$ rpki-client -vvf rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft File: kzxM1thDXA-L4vUjRybWYQ9-2jo.mft (raw, json) Hash identifier: HUWeC55hAXWGU4nfQH+6acmoVLioGkxr9bSTzgoMQB4= Subject key identifier: 0C:5C:E8:98:CA:82:59:35:56:A4:AF:06:ED:7A:4A:F8:E9:0A:85:8C Authority key identifier: 93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A Certificate issuer: /CN=A918D0DE/serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Certificate serial: 0C5A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft Manifest number: 0C4B Signing time: Sun 02 Nov 2025 18:38:09 +0000 Manifest this update: Sun 02 Nov 2025 18:38:09 +0000 Manifest next update: Sun 09 Nov 2025 18:38:09 +0000 Files and hashes: 1: kzxM1thDXA-L4vUjRybWYQ9-2jo.crl (hash: xN+LwZrBogG1cqkIrXX9fGPxp3BQCyzquOpn2IvzxvA=) 2: 38FFAC50884411EDA212BC24C4F9AE02.roa (hash: ckq5cjCEQ/2WL7JkGpSyoM0Cdw/OAtqMQAwrig1lc1c=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 09 Nov 2025 18:38:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3162 (0xc5a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918D0DE, serialNumber=933C4CD6D8435C0F8BE2F5234726D6610F7EDA3A Validity Not Before: Nov 2 18:38:09 2025 GMT Not After : Nov 9 18:38:09 2025 GMT Subject: CN=6907a511-1563 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:c7:6f:f9:da:d2:98:e9:f9:e7:e2:e1:ff:79: 5c:96:38:49:a2:ca:02:21:80:46:aa:9d:5f:fa:66: 7d:e8:17:10:1b:eb:0e:e4:87:3f:28:ce:8c:53:e2: 97:15:31:b8:6f:df:f2:39:cf:e6:b0:38:9b:7c:ea: 26:ed:f9:3c:07:05:c1:f6:18:54:0c:a2:6e:26:53: 14:5a:6f:56:18:89:0c:f5:80:d5:7c:3e:ab:27:98: 94:0d:4e:20:a9:a9:95:6c:8e:57:4a:84:7e:2f:54: 30:97:44:3e:28:5d:d0:b5:be:a6:2c:84:e3:b8:79: b1:1c:d2:ae:d9:22:3b:4a:61:47:ce:a5:7e:63:04: 33:14:81:eb:4f:32:27:29:f2:09:e8:2d:6c:6e:2f: 3a:d1:18:1c:a8:f4:de:ab:e9:c5:5a:4a:72:03:45: 30:8e:d4:1a:98:ae:b2:2e:c6:07:0c:bb:c4:1c:4f: 4e:92:b4:a8:d9:fa:18:e9:1e:a1:18:e8:99:0a:d6: a6:98:f3:fa:42:f4:b9:72:00:77:0f:f5:d8:06:0b: 01:63:a8:af:c7:2f:b8:9d:74:83:b1:83:db:4c:95: 28:1f:11:b2:a0:9e:3f:a0:35:c9:e2:4c:c7:92:7c: e5:b4:5b:63:d3:ff:be:b4:4a:35:3a:5d:3e:47:98: c3:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0C:5C:E8:98:CA:82:59:35:56:A4:AF:06:ED:7A:4A:F8:E9:0A:85:8C X509v3 Authority Key Identifier: keyid:93:3C:4C:D6:D8:43:5C:0F:8B:E2:F5:23:47:26:D6:61:0F:7E:DA:3A X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzxM1thDXA-L4vUjRybWYQ9-2jo.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918D0DE/DA45D430152511EA80DBF009C4F9AE02/kzxM1thDXA-L4vUjRybWYQ9-2jo.