$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: PAJ7E3vR8m96KQVnNxZA6f1vZeQMjCGLU5u5/gyjBsc= Subject key identifier: 1F:85:12:FB:C8:B7:10:1A:B5:66:C1:9F:1F:88:74:CA:C4:71:8C:6C Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0E02 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DE5 Signing time: Sat 18 Oct 2025 18:32:49 +0000 Manifest this update: Sat 18 Oct 2025 18:32:48 +0000 Manifest next update: Sat 25 Oct 2025 18:32:48 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: 9366c0ia2wJ7d2W19JAjMUUGL/3UjX7K1cb5l+Ugaqw=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 18:32:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3586 (0xe02) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Oct 18 18:32:48 2025 GMT Not After : Oct 25 18:32:48 2025 GMT Subject: CN=68f3dd51-ae7f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e1:aa:74:17:44:8c:e8:d0:29:1d:b9:23:03:53: b6:e3:db:dd:6a:58:79:b0:89:a5:66:52:c6:8c:6e: b6:7f:20:47:a1:54:84:fe:35:ad:b8:b3:c4:0b:df: f7:7a:29:15:f9:40:53:0d:40:78:5f:38:1b:0c:06: c6:9e:f3:8c:66:f2:6b:34:dd:dc:81:38:27:be:af: 20:3c:32:3b:36:17:23:23:6a:6e:16:42:d7:fe:dd: a0:de:92:d1:23:c4:9a:a3:0f:25:f6:fe:38:ae:08: 87:20:3b:2c:27:f1:d9:16:66:e3:7c:50:3f:22:4c: 7d:e6:e0:fd:6f:31:43:4d:b7:0c:b5:fd:ec:bf:3f: aa:1f:07:d6:28:47:11:17:31:b3:34:88:07:8c:35: 89:a6:78:7e:fc:a9:76:6e:40:f3:70:9d:98:38:c7: 28:6d:f2:44:08:1e:b3:74:d7:ab:6d:7a:db:8d:8f: 67:ca:49:2c:4a:f3:22:15:69:52:ac:0e:87:c2:df: 55:da:b3:4c:4e:f9:8a:8e:6a:f9:65:48:36:bd:7e: 40:73:50:f5:78:30:6f:e5:d5:b6:f6:40:29:2c:0d: 54:f4:a2:15:5e:6c:64:0f:a6:b7:b8:b4:77:0d:f8: bc:38:1d:fa:6a:a3:0b:70:04:22:ac:f6:4c:48:b9: 9f:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:85:12:FB:C8:B7:10:1A:B5:66:C1:9F:1F:88:74:CA:C4:71:8C:6C X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:7e:d5:4d:5f:e9:98:11:3e:80:5b:23:f3:4c:4d:4b:16:8b: 4b:cc:b3:23:63:f3:68:56:44:9c:2a:57:ab:bb:8b:74:d7:78: 09:33:66:1f:ca:0d:02:37:7b:f9:8e:28:31:4c:12:16:39:ac: d5:c9:bd:98:03:d5:16:1c:bc:38:29:58:7f:d1:df:9a:63:da: 6c:09:5b:cb:d8:88:36:1f:d2:70:30:51:a4:7f:22:ff:cb:8d: 91:bd:a4:69:d7:2e:e2:e9:d0:a4:02:f1:23:e1:d9:73:8f:ad: 2a:0a:85:96:20:5a:56:ff:04:59:9d:11:84:35:3a:33:a0:64: a8:63:8d:8d:78:55:e3:23:2a:2d:1c:52:0e:1c:13:a2:ee:f3: bf:c8:45:eb:6a:35:13:65:4a:12:a0:be:0c:10:89:b7:16:57: 3e:6a:a0:c5:e5:27:17:0f:4b:ed:94:14:c8:fd:fc:20:f1:0a: 66:1f:fa:8b:89:12:97:6a:12:d9:bf:e0:65:5a:db:82:bd:b9: c1:83:c4:96:10:71:20:1c:58:13:3e:f6:5a:8f:16:5a:bc:93: 0d:8b:bc:1a:17:2e:27:0f:97:6e:fe:be:88:43:7c:f7:43:34: 22:91:a8:47:53:a6:df:03:57:f2:71:b5:a7:96:77:ae:18:f0: e3:8e:6a:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDgIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUxMDE4MTgzMjQ4WhcNMjUxMDI1MTgzMjQ4WjAYMRYwFAYD VQQDEw02OGYzZGQ1MS1hZTdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4ap0F0SM6NApHbkjA1O249vdalh5sImlZlLGjG62fyBHoVSE/jWtuLPEC9/3 eikV+UBTDUB4XzgbDAbGnvOMZvJrNN3cgTgnvq8gPDI7NhcjI2puFkLX/t2g3pLR I8Saow8l9v44rgiHIDssJ/HZFmbjfFA/Ikx95uD9bzFDTbcMtf3svz+qHwfWKEcR FzGzNIgHjDWJpnh+/Kl2bkDzcJ2YOMcobfJECB6zdNerbXrbjY9nykksSvMiFWlS rA6Hwt9V2rNMTvmKjmr5ZUg2vX5Ac1D1eDBv5dW29kApLA1U9KIVXmxkD6a3uLR3 Dfi8OB36aqMLcAQirPZMSLmf/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB+FEvvI txAatWbBnx+IdMrEcYxsMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+ftVNX+mYET6AWyPzTE1LFotLzLMjY/NoVkScKleru4t013gJM2Yf yg0CN3v5jigxTBIWOazVyb2YA9UWHLw4KVh/0d+aY9psCVvL2Ig2H9JwMFGkfyL/ y42RvaRp1y7i6dCkAvEj4dlzj60qCoWWIFpW/wRZnRGENTozoGSoY42NeFXjIyot HFIOHBOi7vO/yEXrajUTZUoSoL4MEIm3Flc+aqDF5ScXD0vtlBTI/fwg8QpmH/qL iRKXahLZv+BlWtuCvbnBg8SWEHEgHFgTPvZajxZavJMNi7waFy4nD5du/r6IQ3z3 QzQikahHU6bfA1fycbWnlneuGPDjjmqF -----END CERTIFICATE-----Generated at Mon Oct 20 05:42:49 2025 by rpki-client