$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft File: KKyX2Zh-eNvuncufA3NcKDvOGGI.mft (raw, json) Hash identifier: wKaETvAN0fFlQTD1DpeZZoN3D9mxYIrUZ5nHtFQfj7k= Subject key identifier: D9:24:B3:55:AB:F5:FF:06:CF:2A:D4:36:92:FF:57:02:09:D3:66:EF Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 0210 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft Manifest number: 020D Signing time: Wed 05 Nov 2025 02:24:06 +0000 Manifest this update: Wed 05 Nov 2025 02:24:05 +0000 Manifest next update: Wed 12 Nov 2025 02:24:05 +0000 Files and hashes: 1: KKyX2Zh-eNvuncufA3NcKDvOGGI.crl (hash: KkGoWA5Hi2I0e1yFPb+ogI2B73SpslHlLrMJbQ96ZN4=) 2: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (hash: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 02:24:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 528 (0x210) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: Nov 5 02:24:05 2025 GMT Not After : Nov 12 02:24:05 2025 GMT Subject: CN=690ab546-d2f4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:1b:6f:1a:d7:c9:92:8b:f6:e4:87:4a:fb:22: 2c:ec:99:1a:42:e4:25:cb:d8:50:6d:43:8b:d1:be: b5:aa:bd:d2:da:82:53:9b:67:ae:cf:57:f3:63:55: b0:79:0d:9c:41:6c:e1:6f:a9:59:b5:67:b9:f6:7b: 1f:c0:ec:0d:29:5b:a6:88:ff:fe:b0:3e:69:f8:52: 4a:06:e5:1f:21:4b:db:b7:26:54:87:5b:aa:9d:ac: 39:f9:33:2e:aa:86:69:06:41:35:f8:ad:c5:c3:73: 59:ab:41:c8:f1:d0:db:80:c1:c9:37:a7:88:6a:26: cc:f9:18:be:12:41:06:b6:0b:4a:9c:51:af:e1:93: 27:2b:2a:9a:bc:78:a6:cf:0f:3c:6f:31:9c:3d:f9: 9b:a9:e9:b2:be:21:51:83:ad:f3:07:7b:e1:8b:fd: 8f:e1:80:4d:f5:ba:ae:65:f3:47:54:d7:7d:ab:56: f0:6e:cc:39:d8:96:63:6f:6b:78:88:e3:0e:06:17: ce:33:a6:86:3f:67:52:de:36:a1:60:70:5b:ee:7c: 21:69:77:21:8a:64:8b:26:26:9e:8c:d5:75:78:27: 42:69:6b:15:c2:ef:93:96:59:17:71:65:25:d7:a0: 6d:f1:b9:00:f8:ff:26:95:02:7e:34:6f:b0:6e:ca: 37:cf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D9:24:B3:55:AB:F5:FF:06:CF:2A:D4:36:92:FF:57:02:09:D3:66:EF X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a5:24:77:61:95:aa:4b:a5:43:76:e3:b6:59:fc:d6:31:fd:89: c7:54:34:d9:6f:78:6b:80:71:ad:af:ee:bc:2e:30:a3:81:f1: a0:18:a1:c4:b4:db:ca:35:7b:4e:53:45:7b:80:f4:22:3d:d1: a4:af:68:e8:94:88:79:dd:e1:ca:fc:7c:cd:f0:3c:fc:97:a9: e4:51:94:7c:00:f8:cf:91:69:cc:1d:0a:1d:a6:a2:5d:3e:c7: a4:34:e8:fb:35:aa:bc:ef:5e:a0:9f:74:e6:e4:3f:43:e1:10: 6d:e6:62:55:34:a5:b0:a5:a1:6a:9e:e1:59:86:0f:bc:84:7b: 6c:e2:30:f7:0d:51:2d:ce:ae:7a:e2:69:a3:c6:99:c8:35:7d: 29:1d:ce:9a:5f:c2:9b:d8:4d:20:a3:7b:e1:6f:d9:fe:fc:a3: 28:b9:3d:c9:0c:19:fe:c4:94:28:de:db:53:f5:21:12:03:4d: 2f:e9:0a:87:1c:aa:43:ee:0b:70:5a:74:2c:c7:a2:27:bc:a5: 0c:67:b1:35:6a:7b:c9:20:17:72:47:a0:d8:85:cf:41:d4:2c: 6b:d1:db:31:8f:26:2d:51:5a:79:56:11:50:34:15:0b:bb:2b: 41:b7:c1:f3:7a:9d:2d:f8:07:82:51:67:96:f7:0f:28:63:37: 0b:e3:28:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAhAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUxMTA1MDIyNDA1WhcNMjUxMTEyMDIyNDA1WjAYMRYwFAYD VQQDEw02OTBhYjU0Ni1kMmY0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwhtvGtfJkov25IdK+yIs7JkaQuQly9hQbUOL0b61qr3S2oJTm2euz1fzY1Ww eQ2cQWzhb6lZtWe59nsfwOwNKVumiP/+sD5p+FJKBuUfIUvbtyZUh1uqnaw5+TMu qoZpBkE1+K3Fw3NZq0HI8dDbgMHJN6eIaibM+Ri+EkEGtgtKnFGv4ZMnKyqavHim zw88bzGcPfmbqemyviFRg63zB3vhi/2P4YBN9bquZfNHVNd9q1bwbsw52JZjb2t4 iOMOBhfOM6aGP2dS3jahYHBb7nwhaXchimSLJiaejNV1eCdCaWsVwu+TllkXcWUl 16Bt8bkA+P8mlQJ+NG+wbso3zwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNkks1Wr 9f8GzyrUNpL/VwIJ02bvMB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0JDMy83MDhFNkY2ODkyNjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVO dnVuY3VmQTNOY0tEdk9HR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQClJHdhlapLpUN247ZZ/NYx/YnHVDTZb3hrgHGtr+68LjCjgfGgGKHE tNvKNXtOU0V7gPQiPdGkr2jolIh53eHK/HzN8Dz8l6nkUZR8APjPkWnMHQodpqJd PsekNOj7Naq8716gn3Tm5D9D4RBt5mJVNKWwpaFqnuFZhg+8hHts4jD3DVEtzq56 4mmjxpnINX0pHc6aX8Kb2E0go3vhb9n+/KMouT3JDBn+xJQo3ttT9SESA00v6QqH HKpD7gtwWnQsx6InvKUMZ7E1anvJIBdyR6DYhc9B1Cxr0dsxjyYtUVp5VhFQNBUL uytBt8Hzep0t+AeCUWeW9w8oYzcL4ygK -----END CERTIFICATE-----Generated at Thu Nov 6 00:40:56 2025 by rpki-client