$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: lKWR4KIxG7Tg36iVQjuHWWbs++fuJfon/ZRo3L3E8SI= Subject key identifier: 63:9E:35:48:A7:72:04:33:66:23:CB:4B:63:A5:F6:A3:F7:4E:11:40 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0C36 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0C27 Signing time: Sun 24 Aug 2025 18:41:22 +0000 Manifest this update: Sun 24 Aug 2025 18:41:22 +0000 Manifest next update: Sun 31 Aug 2025 18:41:22 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: jvyf9Q2G+pUSq8NDevHbfn56W069KsqkreTAkZBpkJQ=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: ckq5cjCEQ/2WL7JkGpSyoM0Cdw/OAtqMQAwrig1lc1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 18:41:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3126 (0xc36) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Aug 24 18:41:22 2025 GMT Not After : Aug 31 18:41:22 2025 GMT Subject: CN=68ab5cd2-76b2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:09:af:b4:43:94:fa:df:10:fd:56:7c:f8:35: 63:f0:c7:f9:9c:d5:f3:a9:87:90:c3:d5:1c:ff:6d: ff:92:4a:01:2b:d0:9d:52:cf:f7:39:ee:a0:5c:4a: d7:82:7e:e9:38:f8:7a:f1:ca:6c:24:cb:c5:05:35: fe:d9:07:9e:ca:95:a3:8f:cb:cb:e4:98:8c:95:73: 83:f9:14:79:55:85:c5:f7:0d:c3:bc:ef:43:65:4a: 49:ac:56:f5:29:99:9a:b4:3e:72:0f:36:0a:b3:9e: ec:02:f7:a9:dc:dc:77:47:e2:3d:4b:f4:33:6d:f9: 4f:e2:48:b5:2d:cc:7a:28:8c:72:87:cf:24:21:5c: d7:85:a6:52:fe:d1:bd:bf:56:9d:40:e5:f8:45:00: 92:bb:b8:af:54:64:c3:97:e0:d6:ef:cd:8c:90:5d: b0:47:57:93:04:bc:30:e7:c7:c5:e5:d6:21:6c:1f: 14:bd:b4:a2:7e:17:14:ca:09:5e:3a:1e:2f:44:fe: c2:c9:ae:16:09:69:d4:0c:71:ba:b4:0b:3c:42:ba: 84:6b:33:7f:7a:3b:7a:e8:2a:78:48:0b:82:c2:f9: b3:cf:ec:4c:d4:fc:6d:94:98:06:60:c7:80:c7:e6: d8:01:a7:21:7d:75:63:ec:40:87:24:a1:85:e9:9b: 47:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 63:9E:35:48:A7:72:04:33:66:23:CB:4B:63:A5:F6:A3:F7:4E:11:40 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:df:c0:3a:07:d6:e0:d3:68:c4:59:00:4c:35:78:38:37:b0: ca:aa:24:8a:54:86:46:ee:9c:f3:c6:0e:96:9e:b3:27:29:3f: af:36:d2:25:5b:78:a9:96:06:a1:65:53:42:76:a1:2a:72:21: b6:24:d0:a2:29:cd:2e:d1:3e:33:ff:27:74:cd:13:dd:54:9f: 57:55:4c:1a:6e:f7:22:95:35:1c:ed:96:33:8f:55:cd:ff:80: 0e:88:2d:68:a5:67:7f:cd:90:e6:2c:67:72:b5:d9:6e:2a:ea: 33:66:c2:0d:df:25:17:a5:36:88:40:ad:d1:75:90:a2:fe:64: a4:ad:2c:db:07:cd:f3:2c:cf:b8:6c:f7:d2:0a:7e:6b:76:ed: 58:9b:eb:80:d2:28:e4:1c:af:c2:ed:81:4f:a4:03:f9:d9:a1: c5:15:7c:a6:55:23:c3:72:96:e1:24:18:4c:69:04:14:a8:18: 90:25:70:20:d6:37:fd:b9:b1:65:7a:01:da:79:5c:76:35:00: 5b:60:e6:c6:cf:78:55:36:18:60:fd:bb:29:9a:cd:d1:f8:c0: cf:3a:fa:6c:10:9b:e7:78:23:a8:f1:bf:00:a3:e0:41:7f:38: a0:aa:4e:41:9e:90:ba:2b:98:8d:88:52:18:5d:60:61:96:46: 71:63:3c:cb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUwODI0MTg0MTIyWhcNMjUwODMxMTg0MTIyWjAYMRYwFAYD VQQDEw02OGFiNWNkMi03NmIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1QmvtEOU+t8Q/VZ8+DVj8Mf5nNXzqYeQw9Uc/23/kkoBK9CdUs/3Oe6gXErX gn7pOPh68cpsJMvFBTX+2QeeypWjj8vL5JiMlXOD+RR5VYXF9w3DvO9DZUpJrFb1 KZmatD5yDzYKs57sAvep3Nx3R+I9S/QzbflP4ki1Lcx6KIxyh88kIVzXhaZS/tG9 v1adQOX4RQCSu7ivVGTDl+DW782MkF2wR1eTBLww58fF5dYhbB8UvbSifhcUygle Oh4vRP7Cya4WCWnUDHG6tAs8QrqEazN/ejt66Cp4SAuCwvmzz+xM1PxtlJgGYMeA x+bYAachfXVj7ECHJKGF6ZtH2wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGOeNUin cgQzZiPLS2Ol9qP3ThFAMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC738A6B9bg02jEWQBMNXg4N7DKqiSKVIZG7pzzxg6WnrMnKT+vNtIl W3iplgahZVNCdqEqciG2JNCiKc0u0T4z/yd0zRPdVJ9XVUwabvcilTUc7ZYzj1XN /4AOiC1opWd/zZDmLGdytdluKuozZsIN3yUXpTaIQK3RdZCi/mSkrSzbB83zLM+4 bPfSCn5rdu1Ym+uA0ijkHK/C7YFPpAP52aHFFXymVSPDcpbhJBhMaQQUqBiQJXAg 1jf9ubFlegHaeVx2NQBbYObGz3hVNhhg/bspms3R+MDPOvpsEJvneCOo8b8Ao+BB fzigqk5BnpC6K5iNiFIYXWBhlkZxYzzL -----END CERTIFICATE-----Generated at Sun Aug 24 21:50:07 2025 by rpki-client