$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft File: kFj-3Oxfh289_hYZQxnBRcnAzLU.mft (raw, json) Hash identifier: 1vBLC681TMqlTBmeUa1zGQTS7SyMPNdMhb/LGbb6yPg= Subject key identifier: 76:CE:B8:DD:02:F3:BC:4D:8B:09:D0:0D:A9:79:F7:D4:84:36:EA:2A Authority key identifier: 90:58:FE:DC:EC:5F:87:6F:3D:FE:16:19:43:19:C1:45:C9:C0:CC:B5 Certificate issuer: /CN=A9185B0F/serialNumber=9058FEDCEC5F876F3DFE16194319C145C9C0CCB5 Certificate serial: 06AC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft Manifest number: 06A7 Signing time: Tue 04 Nov 2025 22:20:44 +0000 Manifest this update: Tue 04 Nov 2025 22:20:43 +0000 Manifest next update: Tue 11 Nov 2025 22:20:43 +0000 Files and hashes: 1: kFj-3Oxfh289_hYZQxnBRcnAzLU.crl (hash: ogpxP7R/ol/AFifRg/vIV7X82nHSq+mnORlrb/clEOo=) 2: 25A7FE7E855211EB8DEDD812C4F9AE02.roa (hash: rH99d2UyS2BchbUPUbqFc9GOoYlWGp7hkjxEyr/ZGj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.crl rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 22:20:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1708 (0x6ac) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B0F, serialNumber=9058FEDCEC5F876F3DFE16194319C145C9C0CCB5 Validity Not Before: Nov 4 22:20:43 2025 GMT Not After : Nov 11 22:20:43 2025 GMT Subject: CN=690a7c3b-7292 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b6:ac:23:ee:4b:99:39:9c:f4:13:56:ba:96:8a: c1:91:68:72:27:cf:28:d2:23:0c:39:ef:2e:a7:41: 6d:dc:5d:74:b1:8f:79:cf:36:f6:58:12:59:d8:d0: ff:46:07:54:42:8a:67:d2:bf:d2:13:3c:d4:a0:21: 44:ff:9e:ce:7c:71:7a:2d:fa:d9:da:62:cc:68:24: 12:ec:cb:23:eb:b0:81:6b:7b:da:8b:4e:7c:c5:45: e2:d1:a1:33:47:3d:ed:62:e4:3e:c3:a1:cf:c2:55: cd:bf:b9:ff:06:e8:7a:43:51:9a:65:c4:ca:4d:c5: 45:00:fb:8a:6b:54:cf:87:7a:8a:7c:9d:a5:5b:49: f6:2d:19:89:49:af:19:81:26:7d:09:44:08:08:7a: 1a:ab:5e:4c:e9:61:b8:7b:9b:ab:23:c9:f6:c6:b1: 54:88:68:92:1c:cf:04:49:79:e7:f6:44:47:6f:a5: 26:3c:4c:bf:3d:9e:9d:84:63:a4:16:7a:92:61:b3: d6:75:6c:40:dc:1f:ea:e7:1b:2d:34:95:5e:ad:fd: f7:3c:07:66:af:bd:d5:79:dc:f1:a0:63:b9:8d:c7: 1e:18:73:6f:ad:3d:d6:8f:7a:13:23:49:26:5d:57: 13:ba:fb:20:7f:87:70:89:9c:fe:74:3c:2b:61:3d: fd:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:CE:B8:DD:02:F3:BC:4D:8B:09:D0:0D:A9:79:F7:D4:84:36:EA:2A X509v3 Authority Key Identifier: keyid:90:58:FE:DC:EC:5F:87:6F:3D:FE:16:19:43:19:C1:45:C9:C0:CC:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 