$ rpki-client -vvf rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft File: KyraxZ7M9jhPxeNj8GfDueKemaE.mft (raw, json) Hash identifier: YOqGdZIgWUM7KIYuefMb5Qfvx5ZQeHNr7+vzlfvVZJo= Subject key identifier: 66:61:E7:A8:04:AF:AB:16:C4:7A:78:04:D9:E9:B5:FF:BE:15:FD:E3 Authority key identifier: 2B:2A:DA:C5:9E:CC:F6:38:4F:C5:E3:63:F0:67:C3:B9:E2:9E:99:A1 Certificate issuer: /CN=A918A469/serialNumber=2B2ADAC59ECCF6384FC5E363F067C3B9E29E99A1 Certificate serial: 0128 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KyraxZ7M9jhPxeNj8GfDueKemaE.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft Manifest number: 0125 Signing time: Wed 05 Nov 2025 04:50:09 +0000 Manifest this update: Wed 05 Nov 2025 04:50:08 +0000 Manifest next update: Wed 12 Nov 2025 04:50:08 +0000 Files and hashes: 1: KyraxZ7M9jhPxeNj8GfDueKemaE.crl (hash: oWBRnRcPaaBb/KshN88PcoNzBaEZBajjI9w5yqmh/s8=) 2: 71B685ACF7E511EEBC67981CC4F9AE02.roa (hash: hnnfq71rK1ZIuAmUqIiiCmmEhX9P+SlsIzqCbG4sw9Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.crl rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KyraxZ7M9jhPxeNj8GfDueKemaE.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 12 Nov 2025 04:50:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 296 (0x128) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918A469, serialNumber=2B2ADAC59ECCF6384FC5E363F067C3B9E29E99A1 Validity Not Before: Nov 5 04:50:08 2025 GMT Not After : Nov 12 04:50:08 2025 GMT Subject: CN=690ad780-3876 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:07:7c:6b:c0:3c:5a:8d:f9:49:5b:7e:9c:63: 7a:67:a6:58:85:da:51:ab:df:64:8d:23:fd:91:21: f7:a0:38:44:1a:94:44:5a:dc:2e:07:6e:41:78:f7: 72:a6:61:ed:93:49:c4:59:c1:5f:be:ff:3c:0b:06: 1b:bf:6d:24:9c:6f:92:7a:90:ef:91:ed:0f:26:e9: 52:9d:00:dd:68:53:d3:99:60:57:36:11:a6:16:d0: 2c:32:3c:16:ad:90:19:00:f7:02:2d:a7:bc:2c:13: 2c:d5:bb:6f:a7:e7:45:47:82:1b:60:a8:3e:b7:06: e6:25:7f:ef:ee:80:6c:99:a5:e7:ef:fb:fe:c2:b7: 75:01:78:b8:9b:57:0e:cd:a4:a4:21:b9:6e:1f:6a: 38:3c:f0:01:2e:79:71:08:61:f5:dd:ae:2d:7c:4a: 3d:7e:43:0c:c7:9a:bf:5d:1e:01:80:8e:81:31:a8: 6a:d5:31:2a:ec:6a:36:80:96:e3:d3:f1:e0:9e:98: 96:e7:0f:d4:29:4f:8e:44:46:26:53:e5:5d:bc:fd: 85:93:2b:4e:46:b1:06:c4:d6:37:27:7f:2b:35:b0: 30:59:fb:33:d2:1b:89:e7:21:07:d7:e3:81:1b:1c: ea:4c:7e:94:b1:0e:10:7f:3f:51:0f:2c:54:bc:b7: 82:19 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 66:61:E7:A8:04:AF:AB:16:C4:7A:78:04:D9:E9:B5:FF:BE:15:FD:E3 X509v3 Authority Key Identifier: keyid:2B:2A:DA:C5:9E:CC:F6:38:4F:C5:E3:63:F0:67:C3:B9:E2:9E:99:A1 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KyraxZ7M9jhPxeNj8GfDueKemaE.