$ rpki-client -vvf rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft File: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft (raw, json) Hash identifier: wCwiWfzmODOGasKeSuafaxLU5UG/u9xfSZqOCzN6qq0= Subject key identifier: EE:DD:07:4A:3F:79:A2:F9:9C:22:B2:C2:81:13:35:24:F5:C1:4B:D6 Authority key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B Certificate issuer: /CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Certificate serial: 01E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft Manifest number: 01DD Signing time: Wed 17 Sep 2025 03:13:23 +0000 Manifest this update: Wed 17 Sep 2025 03:13:22 +0000 Manifest next update: Wed 24 Sep 2025 03:13:22 +0000 Files and hashes: 1: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl (hash: vWdHzJVaZ2Q1DNXblTsU4Jy0EkVbaj12RjvPW3UaArY=) 2: EA5A9A32BDAA11ED92995562C4F9AE02.roa (hash: /EEXvT665opKL7OI/mui0sN2NqpuGn4U8tvIvrJ8aw8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 03:13:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 482 (0x1e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158650, serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Validity Not Before: Sep 17 03:13:22 2025 GMT Not After : Sep 24 03:13:22 2025 GMT Subject: CN=68ca2752-39d5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c3:77:9f:b6:d9:aa:71:57:a4:31:f3:70:1a:c6: 14:26:05:95:64:0b:8d:5f:5f:b6:76:62:2c:61:be: 0b:86:bd:35:42:27:59:09:83:37:f2:e5:75:30:d8: 9c:e1:0f:d5:28:f0:4e:19:37:2b:8b:98:59:d9:48: 7d:8c:83:1b:37:f1:71:f6:cf:8b:a3:69:50:d9:fb: 3c:e3:87:a5:3f:36:1f:ec:e1:24:3d:05:f7:ab:1e: a9:9f:7a:9e:98:03:bc:18:49:df:11:77:a7:1d:b7: 26:2c:c8:d7:9b:43:42:b0:aa:51:bb:0e:15:2b:a2: 68:80:ca:d1:4e:97:12:b5:62:19:f1:0e:08:fa:66: b8:ad:4a:2e:d4:fb:a6:6b:6f:7d:a1:47:af:a6:1a: 45:9f:94:08:4e:b9:a9:bc:ad:ef:a9:a1:61:d5:b4: 1e:fe:57:06:a5:c8:54:1c:d2:7b:f0:aa:07:02:a4: 50:4b:dd:20:1e:9f:c0:96:11:15:1e:97:4e:69:22: 9d:a1:53:ea:f7:f0:d3:7e:d0:01:ed:e6:31:24:e5: 27:3d:1e:e7:04:1c:05:71:d1:b0:52:3a:7c:14:d5: 60:f1:8b:0c:9e:53:7c:46:e5:85:2b:f1:7d:b0:c3: 0a:77:21:30:88:86:75:92:30:31:0f:53:e1:00:45: 28:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:DD:07:4A:3F:79:A2:F9:9C:22:B2:C2:81:13:35:24:F5:C1:4B:D6 X509v3 Authority Key Identifier: keyid:28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 23:bd:28:91:d5:c2:66:64:be:d1:59:2d:91:bf:37:fd:07:30: 44:b8:c9:e2:e0:f0:ae:79:67:61:d4:7c:88:98:f9:ac:cc:99: b8:ec:26:7c:41:8b:03:6d:2e:69:1a:0b:a7:97:cb:97:b8:9b: c6:85:6f:e2:a8:8e:43:d0:33:19:11:0e:db:db:0c:92:71:43: 41:6e:bb:fe:06:18:bd:b0:48:93:0a:03:24:bf:ca:16:9a:6f: f9:b4:65:79:95:12:69:1b:da:fa:12:ac:66:c6:44:9a:f3:a6: f5:a0:b7:2a:8c:42:11:42:34:f2:9d:0a:1e:43:ca:96:8d:97: 23:26:3d:da:db:a4:f9:07:a1:ab:de:bc:b9:95:12:6d:8e:81: 61:2a:50:0f:84:c5:27:96:33:8e:91:d3:27:e0:77:cf:89:bc: a4:d4:b5:b3:80:58:6c:aa:79:42:15:ce:56:fb:1d:d9:96:5e: 8e:8e:0a:85:6b:ed:5e:9c:58:ac:33:e7:ed:b0:b7:df:0a:c2: 4d:cf:8d:a2:07:5c:8c:0d:a3:23:5a:91:15:fb:da:09:fe:02: 63:b9:03:d6:81:ac:23:42:3d:91:39:29:98:c7:ec:a7:98:4c: a4:40:71:e2:ce:18:fb:a5:7a:6c:35:41:07:98:3d:c2:be:6a: 64:19:f3:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VFMzBDNEU4N0Ey NEQyRkY1N0IwHhcNMjUwOTE3MDMxMzIyWhcNMjUwOTI0MDMxMzIyWjAYMRYwFAYD VQQDEw02OGNhMjc1Mi0zOWQ1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAw3efttmqcVekMfNwGsYUJgWVZAuNX1+2dmIsYb4Lhr01QidZCYM38uV1MNic 4Q/VKPBOGTcri5hZ2Uh9jIMbN/Fx9s+Lo2lQ2fs844elPzYf7OEkPQX3qx6pn3qe mAO8GEnfEXenHbcmLMjXm0NCsKpRuw4VK6JogMrRTpcStWIZ8Q4I+ma4rUou1Pum a299oUevphpFn5QITrmpvK3vqaFh1bQe/lcGpchUHNJ78KoHAqRQS90gHp/AlhEV HpdOaSKdoVPq9/DTftAB7eYxJOUnPR7nBBwFcdGwUjp8FNVg8YsMnlN8RuWFK/F9 sMMKdyEwiIZ1kjAxD1PhAEUo1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO7dB0o/ eaL5nCKywoETNST1wUvWMB8GA1UdIwQYMBaAFCgX1KhkSuxBmtzO4wxOh6JNL/V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODY1MC83NzU4RDJDMkJE QTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdFR2EzTTdqREU2SG9rMHY5 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCZlVxR1JLN0VHYTNNN2pERTZIb2swdjlYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdF R2EzTTdqREU2SG9rMHY5WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAjvSiR1cJmZL7RWS2Rvzf9BzBEuMni4PCueWdh1HyImPmszJm47CZ8 QYsDbS5pGgunl8uXuJvGhW/iqI5D0DMZEQ7b2wyScUNBbrv+Bhi9sEiTCgMkv8oW mm/5tGV5lRJpG9r6EqxmxkSa86b1oLcqjEIRQjTynQoeQ8qWjZcjJj3a26T5B6Gr 3ry5lRJtjoFhKlAPhMUnljOOkdMn4HfPibyk1LWzgFhsqnlCFc5W+x3Zll6OjgqF a+1enFisM+ftsLffCsJNz42iB1yMDaMjWpEV+9oJ/gJjuQPWgawjQj2ROSmYx+yn mEykQHHizhj7pXpsNUEHmD3CvmpkGfPl -----END CERTIFICATE-----Generated at Fri Sep 19 03:57:04 2025 by rpki-client