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0a:b4:b3:25:a9:dd:12:fc:bc:3e:17:b0:8b:71:ff:3a:d4:c2: 35:dd:25:28:db:03:63:b4:3e:fd:cd:02:bf:65:f6:e4:df:ec: 84:ea:3d:ad:27:e1:78:eb:a3:e2:5e:31:0a:0c:94:0e:39:b1: 47:7e:dd:5b:e0:03:94:59:be:76:56:05:f2:8e:7b:53:fa:89: 56:22:da:40:0f:a6:e8:c9:3f:fa:61:80:2f:36:06:c3:6e:ad: 59:63:d7:36:b5:02:76:3a:cd:41:50:6c:b0:2e:a6:6b:cc:27: 81:fa:70:43:da:b7:0b:03:f7:50:d7:f5:03:67:a3:af:57:ad: 7a:ff:fe:37:9f:c3:3a:75:e2:d0:c7:b1:d7:51:71:0e:86:05: 1b:e7:eb:c4:cb:68:66:c7:f6:07:05:dd:24:cf:54:90:67:e6: d0:43:a5:ca:50:87:44:25:6b:e2:2e:db:75:1c:a3:66:e2:1b: 5c:c4:9d:fa:ef:99:c4:a6:4d:58:e4:b0:46:3d:58:f0:f4:a1: ce:e6:5e:37:84:84:e1:f4:c6:d6:fc:1c:1d:02:40:a7:a4:9d: 3e:bb:77:42:76:26:e1:b4:74:77:f6:d5:71:f4:5b:80:1f:d3: 59:00:3b:16:cb:75:36:3d:9d:06:d9:c7:88:7d:42:5f:1c:c3: 7a:f6:9f:8a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDFowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OEQwREUxMTAvBgNVBAUTKDkzM0M0Q0Q2RDg0MzVDMEY4QkUyRjUyMzQ3MjZENjYx MEY3RURBM0EwHhcNMjUxMTAyMTgzODA5WhcNMjUxMTA5MTgzODA5WjAYMRYwFAYD VQQDEw02OTA3YTUxMS0xNTYzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwcdv+drSmOn55+Lh/3lcljhJosoCIYBGqp1f+mZ96BcQG+sO5Ic/KM6MU+KX FTG4b9/yOc/msDibfOom7fk8BwXB9hhUDKJuJlMUWm9WGIkM9YDVfD6rJ5iUDU4g qamVbI5XSoR+L1Qwl0Q+KF3Qtb6mLITjuHmxHNKu2SI7SmFHzqV+YwQzFIHrTzIn KfIJ6C1sbi860RgcqPTeq+nFWkpyA0UwjtQamK6yLsYHDLvEHE9OkrSo2foY6R6h GOiZCtammPP6QvS5cgB3D/XYBgsBY6ivxy+4nXSDsYPbTJUoHxGyoJ4/oDXJ4kzH knzltFtj0/++tEo1Ol0+R5jD9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAxc6JjK glk1VqSvBu16SvjpCoWMMB8GA1UdIwQYMBaAFJM8TNbYQ1wPi+L1I0cm1mEPfto6 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4RDBERS9EQTQ1RDQzMDE1 MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhBLUw0dlVqUnliV1lROS0y am8uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6eE0xdGhEWEEtTDR2VWpSeWJXWVE5LTJqby5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 RDBERS9EQTQ1RDQzMDE1MjUxMUVBODBEQkYwMDlDNEY5QUUwMi9renhNMXRoRFhB LUw0dlVqUnliV1lROS0yam8ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAKtLMlqd0S/Lw+F7CLcf861MI13SUo2wNjtD79zQK/Zfbk3+yE6j2t J+F466PiXjEKDJQOObFHft1b4AOUWb52VgXyjntT+olWItpAD6boyT/6YYAvNgbD bq1ZY9c2tQJ2Os1BUGywLqZrzCeB+nBD2rcLA/dQ1/UDZ6OvV616//43n8M6deLQ x7HXUXEOhgUb5+vEy2hmx/YHBd0kz1SQZ+bQQ6XKUIdEJWviLtt1HKNm4htcxJ36 75nEpk1Y5LBGPVjw9KHO5l43hITh9MbW/BwdAkCnpJ0+u3dCdibhtHR39tVx9FuA H9NZADsWy3U2PZ0G2ceIfUJfHMN69p+K -----END CERTIFICATE-----Generated at Tue Nov 4 19:04:50 2025 by rpki-client