$ rpki-client -vvf rpki.apnic.net/member_repository/A918424C/ABCBEBD623D411EF9575324EC4F9AE02/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.mft File: KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.mft (raw, json) Hash identifier: +wIPFbefLeojTcBw+szBJjI7TpvZfbzRJXk8m7JEjA4= Subject key identifier: 1B:46:84:CA:45:56:D1:B1:08:BD:F3:1A:BB:B7:6B:8A:42:05:78:07 Authority key identifier: 2A:44:56:D1:72:B2:B8:6D:CD:A7:12:E6:61:F6:D9:F2:FF:19:20:38 Certificate issuer: /CN=A918424C/serialNumber=2A4456D172B2B86DCDA712E661F6D9F2FF192038 Certificate serial: 0103 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918424C/ABCBEBD623D411EF9575324EC4F9AE02/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.mft Manifest number: 0101 Signing time: Sun 19 Oct 2025 08:00:10 +0000 Manifest this update: Sun 19 Oct 2025 08:00:09 +0000 Manifest next update: Sun 26 Oct 2025 08:00:09 +0000 Files and hashes: 1: KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.crl (hash: rmviV8TTXI888fMc+SgsAgNtudmG2T1lc7f7T5jIjFQ=) 2: 4394064223D511EF9AB13E4FC4F9AE02.roa (hash: GgtpbCe0DWHXE3n4d7zrRXZLNfKbReC9s/SOQ0QeSio=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918424C/ABCBEBD623D411EF9575324EC4F9AE02/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.crl rsync://rpki.apnic.net/member_repository/A918424C/ABCBEBD623D411EF9575324EC4F9AE02/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 26 Oct 2025 08:00:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 259 (0x103) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918424C, serialNumber=2A4456D172B2B86DCDA712E661F6D9F2FF192038 Validity Not Before: Oct 19 08:00:09 2025 GMT Not After : Oct 26 08:00:09 2025 GMT Subject: CN=68f49a89-1aaf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bb:91:b3:67:21:eb:af:9a:46:01:56:7b:91:d5: 48:c6:61:38:61:37:10:84:ea:eb:b5:b2:ee:33:5c: e4:1a:c3:3f:f7:09:87:d4:41:b2:37:df:27:66:a8: 5f:48:77:f3:56:12:f0:c6:af:1f:45:9c:b8:e7:bb: ff:3f:0a:8f:68:28:21:54:12:b2:ec:d1:95:45:9e: 11:61:f9:dc:9a:75:4e:5c:9f:97:0a:01:4b:ca:49: 7e:98:6f:6c:56:a5:0d:63:b7:78:cc:ec:a9:b4:7c: fd:1b:95:d3:40:c7:21:ca:b0:6b:2e:fb:fe:0f:40: 48:07:cf:29:e1:0e:00:51:da:e3:f5:0a:01:31:98: cb:8b:10:c3:c7:65:39:eb:b9:42:aa:5e:86:fc:44: 43:fd:dc:4d:94:d6:a7:ee:29:a4:1b:cc:39:7a:41: cd:21:d8:ca:28:b4:cd:2e:ca:14:5a:ae:21:b8:e6: 0d:84:00:c8:5d:15:53:6c:22:ca:ef:e8:e3:3a:17: 32:01:e4:e5:27:bf:b0:0f:87:4c:90:4c:85:92:b0: 07:fd:98:63:16:0e:a2:bd:2a:88:b5:a5:07:87:9e: 27:1b:a6:ef:af:66:d4:c9:32:5f:1b:d9:f4:33:c6: e1:52:77:34:14:87:a6:b8:58:34:74:b5:c9:c9:ac: 8b:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1B:46:84:CA:45:56:D1:B1:08:BD:F3:1A:BB:B7:6B:8A:42:05:78:07 X509v3 Authority Key Identifier: