$ rpki-client -vvf rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft File: KyraxZ7M9jhPxeNj8GfDueKemaE.mft (raw, json) Hash identifier: WIUxMlAG0zqif9j7MsYNNvY6wiPQEFOFCRcgVfZbCtE= Subject key identifier: 41:D5:51:D9:60:8C:4E:A2:E5:68:A4:3D:06:0F:76:73:38:59:51:29 Authority key identifier: 2B:2A:DA:C5:9E:CC:F6:38:4F:C5:E3:63:F0:67:C3:B9:E2:9E:99:A1 Certificate issuer: /CN=A918A469/serialNumber=2B2ADAC59ECCF6384FC5E363F067C3B9E29E99A1 Certificate serial: 0110 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KyraxZ7M9jhPxeNj8GfDueKemaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft Manifest number: 010D Signing time: Wed 17 Sep 2025 05:34:20 +0000 Manifest this update: Wed 17 Sep 2025 05:34:20 +0000 Manifest next update: Wed 24 Sep 2025 05:34:20 +0000 Files and hashes: 1: KyraxZ7M9jhPxeNj8GfDueKemaE.crl (hash: /0uliwQwIMXKQU3i8K0tyYXgxF9QFFtvNsb7s55r7XA=) 2: 71B685ACF7E511EEBC67981CC4F9AE02.roa (hash: hnnfq71rK1ZIuAmUqIiiCmmEhX9P+SlsIzqCbG4sw9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.crl rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KyraxZ7M9jhPxeNj8GfDueKemaE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 24 Sep 2025 05:34:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 272 (0x110) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A469, serialNumber=2B2ADAC59ECCF6384FC5E363F067C3B9E29E99A1 Validity Not Before: Sep 17 05:34:20 2025 GMT Not After : Sep 24 05:34:20 2025 GMT Subject: CN=68ca485c-74ed Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:0e:ab:91:23:02:b7:93:b0:62:f4:96:f1:ef: 4f:74:62:15:71:25:6d:0f:02:81:e8:44:cd:2e:1b: a9:f2:3d:ea:c2:48:3f:42:f3:d4:cc:29:6a:6d:26: 02:83:25:23:7b:a6:58:8a:7e:88:62:f5:ab:c2:e6: b6:c4:2f:fb:dd:02:54:38:fe:63:11:c6:c6:88:ba: cc:c3:53:8f:49:d4:9d:be:94:8c:0e:0e:bc:7e:86: 3a:cd:cb:68:6e:6c:3e:b3:6f:f6:2c:7d:9c:61:93: 9d:d4:6a:30:a5:c0:95:d7:8e:a8:cd:f1:b2:6d:bc: 11:7e:9f:3e:85:ed:e4:30:3e:ea:92:75:76:07:fe: f7:c5:51:84:ac:e0:8c:97:32:91:7d:ed:75:e8:ed: 19:5e:41:0a:62:fd:59:b4:35:1a:36:8b:e6:a7:4c: ff:16:48:8c:26:b3:2b:0d:64:7b:8f:51:1f:cf:13: 52:fd:5f:34:37:dd:15:f0:4c:c3:67:f9:09:f3:cd: 8d:65:94:1a:77:1b:ce:ac:17:26:41:5b:ee:09:c8: 5f:d8:e8:5f:1d:a1:ed:f3:e4:aa:f2:a6:87:5f:d0: a4:a5:5f:21:ed:7c:59:bc:89:59:c6:70:ec:27:02: e9:4d:70:3c:20:7f:17:b3:02:1d:01:80:db:fa:34: df:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:D5:51:D9:60:8C:4E:A2:E5:68:A4:3D:06:0F:76:73:38:59:51:29 X509v3 Authority Key Identifier: keyid:2B:2A:DA:C5:9E:CC:F6:38:4F:C5:E3:63:F0:67:C3:B9:E2:9E:99:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KyraxZ7M9jhPxeNj8GfDueKemaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 