$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: fxaWoNJAmtF41XWlbioaMlBWte4pF4/WethoRtE8Fko= Subject key identifier: B7:B6:B2:2B:B2:1B:34:5C:FE:59:BB:E6:38:B0:95:7B:64:96:23:6E Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0C52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0C43 Signing time: Sat 18 Oct 2025 19:27:22 +0000 Manifest this update: Sat 18 Oct 2025 19:27:21 +0000 Manifest next update: Sat 25 Oct 2025 19:27:21 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: /bgmaO7eR6GBjU9upds5faiW44yBqKPoYA735niNAgs=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: ckq5cjCEQ/2WL7JkGpSyoM0Cdw/OAtqMQAwrig1lc1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 19:27:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3154 (0xc52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Oct 18 19:27:21 2025 GMT Not After : Oct 25 19:27:21 2025 GMT Subject: CN=68f3ea19-767f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:41:d2:d9:ab:87:52:ee:61:1e:67:fc:1d:b1: 24:8d:46:1a:63:43:2b:58:98:13:4e:9c:d5:00:f3: ca:53:08:55:20:2e:36:25:c2:f6:6f:1f:a4:84:11: 59:d4:c8:f5:14:df:37:d3:11:e0:b7:da:4f:06:38: 81:df:c8:39:8e:7e:60:52:0e:6f:7c:9b:98:d1:2b: 8b:c3:b7:77:05:2e:7e:b1:69:f7:38:0d:e7:c2:54: 02:19:03:08:cd:47:4c:a9:61:1c:9d:ba:3d:4e:fd: 12:64:27:07:ab:1c:2c:1b:17:78:c7:e0:29:87:69: 8f:47:54:58:7b:8f:01:a8:53:54:95:ef:86:48:89: 15:ab:9a:7c:02:5d:04:d8:d3:f2:d1:89:83:85:5a: 1f:aa:cb:cc:29:29:7a:58:d4:25:ee:a6:b5:bf:0b: c7:42:e3:a7:f3:21:d1:bf:ba:3a:a7:63:81:d6:15: 10:52:54:35:6f:a1:7c:42:71:1d:0e:d6:9b:26:66: 66:10:5a:ea:32:c8:91:3b:9a:c4:dd:73:75:19:f9: 57:ca:03:8c:42:90:2d:48:bb:dc:0a:45:c2:20:ef: 73:ff:cd:45:3d:a5:45:7c:e0:8b:3d:9b:25:b5:05: 46:de:85:65:98:cd:43:6b:fc:9d:d0:49:22:14:03: d5:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B7:B6:B2:2B:B2:1B:34:5C:FE:59:BB:E6:38:B0:95:7B:64:96:23:6E X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 95:0f:64:c2:0e:5d:19:32:f6:13:b3:7b:2a:b5:40:f8:87:f0: 58:28:de:5a:a2:8c:5a:12:a5:1a:17:67:39:b3:56:04:f1:76: 6b:c9:71:bb:5a:57:cf:b1:24:dc:c7:1b:ab:b4:04:e7:45:63: 29:71:64:46:f0:82:b3:05:05:91:77:f4:8f:70:26:40:38:d6: 9f:4c:24:d9:d4:27:74:a9:5e:ae:46:1c:ec:7b:75:0f:1a:cf: b7:2f:ce:92:78:fb:6c:c9:c0:23:bd:2a:21:36:2c:bd:f3:b3: d7:c9:1b:23:42:d0:84:bd:72:c4:a9:cd:7a:49:e9:46:d5:8c: 31:ba:aa:fe:1c:30:80:0f:39:bd:0a:76:d2:bf:2a:55:5d:15: 0d:36:65:71:6b:78:17:23:24:35:6d:3d:32:90:c6:bb:63:77: 7f:7a:d0:11:c7:7a:6f:be:f9:47:6a:6f:b9:2f:df:f4:f3:6a: c4:f7:72:8b:14:6f:4c:08:f4:20:3c:fb:92:06:7e:7b:29:e5: f1:f0:61:4e:88:42:ce:bd:f3:4c:38:9d:9a:e7:15:88:af:a7: 0f:e4:15:be:dd:d3:77:45:fa:64:64:9b:c0:89:c6:7f:50:e3: e0:18:56:5d:1b:33:53:a2:54:eb:b3:bf:63:43:e6:b5:ee:9f: 0b:ca:bd:8b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUxMDE4MTkyNzIxWhcNMjUxMDI1MTkyNzIxWjAYMRYwFAYD VQQDEw02OGYzZWExOS03NjdmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyEHS2auHUu5hHmf8HbEkjUYaY0MrWJgTTpzVAPPKUwhVIC42JcL2bx+khBFZ 1Mj1FN830xHgt9pPBjiB38g5jn5gUg5vfJuY0SuLw7d3BS5+sWn3OA3nwlQCGQMI zUdMqWEcnbo9Tv0SZCcHqxwsGxd4x+Aph2mPR1RYe48BqFNUle+GSIkVq5p8Al0E 2NPy0YmDhVofqsvMKSl6WNQl7qa1vwvHQuOn8yHRv7o6p2OB1hUQUlQ1b6F8QnEd DtabJmZmEFrqMsiRO5rE3XN1GflXygOMQpAtSLvcCkXCIO9z/81FPaVFfOCLPZsl tQVG3oVlmM1Da/yd0EkiFAPV/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLe2siuy GzRc/lm75jiwlXtkliNuMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCVD2TCDl0ZMvYTs3sqtUD4h/BYKN5aooxaEqUaF2c5s1YE8XZryXG7 WlfPsSTcxxurtATnRWMpcWRG8IKzBQWRd/SPcCZAONafTCTZ1Cd0qV6uRhzse3UP Gs+3L86SePtsycAjvSohNiy987PXyRsjQtCEvXLEqc16SelG1Ywxuqr+HDCADzm9 CnbSvypVXRUNNmVxa3gXIyQ1bT0ykMa7Y3d/etARx3pvvvlHam+5L9/082rE93KL FG9MCPQgPPuSBn57KeXx8GFOiELOvfNMOJ2a5xWIr6cP5BW+3dN3RfpkZJvAicZ/ UOPgGFZdGzNTolTrs79jQ+a17p8Lyr2L -----END CERTIFICATE-----Generated at Sun Oct 19 23:32:48 2025 by rpki-client