$ rpki-client -vvf rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft File: KL7nBASyQwlkwwKSkNPqYEyRDrE.mft (raw, json) Hash identifier: HHvJo3njQ9LJ+BkupRgKyVQECoEE0StDc+D7/Mt+KMw= Subject key identifier: 4F:F6:07:5F:B8:80:79:D7:EB:0D:31:69:F8:F4:7F:06:24:13:2C:93 Authority key identifier: 28:BE:E7:04:04:B2:43:09:64:C3:02:92:90:D3:EA:60:4C:91:0E:B1 Certificate issuer: /CN=A9154E3F/serialNumber=28BEE70404B2430964C3029290D3EA604C910EB1 Certificate serial: 68 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KL7nBASyQwlkwwKSkNPqYEyRDrE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft Manifest number: 67 Signing time: Mon 03 Nov 2025 06:59:28 +0000 Manifest this update: Mon 03 Nov 2025 06:59:28 +0000 Manifest next update: Mon 10 Nov 2025 06:59:28 +0000 Files and hashes: 1: KL7nBASyQwlkwwKSkNPqYEyRDrE.crl (hash: bnmrITUOtDclq7hIAzDDVzFO01bN9BFU8Q0QuV7owH4=) 2: C028C06E18E211F081A75558C4F9AE02.roa (hash: +HdHyMhgt4vT3DS5nsB5YQiE8tKIuj7aqeWwrUFKUm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.crl rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KL7nBASyQwlkwwKSkNPqYEyRDrE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 06:59:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 104 (0x68) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9154E3F, serialNumber=28BEE70404B2430964C3029290D3EA604C910EB1 Validity Not Before: Nov 3 06:59:28 2025 GMT Not After : Nov 10 06:59:28 2025 GMT Subject: CN=690852d0-10be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a9:38:c8:ee:4e:2e:c3:76:64:0e:f1:cd:bd:ab: dd:92:23:77:78:af:62:10:e0:86:24:7d:81:c9:49: 00:cf:4c:04:9b:6b:05:4c:0b:10:3f:82:0a:4a:cf: 56:1f:3c:08:84:31:3a:2c:35:1e:55:65:a2:52:16: 20:c4:9a:3a:ac:e0:23:45:94:cd:ca:ce:f1:34:ba: d0:35:fd:db:fe:d3:7a:7a:e0:5e:61:d4:53:70:26: b6:fb:44:3d:be:bb:17:cf:12:14:ea:f3:06:1c:1a: a6:08:f5:c4:c6:1d:5b:46:b8:71:72:4c:5c:a2:27: 9c:e3:80:46:52:d5:11:c7:da:9e:86:c0:b9:61:85: 81:98:9f:17:18:15:91:1d:b4:e2:0e:2b:e5:04:b2: b8:84:91:1a:d1:bb:2f:b7:03:7c:d6:fa:ca:97:9b: 7c:fb:01:cc:fc:3e:04:08:ac:f4:34:f1:08:84:e9: dc:bf:fb:0b:48:05:06:00:3c:b2:8b:3b:42:70:fd: 47:10:9e:81:fe:dd:1a:f6:5a:0c:7d:8e:f7:4a:24: e3:72:52:02:63:59:4b:5d:24:2f:3c:61:fb:fb:2e: d6:06:ee:4e:00:70:22:1a:3d:99:b1:94:12:ab:64: fd:09:7e:54:58:36:b4:1c:58:86:c3:45:aa:2a:5b: 63:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:F6:07:5F:B8:80:79:D7:EB:0D:31:69:F8:F4:7F:06:24:13:2C:93 X509v3 Authority Key Identifier: