$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: R5RJ2TJOTQs0F3lo0ReftKVn3W+4p/wCa/4GBWkJNaE= Subject key identifier: 67:3B:A6:A7:A4:A8:4A:1C:23:B9:AF:16:0E:05:28:F0:31:B3:10:D1 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 0683 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 067D Signing time: Tue 04 Nov 2025 22:19:20 +0000 Manifest this update: Tue 04 Nov 2025 22:19:20 +0000 Manifest next update: Tue 11 Nov 2025 22:19:20 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: 4jhT5UTcImyJ6q7+uyjVugMo54sxExfDyDUyn4hJsn0=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:19:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1667 (0x683) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Nov 4 22:19:20 2025 GMT Not After : Nov 11 22:19:20 2025 GMT Subject: CN=690a7be8-bb43 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c6:f6:9f:9e:4f:5b:2f:e3:1d:f6:12:88:7d:81: 31:92:dd:fa:1d:7b:47:2c:4f:f3:82:a1:bc:27:77: 90:3e:96:2d:c5:3d:c3:a4:9f:7f:05:34:f0:92:df: 3d:9d:46:77:33:9e:fa:9b:6f:c7:e5:a4:55:df:76: ef:45:f9:fc:85:a6:4a:b0:41:8c:a8:9d:5c:13:d0: f0:93:bc:72:eb:67:fe:1d:e9:c7:5b:83:10:92:b4: f1:76:5e:b1:01:47:93:92:80:34:76:06:ad:85:b3: 26:d3:33:6f:0a:6e:74:42:13:b3:f7:4a:65:b2:3f: 2d:64:97:18:ed:62:98:34:f4:38:24:29:66:cd:5b: b0:87:93:c0:09:82:25:74:6a:86:a8:cc:4c:28:de: 5a:3b:0d:62:cd:42:fc:21:66:8c:c5:04:d3:4f:1d: de:c5:43:66:86:2a:c0:ab:4d:40:20:d8:41:e7:32: 6c:93:18:f5:52:d9:9a:f6:a6:98:a8:8d:4a:1d:9d: cc:61:fc:d0:14:42:34:46:05:8b:26:d1:59:61:bd: 80:e2:73:aa:00:fa:eb:a3:f9:10:15:ca:66:2a:fe: 8e:67:c4:16:35:4e:00:f5:fa:a7:01:e4:7a:c4:40: 3f:9c:49:0b:6d:91:6a:8d:13:54:2c:e7:22:b3:b1: b7:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:3B:A6:A7:A4:A8:4A:1C:23:B9:AF:16:0E:05:28:F0:31:B3:10:D1 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 31:bd:7d:fd:d2:71:2b:0e:75:25:65:d3:e6:e2:94:cc:fa:9e: ae:b6:10:22:56:31:b7:eb:78:2e:18:51:49:90:2c:8a:0a:b3: 3b:71:bc:74:e4:be:5c:6f:20:3b:a8:27:1c:f6:54:d0:5e:e5: 57:c8:7a:36:0d:50:ce:cd:95:d8:cd:f9:9b:97:b7:bd:12:d3: b3:4d:8d:39:c8:f6:de:2b:c8:a6:c0:d7:cb:b8:df:24:2d:0c: 00:9d:5f:97:f2:f8:7b:a8:2e:fc:f7:73:bd:8d:2f:ea:ea:c5: 31:50:a5:fb:f5:7a:df:4a:67:2c:54:e5:4e:e6:b7:13:09:c2: 47:40:fe:21:0f:e1:e2:f4:a5:a4:71:13:c0:18:f8:27:c2:de: d4:a2:1b:92:72:18:62:9a:89:42:02:33:14:17:14:b9:45:79: 7e:eb:60:64:1b:76:9d:56:28:3a:93:5b:22:7b:cb:ee:4a:f6: 5b:df:e9:a4:de:ed:ff:d1:bf:48:cd:b4:fb:b9:34:ea:89:45: 8f:11:64:8a:37:5f:80:8a:f3:c6:9a:0c:88:f0:b4:8a:a6:ca: 04:11:38:04:c5:c9:9b:f7:84:00:70:d6:83:5b:00:89:c7:05: 6c:33:94:fc:b9:56:30:3e:3e:b0:a6:f8:92:c0:61:28:cc:0b: 0c:7b:2c:fb -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBoMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUxMTA0MjIxOTIwWhcNMjUxMTExMjIxOTIwWjAYMRYwFAYD VQQDEw02OTBhN2JlOC1iYjQzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxvafnk9bL+Md9hKIfYExkt36HXtHLE/zgqG8J3eQPpYtxT3DpJ9/BTTwkt89 nUZ3M576m2/H5aRV33bvRfn8haZKsEGMqJ1cE9Dwk7xy62f+HenHW4MQkrTxdl6x AUeTkoA0dgathbMm0zNvCm50QhOz90plsj8tZJcY7WKYNPQ4JClmzVuwh5PACYIl dGqGqMxMKN5aOw1izUL8IWaMxQTTTx3exUNmhirAq01AINhB5zJskxj1Utma9qaY qI1KHZ3MYfzQFEI0RgWLJtFZYb2A4nOqAPrro/kQFcpmKv6OZ8QWNU4A9fqnAeR6 xEA/nEkLbZFqjRNULOcis7G3SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGc7pqek qEocI7mvFg4FKPAxsxDRMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAxvX390nErDnUlZdPm4pTM+p6uthAiVjG363guGFFJkCyKCrM7cbx0 5L5cbyA7qCcc9lTQXuVXyHo2DVDOzZXYzfmbl7e9EtOzTY05yPbeK8imwNfLuN8k LQwAnV+X8vh7qC7893O9jS/q6sUxUKX79XrfSmcsVOVO5rcTCcJHQP4hD+Hi9KWk cRPAGPgnwt7UohuSchhimolCAjMUFxS5RXl+62BkG3adVig6k1sie8vuSvZb3+mk 3u3/0b9IzbT7uTTqiUWPEWSKN1+AivPGmgyI8LSKpsoEETgExcmb94QAcNaDWwCJ xwVsM5T8uVYwPj6wpviSwGEozAsMeyz7 -----END CERTIFICATE-----Generated at Wed Nov 5 12:05:09 2025 by rpki-client