$ rpki-client -vvf rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft File: KdzyaXujSl1MV_LtlnGNAxu8VjA.mft (raw, json) Hash identifier: c24st49th5LdV0OAWmsJYepFzOOitki90ZVwoTLeY0s= Subject key identifier: 2F:D4:0B:FA:63:5D:43:AE:18:43:AB:A9:4C:1D:14:4D:43:05:3E:9D Authority key identifier: 29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30 Certificate issuer: /CN=A91A1103/serialNumber=29DCF2697BA34A5D4C57F2ED96718D031BBC5630 Certificate serial: 1657 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft Manifest number: 164D Signing time: Fri 24 Oct 2025 17:07:02 +0000 Manifest this update: Fri 24 Oct 2025 17:07:01 +0000 Manifest next update: Fri 31 Oct 2025 17:07:01 +0000 Files and hashes: 1: KdzyaXujSl1MV_LtlnGNAxu8VjA.crl (hash: fvcrwcW7XAbNF/qiL7X8RUJWHvAX81NX/UJ5mzmxepI=) 2: 1C85059C1EB911E88533FA4EC4F9AE02.roa (hash: RqHN2PwZe21iOjQw65O1dXW58VJkxhmOGxQkFQUXslk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 31 Oct 2025 17:07:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 5719 (0x1657) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A1103, serialNumber=29DCF2697BA34A5D4C57F2ED96718D031BBC5630 Validity Not Before: Oct 24 17:07:01 2025 GMT Not After : Oct 31 17:07:01 2025 GMT Subject: CN=68fbb235-3b2d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a5:83:ce:7b:dc:53:82:95:8d:2c:07:db:e2:1c: 0a:cf:b8:a2:3d:64:32:8a:8f:27:20:54:f3:e5:96: 28:af:cd:4b:92:3e:0b:f9:0b:3f:4c:c5:52:e2:bf: c1:8a:09:93:77:11:12:b4:40:fb:a5:77:7a:3e:7e: 2a:5d:7d:0d:f5:5d:a9:db:e5:50:b7:2f:3a:30:5c: d5:d4:57:ef:81:af:d6:bb:cb:f1:5e:cd:9b:f8:05: ac:26:9e:d6:0c:c3:e8:e5:c4:bc:96:ab:9d:5a:92: 06:98:4d:e7:a4:81:c5:6b:a7:f2:30:94:8b:3a:7f: 17:84:de:3b:47:f1:6f:c0:c5:29:81:d6:fc:64:3a: bb:77:2b:46:cb:4f:70:3c:47:e6:8d:81:9a:fc:3f: a7:bd:29:8d:e1:95:96:64:bb:5c:e1:c4:41:e0:67: 82:f9:1a:e0:49:92:9f:bf:ef:4d:ff:a9:1e:a9:57: e0:09:25:05:2b:42:9b:4d:88:6d:a0:9e:b7:16:d9: 2c:1e:8a:bc:ba:74:50:10:6b:3b:f1:f3:98:71:74: c7:c2:42:cc:07:5f:20:74:38:50:a2:91:dc:e2:16: 0e:ec:31:f3:e6:e1:d4:ea:ae:4c:7d:da:03:5b:4a: 95:8d:6e:a5:64:52:47:e8:5c:3c:9d:15:48:32:c1: b8:cd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2F:D4:0B:FA:63:5D:43:AE:18:43:AB:A9:4C:1D:14:4D:43:05:3E:9D X509v3 Authority Key Identifier: keyid:29:DC:F2:69:7B:A3:4A:5D:4C:57:F2:ED:96:71:8D:03:1B:BC:56:30 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdzyaXujSl1MV_LtlnGNAxu8VjA.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A1103/2095AA621A0711E8BE24A558C4F9AE02/KdzyaXujSl1MV_LtlnGNAxu8VjA.