$ rpki-client -vvf rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft File: KcmzN9Z7DxREgXmLTVsNc9eIrys.mft (raw, json) Hash identifier: LG6xXyihyy9bPWgbEpNFJwNmWIsi/yeM5hkl0j+tmeM= Subject key identifier: E8:FC:41:17:D9:78:7A:A3:83:46:E5:91:7B:DB:00:3E:57:63:2C:50 Authority key identifier: 29:C9:B3:37:D6:7B:0F:14:44:81:79:8B:4D:5B:0D:73:D7:88:AF:2B Certificate issuer: /CN=A91608B2/serialNumber=29C9B337D67B0F144481798B4D5B0D73D788AF2B Certificate serial: 4C Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KcmzN9Z7DxREgXmLTVsNc9eIrys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft Manifest number: 4B Signing time: Mon 03 Nov 2025 07:20:06 +0000 Manifest this update: Mon 03 Nov 2025 07:20:05 +0000 Manifest next update: Mon 10 Nov 2025 07:20:05 +0000 Files and hashes: 1: KcmzN9Z7DxREgXmLTVsNc9eIrys.crl (hash: LGHq0LMKPFJlBi5+SitwN2HuYzVihAWd4lGtrLxlIis=) 2: 13B4125A4A5311F08B06EF0FC4F9AE02.roa (hash: JRzGJdFSse2irDcL+W7kuHv+w+d8AeO+g8YTYnBtHyU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.crl rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KcmzN9Z7DxREgXmLTVsNc9eIrys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 07:20:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 76 (0x4c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91608B2, serialNumber=29C9B337D67B0F144481798B4D5B0D73D788AF2B Validity Not Before: Nov 3 07:20:05 2025 GMT Not After : Nov 10 07:20:05 2025 GMT Subject: CN=690857a6-0bfd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b3:bc:2a:ba:e1:d4:d3:f1:e5:67:cd:9e:f4:e7: d7:a7:a9:a9:b6:7c:94:e1:1b:04:33:5d:c2:f2:b9: 03:e7:08:52:3f:7e:04:25:33:b4:48:39:00:ac:e8: f7:c3:d0:bf:6c:4c:6b:4e:9a:45:b4:56:b9:db:ed: 20:e9:ab:c6:26:76:09:3d:3c:6d:d2:0e:70:b8:db: 1d:57:c9:60:92:14:c6:da:d9:ff:c0:5e:31:e7:42: 09:6d:d0:b2:87:17:ab:9c:e4:69:6e:45:79:b2:ac: 82:c8:0e:7b:1a:d4:f7:88:fa:ce:5e:8f:1d:30:cd: 55:bd:e6:14:0d:f9:a5:36:7f:8c:01:24:57:5a:70: 36:f1:91:df:96:06:de:bc:56:f9:46:c8:cb:e4:11: 4e:b6:de:82:09:ac:a2:2a:e1:2e:4a:1c:bf:80:ba: c7:e8:c6:a2:98:e3:76:a0:e4:0a:b5:e0:77:6f:1c: a6:6d:51:a4:73:c9:08:09:c0:6c:e7:96:ff:57:b3: bb:67:1d:f5:e3:bd:84:63:0b:c2:41:e2:d3:ea:7c: ff:dd:c6:93:6a:c2:ed:49:07:8a:f2:5a:6f:25:47: 1d:c4:46:eb:cc:c1:72:27:1c:ea:21:da:7a:ac:86: 0f:28:eb:35:c3:46:cc:ea:9d:c8:85:9c:b3:24:2b: b5:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E8:FC:41:17:D9:78:7A:A3:83:46:E5:91:7B:DB:00:3E:57:63:2C:50 X509v3 Authority Key Identifier: