$ rpki-client -vvf rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft File: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft (raw, json) Hash identifier: tbuUM990O3mzEY95wn2gj+LoknVbCGhKGnVrF/AbNvQ= Subject key identifier: 20:29:41:50:DF:36:24:75:5F:38:D9:37:7A:CB:86:34:34:6E:13:EB Authority key identifier: 29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC Certificate issuer: /CN=A9152329/serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Certificate serial: AF Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft Manifest number: AE Signing time: Sun 19 Oct 2025 09:18:08 +0000 Manifest this update: Sun 19 Oct 2025 09:18:07 +0000 Manifest next update: Sun 26 Oct 2025 09:18:07 +0000 Files and hashes: 1: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl (hash: 2Ic+Ia4lzThg/xlk7iUdzTwv7nlrlGSaKPoLm2SaIn0=) 2: 38161248A26911EFBF6D0319C4F9AE02.roa (hash: ask+BZFU8F8z7xA+3YaObHPYrB9zSG3srAnnNSVnzDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 09:18:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 175 (0xaf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152329, serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Validity Not Before: Oct 19 09:18:07 2025 GMT Not After : Oct 26 09:18:07 2025 GMT Subject: CN=68f4acd0-3e66 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e7:f4:4f:52:3a:85:f2:bc:9c:1a:21:9e:72:b8: b5:68:ce:a0:44:df:ef:38:ee:92:8a:71:ba:53:c1: 9c:29:92:8b:aa:82:03:11:da:79:3f:47:88:3a:10: e0:f9:74:ca:9f:c2:40:51:5a:67:6a:be:b1:5d:30: a1:2c:8a:cf:f4:d4:79:10:ec:2a:c8:ae:c7:47:84: ed:6f:a3:97:dd:5a:9e:3f:88:63:4e:66:00:21:59: 5d:05:49:95:ee:4c:51:86:0a:5a:91:18:2d:d1:f9: 3e:70:b8:7f:62:b8:8f:16:29:7c:c2:76:17:f8:97: 01:1d:6a:18:da:3d:d1:98:b7:81:b7:ec:e6:d9:bd: 8f:1b:d1:7f:76:a6:27:7b:83:00:69:d1:c4:90:09: b0:45:73:35:4c:eb:b2:a2:5d:a8:9a:c6:7c:32:f3: 28:7c:95:58:95:95:15:ab:3c:bc:5d:ec:81:54:8f: 81:7f:39:3d:ef:6f:6a:dd:f4:23:41:2b:1c:2d:26: 7b:de:25:5a:a6:33:48:4d:95:28:37:88:2e:63:1d: 7e:70:ef:4c:33:7e:56:32:0f:26:60:ce:5a:3a:81: 3b:90:ad:c4:d4:cd:a1:a3:10:13:81:db:7f:25:5f: 10:5d:71:96:cf:ba:86:60:b8:1e:3f:43:25:50:d0: a5:c5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:29:41:50:DF:36:24:75:5F:38:D9:37:7A:CB:86:34:34:6E:13:EB X509v3 Authority Key Identifier: keyid:29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption ad:b0:3c:1f:1a:10:17:6d:c8:2d:da:89:9e:8d:cd:08:bf:da: db:ff:3b:0c:d0:0c:eb:e1:7c:5e:9a:bb:fb:b8:54:93:87:ff: 53:85:eb:a7:a9:9e:30:bb:91:c9:28:89:e8:b6:fb:b1:71:04: 6d:7c:6f:ee:54:ca:f0:c9:d7:ec:32:7f:d1:e2:d0:51:6e:6a: 8c:1d:8c:8d:e7:42:21:6f:f7:0b:c3:ec:ae:8a:db:2c:35:1e: 5b:14:f6:61:88:f8:f0:62:63:df:4e:da:c0:86:3c:ac:b6:24: 20:39:79:33:00:57:f8:36:5a:bf:b4:0b:40:8d:1b:4e:0a:21: be:4d:66:0b:78:db:81:9f:63:2c:b9:96:8a:e0:99:65:8f:88: f9:21:d6:44:1a:c3:64:5e:e6:65:60:64:3f:3e:21:57:d9:b8: 62:e7:8e:4e:8c:ed:41:67:c0:b9:0f:f1:ce:8d:f6:58:1f:91: 08:e7:0f:e9:d2:27:a9:1a:b8:34:b6:ba:57:62:4a:c1:a7:de: bc:a3:bd:87:36:68:2c:07:59:b2:c4:c7:43:2d:f0:e5:b4:2c: 6d:c3:84:29:89:49:d3:92:46:70:7f:bb:eb:5c:9e:76:f0:78: 78:71:d1:0e:47:90:43:6e:c1:69:bc:2b:ff:53:9e:3a:55:c6: bd:0c:de:df -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAK8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTIzMjkxMTAvBgNVBAUTKDI5M0FDNjQwNTMwOURFOTQ5NTE2ODdGRTE3Mjk2QURE Q0Q5NTcyRkMwHhcNMjUxMDE5MDkxODA3WhcNMjUxMDI2MDkxODA3WjAYMRYwFAYD VQQDEw02OGY0YWNkMC0zZTY2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA5/RPUjqF8rycGiGecri1aM6gRN/vOO6SinG6U8GcKZKLqoIDEdp5P0eIOhDg +XTKn8JAUVpnar6xXTChLIrP9NR5EOwqyK7HR4Ttb6OX3VqeP4hjTmYAIVldBUmV 7kxRhgpakRgt0fk+cLh/YriPFil8wnYX+JcBHWoY2j3RmLeBt+zm2b2PG9F/dqYn e4MAadHEkAmwRXM1TOuyol2omsZ8MvMofJVYlZUVqzy8XeyBVI+Bfzk9729q3fQj QSscLSZ73iVapjNITZUoN4guYx1+cO9MM35WMg8mYM5aOoE7kK3E1M2hoxATgdt/ JV8QXXGWz7qGYLgeP0MlUNClxQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCApQVDf NiR1XzjZN3rLhjQ0bhPrMB8GA1UdIwQYMBaAFCk6xkBTCd6UlRaH/hcpat3NlXL8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjMyOS9DN0ZBRDM2OEEy NjgxMUVGOUQ5MTQxMThDNEY5QUUwMi9LVHJHUUZNSjNwU1ZGb2YtRnlscTNjMlZj dncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tUckdRRk1KM3BTVkZvZi1GeWxxM2MyVmN2dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjMyOS9DN0ZBRDM2OEEyNjgxMUVGOUQ5MTQxMThDNEY5QUUwMi9LVHJHUUZNSjNw U1ZGb2YtRnlscTNjMlZjdncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCtsDwfGhAXbcgt2omejc0Iv9rb/zsM0Azr4Xxemrv7uFSTh/9Theun qZ4wu5HJKInotvuxcQRtfG/uVMrwydfsMn/R4tBRbmqMHYyN50Ihb/cLw+yuitss NR5bFPZhiPjwYmPfTtrAhjystiQgOXkzAFf4Nlq/tAtAjRtOCiG+TWYLeNuBn2Ms uZaK4Jllj4j5IdZEGsNkXuZlYGQ/PiFX2bhi545OjO1BZ8C5D/HOjfZYH5EI5w/p 0iepGrg0trpXYkrBp968o72HNmgsB1myxMdDLfDltCxtw4QpiUnTkkZwf7vrXJ52 8Hh4cdEOR5BDbsFpvCv/U546Vca9DN7f -----END CERTIFICATE-----Generated at Mon Oct 20 21:23:49 2025 by rpki-client