$ rpki-client -vvf rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft File: KQX7MhK9YWRvt69jPqGiV7w6Pew.mft (raw, json) Hash identifier: QuSdi4wMGecNichHggdvwBdcE3ZGITWjIfXcLE+4A8Q= Subject key identifier: 08:48:7A:DF:8D:4F:3B:6A:EC:49:41:B7:F6:01:67:83:3A:94:A0:4F Authority key identifier: 29:05:FB:32:12:BD:61:64:6F:B7:AF:63:3E:A1:A2:57:BC:3A:3D:EC Certificate issuer: /CN=A9156971/serialNumber=2905FB3212BD61646FB7AF633EA1A257BC3A3DEC Certificate serial: 34E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft Manifest number: 34DC Signing time: Tue 04 Nov 2025 14:47:49 +0000 Manifest this update: Tue 04 Nov 2025 14:47:48 +0000 Manifest next update: Tue 11 Nov 2025 14:47:48 +0000 Files and hashes: 1: KQX7MhK9YWRvt69jPqGiV7w6Pew.crl (hash: gClPRcQjZCRyzpKXpNx8H+JS6KAtYJkDsMlgAIlzO+M=) 2: 4AF78A4AFEC611EF86B4765BC4F9AE02.roa (hash: 4eibZFZxCBojQ0XF3++/6D4cGjzEkC+cfaewXmXRSYk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.crl rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 14:47:48 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13538 (0x34e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9156971, serialNumber=2905FB3212BD61646FB7AF633EA1A257BC3A3DEC Validity Not Before: Nov 4 14:47:48 2025 GMT Not After : Nov 11 14:47:48 2025 GMT Subject: CN=690a1214-14f0 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d7:7f:bf:d1:9c:22:1f:31:4b:19:65:59:bb:4c: ca:b6:b6:f4:ab:f0:8c:62:21:3c:2f:7b:c5:3a:44: be:05:af:d4:25:72:65:a9:e0:92:5c:3f:59:e3:3e: f0:ff:49:a0:4f:d9:e1:30:d3:0e:bd:73:78:e6:65: cc:5c:af:bd:5e:2d:9e:6d:99:cc:83:e4:a4:c6:74: 42:44:4b:75:59:c1:3f:2e:fb:78:69:2a:fc:db:22: a4:72:25:0f:67:42:a2:16:e6:37:21:72:65:67:1b: c3:cf:18:22:dc:20:0b:cb:50:8a:e7:1d:e1:a9:67: 8a:b1:6a:46:38:00:4f:6b:7f:e9:3f:09:ca:0e:95: ae:96:e9:f7:39:bd:ac:b5:5e:d2:66:47:ac:9d:63: 72:ed:58:4e:7c:1b:09:0e:4c:89:12:cd:11:98:c3: 83:4b:7a:b5:96:4a:30:4b:21:03:f0:bd:a9:8d:27: a6:17:1b:0d:a3:a8:61:25:9f:d6:16:4b:84:ed:92: e3:22:fc:73:9c:d6:24:3b:69:3b:f0:e5:6e:58:4c: 8e:9e:23:20:71:2f:f0:cd:ac:7b:86:fb:14:2c:96: df:c5:c4:9b:95:e4:19:91:ad:c0:3a:c7:72:f1:e1: 99:58:79:a4:0f:1b:fa:5b:e5:0f:e8:38:a2:c8:ec: 27:93 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 08:48:7A:DF:8D:4F:3B:6A:EC:49:41:B7:F6:01:67:83:3A:94:A0:4F X509v3 Authority Key Identifier: keyid:29:05:FB:32:12:BD:61:64:6F:B7:AF:63:3E:A1:A2:57:BC:3A:3D:EC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQX7MhK9YWRvt69jPqGiV7w6Pew.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9156971/48C221861D9211E2ADB30BF508B02CD2/KQX7MhK9YWRvt69jPqGiV7w6Pew.