$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft File: Khx4XL6-fNe6tToSO2BVhg9gfxg.mft (raw, json) Hash identifier: WxPA+809ljpOCNiefMsAiXvaeagKAaqTHQvOopVMc3k= Subject key identifier: 81:26:7B:B4:9D:08:BD:94:8A:35:59:E0:14:E0:EF:3E:8E:D3:A2:9D Authority key identifier: 2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18 Certificate issuer: /CN=A91D6AB2/serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18 Certificate serial: 0882 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft Manifest number: 0CE3 Signing time: Sun 02 Nov 2025 20:32:50 +0000 Manifest this update: Sun 02 Nov 2025 20:32:49 +0000 Manifest next update: Sun 09 Nov 2025 20:32:49 +0000 Files and hashes: 1: Khx4XL6-fNe6tToSO2BVhg9gfxg.crl (hash: cr4NaFIp5zS7N8skaLSa3iE41/22bpP3aTAfurVNQRo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.crl rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 20:32:49 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2178 (0x882) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6AB2, serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18 Validity Not Before: Nov 2 20:32:49 2025 GMT Not After : Nov 9 20:32:49 2025 GMT Subject: CN=6907bff2-f515 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ae:49:32:f0:19:56:88:66:de:3b:d8:ad:5e:78: ba:a9:ed:31:98:b3:18:ab:1e:74:06:79:f4:c2:ed: 93:cb:a4:38:4e:5a:78:af:d4:8e:5f:ac:d3:4d:62: 65:3f:96:22:cf:02:f6:38:77:99:69:e3:2a:a5:ed: 47:a0:af:7c:2a:78:f0:c7:c8:8d:81:d6:49:30:1a: f0:7a:ea:14:7e:ba:3e:78:76:f5:2f:8b:f1:5c:30: 33:38:0c:3e:e8:de:28:08:b9:81:47:37:fe:33:ae: b0:8b:d2:6d:9a:9a:ee:cc:60:22:69:a9:0f:db:09: d4:2f:8f:b0:4b:97:d8:4d:9e:79:5d:9a:27:62:e8: bc:40:cc:5f:7b:65:62:8e:f7:8d:92:33:04:9c:12: fe:1d:a9:d7:71:89:a4:c2:6d:99:13:b4:ff:3d:f9: 44:f1:c7:bd:88:60:6b:83:28:b8:b4:33:1f:37:6c: ae:98:c7:fd:04:ad:e1:ec:14:33:4f:54:77:cc:5e: 9d:f1:b3:b8:04:8f:c7:a2:df:b6:fc:80:3c:b5:30: 4c:04:cb:cb:0d:d5:9b:cb:95:03:ad:5d:e1:7d:4b: f3:1b:d6:5d:04:a8:4c:ed:0f:55:a4:f5:a5:0f:db: 1e:d8:b2:18:ad:61:e7:67:db:18:a5:b2:fd:e3:4a: a9:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 81:26:7B:B4:9D:08:BD:94:8A:35:59:E0:14:E0:EF:3E:8E:D3:A2:9D X509v3 Authority Key Identifier: keyid:2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:ff:53:a5:32:49:a6:fe:ac:ae:a6:8b:0d:77:a9:73:a6:7b: 88:27:09:7c:42:7c:5f:41:e2:ef:18:24:48:8b:1c:a6:ac:56: 13:a0:82:7a:b0:89:4e:f0:a9:d1:d3:cc:cb:74:f0:60:be:67: 97:00:9a:e9:69:cf:a3:a0:cb:f7:53:5a:d0:1a:5b:dc:ac:72: 0b:6e:9e:27:54:c4:16:ac:1f:ca:ba:13:8b:7f:c0:36:12:dd: f8:f7:53:92:4e:5c:2a:f7:51:f1:fd:3d:ed:f8:c2:91:a2:57: d6:71:24:1d:d3:b0:1c:21:e1:7c:f7:c2:fb:34:78:d0:b9:fc: f5:00:12:18:60:b4:f2:7b:e1:99:63:cc:1e:1b:5b:84:55:e0: 1f:32:5e:fc:75:c4:5d:75:c0:1e:9a:db:67:18:1e:c9:0c:29: dd:84:63:08:cf:f6:8a:ea:55:c1:35:7c:79:fe:d3:7c:a1:05: 8a:55:57:5e:20:60:18:38:45:e9:6e:37:31:c6:09:7e:50:e5: dc:9c:41:1c:26:00:a6:32:8c:26:e4:f9:a6:0f:8b:15:ef:61: c8:70:e7:65:52:03:95:8b:06:b3:81:84:0b:bb:0f:56:f6:8b: 83:86:21:e7:98:cd:2e:0a:62:10:8e:fa:97:a7:f9:00:3c:2c: be:81:b6:8d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCIIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDZBQjIxMTAvBgNVBAUTKDJBMUM3ODVDQkVCRTdDRDdCQUI1M0ExMjNCNjA1NTg2 MEY2MDdGMTgwHhcNMjUxMTAyMjAzMjQ5WhcNMjUxMTA5MjAzMjQ5WjAYMRYwFAYD VQQDEw02OTA3YmZmMi1mNTE1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArkky8BlWiGbeO9itXni6qe0xmLMYqx50Bnn0wu2Ty6Q4Tlp4r9SOX6zTTWJl P5YizwL2OHeZaeMqpe1HoK98Knjwx8iNgdZJMBrweuoUfro+eHb1L4vxXDAzOAw+ 6N4oCLmBRzf+M66wi9JtmpruzGAiaakP2wnUL4+wS5fYTZ55XZonYui8QMxfe2Vi jveNkjMEnBL+HanXcYmkwm2ZE7T/PflE8ce9iGBrgyi4tDMfN2yumMf9BK3h7BQz T1R3zF6d8bO4BI/Hot+2/IA8tTBMBMvLDdWby5UDrV3hfUvzG9ZdBKhM7Q9VpPWl D9se2LIYrWHnZ9sYpbL940qpSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIEme7Sd CL2UijVZ4BTg7z6O06KdMB8GA1UdIwQYMBaAFCoceFy+vnzXurU6EjtgVYYPYH8Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENkFCMi8wQUYyRUFBQUNG NzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2LWZOZTZ0VG9TTzJCVmhnOWdm eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0toeDRYTDYtZk5lNnRUb1NPMkJWaGc5Z2Z4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NkFCMi8wQUYyRUFBQUNGNzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2LWZO ZTZ0VG9TTzJCVmhnOWdmeGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9/1OlMkmm/qyuposNd6lzpnuIJwl8QnxfQeLvGCRIixymrFYToIJ6 sIlO8KnR08zLdPBgvmeXAJrpac+joMv3U1rQGlvcrHILbp4nVMQWrB/KuhOLf8A2 Et3491OSTlwq91Hx/T3t+MKRolfWcSQd07AcIeF898L7NHjQufz1ABIYYLTye+GZ Y8weG1uEVeAfMl78dcRddcAemttnGB7JDCndhGMIz/aK6lXBNXx5/tN8oQWKVVde IGAYOEXpbjcxxgl+UOXcnEEcJgCmMowm5PmmD4sV72HIcOdlUgOViwazgYQLuw9W 9ouDhiHnmM0uCmIQjvqXp/kAPCy+gbaN -----END CERTIFICATE-----Generated at Mon Nov 3 18:07:21 2025 by rpki-client