keyid:2A:44:56:D1:72:B2:B8:6D:CD:A7:12:E6:61:F6:D9:F2:FF:19:20:38 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918424C/ABCBEBD623D411EF9575324EC4F9AE02/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918424C/ABCBEBD623D411EF9575324EC4F9AE02/KkRW0XKyuG3NpxLmYfbZ8v8ZIDg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:cb:fe:30:db:da:13:5e:84:53:72:76:91:46:0f:df:0b:c2: 74:40:30:a9:23:32:3b:31:35:3e:b2:0e:8f:bf:b6:99:28:cd: 18:f0:21:6a:57:30:9f:d4:80:62:76:c0:71:3a:61:22:22:5a: 92:90:71:c2:70:10:d7:5e:d4:14:0e:d4:c4:33:bf:1f:a6:af: 70:91:24:97:b3:64:c6:c1:2d:08:ec:e7:7f:49:e9:43:79:18: b8:9e:8f:fc:e5:bb:57:ce:cc:5f:34:03:ad:50:d9:e9:1d:ad: c6:8f:b8:f5:0a:f9:fb:4a:1e:39:6f:04:7c:cb:12:c4:86:98: b2:a6:0a:c7:5f:bb:20:fb:29:a3:9c:35:f3:e7:96:14:d9:3e: b3:96:6d:a6:cd:0f:e2:52:6c:16:dd:6f:1c:4a:be:2d:3a:86: 8a:fe:6d:22:ef:95:a8:ed:51:02:6f:fe:ee:aa:0a:72:c3:bb: e1:f9:2a:0d:3c:bb:e2:5b:92:12:9c:47:2a:c9:01:13:bf:7e: a6:c4:7c:9f:7b:b8:bd:76:fa:4e:03:9c:cb:33:22:f2:77:c4: 3f:d4:68:1b:ce:93:fb:36:44:17:ed:7e:ed:8f:ea:5a:07:9c: 00:cc:df:1d:06:77:7e:80:04:00:4e:8a:e6:ea:05:85:14:0f: 54:89:9d:65 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAQMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQyNEMxMTAvBgNVBAUTKDJBNDQ1NkQxNzJCMkI4NkRDREE3MTJFNjYxRjZEOUYy RkYxOTIwMzgwHhcNMjUxMDE5MDgwMDA5WhcNMjUxMDI2MDgwMDA5WjAYMRYwFAYD VQQDEw02OGY0OWE4OS0xYWFmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAu5GzZyHrr5pGAVZ7kdVIxmE4YTcQhOrrtbLuM1zkGsM/9wmH1EGyN98nZqhf SHfzVhLwxq8fRZy457v/PwqPaCghVBKy7NGVRZ4RYfncmnVOXJ+XCgFLykl+mG9s VqUNY7d4zOyptHz9G5XTQMchyrBrLvv+D0BIB88p4Q4AUdrj9QoBMZjLixDDx2U5 67lCql6G/ERD/dxNlNan7imkG8w5ekHNIdjKKLTNLsoUWq4huOYNhADIXRVTbCLK 7+jjOhcyAeTlJ7+wD4dMkEyFkrAH/ZhjFg6ivSqItaUHh54nG6bvr2bUyTJfG9n0 M8bhUnc0FIemuFg0dLXJyayLMwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBtGhMpF VtGxCL3zGru3a4pCBXgHMB8GA1UdIwQYMBaAFCpEVtFysrhtzacS5mH22fL/GSA4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDI0Qy9BQkNCRUJENjIz RDQxMUVGOTU3NTMyNEVDNEY5QUUwMi9La1JXMFhLeXVHM05weExtWWZiWjh2OFpJ RGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0trUlcwWEt5dUczTnB4TG1ZZmJaOHY4WklEZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDI0Qy9BQkNCRUJENjIzRDQxMUVGOTU3NTMyNEVDNEY5QUUwMi9La1JXMFhLeXVH M05weExtWWZiWjh2OFpJRGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQANy/4w29oTXoRTcnaRRg/fC8J0QDCpIzI7MTU+sg6Pv7aZKM0Y8CFq VzCf1IBidsBxOmEiIlqSkHHCcBDXXtQUDtTEM78fpq9wkSSXs2TGwS0I7Od/SelD eRi4no/85btXzsxfNAOtUNnpHa3Gj7j1Cvn7Sh45bwR8yxLEhpiypgrHX7sg+ymj nDXz55YU2T6zlm2mzQ/iUmwW3W8cSr4tOoaK/m0i75Wo7VECb/7uqgpyw7vh+SoN PLviW5ISnEcqyQETv36mxHyfe7i9dvpOA5zLMyLyd8Q/1GgbzpP7NkQX7X7tj+pa B5wAzN8dBnd+gAQATorm6gWFFA9UiZ1l -----END CERTIFICATE-----Generated at Mon Oct 20 08:02:57 2025 by rpki-client