keyid:28:BE:E7:04:04:B2:43:09:64:C3:02:92:90:D3:EA:60:4C:91:0E:B1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KL7nBASyQwlkwwKSkNPqYEyRDrE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9154E3F/3C3E620E18E211F09BE99557C4F9AE02/KL7nBASyQwlkwwKSkNPqYEyRDrE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 55:57:91:cb:72:c4:fd:83:5b:e9:3b:b2:45:0c:ed:f4:80:64: 06:ba:98:d6:db:01:7f:2e:2d:b4:ce:0c:49:90:d9:a0:14:7e: 3f:31:63:6b:4e:58:c4:d5:81:a8:23:87:73:3a:a9:4a:79:67: 64:e6:84:ee:71:fc:5a:14:98:82:2b:94:e2:4b:d1:3e:72:e2: 83:60:5d:af:3a:56:5a:2a:af:23:a4:7c:5f:8b:80:03:e5:b9: 71:5f:28:74:82:57:30:47:fa:ef:5c:f6:21:db:c6:e4:21:05: 9c:33:6b:98:b1:d3:55:e3:61:69:f7:fa:ca:94:6c:8f:9f:ff: fe:6e:46:60:7e:86:d3:f3:77:04:e0:06:ad:be:66:1d:4c:eb: c7:66:d6:95:6c:7a:e6:1e:60:61:f4:0b:41:8e:83:de:06:04: 81:2e:d7:99:2c:b9:61:c9:fb:a4:6b:fd:27:a9:4b:df:66:48: 3d:c3:ba:e3:89:aa:6d:fd:f7:bc:46:b2:ff:28:07:47:13:be: d8:dc:93:89:ef:0c:89:9e:3c:53:1a:6a:fa:e6:d6:de:6b:6c: 7d:24:08:ae:2e:ac:49:9e:a6:98:07:69:7b:30:d7:98:c7:83: d6:47:7f:51:53:d3:0d:58:02:b5:ca:9d:d8:ce:75:11:be:cc: 8c:a0:b2:30 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 NEUzRjExMC8GA1UEBRMoMjhCRUU3MDQwNEIyNDMwOTY0QzMwMjkyOTBEM0VBNjA0 QzkxMEVCMTAeFw0yNTExMDMwNjU5MjhaFw0yNTExMTAwNjU5MjhaMBgxFjAUBgNV BAMTDTY5MDg1MmQwLTEwYmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCpOMjuTi7DdmQO8c29q92SI3d4r2IQ4IYkfYHJSQDPTASbawVMCxA/ggpKz1Yf PAiEMTosNR5VZaJSFiDEmjqs4CNFlM3KzvE0utA1/dv+03p64F5h1FNwJrb7RD2+ uxfPEhTq8wYcGqYI9cTGHVtGuHFyTFyiJ5zjgEZS1RHH2p6GwLlhhYGYnxcYFZEd tOIOK+UEsriEkRrRuy+3A3zW+sqXm3z7Acz8PgQIrPQ08QiE6dy/+wtIBQYAPLKL O0Jw/UcQnoH+3Rr2Wgx9jvdKJONyUgJjWUtdJC88Yfv7LtYG7k4AcCIaPZmxlBKr ZP0JflRYNrQcWIbDRaoqW2N3AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUT/YHX7iA edfrDTFp+PR/BiQTLJMwHwYDVR0jBBgwFoAUKL7nBASyQwlkwwKSkNPqYEyRDrEw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0RTNGLzNDM0U2MjBFMThF MjExRjA5QkU5OTU1N0M0RjlBRTAyL0tMN25CQVN5UXdsa3d3S1NrTlBxWUV5UkRy RS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS0w3bkJBU3lRd2xrd3dLU2tOUHFZRXlSRHJFLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTU0 RTNGLzNDM0U2MjBFMThFMjExRjA5QkU5OTU1N0M0RjlBRTAyL0tMN25CQVN5UXds a3d3S1NrTlBxWUV5UkRyRS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFVXkctyxP2DW+k7skUM7fSAZAa6mNbbAX8uLbTODEmQ2aAUfj8xY2tO WMTVgagjh3M6qUp5Z2TmhO5x/FoUmIIrlOJL0T5y4oNgXa86VloqryOkfF+LgAPl uXFfKHSCVzBH+u9c9iHbxuQhBZwza5ix01XjYWn3+sqUbI+f//5uRmB+htPzdwTg Bq2+Zh1M68dm1pVseuYeYGH0C0GOg94GBIEu15ksuWHJ+6Rr/SepS99mSD3DuuOJ qm3997xGsv8oB0cTvtjck4nvDImePFMaavrm1t5rbH0kCK4urEmeppgHaXsw15jH g9ZHf1FT0w1YArXKndjOdRG+zIygsjA= -----END CERTIFICATE-----Generated at Mon Nov 3 18:07:05 2025 by rpki-client