$ rpki-client -vvf rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft File: kB-Ykfv38n1Bah7gazGwFlquHcU.mft (raw, json) Hash identifier: GeBQ3KW47OA+TkG08C2UNDgaxfA+qrMgToglPFYi2QE= Subject key identifier: A0:99:18:C0:43:10:FF:F1:13:DB:CF:94:F5:D7:D8:D1:18:A4:60:96 Authority key identifier: 90:1F:98:91:FB:F7:F2:7D:41:6A:1E:E0:6B:31:B0:16:5A:AE:1D:C5 Certificate issuer: /CN=A9132D93/serialNumber=901F9891FBF7F27D416A1EE06B31B0165AAE1DC5 Certificate serial: 0437 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kB-Ykfv38n1Bah7gazGwFlquHcU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft Manifest number: 0433 Signing time: Wed 05 Nov 2025 00:22:48 +0000 Manifest this update: Wed 05 Nov 2025 00:22:47 +0000 Manifest next update: Wed 12 Nov 2025 00:22:47 +0000 Files and hashes: 1: kB-Ykfv38n1Bah7gazGwFlquHcU.crl (hash: KM3wBHtcBNGpV1UwSqneqVFEYwJxzT8wM5y6wF2nIaw=) 2: 4E0503CA7F3F11ECBB0EA972C4F9AE02.roa (hash: zGO+SfCUiN93pLbUpzCLUs56wrah6tVni3k+tYi9qSM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.crl rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kB-Ykfv38n1Bah7gazGwFlquHcU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 00:22:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1079 (0x437) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9132D93, serialNumber=901F9891FBF7F27D416A1EE06B31B0165AAE1DC5 Validity Not Before: Nov 5 00:22:47 2025 GMT Not After : Nov 12 00:22:47 2025 GMT Subject: CN=690a98d7-9442 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c4:07:ca:20:4f:af:97:56:90:1f:fb:f6:36:5c: 58:96:ea:bc:63:9b:39:01:fd:09:09:60:06:ab:e1: 6f:cb:37:1e:2d:19:d8:30:95:31:e8:68:28:06:86: 08:a1:08:71:93:d4:97:98:14:d9:28:32:ac:b7:25: e3:09:0f:31:27:b6:ca:27:7a:fe:52:e0:50:a1:4e: c1:80:26:de:02:ad:87:a2:bb:eb:d5:90:53:f8:63: 21:61:5b:cd:78:b4:79:f2:7e:3e:a9:a6:1b:74:1a: 98:e5:1f:40:88:13:0b:d1:06:c9:12:4a:79:a7:03: 48:aa:d2:fa:7d:d9:38:a4:87:30:9e:37:20:5c:20: 49:63:a0:c1:68:94:91:03:9f:c0:44:34:c2:09:00: 46:0b:d7:d5:35:ae:b3:e3:67:48:4b:66:31:7e:72: ff:8c:03:57:93:1f:08:e2:ab:2d:22:f0:46:15:24: 60:1c:20:37:62:eb:3d:8f:07:aa:7b:e3:a9:81:6c: 2f:36:40:c7:14:11:18:62:68:25:42:0f:87:86:ca: 18:3a:03:2b:ac:3f:c3:58:72:dd:d1:ff:ce:66:34: ac:2b:a8:a2:a3:0f:56:23:69:ad:fd:54:f5:ed:ef: cc:a1:1c:38:3e:9d:01:eb:65:76:fa:15:81:ba:f9: b9:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A0:99:18:C0:43:10:FF:F1:13:DB:CF:94:F5:D7:D8:D1:18:A4:60:96 X509v3 Authority Key Identifier: