$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft File: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft (raw, json) Hash identifier: 6lBh7zgVAljZ7dx5W6KiwnWbuIlPARY7sTEGvStq0LA= Subject key identifier: AA:99:FC:21:15:64:31:73:10:F6:F3:EB:7D:6A:97:B3:BE:5C:88:2A Authority key identifier: 29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 Certificate issuer: /CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Certificate serial: 1117 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft Manifest number: 2478 Signing time: Tue 04 Nov 2025 17:04:54 +0000 Manifest this update: Tue 04 Nov 2025 17:04:54 +0000 Manifest next update: Tue 11 Nov 2025 17:04:54 +0000 Files and hashes: 1: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl (hash: l/leY8BazPIjyYU6E1ls8NbLlMy1ipA0FdeI0V2XvpY=) 2: DE0A75A605EB11EA94CD7287C4F9AE02.roa (hash: rQZ+LsPDuc4EXnC/GiBOmzFAxUE3pMz5tb4kdOhgWwA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:04:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4375 (0x1117) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F, serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Validity Not Before: Nov 4 17:04:54 2025 GMT Not After : Nov 11 17:04:54 2025 GMT Subject: CN=690a3236-8ad7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:5f:3d:72:bf:af:31:9b:77:9d:0f:3b:4d:26: be:6a:64:ae:ab:c5:7f:4d:9b:a5:16:b2:66:2c:ee: 6a:42:6a:f6:77:e0:f4:17:ce:80:c3:51:4e:0a:62: 35:dc:8f:be:50:07:80:b2:50:ad:30:28:dd:86:ca: bf:84:77:68:02:d6:01:9e:d2:cf:1a:8e:8c:11:b8: c6:aa:0c:6a:0d:01:0d:c5:53:91:49:42:7a:ae:72: 43:4f:19:05:e5:09:c8:e7:53:cf:81:8f:19:5f:4b: 2f:b3:72:a6:01:a5:8c:ea:47:15:0b:a6:6b:40:13: 6c:23:65:15:16:f9:50:25:6d:c5:49:7e:80:c7:52: 1c:36:f0:5d:4a:c0:9b:a9:60:19:61:27:40:ad:13: 17:66:9a:3e:f6:b0:90:d2:63:bb:8e:3a:2f:d1:56: 1f:e9:d1:c4:45:25:52:e2:36:d4:e8:15:12:8f:00: 43:4d:35:cf:8c:ed:cb:fb:3b:73:57:45:0c:2b:28: 5c:18:bb:cf:95:2b:5e:fd:a2:8f:72:03:d2:7b:9c: 54:b3:21:9a:e0:d7:68:cb:15:fe:fd:13:d7:f3:f7: 78:20:83:e8:4b:20:4a:f6:87:b2:6e:ba:35:0e:88: cb:30:09:97:ad:ad:98:37:82:31:ff:9a:13:7f:73: 1e:37 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AA:99:FC:21:15:64:31:73:10:F6:F3:EB:7D:6A:97:B3:BE:5C:88:2A X509v3 Authority Key Identifier: keyid:29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:ba:93:df:cc:92:90:59:2b:38:1e:4e:76:a6:a2:da:2e:a3: ad:a1:40:a0:1a:e3:ad:64:d8:d1:45:1b:7f:ba:90:37:69:09: ec:b6:9b:a7:14:a3:83:f4:aa:e7:f1:b0:b7:ff:d5:28:ff:f4: 31:53:5a:a1:30:12:90:a0:56:27:93:74:97:ce:12:a0:2c:50: 37:c3:56:fc:30:9f:cc:6f:ce:f9:8d:33:44:92:e8:6d:ce:ae: 2b:5d:6b:6f:3e:10:54:63:1a:50:00:db:16:be:b7:db:76:30: ee:19:da:c7:cc:f7:d7:27:9a:7e:3c:75:c0:d5:a2:15:36:96: c5:9b:f3:cd:0c:65:4d:bd:91:61:95:95:c5:b0:f2:11:7e:f3: 5b:b2:9e:6f:04:ed:0d:71:93:01:e3:5c:24:e8:2f:07:d7:9f: fc:63:bb:4c:aa:87:a8:a6:bc:56:da:2c:7d:47:7f:50:4d:1f: fa:8f:84:1e:88:c7:f2:d9:68:61:02:64:38:17:24:4d:8e:7d: 38:d4:90:37:96:7f:e4:8f:d0:1e:5c:e5:6e:3f:34:8b:10:90: 74:4a:c4:af:3e:58:ae:d8:5d:88:5a:ea:16:d7:48:70:0b:73: 19:2b:1e:e8:5e:a3:f4:a1:d6:4c:f4:54:18:73:47:21:86:08: 7b:41:71:e5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICERcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDI5RDE2Qzk4REIzRDVCRjY0QjZCOTIwNEMwOTYwMDg2 MENEMjk0NTIwHhcNMjUxMTA0MTcwNDU0WhcNMjUxMTExMTcwNDU0WjAYMRYwFAYD VQQDEw02OTBhMzIzNi04YWQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyl89cr+vMZt3nQ87TSa+amSuq8V/TZulFrJmLO5qQmr2d+D0F86Aw1FOCmI1 3I++UAeAslCtMCjdhsq/hHdoAtYBntLPGo6MEbjGqgxqDQENxVORSUJ6rnJDTxkF 5QnI51PPgY8ZX0svs3KmAaWM6kcVC6ZrQBNsI2UVFvlQJW3FSX6Ax1IcNvBdSsCb qWAZYSdArRMXZpo+9rCQ0mO7jjov0VYf6dHERSVS4jbU6BUSjwBDTTXPjO3L+ztz V0UMKyhcGLvPlSte/aKPcgPSe5xUsyGa4NdoyxX+/RPX8/d4IIPoSyBK9oeybro1 DojLMAmXra2YN4Ix/5oTf3MeNwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKqZ/CEV ZDFzEPbz631ql7O+XIgqMB8GA1UdIwQYMBaAFCnRbJjbPVv2S2uSBMCWAIYM0pRS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdfWkxhNUlFd0pZQWhnelNs RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkRnNtTnM5V19aTGE1SUV3SllBaGd6U2xGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdf WkxhNUlFd0pZQWhnelNsRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDIupPfzJKQWSs4Hk52pqLaLqOtoUCgGuOtZNjRRRt/upA3aQnstpun FKOD9Krn8bC3/9Uo//QxU1qhMBKQoFYnk3SXzhKgLFA3w1b8MJ/Mb875jTNEkuht zq4rXWtvPhBUYxpQANsWvrfbdjDuGdrHzPfXJ5p+PHXA1aIVNpbFm/PNDGVNvZFh lZXFsPIRfvNbsp5vBO0NcZMB41wk6C8H15/8Y7tMqoeoprxW2ix9R39QTR/6j4Qe iMfy2WhhAmQ4FyRNjn041JA3ln/kj9AeXOVuPzSLEJB0SsSvPliu2F2IWuoW10hw C3MZKx7oXqP0odZM9FQYc0chhgh7QXHl -----END CERTIFICATE-----Generated at Wed Nov 5 05:26:07 2025 by rpki-client