$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: iiqzPfBki26k4cDzAIGnoEi99yk1cbmnSkL7T1dI+kk= Subject key identifier: 24:77:12:C5:1E:B2:A4:44:C2:A0:52:0F:8E:3F:F8:26:99:40:02:6E Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 0195 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 0191 Signing time: Wed 05 Nov 2025 03:39:11 +0000 Manifest this update: Wed 05 Nov 2025 03:39:10 +0000 Manifest next update: Wed 12 Nov 2025 03:39:10 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: 1a0HNV+xEmvUfW1DuQAxDJh4+UX3VHoulAj4+vpnJ4s=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: E2MEy59tbIM1Maudg/5GMAqeAqrNk3TYYaN2opqqFDU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 03:39:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 405 (0x195) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Nov 5 03:39:10 2025 GMT Not After : Nov 12 03:39:10 2025 GMT Subject: CN=690ac6de-00c6 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:4d:55:6a:79:47:1d:a0:55:4f:8b:7b:b0:a1: 83:58:2a:d6:f4:f7:8f:45:93:2b:52:a0:f2:e3:23: bd:f1:54:29:b8:98:95:24:f4:50:36:95:a6:b0:73: 21:f9:84:bc:18:54:a3:d6:17:db:3c:e8:a5:e3:5b: 4c:c1:52:2e:07:81:87:25:9f:90:2f:5b:df:65:dd: 12:6b:51:de:77:31:5d:05:45:22:2f:79:63:85:bb: ee:bb:c5:62:30:d2:7e:91:46:46:ea:9e:19:75:9d: bb:6b:48:e6:a3:53:77:a3:31:1b:76:b4:0d:da:92: 96:a5:15:ac:b6:84:72:47:7e:f2:d7:c8:69:61:97: 2c:64:e6:1c:48:3a:09:27:09:43:74:fa:41:aa:9b: d6:01:20:0f:76:f4:7d:4c:ef:4d:29:57:bf:0c:a4: b1:31:b5:50:94:0e:ab:6d:01:54:e5:4a:16:bb:e5: d7:55:0c:ca:f0:a6:b9:21:5e:e7:f5:f3:6f:fa:c4: 5c:a1:7e:4a:b3:dc:3f:a3:27:6a:cf:a5:2d:1e:eb: 32:08:cd:a7:02:cc:2e:1d:2c:74:ea:72:72:43:49: 5e:c5:de:e4:b0:8a:d5:20:c1:06:57:b0:8d:53:09: 08:e4:b2:62:77:fd:79:58:de:b4:a7:a7:53:8b:23: 85:c7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 24:77:12:C5:1E:B2:A4:44:C2:A0:52:0F:8E:3F:F8:26:99:40:02:6E X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bb:ee:a1:3a:e0:02:2c:67:9d:b1:7a:35:60:5d:a5:7b:6b:fd: 6d:db:0e:06:4d:83:13:9d:38:4a:8b:f2:54:39:b7:e1:0b:26: 56:ee:1d:1b:ee:84:f1:99:43:7a:77:11:e0:ec:ee:db:55:41: e7:25:4b:e8:33:9a:da:04:1f:5c:69:bc:c6:50:d6:26:45:2f: 74:bc:69:83:82:c1:c5:84:5f:07:b1:78:6c:ae:d7:35:06:84: 7a:33:00:ff:61:ff:f9:35:2c:10:c6:90:6b:80:40:81:de:f9: ea:92:fe:e3:4f:e4:1a:ad:bf:28:3f:f6:5c:22:83:4e:39:05: 6d:99:f8:94:c1:c9:87:51:9c:c1:18:ae:61:17:51:de:65:71: e8:01:6f:2c:82:cf:b3:92:81:fc:8b:4c:29:d8:c8:62:67:23: 93:be:c8:68:e2:56:13:17:06:82:f8:b4:f4:d3:f4:e9:0d:f7: 32:43:b0:e7:20:39:ad:0c:65:a2:6b:6e:24:17:e6:57:1c:c9: dd:48:d2:35:d7:d7:df:32:85:cb:96:6b:0f:58:be:1d:2c:7b: 1c:a0:96:59:6b:db:f2:33:ca:bf:9c:ad:b6:20:52:bf:f5:7b: 12:59:c2:fb:e6:0f:f4:ae:e6:d2:2d:79:e9:21:06:2e:6b:50: 6f:10:d6:44 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUxMTA1MDMzOTEwWhcNMjUxMTEyMDMzOTEwWjAYMRYwFAYD VQQDEw02OTBhYzZkZS0wMGM2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyk1VanlHHaBVT4t7sKGDWCrW9PePRZMrUqDy4yO98VQpuJiVJPRQNpWmsHMh +YS8GFSj1hfbPOil41tMwVIuB4GHJZ+QL1vfZd0Sa1HedzFdBUUiL3ljhbvuu8Vi MNJ+kUZG6p4ZdZ27a0jmo1N3ozEbdrQN2pKWpRWstoRyR37y18hpYZcsZOYcSDoJ JwlDdPpBqpvWASAPdvR9TO9NKVe/DKSxMbVQlA6rbQFU5UoWu+XXVQzK8Ka5IV7n 9fNv+sRcoX5Ks9w/oydqz6UtHusyCM2nAswuHSx06nJyQ0lexd7ksIrVIMEGV7CN UwkI5LJid/15WN60p6dTiyOFxwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCR3EsUe sqREwqBSD44/+CaZQAJuMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC77qE64AIsZ52xejVgXaV7a/1t2w4GTYMTnThKi/JUObfhCyZW7h0b 7oTxmUN6dxHg7O7bVUHnJUvoM5raBB9cabzGUNYmRS90vGmDgsHFhF8HsXhsrtc1 BoR6MwD/Yf/5NSwQxpBrgECB3vnqkv7jT+Qarb8oP/ZcIoNOOQVtmfiUwcmHUZzB GK5hF1HeZXHoAW8sgs+zkoH8i0wp2MhiZyOTvsho4lYTFwaC+LT00/TpDfcyQ7Dn IDmtDGWia24kF+ZXHMndSNI119ffMoXLlmsPWL4dLHscoJZZa9vyM8q/nK22IFK/ 9XsSWcL75g/0rubSLXnpIQYua1BvENZE -----END CERTIFICATE-----Generated at Wed Nov 5 05:25:45 2025 by rpki-client