$ rpki-client -vvf rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft File: _-KgNynzLTIiepnJJRWMgspUuVc.mft (raw, json) Hash identifier: DlFjUhr95PRStFpESk74p8pjdREO69ewSPTUe3crmoQ= Subject key identifier: CD:08:DE:1C:14:52:FE:22:EE:1F:B6:DE:9A:0B:AA:31:5D:67:13:5B Authority key identifier: FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 Certificate issuer: /CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Certificate serial: 3503 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft Manifest number: 34F1 Signing time: Tue 04 Nov 2025 14:23:59 +0000 Manifest this update: Tue 04 Nov 2025 14:23:58 +0000 Manifest next update: Tue 11 Nov 2025 14:23:58 +0000 Files and hashes: 1: _-KgNynzLTIiepnJJRWMgspUuVc.crl (hash: uVTW75mOk6YXRC1iASp7b8UpbxKQ6bO3zX78CKxc0s0=) 2: A0121BD4871711EA924C6626C4F9AE02.roa (hash: TsmW3wUGCspNY1UcKJcNnUuuDH7qDphY3UYVmmAdbDA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:23:58 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13571 (0x3503) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917225D, serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Validity Not Before: Nov 4 14:23:58 2025 GMT Not After : Nov 11 14:23:58 2025 GMT Subject: CN=690a0c7f-3403 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:19:75:9d:48:64:58:6d:a7:53:7c:21:40:4f: 03:5d:8b:8f:76:e2:7e:a2:f2:93:cc:5b:c8:2c:68: ac:eb:5d:e9:7f:cb:71:5c:a4:6d:de:11:12:98:37: 15:64:8e:ef:1c:24:71:19:db:a2:74:f9:d5:e9:e5: dc:fb:b4:73:18:14:fd:02:d3:cc:13:af:bf:16:01: 90:6d:e5:53:94:87:f8:6a:c1:81:95:52:75:88:86: 48:8e:18:fc:3d:00:ee:9c:27:5b:14:af:28:00:20: 02:6c:b0:c7:0b:f4:cd:7b:9c:99:26:37:42:68:d2: c6:c3:71:81:c0:12:bb:bd:d5:64:c1:d4:b9:e3:70: 86:f8:9a:5e:c3:2a:20:3b:8b:48:79:c6:e8:4b:9b: 81:89:56:1f:07:a5:ab:15:1d:37:b5:eb:6f:c6:4e: dd:61:5c:11:c1:77:97:7f:a0:e5:77:25:34:e4:92: a2:06:65:dc:ef:b5:fc:20:90:e2:f6:f6:0c:8a:54: b2:fe:87:71:1f:a4:47:ed:90:37:03:5e:91:fe:a2: f3:3a:be:79:87:db:11:28:a4:11:3f:ec:5b:86:f0: 62:0a:fb:a8:16:de:ee:17:02:43:5f:e8:17:bb:75: e7:b8:dd:f7:49:66:1f:3b:1b:6f:a0:ba:56:36:24: 30:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: CD:08:DE:1C:14:52:FE:22:EE:1F:B6:DE:9A:0B:AA:31:5D:67:13:5B X509v3 Authority Key Identifier: keyid:FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3d:e4:63:4d:2a:67:28:f7:dd:fc:cd:b6:15:17:6b:a6:3d:0e: 22:f2:85:18:1e:9f:0f:0a:d1:1d:b4:74:98:54:75:31:56:e9: a1:81:10:c8:af:f5:68:bb:14:1a:ae:6c:91:6a:c2:27:70:f7: 0e:bc:2d:29:45:a5:1d:c7:14:00:ab:99:d0:2e:b7:ec:a1:16: 6c:60:3b:62:fc:b7:ed:1e:5a:c6:7e:fd:cd:ed:76:b3:b4:8b: 86:f3:39:ed:6a:43:e0:e6:31:00:b0:27:cb:70:33:c0:66:d4: 46:07:94:42:47:5a:6a:5f:a4:ec:e0:42:8c:92:93:6b:a0:e2: 4d:87:b6:eb:a9:9a:20:7e:b6:e1:0e:33:07:c0:87:e4:3d:e1: 84:e1:1c:1f:15:51:c2:52:a1:36:f8:59:a7:a2:59:82:c0:d8: 92:9e:10:c1:a7:5c:9e:cc:c6:2d:44:53:9e:a1:6b:18:6c:f8: 55:9c:bf:9a:10:50:33:ef:89:26:9a:4a:76:95:22:a0:e7:a2: 88:86:74:3b:af:cd:30:5e:53:c7:9f:11:a2:d1:49:08:56:81: 7a:a2:d9:1e:23:1f:aa:9e:3a:f4:2b:b5:48:06:17:ab:84:94: 90:bc:44:07:85:3a:a1:4f:4c:5f:97:19:c8:ea:d7:5d:4a:fe: 18:b4:6d:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzIyNUQxMTAvBgNVBAUTKEZGRTJBMDM3MjlGMzJEMzIyMjdBOTlDOTI1MTU4Qzgy Q0E1NEI5NTcwHhcNMjUxMTA0MTQyMzU4WhcNMjUxMTExMTQyMzU4WjAYMRYwFAYD VQQDEw02OTBhMGM3Zi0zNDAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvRl1nUhkWG2nU3whQE8DXYuPduJ+ovKTzFvILGis613pf8txXKRt3hESmDcV ZI7vHCRxGduidPnV6eXc+7RzGBT9AtPME6+/FgGQbeVTlIf4asGBlVJ1iIZIjhj8 PQDunCdbFK8oACACbLDHC/TNe5yZJjdCaNLGw3GBwBK7vdVkwdS543CG+Jpewyog O4tIecboS5uBiVYfB6WrFR03tetvxk7dYVwRwXeXf6DldyU05JKiBmXc77X8IJDi 9vYMilSy/odxH6RH7ZA3A16R/qLzOr55h9sRKKQRP+xbhvBiCvuoFt7uFwJDX+gX u3XnuN33SWYfOxtvoLpWNiQwpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFM0I3hwU Uv4i7h+23poLqjFdZxNbMB8GA1UdIwQYMBaAFP/ioDcp8y0yInqZySUVjILKVLlX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjI1RC8xRjU1MDgzMDFE ODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxUSWllcG5KSlJXTWdzcFV1 VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18tS2dOeW56TFRJaWVwbkpKUldNZ3NwVXVWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjI1RC8xRjU1MDgzMDFEODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxU SWllcG5KSlJXTWdzcFV1VmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA95GNNKmco9938zbYVF2umPQ4i8oUYHp8PCtEdtHSYVHUxVumhgRDI r/VouxQarmyRasIncPcOvC0pRaUdxxQAq5nQLrfsoRZsYDti/LftHlrGfv3N7Xaz tIuG8zntakPg5jEAsCfLcDPAZtRGB5RCR1pqX6Ts4EKMkpNroOJNh7brqZogfrbh DjMHwIfkPeGE4RwfFVHCUqE2+FmnolmCwNiSnhDBp1yezMYtRFOeoWsYbPhVnL+a EFAz74kmmkp2lSKg56KIhnQ7r80wXlPHnxGi0UkIVoF6otkeIx+qnjr0K7VIBher hJSQvEQHhTqhT0xflxnI6tddSv4YtG1k -----END CERTIFICATE-----Generated at Tue Nov 4 17:35:12 2025 by rpki-client