$ rpki-client -vvf rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft File: Khx4XL6-fNe6tToSO2BVhg9gfxg.mft (raw, json) Hash identifier: My9jALnOJFthoiDOnBj4SAPrUiLW3UT3xPiJB3tfub8= Subject key identifier: 1C:D2:60:02:EC:58:6E:F9:1F:F3:63:43:41:63:3E:EE:AD:21:E6:65 Authority key identifier: 2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18 Certificate issuer: /CN=A91D6AB2/serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18 Certificate serial: 087A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft Manifest number: 0CD3 Signing time: Sat 18 Oct 2025 21:44:56 +0000 Manifest this update: Sat 18 Oct 2025 21:44:55 +0000 Manifest next update: Sat 25 Oct 2025 21:44:55 +0000 Files and hashes: 1: Khx4XL6-fNe6tToSO2BVhg9gfxg.crl (hash: uSx+SvCYNxbI3p2iAiAZq4efe/y3tIxj2mH5a3oLtSU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.crl rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 25 Oct 2025 21:44:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2170 (0x87a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91D6AB2, serialNumber=2A1C785CBEBE7CD7BAB53A123B6055860F607F18 Validity Not Before: Oct 18 21:44:55 2025 GMT Not After : Oct 25 21:44:55 2025 GMT Subject: CN=68f40a58-dcbd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:a5:7e:c9:8b:8a:c9:91:1b:69:38:c8:97:8b: 82:13:b0:8f:20:89:8c:0a:38:67:e9:8b:0a:76:60: 43:8b:de:6e:33:67:1d:47:9d:90:da:0e:bf:88:d5: 58:43:52:46:9d:6c:60:8a:cd:5a:8f:6a:66:10:ec: aa:b0:71:31:66:8b:79:87:24:35:e3:19:b2:59:e1: 20:31:f4:2c:a8:98:48:f4:96:e5:cc:c3:5a:ce:8b: 14:9a:f8:42:15:51:6d:b6:5e:f2:4b:c9:08:d2:99: 80:ee:af:19:e4:f5:89:ec:42:ba:23:52:75:12:ba: 4c:c5:99:4b:35:e5:1b:98:a6:3e:ea:b0:fe:7b:46: b3:48:c5:79:92:3f:9c:01:a1:a8:18:f4:b7:9b:73: b3:9e:a8:d7:fc:a7:d5:7d:5b:49:35:5b:6b:bd:2f: 71:20:5e:9d:01:d2:4d:38:7f:da:54:10:a5:35:4f: dd:91:39:b1:79:67:00:84:4e:ef:00:0d:bd:92:16: f3:5d:d7:53:a9:bb:24:c1:17:c6:ba:c4:e9:e1:61: 6c:24:07:62:10:e8:9c:a8:d5:f5:3e:3e:21:00:2d: 78:d2:62:35:44:21:d6:57:6c:50:2a:f6:38:f3:cc: 63:63:b6:7d:ce:40:95:08:d2:9b:d1:95:b7:0e:d7: 44:b9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1C:D2:60:02:EC:58:6E:F9:1F:F3:63:43:41:63:3E:EE:AD:21:E6:65 X509v3 Authority Key Identifier: keyid:2A:1C:78:5C:BE:BE:7C:D7:BA:B5:3A:12:3B:60:55:86:0F:60:7F:18 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Khx4XL6-fNe6tToSO2BVhg9gfxg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91D6AB2/0AF2EAAACF7011EA8AE55D48C4F9AE02/Khx4XL6-fNe6tToSO2BVhg9gfxg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a4:b5:c6:a4:8e:0b:00:60:ce:d2:69:75:fd:52:09:32:8d:e4: 