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918A469/FF94E712F7E311EEB9A1291AC4F9AE02/KyraxZ7M9jhPxeNj8GfDueKemaE.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 3b:2b:de:a8:e4:c9:e7:95:9d:31:ab:99:4e:24:41:10:9a:dc: ff:15:4f:04:00:21:f5:c1:2b:70:f8:98:7d:ac:d0:d7:95:a9: ff:d5:8c:b5:7c:3b:a5:0f:83:29:b3:27:7b:cb:2e:32:4c:5d: 71:15:36:6a:1b:03:67:7f:2d:2c:10:73:fa:cf:95:a8:6b:91: 3f:06:6a:d2:51:71:68:cb:f2:4b:c8:6f:59:a0:22:11:9b:de: 98:26:ec:a5:5f:73:6c:f3:2f:00:a4:ec:3f:79:0f:70:b0:82: 1b:dc:11:58:8c:40:83:6e:65:c7:fe:e5:70:ed:41:62:e0:7d: 6e:39:f1:9c:a3:f1:da:58:2b:86:33:e7:7c:6b:f5:7a:93:97: 49:57:cc:b1:06:47:68:98:6a:e6:de:e0:1e:89:95:fd:7a:b9: d0:b2:61:58:28:b8:a3:9f:cc:9f:68:61:3f:1a:77:73:98:e7: ff:53:a2:ac:74:4d:9c:52:35:86:e1:bc:61:e9:6a:7b:48:ae: 41:da:0b:3f:a0:7c:f2:95:34:b9:29:bf:f6:d5:31:38:5c:e4: 44:cd:84:6a:5c:a9:7d:6c:69:4a:8e:1c:03:65:a3:21:69:f6: a7:d9:cb:0c:a8:7b:cf:27:57:a1:b5:3d:36:96:0a:0e:aa:fd: ff:5f:0d:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICASgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEE0NjkxMTAvBgNVBAUTKDJCMkFEQUM1OUVDQ0Y2Mzg0RkM1RTM2M0YwNjdDM0I5 RTI5RTk5QTEwHhcNMjUxMTA1MDQ1MDA4WhcNMjUxMTEyMDQ1MDA4WjAYMRYwFAYD VQQDEw02OTBhZDc4MC0zODc2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuQd8a8A8Wo35SVt+nGN6Z6ZYhdpRq99kjSP9kSH3oDhEGpREWtwuB25BePdy pmHtk0nEWcFfvv88CwYbv20knG+SepDvke0PJulSnQDdaFPTmWBXNhGmFtAsMjwW rZAZAPcCLae8LBMs1btvp+dFR4IbYKg+twbmJX/v7oBsmaXn7/v+wrd1AXi4m1cO zaSkIbluH2o4PPABLnlxCGH13a4tfEo9fkMMx5q/XR4BgI6BMahq1TEq7Go2gJbj 0/HgnpiW5w/UKU+OREYmU+VdvP2FkytORrEGxNY3J38rNbAwWfsz0huJ5yEH1+OB GxzqTH6UsQ4Qfz9RDyxUvLeCGQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGZh56gE r6sWxHp4BNnptf++Ff3jMB8GA1UdIwQYMBaAFCsq2sWezPY4T8XjY/Bnw7ninpmh MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4QTQ2OS9GRjk0RTcxMkY3 RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi9LeXJheFo3TTlqaFB4ZU5qOEdmRHVlS2Vt YUUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0t5cmF4WjdNOWpoUHhlTmo4R2ZEdWVLZW1hRS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 QTQ2OS9GRjk0RTcxMkY3RTMxMUVFQjlBMTI5MUFDNEY5QUUwMi9LeXJheFo3TTlq aFB4ZU5qOEdmRHVlS2VtYUUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA7K96o5MnnlZ0xq5lOJEEQmtz/FU8EACH1wStw+Jh9rNDXlan/1Yy1 fDulD4Mpsyd7yy4yTF1xFTZqGwNnfy0sEHP6z5Woa5E/BmrSUXFoy/JLyG9ZoCIR m96YJuylX3Ns8y8ApOw/eQ9wsIIb3BFYjECDbmXH/uVw7UFi4H1uOfGco/HaWCuG M+d8a/V6k5dJV8yxBkdomGrm3uAeiZX9ernQsmFYKLijn8yfaGE/GndzmOf/U6Ks dE2cUjWG4bxh6Wp7SK5B2gs/oHzylTS5Kb/21TE4XOREzYRqXKl9bGlKjhwDZaMh afan2csMqHvPJ1ehtT02lgoOqv3/Xw2y -----END CERTIFICATE-----Generated at Wed Nov 5 15:18:13 2025 by rpki-client