$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: qb7oUIWOgoe9tyC5eTVbypSshzQ9R00adxzhGXZfv7w= Subject key identifier: 89:53:0F:95:25:CB:75:3F:D8:FF:DC:AF:C4:28:F9:57:6E:D2:81:5C Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0C35 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0C26 Signing time: Fri 22 Aug 2025 18:49:54 +0000 Manifest this update: Fri 22 Aug 2025 18:49:53 +0000 Manifest next update: Fri 29 Aug 2025 18:49:53 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: T86HM7JDf3DOxIlRvhWuKQ77pB3Z8HkqisHkG4IihCo=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: ckq5cjCEQ/2WL7JkGpSyoM0Cdw/OAtqMQAwrig1lc1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:49:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3125 (0xc35) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Aug 22 18:49:53 2025 GMT Not After : Aug 29 18:49:53 2025 GMT Subject: CN=68a8bbd2-3cfb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:de:d2:36:bd:0a:9f:43:83:4a:e6:4e:82:f2:76: d6:56:67:e9:79:cc:34:7a:b3:f2:71:ec:7a:cd:3f: 20:77:ff:90:ed:f9:79:06:5d:b6:a0:79:63:73:64: 19:58:79:a9:00:27:87:e1:3a:4c:14:60:4d:d5:61: 0b:a5:d7:20:d7:28:4c:16:1c:a5:48:9e:bd:1a:c0: 4c:67:d6:a4:c0:9b:1b:cd:54:ab:ea:d3:5f:f5:9e: 53:63:be:f2:b7:25:93:22:e5:27:10:be:92:9d:cf: 0f:63:a9:21:4e:c9:c2:ee:9e:de:10:4e:4c:c5:0c: 04:ba:8b:e0:81:f0:42:32:3a:c4:ec:02:de:fb:29: d8:5b:e5:a6:dc:fc:fc:04:32:63:d6:be:0a:73:0c: a7:28:66:39:4e:a5:d4:a5:71:39:38:07:ec:0b:85: 9a:cf:2b:9e:81:6f:4c:f3:0b:1f:14:db:8e:55:0f: 70:83:02:55:a3:9b:b4:fb:69:42:57:1c:24:e3:a2: f6:3a:e9:6b:94:31:38:6e:6a:b0:56:13:f0:cd:56: ca:7f:1a:e3:6d:cf:27:73:dc:12:f8:5c:2a:df:11: 5f:f5:14:01:ee:c0:53:c4:ea:c8:8c:ee:df:7b:1f: 8c:f4:e3:40:b0:60:e1:70:59:50:d7:49:51:0d:61: bc:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 89:53:0F:95:25:CB:75:3F:D8:FF:DC:AF:C4:28:F9:57:6E:D2:81:5C X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 75:e8:88:2b:19:f6:e6:7c:13:fd:59:19:ad:29:57:43:8a:e0: 9e:af:f7:8d:ac:90:41:a5:34:84:52:be:75:a2:ff:a1:30:14: 2e:e1:8a:11:a8:ef:d3:07:19:5b:a3:23:3a:32:55:44:d4:20: e5:22:80:7b:b9:be:5f:07:f6:5d:06:32:8c:fa:50:be:c7:38: 19:d0:8a:fc:65:7e:e0:a1:5a:ef:04:12:1c:99:40:db:77:20: 7c:f4:30:a1:fa:bd:01:3f:49:91:61:16:91:af:ce:e2:82:39: 4f:8b:20:c9:5b:00:80:0a:e7:a6:58:94:27:44:ed:94:37:23: 97:1f:0f:2e:77:d7:81:83:1c:91:29:14:1b:1d:8a:8f:28:ce: b4:cb:14:25:18:1c:43:69:ad:38:87:fe:ac:82:9e:ba:a0:33: 78:51:87:f2:de:ca:b6:91:08:d0:3d:0a:01:55:83:58:99:42: ee:0a:2b:18:35:cf:37:8a:34:bd:03:ce:62:2b:bd:9d:84:08: b6:41:c9:a5:42:82:06:54:f9:ff:79:98:fa:de:a4:29:eb:31: d0:8f:73:d5:45:38:be:f9:6f:ad:21:c4:3b:7a:05:da:38:55: 7d:e2:a0:3a:60:b9:ac:72:f4:5f:84:5c:6b:6c:81:48:d6:e6: 79:bc:97:6b -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDDUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUwODIyMTg0OTUzWhcNMjUwODI5MTg0OTUzWjAYMRYwFAYD VQQDEw02OGE4YmJkMi0zY2ZiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3tI2vQqfQ4NK5k6C8nbWVmfpecw0erPycex6zT8gd/+Q7fl5Bl22oHljc2QZ WHmpACeH4TpMFGBN1WELpdcg1yhMFhylSJ69GsBMZ9akwJsbzVSr6tNf9Z5TY77y tyWTIuUnEL6Snc8PY6khTsnC7p7eEE5MxQwEuovggfBCMjrE7ALe+ynYW+Wm3Pz8 BDJj1r4KcwynKGY5TqXUpXE5OAfsC4WazyuegW9M8wsfFNuOVQ9wgwJVo5u0+2lC Vxwk46L2OulrlDE4bmqwVhPwzVbKfxrjbc8nc9wS+Fwq3xFf9RQB7sBTxOrIjO7f ex+M9ONAsGDhcFlQ10lRDWG81wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIlTD5Ul y3U/2P/cr8Qo+Vdu0oFcMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB16IgrGfbmfBP9WRmtKVdDiuCer/eNrJBBpTSEUr51ov+hMBQu4YoR qO/TBxlboyM6MlVE1CDlIoB7ub5fB/ZdBjKM+lC+xzgZ0Ir8ZX7goVrvBBIcmUDb dyB89DCh+r0BP0mRYRaRr87igjlPiyDJWwCACuemWJQnRO2UNyOXHw8ud9eBgxyR KRQbHYqPKM60yxQlGBxDaa04h/6sgp66oDN4UYfy3sq2kQjQPQoBVYNYmULuCisY Nc83ijS9A85iK72dhAi2QcmlQoIGVPn/eZj63qQp6zHQj3PVRTi++W+tIcQ7egXa OFV94qA6YLmscvRfhFxrbIFI1uZ5vJdr -----END CERTIFICATE-----Generated at Sun Aug 24 03:12:05 2025 by rpki-client