$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft File: Khx4XL6-fNe6tToSO2BVhg9gfxg.mft (raw, json) Hash identifier: FkUk225beMtTWgUQ/xMCqrim+zebVT6uPn1tIqZaN1Y= Subject key identifier: 28:59:FF:9A:08:05:1E:F7:66:53:32:1B:54:6A:4F:75:44:16:62:C1 Authority key identifier: 2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18 Certificate issuer: /CN=A91D6AB2/serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18 Certificate serial: 086A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft Manifest number: 0CB3 Signing time: Tue 16 Sep 2025 20:52:00 +0000 Manifest this update: Tue 16 Sep 2025 20:52:00 +0000 Manifest next update: Tue 23 Sep 2025 20:52:00 +0000 Files and hashes: 1: Khx4XL6-fNe6tToSO2BVhg9gfxg.crl (hash: 4dWNHmUHlwcx/SaIFfqxI6YPbKiDz7Rko7DuSxSgeAg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.crl rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 23 Sep 2025 20:51:59 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2154 (0x86a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6AB2, serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18 Validity Not Before: Sep 16 20:52:00 2025 GMT Not After : Sep 23 20:52:00 2025 GMT Subject: CN=68c9cdf0-8922 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:91:5d:1f:42:e2:b9:2a:aa:8f:bf:5d:3d:54: 0b:aa:02:bd:88:a3:3c:dc:00:04:94:26:bd:6b:ef: 23:38:30:94:9c:3f:0c:c7:85:2d:76:5a:c1:db:32: 7c:11:c8:b2:7c:af:f1:d5:11:89:bd:7a:a8:5c:f8: 16:68:e8:64:17:14:89:ad:1b:14:3a:41:62:59:cb: 00:46:2e:1a:3e:e3:8c:40:f0:3c:b7:a8:be:3b:ea: e7:d9:1c:74:8b:3e:5f:ac:58:19:3c:93:bb:41:e5: 4c:94:48:f9:14:c7:c2:4d:a4:52:31:e6:6c:1a:d5: c8:96:43:28:e8:34:d7:28:9d:df:6c:25:93:a7:e3: 6c:a4:a1:28:7f:d5:41:7c:6f:b9:7c:79:bb:c1:e7: 33:88:1f:d2:b5:b5:e1:3e:08:e9:36:46:9e:ad:3c: 0c:51:65:d6:62:2c:0e:91:07:90:d9:c2:df:41:58: 97:8e:bc:dd:d8:08:a2:23:fb:39:bc:03:b1:fc:37: e6:e0:f0:47:b0:e3:0d:0b:72:d4:ab:92:d5:8f:72: c5:73:ae:0d:a7:d2:d0:e3:7e:fb:d9:47:db:40:cf: 57:ab:39:1d:af:d0:46:8e:f2:fc:3d:dd:03:86:6e: cd:1e:de:38:55:17:d0:af:d9:d1:07:70:d5:05:f0: f7:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:59:FF:9A:08:05:1E:F7:66:53:32:1B:54:6A:4F:75:44:16:62:C1 X509v3 Authority Key Identifier: keyid:2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 87:6f:b7:b6:f9:60:3c:a4:f4:04:f9:78:68:ba:e2:a1:df:9f: a8:24:c7:22:5b:7b:af:ab:96:ca:11:ee:8b:b5:dc:1f:e6:4e: 98:fe:12:c0:04:b0:47:26:f9:72:ca:d0:dd:84:09:0d:8a:6f: a1:05:7c:df:fd:06:2b:fb:cc:f9:81:c3:d3:51:0a:1e:fa:fd: b2:00:64:9e:41:c3:b5:2e:6a:77:1b:75:d7:e6:d1:b0:28:30: 5c:4b:e8:99:af:9f:c0:e1:09:b2:a3:0d:a2:2f:5e:ca:21:2a: e5:c5:10:8a:78:32:25:48:1d:94:61:a7:3d:db:c3:23:fe:eb: 55:9f:b9:53:82:28:a1:0c:0f:95:c3:90:df:b6:ec:9f:6e:f2: a3:1d:ca:68:13:7b:d7:b3:07:34:a2:0f:ba:73:22:cf:13:8c: 12:16:e4:12:cc:91:86:88:e7:5c:fe:0e:68:60:46:0d:41:4c: 3d:fb:63:54:db:cd:38:d2:a2:8f:40:b9:9c:3f:10:78:5a:dd: 3c:dd:d5:0e:a1:54:96:24:79:ae:1b:7e:4d:4d:c5:3e:b3:47: e3:94:41:2c:47:90:f2:68:41:36:37:d3:b4:0b:52:8e:e3:0a: 10:b0:12:99:4d:e9:60:51:74:97:2d:be:91:2e:eb:df:c5:f3: 23:1c:dc:17 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCGowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDZBQjIxMTAvBgNVBAUTKDJBMUM3ODVDQkVCRTdDRDdCQUI1M0ExMjNCNjA1NTg2 MEY2MDdGMTgwHhcNMjUwOTE2MjA1MjAwWhcNMjUwOTIzMjA1MjAwWjAYMRYwFAYD VQQDEw02OGM5Y2RmMC04OTIyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAupFdH0LiuSqqj79dPVQLqgK9iKM83AAElCa9a+8jODCUnD8Mx4UtdlrB2zJ8 EciyfK/x1RGJvXqoXPgWaOhkFxSJrRsUOkFiWcsARi4aPuOMQPA8t6i+O+rn2Rx0 iz5frFgZPJO7QeVMlEj5FMfCTaRSMeZsGtXIlkMo6DTXKJ3fbCWTp+NspKEof9VB fG+5fHm7wecziB/StbXhPgjpNkaerTwMUWXWYiwOkQeQ2cLfQViXjrzd2AiiI/s5 vAOx/Dfm4PBHsOMNC3LUq5LVj3LFc64Np9LQ43772UfbQM9Xqzkdr9BGjvL8Pd0D hm7NHt44VRfQr9nRB3DVBfD3hwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFChZ/5oI BR73ZlMyG1RqT3VEFmLBMB8GA1UdIwQYMBaAFCoceFy+vnzXurU6EjtgVYYPYH8Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENkFCMi8wQUYyRUFBQUNG NzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2LWZOZTZ0VG9TTzJCVmhnOWdm eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0toeDRYTDYtZk5lNnRUb1NPMkJWaGc5Z2Z4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NkFCMi8wQUYyRUFBQUNGNzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2LWZO ZTZ0VG9TTzJCVmhnOWdmeGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCHb7e2+WA8pPQE+XhouuKh35+oJMciW3uvq5bKEe6Ltdwf5k6Y/hLA BLBHJvlyytDdhAkNim+hBXzf/QYr+8z5gcPTUQoe+v2yAGSeQcO1Lmp3G3XX5tGw KDBcS+iZr5/A4Qmyow2iL17KISrlxRCKeDIlSB2UYac928Mj/utVn7lTgiihDA+V w5DftuyfbvKjHcpoE3vXswc0og+6cyLPE4wSFuQSzJGGiOdc/g5oYEYNQUw9+2NU 28040qKPQLmcPxB4Wt083dUOoVSWJHmuG35NTcU+s0fjlEEsR5DyaEE2N9O0C1KO 4woQsBKZTelgUXSXLb6RLuvfxfMjHNwX -----END CERTIFICATE-----Generated at Thu Sep 18 20:29:11 2025 by rpki-client