11:c6:4c:1b:30:6e:28:03:54:bf:f7:81:9b: 65:2f:7d:55:f4:51:c5:89:5a:fb:a0:03:c7:4d:d3: e7:f3:79:4a:53:59:08:e7:4d:01:13:26:a6:b9:ed: 1c:e4:ef:ba:30:88:8d:a9:90:ab:6b:f7:57:f6:9b: 32:5e:5f:fc:90:aa:c7:ae:3d:41:0b:46:c8:9e:ef: 1a:5a:7b:69:48:40:a7:f7:9c:88:77:0f:63:f2:79: 7d:54:6d:5f:4c:54:5f:af:d5:e9:98:7f:4b:1c:2f: ea:75 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 99:A7:8E:25:DC:9C:B4:63:0A:A0:18:91:EA:14:07:44:4E:60:FA:7E X509v3 Authority Key Identifier: keyid:28:BE:E7:04:04:B2:43:09:64:C3:02:92:90:D3:EA:60:4C:91:0E:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KL7nBASyQwlkwwKSkNPqYEyRDrE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 52:be:a1:5c:76:15:06:a0:61:4a:b4:da:7f:db:54:3f:43:0b: 7b:db:0c:86:de:4a:c5:b0:75:ce:1e:c3:78:65:0b:0b:c7:ac: bc:c5:7f:ed:3e:f1:f6:bd:49:2d:d0:3e:3e:d4:cd:c7:29:17: 52:65:c7:81:cd:35:97:05:4c:fc:25:12:39:d7:58:2e:2e:71: 0c:78:4d:d7:09:fe:f2:76:e4:c4:b4:db:e8:15:03:a7:80:36: 61:cf:68:90:33:ab:ca:a2:30:a3:6d:17:32:f9:cd:d6:29:c6: 80:eb:f3:76:a2:7a:60:c7:39:ee:23:57:fd:73:c7:6b:02:02: ce:31:ca:dd:c2:88:1f:ec:2d:3e:44:07:e5:0f:62:28:7e:6e: e2:ea:f8:b0:c2:63:03:9f:01:5d:e0:4a:b5:3d:44:82:c9:02: ce:bf:f7:37:a6:0a:a5:34:c8:d9:40:35:e8:ac:0a:7d:29:ea: fb:37:89:5d:7c:f2:9d:f4:14:81:f2:9e:2a:a9:1f:bd:e1:0f: 2a:94:6d:ce:13:8f:22:ee:ea:1b:a7:99:6f:13:64:1b:e2:60: a7:bf:06:d5:42:b3:78:53:71:f1:16:df:ec:13:79:ec:52:e1: d7:a1:8a:37:08:51:56:04:92:ec:66:db:46:b4:c3:e4:7b:0d: 29:28:40:37 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NEUzRjExMC8GA1UEBRMoMjhCRUU3MDQwNEIyNDMwOTY0QzMwMjkyOTBEM0VBNjA0 QzkxMEVCMTAeFw0yNTA5MTkwODAwMjRaFw0yNTA5MjYwODAwMjRaMBgxFjAUBgNV BAMTDTY4Y2QwZDk4LWYyMzIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCrGWWWh1QU1k//QEq/2MpK69DZZB5387P9HPKuLFOItj4auDs1FFdBx8iYzw+X m2RFW7T/Bx4wdS3a1xHZq6hpc20fX5kfXNr51gM3wunANdtKdMVs2HGe6QhqIZkO SvkXqg4fH+6A2+flsbMrWo4QUMYUIapPx8ohK0FLKprBBiM3dwzcCCZZIs0m7l0H mteRmLP3UvE7EcZMGzBuKANUv/eBm2UvfVX0UcWJWvugA8dN0+fzeUpTWQjnTQET Jqa57Rzk77owiI2pkKtr91f2mzJeX/yQqseuPUELRsie7xpae2lIQKf3nIh3D2Py eX1UbV9MVF+v1emYf0scL+p1AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUmaeOJdyc tGMKoBiR6hQHRE5g+n4wHwYDVR0jBBgwFoAUKL7nBASyQwlkwwKSkNPqYEyRDrEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0RTNGLzNDM0U2MjBFMThF MjExRjA5QkU5OTU1N0M0RjlBRTAyL0tMN25CQVN5UXdsa3d3S1NrTlBxWUV5UkRy RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS0w3bkJBU3lRd2xrd3dLU2tOUHFZRXlSRHJFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0 RTNGLzNDM0U2MjBFMThFMjExRjA5QkU5OTU1N0M0RjlBRTAyL0tMN25CQVN5UXds a3d3S1NrTlBxWUV5UkRyRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFK+oVx2FQagYUq02n/bVD9DC3vbDIbeSsWwdc4ew3hlCwvHrLzFf+0+ 8fa9SS3QPj7UzccpF1Jlx4HNNZcFTPwlEjnXWC4ucQx4TdcJ/vJ25MS02+gVA6eA NmHPaJAzq8qiMKNtFzL5zdYpxoDr83aiemDHOe4jV/1zx2sCAs4xyt3CiB/sLT5E B+UPYih+buLq+LDCYwOfAV3gSrU9RILJAs6/9zemCqU0yNlANeisCn0p6vs3iV18 8p30FIHyniqpH73hDyqUbc4TjyLu6hunmW8TZBviYKe/BtVCs3hTcfEW3+wTeexS 4dehijcIUVYEkuxm20a0w+R7DSkoQDc= -----END CERTIFICATE-----Generated at Fri Sep 19 11:52:25 2025 by rpki-client