8b:f7:7f:e4:4a:dd:07:20:20:6c:6c:38:56:7f:d4:76:f0:de: 86:ff:97:30:81:c3:e6:0a:34:e9:6b:a6:af:31:1f:b9:e0:60: be:c3:9a:52:e4:2c:ff:fc:cd:d2:5f:4b:90:fa:8a:cd:41:9b: a9:b8:e1:e0:71:de:67:a4:1c:f0:8c:24:bc:05:86:15:d3:c9: c2:f7:53:f4:93:1d:3d:4c:30:0a:38:0a:c5:51:2f:d0:c4:ae: 46:d9:4f:9f:81:37:8f:ac:66:b6:0f:68:ec:d1:8b:9b:93:a2: 09:2c:49:84:b3:e8:d8:ef:e8:47:d2:ec:fd:88:d7:22:da:a3: fd:5e:de:f3:74:28:a7:a8:b6:19:f8:4d:e1:37:7f:83:2d:8f: 5f:09:2f:bf:36:42:d9:7c:d1:a6:83:d3:55:20:c0:50:fd:c3: fd:82:60:57:50:75:69:8d:a9:8d:17:3d:3d:a6:26:48:f7:8c: 74:3f:f4:e3:2e:67:8c:47:6b:c0:74:b7:58:c0:fb:3c:bc:e0: d1:c9:2a:63:77:da:56:a7:d6:bd:53:05:04:71:58:d5:07:44: b6:7f:79:21:76:67:01:cf:93:20:8f:8e:19:d8:99:3c:fc:df: 9c:5a:a6:ee -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCHowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RDZBQjIxMTAvBgNVBAUTKDJBMUM3ODVDQkVCRTdDRDdCQUI1M0ExMjNCNjA1NTg2 MEY2MDdGMTgwHhcNMjUxMDE4MjE0NDU1WhcNMjUxMDI1MjE0NDU1WjAYMRYwFAYD VQQDEw02OGY0MGE1OC1kY2JkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKV+yYuKyZEbaTjIl4uCE7CPIImMCjhn6YsKdmBDi95uM2cdR52Q2g6/iNVY Q1JGnWxgis1aj2pmEOyqsHExZot5hyQ14xmyWeEgMfQsqJhI9JblzMNazosUmvhC FVFttl7yS8kI0pmA7q8Z5PWJ7EK6I1J1ErpMxZlLNeUbmKY+6rD+e0azSMV5kj+c AaGoGPS3m3OznqjX/KfVfVtJNVtrvS9xIF6dAdJNOH/aVBClNU/dkTmxeWcAhE7v AA29khbzXddTqbskwRfGusTp4WFsJAdiEOicqNX1Pj4hAC140mI1RCHWV2xQKvY4 88xjY7Z9zkCVCNKb0ZW3DtdEuQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBzSYALs WG75H/NjQ0FjPu6tIeZlMB8GA1UdIwQYMBaAFCoceFy+vnzXurU6EjtgVYYPYH8Y MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFENkFCMi8wQUYyRUFBQUNG NzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2LWZOZTZ0VG9TTzJCVmhnOWdm eGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0toeDRYTDYtZk5lNnRUb1NPMkJWaGc5Z2Z4Zy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFE NkFCMi8wQUYyRUFBQUNGNzAxMUVBOEFFNTVENDhDNEY5QUUwMi9LaHg0WEw2LWZO ZTZ0VG9TTzJCVmhnOWdmeGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCktcakjgsAYM7SaXX9UgkyjeSL93/kSt0HICBsbDhWf9R28N6G/5cw gcPmCjTpa6avMR+54GC+w5pS5Cz//M3SX0uQ+orNQZupuOHgcd5npBzwjCS8BYYV 08nC91P0kx09TDAKOArFUS/QxK5G2U+fgTePrGa2D2js0Yubk6IJLEmEs+jY7+hH 0uz9iNci2qP9Xt7zdCinqLYZ+E3hN3+DLY9fCS+/NkLZfNGmg9NVIMBQ/cP9gmBX UHVpjamNFz09piZI94x0P/TjLmeMR2vAdLdYwPs8vODRySpjd9pWp9a9UwUEcVjV B0S2f3khdmcBz5Mgj44Z2Jk8/N+cWqbu -----END CERTIFICATE-----Generated at Mon Oct 20 09:41:22 2025 by rpki-client