$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: cwki+d2q8cFr8zJOeTIBwkZmwmXhtm+RZESnKvEpyys= Subject key identifier: 73:C1:C0:87:41:51:8D:A0:C0:A1:2B:0C:0F:2C:90:2C:3C:2F:31:B4 Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0C5B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0C4C Signing time: Tue 04 Nov 2025 18:45:21 +0000 Manifest this update: Tue 04 Nov 2025 18:45:20 +0000 Manifest next update: Tue 11 Nov 2025 18:45:20 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: 9+LbgUE+RHzn6xBm5j5iiyOjMZVrXzhex+xnft+Xigk=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: ckq5cjCEQ/2WL7JkGpSyoM0Cdw/OAtqMQAwrig1lc1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 18:45:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3163 (0xc5b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Nov 4 18:45:20 2025 GMT Not After : Nov 11 18:45:20 2025 GMT Subject: CN=690a49c1-9fd2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:f3:ad:f7:89:24:eb:13:55:b4:52:ba:df:6c: 96:91:a8:c3:26:70:3b:77:e0:9e:4b:48:6e:01:e2: aa:b8:35:b4:8c:ea:e2:e4:2f:47:49:04:ae:53:9c: aa:84:1f:6b:14:af:47:8d:49:8a:74:5e:95:8d:b8: 1c:de:82:b3:3b:e5:c4:80:ad:b4:00:05:a0:b4:e3: 82:26:c4:c4:6f:36:6a:1a:46:55:82:e3:61:cf:c1: 58:c0:22:ef:46:ce:f8:ca:f8:58:98:d7:67:ed:04: c8:29:bb:8e:af:ed:c8:93:8d:43:46:7f:92:4a:00: f3:f8:4d:ce:29:0c:a4:78:d8:78:05:86:9a:3f:c6: 9b:c1:17:36:2b:d4:d2:0b:80:62:36:53:ad:52:26: 02:1d:94:bf:2d:e1:f7:a4:a4:1e:d7:71:d2:48:db: 66:32:cb:91:bb:7c:3d:a1:00:e5:b5:01:5a:31:78: 0c:ad:66:37:d3:32:b5:3b:4f:1a:64:c1:fd:71:30: 0b:80:a0:25:8b:76:a2:44:1d:6e:42:16:07:69:a2: cc:1c:07:f4:4c:34:6b:c2:d5:3b:23:a7:e8:2b:2a: 48:ed:83:3b:a2:ba:ef:29:ee:12:ff:49:ca:13:49: 16:33:33:e4:bc:54:8f:be:6b:54:bb:bb:17:72:64: 5e:99 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 73:C1:C0:87:41:51:8D:A0:C0:A1:2B:0C:0F:2C:90:2C:3C:2F:31:B4 X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 90:ff:3f:4c:d4:1e:75:2e:d0:c0:8d:99:fd:8a:84:a1:63:ef: 9c:e2:be:3a:5a:dc:ff:52:02:9e:a9:ba:74:19:d0:3d:0b:42: 1f:57:15:97:5e:5c:1c:7d:3a:65:a3:d6:49:b4:30:b2:d2:0e: c6:b4:69:3b:cc:96:b1:aa:21:b1:29:27:61:db:18:cd:0b:42: 6e:c8:4c:96:84:74:3f:9c:f4:69:06:34:a0:f1:a4:b8:8f:52: 20:dd:8b:cd:71:11:3c:12:02:ed:61:76:44:bb:4e:ff:9f:a3: c8:7f:4f:c4:0e:3f:4d:9e:fe:cb:9f:4f:b2:10:d2:42:43:76: 1d:30:f5:54:6f:da:2e:87:37:33:36:12:1d:ac:8e:22:f4:8b: 2e:44:56:a6:15:42:86:42:98:10:88:bf:50:a7:91:a0:61:20: a6:0a:93:12:34:bd:60:5a:73:ad:70:cf:03:87:9a:13:b1:72: 15:7b:c4:ce:65:11:47:83:ad:63:35:61:da:af:de:ec:71:65: 69:0a:f8:35:7f:09:e5:d0:f2:26:66:f9:23:a1:76:ea:6d:01: f0:24:b7:b6:bd:18:49:14:b9:11:f6:15:b9:b8:f9:9d:79:d5: 88:d1:b8:e3:4b:43:85:87:87:e6:94:93:8a:a0:71:e3:a6:01: 26:d5:f5:43 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUxMTA0MTg0NTIwWhcNMjUxMTExMTg0NTIwWjAYMRYwFAYD VQQDEw02OTBhNDljMS05ZmQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2vOt94kk6xNVtFK632yWkajDJnA7d+CeS0huAeKquDW0jOri5C9HSQSuU5yq hB9rFK9HjUmKdF6Vjbgc3oKzO+XEgK20AAWgtOOCJsTEbzZqGkZVguNhz8FYwCLv Rs74yvhYmNdn7QTIKbuOr+3Ik41DRn+SSgDz+E3OKQykeNh4BYaaP8abwRc2K9TS C4BiNlOtUiYCHZS/LeH3pKQe13HSSNtmMsuRu3w9oQDltQFaMXgMrWY30zK1O08a ZMH9cTALgKAli3aiRB1uQhYHaaLMHAf0TDRrwtU7I6foKypI7YM7orrvKe4S/0nK E0kWMzPkvFSPvmtUu7sXcmRemQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHPBwIdB UY2gwKErDA8skCw8LzG0MB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCQ/z9M1B51LtDAjZn9ioShY++c4r46Wtz/UgKeqbp0GdA9C0IfVxWX XlwcfTplo9ZJtDCy0g7GtGk7zJaxqiGxKSdh2xjNC0JuyEyWhHQ/nPRpBjSg8aS4 j1Ig3YvNcRE8EgLtYXZEu07/n6PIf0/EDj9Nnv7Ln0+yENJCQ3YdMPVUb9ouhzcz NhIdrI4i9IsuRFamFUKGQpgQiL9Qp5GgYSCmCpMSNL1gWnOtcM8Dh5oTsXIVe8TO ZRFHg61jNWHar97scWVpCvg1fwnl0PImZvkjoXbqbQHwJLe2vRhJFLkR9hW5uPmd edWI0bjjS0OFh4fmlJOKoHHjpgEm1fVD -----END CERTIFICATE-----Generated at Wed Nov 5 16:39:31 2025 by rpki-client