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:69:be:d5:d0:bd:84:ef:d8:26:0b:bb:bd:93:10:7c:d5:00: f8:c9:65:69:12:2d:9f:59:e9:0e:a5:db:c1:53:5a:6c:13:0b: bc:6b:5a:5e:4b:78:d2:69:ce:d2:fc:c7:f0:b4:76:10:9c:f0: 2e:53:75:aa:45:28:6d:39:47:de:54:3d:45:24:74:54:d2:5b: 59:c4:fc:36:54:e4:0a:bc:61:5a:88:f1:93:2d:24:b6:9d:7c: 62:77:bc:89:44:19:09:da:08:dd:f3:15:d0:cd:c1:3d:b3:57: 7f:73:f0:a9:c4:f0:d4:52:1e:29:58:32:54:41:f9:76:27:ac: 22:22:78:23:d4:ed:64:24:df:77:08:4e:e1:fc:60:52:fa:fc: aa:a0:57:5b:ad:0c:78:16:f0:e9:d6:a3:b3:33:ee:ba:6b:bf: 99:ec:83:29:f6:be:59:58:3b:bc:96:c2:4f:ae:ad:6a:1a:81: 95:f7:c6:b0:a2:d7:28:98:52:f4:ea:0f:d6:1a:73:5f:43:4f: 59:22:66:dc:ed:a6:0f:36:1e:1b:f3:32:5a:14:53:3e:bc:3b: 11:3e:ae:12:da:95:fa:ec:fe:d5:fe:43:a7:03:fc:69:04:cb: 19:0d:cb:22:8b:12:d7:38:f7:9a:b4:db:1d:67:c3:5a:46:f3: cd:a6:52:7a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICFlcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTExMDMxMTAvBgNVBAUTKDI5RENGMjY5N0JBMzRBNUQ0QzU3RjJFRDk2NzE4RDAz MUJCQzU2MzAwHhcNMjUxMDI0MTcwNzAxWhcNMjUxMDMxMTcwNzAxWjAYMRYwFAYD VQQDEw02OGZiYjIzNS0zYjJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApYPOe9xTgpWNLAfb4hwKz7iiPWQyio8nIFTz5ZYor81Lkj4L+Qs/TMVS4r/B igmTdxEStED7pXd6Pn4qXX0N9V2p2+VQty86MFzV1Ffvga/Wu8vxXs2b+AWsJp7W DMPo5cS8lqudWpIGmE3npIHFa6fyMJSLOn8XhN47R/FvwMUpgdb8ZDq7dytGy09w PEfmjYGa/D+nvSmN4ZWWZLtc4cRB4GeC+RrgSZKfv+9N/6keqVfgCSUFK0KbTYht oJ63FtksHoq8unRQEGs78fOYcXTHwkLMB18gdDhQopHc4hYO7DHz5uHU6q5MfdoD W0qVjW6lZFJH6Fw8nRVIMsG4zQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC/UC/pj XUOuGEOrqUwdFE1DBT6dMB8GA1UdIwQYMBaAFCnc8ml7o0pdTFfy7ZZxjQMbvFYw MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMTEwMy8yMDk1QUE2MjFB MDcxMUU4QkUyNEE1NThDNEY5QUUwMi9LZHp5YVh1alNsMU1WX0x0bG5HTkF4dThW akEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkenlhWHVqU2wxTVZfTHRsbkdOQXh1OFZqQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MTEwMy8yMDk1QUE2MjFBMDcxMUU4QkUyNEE1NThDNEY5QUUwMi9LZHp5YVh1alNs MU1WX0x0bG5HTkF4dThWakEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVab7V0L2E79gmC7u9kxB81QD4yWVpEi2fWekOpdvBU1psEwu8a1pe S3jSac7S/MfwtHYQnPAuU3WqRShtOUfeVD1FJHRU0ltZxPw2VOQKvGFaiPGTLSS2 nXxid7yJRBkJ2gjd8xXQzcE9s1d/c/CpxPDUUh4pWDJUQfl2J6wiIngj1O1kJN93 CE7h/GBS+vyqoFdbrQx4FvDp1qOzM+66a7+Z7IMp9r5ZWDu8lsJPrq1qGoGV98aw otcomFL06g/WGnNfQ09ZImbc7aYPNh4b8zJaFFM+vDsRPq4S2pX67P7V/kOnA/xp BMsZDcsiixLXOPeatNsdZ8NaRvPNplJ6 -----END CERTIFICATE-----Generated at Fri Oct 24 23:52:05 2025 by rpki-client