keyid:90:1F:98:91:FB:F7:F2:7D:41:6A:1E:E0:6B:31:B0:16:5A:AE:1D:C5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kB-Ykfv38n1Bah7gazGwFlquHcU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9132D93/0F874A747F3D11EC8A1DCC71C4F9AE02/kB-Ykfv38n1Bah7gazGwFlquHcU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 16:1a:fa:a1:91:e1:3d:c3:89:c0:a4:a9:7a:39:3b:f6:de:7e: e5:60:2c:b5:23:34:31:68:4b:af:bb:12:1a:04:62:cd:e6:7f: a9:2c:f3:bc:97:da:a1:10:2a:e4:db:7f:fa:4c:2e:38:08:fa: 87:f9:65:df:7b:12:55:56:14:15:75:bc:a3:4a:18:4f:0f:5a: 52:ea:22:19:99:a7:2b:0e:a8:2a:58:2c:8a:4b:66:ad:59:45: 01:d8:24:f5:e8:44:b6:8a:44:c2:4f:9d:cd:a6:da:e4:36:43: 9b:b7:17:e0:f6:92:dc:ae:d7:69:8b:76:c5:f3:9f:a7:d6:b9: a8:fb:3e:3e:25:3f:be:43:3e:68:e0:5e:22:fb:89:6b:f9:a6: 6d:d8:e5:05:ac:dc:a9:90:99:8d:54:2e:a4:6f:f6:04:04:82: e8:10:a9:5d:51:75:7e:8d:10:7f:56:b1:14:d7:25:31:8a:38: d2:dc:d0:e4:64:65:39:58:6c:01:62:a0:c9:ff:ee:64:f3:08: 22:d4:82:43:69:12:db:89:4f:46:48:09:cf:87:7b:62:dd:b1: f7:d9:cb:6d:04:ec:df:f8:49:95:93:f7:18:bc:c1:46:a3:8b: 72:b5:8e:7e:6b:4f:c2:49:f5:6b:19:ef:1a:12:b6:de:64:c6: d1:f0:26:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBDcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzJEOTMxMTAvBgNVBAUTKDkwMUY5ODkxRkJGN0YyN0Q0MTZBMUVFMDZCMzFCMDE2 NUFBRTFEQzUwHhcNMjUxMTA1MDAyMjQ3WhcNMjUxMTEyMDAyMjQ3WjAYMRYwFAYD VQQDEw02OTBhOThkNy05NDQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxAfKIE+vl1aQH/v2NlxYluq8Y5s5Af0JCWAGq+FvyzceLRnYMJUx6GgoBoYI oQhxk9SXmBTZKDKstyXjCQ8xJ7bKJ3r+UuBQoU7BgCbeAq2Horvr1ZBT+GMhYVvN eLR58n4+qaYbdBqY5R9AiBML0QbJEkp5pwNIqtL6fdk4pIcwnjcgXCBJY6DBaJSR A5/ARDTCCQBGC9fVNa6z42dIS2YxfnL/jANXkx8I4qstIvBGFSRgHCA3Yus9jweq e+OpgWwvNkDHFBEYYmglQg+HhsoYOgMrrD/DWHLd0f/OZjSsK6iiow9WI2mt/VT1 7e/MoRw4Pp0B62V2+hWBuvm5EwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKCZGMBD EP/xE9vPlPXX2NEYpGCWMB8GA1UdIwQYMBaAFJAfmJH79/J9QWoe4GsxsBZarh3F MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzMkQ5My8wRjg3NEE3NDdG M0QxMUVDOEExRENDNzFDNEY5QUUwMi9rQi1Za2Z2MzhuMUJhaDdnYXpHd0ZscXVI Y1UuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCLVlrZnYzOG4xQmFoN2dhekd3RmxxdUhjVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz MkQ5My8wRjg3NEE3NDdGM0QxMUVDOEExRENDNzFDNEY5QUUwMi9rQi1Za2Z2Mzhu MUJhaDdnYXpHd0ZscXVIY1UubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAWGvqhkeE9w4nApKl6OTv23n7lYCy1IzQxaEuvuxIaBGLN5n+pLPO8 l9qhECrk23/6TC44CPqH+WXfexJVVhQVdbyjShhPD1pS6iIZmacrDqgqWCyKS2at WUUB2CT16ES2ikTCT53NptrkNkObtxfg9pLcrtdpi3bF85+n1rmo+z4+JT++Qz5o 4F4i+4lr+aZt2OUFrNypkJmNVC6kb/YEBILoEKldUXV+jRB/VrEU1yUxijjS3NDk ZGU5WGwBYqDJ/+5k8wgi1IJDaRLbiU9GSAnPh3ti3bH32cttBOzf+EmVk/cYvMFG o4tytY5+a0/CSfVrGe8aErbeZMbR8CZH -----END CERTIFICATE-----Generated at Wed Nov 5 15:26:16 2025 by rpki-client