81:ee:38:b2:b0:4a:12:84:61:de:c9:40:bf:dd:d2:ba:cb:76: 6d:17:66:81:26:fb:5e:e1:22:f8:54:6a:6a:64:da:6b:83:59: dc:59:c8:2b:e0:51:90:3e:88:b2:a5:65:ff:6a:fc:96:5e:6d: 3a:c4:b1:d2:7e:7d:bd:47:53:30:d6:d5:12:a6:d2:59:3c:21: 53:c9:b1:03:4e:f4:13:20:cd:c8:02:0f:46:9e:44:3d:f8:c3: 9b:a6:e7:21:f0:b0:46:49:db:71:ee:e9:97:ea:77:14:7f:91: 00:d4:93:7c:81:42:17:74:52:53:50:f9:11:9e:3e:be:4b:a3: 9b:3b:b5:de:3c:3d:9e:27:0c:b4:86:24:f5:81:85:c0:db:78: 2c:1b:14:a9:34:a2:b9:1f:b7:39:7f:8a:e5:61:c2:1c:5f:a2: af:07:59:88:c6:84:c3:4a:66:5f:01:c1:01:8f:46:f2:5e:ec: 21:55:71:b8:04:c3:fd:b4:3a:06:55:4b:ad:44:4d:c7:9f:00: 5d:72:e8:b9:f2:1b:98:80:d9:70:0a:63:c1:08:fa:e4:27:8f: a2:63:eb:78:93:20:95:55:da:fd:8a:6a:25:7c:3c:10:e4:5c: 22:3b:e4:a1:b6:f6:be:56:02:00:9d:45:1d:70:9c:db:b1:2f: 9a:65:2a:85 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBqwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCMEYxMTAvBgNVBAUTKDkwNThGRURDRUM1Rjg3NkYzREZFMTYxOTQzMTlDMTQ1 QzlDMENDQjUwHhcNMjUxMTA0MjIyMDQzWhcNMjUxMTExMjIyMDQzWjAYMRYwFAYD VQQDEw02OTBhN2MzYi03MjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtqwj7kuZOZz0E1a6lorBkWhyJ88o0iMMOe8up0Ft3F10sY95zzb2WBJZ2ND/ RgdUQopn0r/SEzzUoCFE/57OfHF6LfrZ2mLMaCQS7Msj67CBa3vai058xUXi0aEz Rz3tYuQ+w6HPwlXNv7n/Buh6Q1GaZcTKTcVFAPuKa1TPh3qKfJ2lW0n2LRmJSa8Z gSZ9CUQICHoaq15M6WG4e5urI8n2xrFUiGiSHM8ESXnn9kRHb6UmPEy/PZ6dhGOk FnqSYbPWdWxA3B/q5xstNJVerf33PAdmr73VedzxoGO5jcceGHNvrT3Wj3oTI0km XVcTuvsgf4dwiZz+dDwrYT39YQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHbOuN0C 87xNiwnQDal599SENuoqMB8GA1UdIwQYMBaAFJBY/tzsX4dvPf4WGUMZwUXJwMy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUIwRi81MkQwQTEyMDg1 NEUxMUVCQjc1QkIwMDlDNEY5QUUwMi9rRmotM094ZmgyODlfaFlaUXhuQlJjbkF6 TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tGai0zT3hmaDI4OV9oWVpReG5CUmNuQXpMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUIwRi81MkQwQTEyMDg1NEUxMUVCQjc1QkIwMDlDNEY5QUUwMi9rRmotM094Zmgy ODlfaFlaUXhuQlJjbkF6TFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCB7jiysEoShGHeyUC/3dK6y3ZtF2aBJvte4SL4VGpqZNprg1ncWcgr 4FGQPoiypWX/avyWXm06xLHSfn29R1Mw1tUSptJZPCFTybEDTvQTIM3IAg9GnkQ9 +MObpuch8LBGSdtx7umX6ncUf5EA1JN8gUIXdFJTUPkRnj6+S6ObO7XePD2eJwy0 hiT1gYXA23gsGxSpNKK5H7c5f4rlYcIcX6KvB1mIxoTDSmZfAcEBj0byXuwhVXG4 BMP9tDoGVUutRE3HnwBdcui58huYgNlwCmPBCPrkJ4+iY+t4kyCVVdr9imolfDwQ 5FwiO+Shtva+VgIAnUUdcJzbsS+aZSqF -----END CERTIFICATE-----Generated at Wed Nov 5 19:33:25 2025 by rpki-client