$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: rG8mAETdXRLTctLMa3EzM6jEhsnSv5oQ3fQzofKGA3Q= Subject key identifier: 93:F3:19:AC:96:78:21:AF:31:D8:E6:45:9C:2A:3D:FD:F6:2A:33:D7 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0E0B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DEE Signing time: Tue 04 Nov 2025 17:57:21 +0000 Manifest this update: Tue 04 Nov 2025 17:57:20 +0000 Manifest next update: Tue 11 Nov 2025 17:57:20 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: CFa2BzcPnJf5iGRTMNwmGkTYneZ5xxt3wQaT9s5/cLw=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 17:57:20 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3595 (0xe0b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Nov 4 17:57:20 2025 GMT Not After : Nov 11 17:57:20 2025 GMT Subject: CN=690a3e80-a560 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:86:78:a3:05:5d:23:8a:64:b6:e0:fc:e2:89: 31:4d:80:94:98:18:1c:ad:3d:24:ed:15:f6:b7:58: e3:e6:31:f6:43:9d:6d:41:55:07:ed:46:ba:43:34: 58:e4:84:a3:a5:ad:49:f1:38:65:0a:76:a4:76:f8: a8:36:fd:5c:a2:35:a0:b3:2a:8f:b9:53:90:b6:a3: 98:89:32:3a:1a:0d:9b:a8:d9:0f:b7:3a:06:e1:a7: d8:3b:f2:aa:a4:16:fd:62:48:02:b8:5f:d4:2d:2f: 48:d5:b7:bf:f4:91:06:8d:cc:9f:ca:fe:7d:fb:b7: 9d:8e:c8:5d:53:39:d3:be:90:74:56:79:23:e9:e1: ba:12:e4:f0:4e:b2:5a:a8:d3:ad:f0:d9:76:b6:d3: 62:2a:4d:5a:d6:b1:3a:ce:ca:93:b8:17:38:1b:e8: f7:2a:7a:31:10:82:2a:78:0f:b9:17:24:e3:19:64: 42:e8:46:72:3c:38:38:fd:a8:a9:2f:b5:3d:b7:97: a0:1d:32:44:a7:74:52:6f:a5:5b:67:ae:7c:3a:07: 91:88:7c:d7:5c:64:bd:18:23:79:9b:e0:c8:a6:76: d7:3a:03:63:e2:cd:88:17:ce:e2:b8:06:41:30:b6: 6f:fd:c4:0f:41:1f:0d:57:67:55:63:99:1d:a3:90: 99:f3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 93:F3:19:AC:96:78:21:AF:31:D8:E6:45:9C:2A:3D:FD:F6:2A:33:D7 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b7:7a:8f:43:be:28:f7:43:a4:23:4c:e3:a9:47:97:50:0e:f7: 88:64:01:a8:a1:5d:2f:f4:49:1b:19:6e:a6:9d:ac:74:73:31: d6:54:08:6e:ec:9b:36:5d:71:79:7b:61:6e:86:44:e1:0a:ce: fb:aa:ff:7f:32:f4:aa:43:59:87:d3:43:c3:35:a7:89:b0:8b: 70:d3:3e:73:e7:81:18:05:89:b3:60:99:85:9e:db:4e:63:e1: 59:fa:d7:35:d5:0c:91:30:02:dd:77:8f:47:98:4c:7a:ad:aa: 21:91:07:a5:98:31:d3:4c:81:04:18:2e:18:16:9e:8b:2f:36: 33:04:fe:40:c4:f5:c2:ea:bf:c7:07:5b:14:3a:2b:f6:d7:0c: af:e7:73:fc:47:f8:7c:ac:45:ec:9b:cc:a4:53:e7:0a:eb:41: 62:86:2f:a2:c7:f5:3d:cf:76:a3:3a:b7:96:0e:bc:19:5b:b5: 9f:e7:ef:9f:cc:60:14:38:55:d2:c7:35:43:cd:a4:2c:62:21: 70:e8:5b:bf:81:38:13:e3:62:17:4a:28:e0:89:a9:fd:46:e5: ae:56:6e:2d:a9:57:5e:14:fe:e1:72:9a:ee:61:1c:25:6b:11: dd:37:0e:04:72:60:67:7b:cb:0e:75:fe:f4:04:6c:a2:ac:2e: a1:43:5a:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDgswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUxMTA0MTc1NzIwWhcNMjUxMTExMTc1NzIwWjAYMRYwFAYD VQQDEw02OTBhM2U4MC1hNTYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt4Z4owVdI4pktuD84okxTYCUmBgcrT0k7RX2t1jj5jH2Q51tQVUH7Ua6QzRY 5ISjpa1J8ThlCnakdvioNv1cojWgsyqPuVOQtqOYiTI6Gg2bqNkPtzoG4afYO/Kq pBb9YkgCuF/ULS9I1be/9JEGjcyfyv59+7edjshdUznTvpB0Vnkj6eG6EuTwTrJa qNOt8Nl2ttNiKk1a1rE6zsqTuBc4G+j3KnoxEIIqeA+5FyTjGWRC6EZyPDg4/aip L7U9t5egHTJEp3RSb6VbZ658OgeRiHzXXGS9GCN5m+DIpnbXOgNj4s2IF87iuAZB MLZv/cQPQR8NV2dVY5kdo5CZ8wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJPzGayW eCGvMdjmRZwqPf32KjPXMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC3eo9Dvij3Q6QjTOOpR5dQDveIZAGooV0v9EkbGW6mnax0czHWVAhu 7Js2XXF5e2FuhkThCs77qv9/MvSqQ1mH00PDNaeJsItw0z5z54EYBYmzYJmFnttO Y+FZ+tc11QyRMALdd49HmEx6raohkQelmDHTTIEEGC4YFp6LLzYzBP5AxPXC6r/H B1sUOiv21wyv53P8R/h8rEXsm8ykU+cK60Fihi+ix/U9z3ajOreWDrwZW7Wf5++f zGAUOFXSxzVDzaQsYiFw6Fu/gTgT42IXSijgian9RuWuVm4tqVdeFP7hcpruYRwl axHdNw4EcmBne8sOdf70BGyirC6hQ1pG -----END CERTIFICATE-----Generated at Wed Nov 5 15:44:07 2025 by rpki-client