62:9d:bc:74:12:d8:42:28:41:8c:f0:9c:0d:98:10:bf:2e:a6: 23:4f:b5:28:c0:c0:3e:e7:56:e2:41:ab:e4:63:5f:cb:32:7a: 09:c3:1f:d0:d2:ec:1f:00:8b:9f:8b:ac:2d:7d:4c:7e:ef:6e: 4f:09:1a:6b:82:bd:5b:a1:b8:67:1f:97:e9:8b:1b:b8:12:56: 4e:67:ff:3c:ff:a7:b1:f3:2a:fd:05:21:24:86:1a:89:73:cd: 96:16:57:27:df:53:a5:03:52:03:0a:fc:55:ba:01:f1:20:25: ad:d3:b6:33:b5:b0:3f:0c:3d:09:f1:eb:f1:69:5c:1c:d5:84: 76:e0:34:6a:0c:84:21:51:7e:24:41:b4:a1:3d:97:3c:9d:00: 0a:87:a1:1a:11:d7:8a:14:41:52:8b:2b:37:e7:f3:d4:a6:c7: 4a:3c:3a:c1:eb:67:6e:f0:f8:ef:ff:cf:e6:88:77:43:5f:26: 0e:2d:93:17:af:b4:67:1b:44:ac:5b:79:81:8e:44:6b:74:4a: 99:1e:df:c4:51:62:5f:76:de:6e:86:76:0f:d5:82:f1:b5:27: 74:0f:ec:83:9f:13:c1:be:71:1a:2f:ee:aa:67:89:15:27:8b: b2:d7:fc:fe:fa:d9:a2:19:13:7e:69:98:37:28:0f:f1:96:ac: 46:18:a6:fc -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICARAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEE0NjkxMTAvBgNVBAUTKDJCMkFEQUM1OUVDQ0Y2Mzg0RkM1RTM2M0YwNjdDM0I5 RTI5RTk5QTEwHhcNMjUwOTE3MDUzNDIwWhcNMjUwOTI0MDUzNDIwWjAYMRYwFAYD VQQDEw02OGNhNDg1Yy03NGVkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2w6rkSMCt5OwYvSW8e9PdGIVcSVtDwKB6ETNLhup8j3qwkg/QvPUzClqbSYC gyUje6ZYin6IYvWrwua2xC/73QJUOP5jEcbGiLrMw1OPSdSdvpSMDg68foY6zcto bmw+s2/2LH2cYZOd1GowpcCV146ozfGybbwRfp8+he3kMD7qknV2B/73xVGErOCM lzKRfe116O0ZXkEKYv1ZtDUaNovmp0z/FkiMJrMrDWR7j1EfzxNS/V80N90V8EzD Z/kJ882NZZQadxvOrBcmQVvuCchf2OhfHaHt8+Sq8qaHX9CkpV8h7XxZvIlZxnDs JwLpTXA8IH8XswIdAYDb+jTfSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEHVUdlg jE6i5WikPQYPdnM4WVEpMB8GA1UdIwQYMBaAFCsq2sWezPY4T8XjY/Bnw7ninpmh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTQ2OS9GRjk0RTcxMkY3 RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi9LeXJheFo3TTlqaFB4ZU5qOEdmRHVlS2Vt YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0t5cmF4WjdNOWpoUHhlTmo4R2ZEdWVLZW1hRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTQ2OS9GRjk0RTcxMkY3RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi9LeXJheFo3TTlq aFB4ZU5qOEdmRHVlS2VtYUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBinbx0EthCKEGM8JwNmBC/LqYjT7UowMA+51biQavkY1/LMnoJwx/Q 0uwfAIufi6wtfUx+725PCRprgr1bobhnH5fpixu4ElZOZ/88/6ex8yr9BSEkhhqJ c82WFlcn31OlA1IDCvxVugHxICWt07YztbA/DD0J8evxaVwc1YR24DRqDIQhUX4k QbShPZc8nQAKh6EaEdeKFEFSiys35/PUpsdKPDrB62du8Pjv/8/miHdDXyYOLZMX r7RnG0SsW3mBjkRrdEqZHt/EUWJfdt5uhnYP1YLxtSd0D+yDnxPBvnEaL+6qZ4kV J4uy1/z++tmiGRN+aZg3KA/xlqxGGKb8 -----END CERTIFICATE-----Generated at Fri Sep 19 02:49:19 2025 by rpki-client