keyid:29:C9:B3:37:D6:7B:0F:14:44:81:79:8B:4D:5B:0D:73:D7:88:AF:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KcmzN9Z7DxREgXmLTVsNc9eIrys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 51:4a:11:17:ab:da:96:2f:6a:f3:76:63:04:96:ba:89:7c:ef: 93:55:d6:a2:d2:e3:ae:ed:e0:79:15:10:fb:f8:8b:f5:e3:dc: 2a:c7:d3:68:63:53:ff:64:ef:11:92:9d:4a:35:b9:18:97:f5: 66:d1:58:07:74:b5:63:17:ee:4d:87:e3:d1:e3:d6:2c:62:2a: 97:a5:7a:2a:b1:41:10:6a:80:18:94:7f:60:a2:8d:d7:89:a1: 37:e6:b6:c5:ac:8d:d4:29:6c:05:67:56:2a:13:62:52:8c:17: a9:c2:ee:e2:08:3b:e3:00:a1:95:87:52:1e:98:19:03:b6:85: 75:f3:a1:b3:11:94:57:fc:46:3d:e5:4f:98:91:9a:74:d8:e7: 46:1b:fb:d3:23:6d:f2:ca:84:c3:0d:48:11:e8:2a:8a:4c:c6: 72:f3:79:ec:f6:57:11:e0:e5:58:ae:79:0a:3d:68:04:b8:6e: 86:f7:13:39:c8:4f:24:4f:f6:21:18:6c:8b:25:c7:40:82:c8: 99:58:be:1b:3b:d9:4e:6d:f9:a0:3e:fd:c7:6a:7b:14:24:89: 2e:87:99:39:42:2f:81:42:f7:13:c4:5b:55:bc:bf:e3:b7:c6: b5:df:3e:8f:f8:47:fc:46:3b:f5:c6:82:20:4e:95:f8:e8:1d: a0:7d:92:9c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBTDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MDhCMjExMC8GA1UEBRMoMjlDOUIzMzdENjdCMEYxNDQ0ODE3OThCNEQ1QjBENzNE Nzg4QUYyQjAeFw0yNTExMDMwNzIwMDVaFw0yNTExMTAwNzIwMDVaMBgxFjAUBgNV BAMTDTY5MDg1N2E2LTBiZmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCzvCq64dTT8eVnzZ7059enqam2fJThGwQzXcLyuQPnCFI/fgQlM7RIOQCs6PfD 0L9sTGtOmkW0Vrnb7SDpq8Ymdgk9PG3SDnC42x1XyWCSFMba2f/AXjHnQglt0LKH F6uc5GluRXmyrILIDnsa1PeI+s5ejx0wzVW95hQN+aU2f4wBJFdacDbxkd+WBt68 VvlGyMvkEU623oIJrKIq4S5KHL+AusfoxqKY43ag5Aq14HdvHKZtUaRzyQgJwGzn lv9Xs7tnHfXjvYRjC8JB4tPqfP/dxpNqwu1JB4ryWm8lRx3ERuvMwXInHOoh2nqs hg8o6zXDRszqnciFnLMkK7WhAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU6PxBF9l4 eqODRuWRe9sAPldjLFAwHwYDVR0jBBgwFoAUKcmzN9Z7DxREgXmLTVsNc9eIrysw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYwOEIyL0M5NUE0OUFFNEE1 MjExRjA5ODlENzAwRkM0RjlBRTAyL0tjbXpOOVo3RHhSRWdYbUxUVnNOYzllSXJ5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Ntek45WjdEeFJFZ1htTFRWc05jOWVJcnlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYw OEIyL0M5NUE0OUFFNEE1MjExRjA5ODlENzAwRkM0RjlBRTAyL0tjbXpOOVo3RHhS RWdYbUxUVnNOYzllSXJ5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAFFKERer2pYvavN2YwSWuol875NV1qLS467t4HkVEPv4i/Xj3CrH02hj U/9k7xGSnUo1uRiX9WbRWAd0tWMX7k2H49Hj1ixiKpeleiqxQRBqgBiUf2CijdeJ oTfmtsWsjdQpbAVnVioTYlKMF6nC7uIIO+MAoZWHUh6YGQO2hXXzobMRlFf8Rj3l T5iRmnTY50Yb+9MjbfLKhMMNSBHoKopMxnLzeez2VxHg5ViueQo9aAS4bob3EznI TyRP9iEYbIslx0CCyJlYvhs72U5t+aA+/cdqexQkiS6HmTlCL4FC9xPEW1W8v+O3 xrXfPo/4R/xGO/XGgiBOlfjoHaB9kpw= -----END CERTIFICATE-----Generated at Tue Nov 4 12:47:49 2025 by rpki-client