$ rpki-client -vvf rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft File: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft (raw, json) Hash identifier: 1g1mcnp/s53n0c9erM8AjnridCiLLixP1SrkFJkCtAo= Subject key identifier: 29:B9:23:8F:8A:3C:2C:48:47:84:21:11:BF:B7:FD:55:9D:4C:A3:D4 Authority key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B Certificate issuer: /CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Certificate serial: 01FA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft Manifest number: 01F5 Signing time: Wed 05 Nov 2025 02:37:47 +0000 Manifest this update: Wed 05 Nov 2025 02:37:47 +0000 Manifest next update: Wed 12 Nov 2025 02:37:47 +0000 Files and hashes: 1: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl (hash: xOvoXO2NM49NJyB64lKlLqqp1S4A912PEfjp4+dtLoA=) 2: EA5A9A32BDAA11ED92995562C4F9AE02.roa (hash: /EEXvT665opKL7OI/mui0sN2NqpuGn4U8tvIvrJ8aw8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:37:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 506 (0x1fa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158650, serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Validity Not Before: Nov 5 02:37:47 2025 GMT Not After : Nov 12 02:37:47 2025 GMT Subject: CN=690ab87b-92e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d2:bb:fd:2b:fd:cb:c8:4e:09:cd:f2:8c:d3:a9: c6:b4:9d:18:f3:09:b7:7f:8e:84:0e:e0:c9:ef:0d: 13:1b:58:ae:c8:05:3e:2b:2f:3b:f3:b2:78:e7:27: c6:02:4b:96:6b:b7:f1:95:4c:31:46:f2:ee:08:a0: 91:b5:ab:62:10:fd:44:2d:f4:4a:61:a6:03:22:e0: c9:5d:3d:03:9a:e3:bd:e3:cf:92:d6:9d:17:87:a0: 26:69:84:5e:25:25:a6:8f:b5:df:82:1c:ed:08:bb: 90:07:44:32:84:50:77:2d:75:9c:ca:53:a2:7c:73: df:1f:85:c6:41:20:2d:14:e6:67:2d:18:e8:95:91: f9:7f:9c:57:1e:91:37:da:50:f3:06:c7:e4:23:fc: 3e:90:d0:16:96:6f:4c:12:7e:79:53:a7:dc:a6:50: df:77:08:36:c9:0b:b0:ae:75:87:33:97:4d:de:8b: 58:45:16:10:6e:2b:dd:b4:96:d9:9e:22:05:43:c6: 44:cf:35:a0:aa:ea:76:65:f5:40:af:08:86:1f:e6: 59:c8:97:49:d2:14:d0:26:dc:cb:f9:f4:f9:73:3e: db:2d:f3:5b:f2:86:33:a7:88:7a:0a:94:fa:64:94: 91:58:b0:6a:ee:a8:c0:87:bb:b8:2e:96:e2:55:fa: f6:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:B9:23:8F:8A:3C:2C:48:47:84:21:11:BF:B7:FD:55:9D:4C:A3:D4 X509v3 Authority Key Identifier: keyid:28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6a:1e:f3:f7:30:74:d2:6d:37:8a:5a:26:3a:b7:75:23:82:f9: 4c:e9:7a:20:55:6f:6e:92:0a:36:58:0b:c4:42:2a:8d:e8:f3: 88:84:16:b3:f5:8a:93:a7:53:42:57:87:6e:00:75:52:e6:44: f4:1b:22:ec:be:90:46:e4:38:80:14:49:79:72:48:00:d6:ce: 44:47:ac:b9:dd:2a:30:ad:17:14:ad:54:10:d2:3c:4f:92:d4: b9:6e:62:e5:b4:df:cf:70:8d:43:62:62:44:38:0d:05:87:eb: 63:72:05:14:76:8b:22:59:c5:64:eb:cf:fe:a0:2e:cd:ae:00: 97:9d:49:69:e3:48:31:79:bb:43:22:36:b6:d4:14:83:10:29: f2:d2:ac:81:9a:fb:03:fb:88:b2:74:e1:9b:82:78:fe:3d:79: 21:94:c2:b0:49:5e:13:ad:23:0b:a9:e7:0d:6d:b5:8d:91:b9: 14:9c:92:e1:08:2b:82:77:2a:78:b8:6e:a9:f0:e7:66:75:2c: d0:77:cc:e4:e7:b1:75:9d:d9:66:62:62:23:59:86:57:b5:e6: 82:ac:9a:ed:54:dc:0c:d5:21:0a:9b:5c:e9:0b:0e:61:38:1e: 9c:67:ab:be:80:06:80:88:74:0b:fa:40:36:96:47:c4:e9:30: cc:b5:af:f1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAfowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VFMzBDNEU4N0Ey NEQyRkY1N0IwHhcNMjUxMTA1MDIzNzQ3WhcNMjUxMTEyMDIzNzQ3WjAYMRYwFAYD VQQDEw02OTBhYjg3Yi05MmU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0rv9K/3LyE4JzfKM06nGtJ0Y8wm3f46EDuDJ7w0TG1iuyAU+Ky8787J45yfG AkuWa7fxlUwxRvLuCKCRtatiEP1ELfRKYaYDIuDJXT0DmuO948+S1p0Xh6AmaYRe JSWmj7XfghztCLuQB0QyhFB3LXWcylOifHPfH4XGQSAtFOZnLRjolZH5f5xXHpE3 2lDzBsfkI/w+kNAWlm9MEn55U6fcplDfdwg2yQuwrnWHM5dN3otYRRYQbivdtJbZ niIFQ8ZEzzWgqup2ZfVArwiGH+ZZyJdJ0hTQJtzL+fT5cz7bLfNb8oYzp4h6CpT6 ZJSRWLBq7qjAh7u4LpbiVfr2MwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCm5I4+K PCxIR4QhEb+3/VWdTKPUMB8GA1UdIwQYMBaAFCgX1KhkSuxBmtzO4wxOh6JNL/V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODY1MC83NzU4RDJDMkJE QTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdFR2EzTTdqREU2SG9rMHY5 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCZlVxR1JLN0VHYTNNN2pERTZIb2swdjlYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdF R2EzTTdqREU2SG9rMHY5WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBqHvP3MHTSbTeKWiY6t3UjgvlM6XogVW9ukgo2WAvEQiqN6POIhBaz 9YqTp1NCV4duAHVS5kT0GyLsvpBG5DiAFEl5ckgA1s5ER6y53SowrRcUrVQQ0jxP ktS5bmLltN/PcI1DYmJEOA0Fh+tjcgUUdosiWcVk68/+oC7NrgCXnUlp40gxebtD Ija21BSDECny0qyBmvsD+4iydOGbgnj+PXkhlMKwSV4TrSMLqecNbbWNkbkUnJLh CCuCdyp4uG6p8OdmdSzQd8zk57F1ndlmYmIjWYZXteaCrJrtVNwM1SEKm1zpCw5h OB6cZ6u+gAaAiHQL+kA2lkfE6TDMta/x -----END CERTIFICATE-----Generated at Wed Nov 5 09:40:16 2025 by rpki-client