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:19:23:3f:78:9f:b9:bb:c6:06:3c:3e:51:81:88:e4:e8:7b: 42:b4:28:ee:fb:8c:77:71:28:74:f4:41:80:f3:f1:8b:f1:5f: 36:b2:a7:3e:0a:35:31:c6:b2:fd:4b:ec:e7:03:d5:f2:00:27: 31:1c:f5:ec:62:1d:8f:65:7a:bf:de:76:46:46:46:e0:13:d7: d7:84:99:3c:b0:83:8b:c7:0a:5d:14:1d:1b:4b:cf:92:ba:6f: b4:65:e8:df:a0:f5:47:8d:e9:29:38:57:e2:af:a3:6b:04:ac: 0e:ec:db:f2:fe:cc:e8:4c:cf:3c:dc:38:a8:cd:86:82:98:cc: e5:bf:65:40:bf:d6:16:67:23:f3:4f:af:a4:44:47:93:b9:bc: 89:55:7b:26:de:ea:0c:d7:13:68:33:67:b6:32:03:bf:70:39: ca:df:b3:6b:01:b7:05:51:9b:9b:e6:de:d7:e0:ce:19:ec:47: 0c:1e:26:84:3c:f9:79:5b:e0:39:57:19:34:3d:3a:fa:11:54: 69:58:3a:d8:8f:25:5e:92:6b:08:74:38:bf:73:0b:36:58:4f: 86:7c:2f:6b:4a:e7:0b:d0:b5:e7:12:b2:2a:4f:22:ee:03:84: fe:7f:c4:f8:6d:9f:35:85:e3:cc:33:15:ad:34:39:7c:d6:af: b0:54:ef:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNOIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTY5NzExMTAvBgNVBAUTKDI5MDVGQjMyMTJCRDYxNjQ2RkI3QUY2MzNFQTFBMjU3 QkMzQTNERUMwHhcNMjUxMTA0MTQ0NzQ4WhcNMjUxMTExMTQ0NzQ4WjAYMRYwFAYD VQQDEw02OTBhMTIxNC0xNGYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA13+/0ZwiHzFLGWVZu0zKtrb0q/CMYiE8L3vFOkS+Ba/UJXJlqeCSXD9Z4z7w /0mgT9nhMNMOvXN45mXMXK+9Xi2ebZnMg+SkxnRCREt1WcE/Lvt4aSr82yKkciUP Z0KiFuY3IXJlZxvDzxgi3CALy1CK5x3hqWeKsWpGOABPa3/pPwnKDpWulun3Ob2s tV7SZkesnWNy7VhOfBsJDkyJEs0RmMODS3q1lkowSyED8L2pjSemFxsNo6hhJZ/W FkuE7ZLjIvxznNYkO2k78OVuWEyOniMgcS/wzax7hvsULJbfxcSbleQZka3AOsdy 8eGZWHmkDxv6W+UP6DiiyOwnkwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAhIet+N Tztq7ElBt/YBZ4M6lKBPMB8GA1UdIwQYMBaAFCkF+zISvWFkb7evYz6hole8Oj3s MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1Njk3MS80OEMyMjE4NjFE OTIxMUUyQURCMzBCRjUwOEIwMkNEMi9LUVg3TWhLOVlXUnZ0NjlqUHFHaVY3dzZQ ZXcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRWDdNaEs5WVdSdnQ2OWpQcUdpVjd3NlBldy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 Njk3MS80OEMyMjE4NjFEOTIxMUUyQURCMzBCRjUwOEIwMkNEMi9LUVg3TWhLOVlX UnZ0NjlqUHFHaVY3dzZQZXcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBfGSM/eJ+5u8YGPD5RgYjk6HtCtCju+4x3cSh09EGA8/GL8V82sqc+ CjUxxrL9S+znA9XyACcxHPXsYh2PZXq/3nZGRkbgE9fXhJk8sIOLxwpdFB0bS8+S um+0ZejfoPVHjekpOFfir6NrBKwO7Nvy/szoTM883DiozYaCmMzlv2VAv9YWZyPz T6+kREeTubyJVXsm3uoM1xNoM2e2MgO/cDnK37NrAbcFUZub5t7X4M4Z7EcMHiaE PPl5W+A5Vxk0PTr6EVRpWDrYjyVekmsIdDi/cws2WE+GfC9rSucL0LXnErIqTyLu A4T+f8T4bZ81hePMMxWtNDl81q+wVO8V -----END CERTIFICATE-----Generated at Wed Nov 5 08:03:03 2025 by rpki-client