$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: IAbOlypjs6VW0bTQGJC4VukjBfeu61P28hNUOGNxO8o= Subject key identifier: 33:A6:CC:53:FE:89:E1:DE:7C:4C:9D:DC:62:53:78:CA:52:4A:D1:63 Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 0194 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 0190 Signing time: Mon 03 Nov 2025 03:30:14 +0000 Manifest this update: Mon 03 Nov 2025 03:30:13 +0000 Manifest next update: Mon 10 Nov 2025 03:30:13 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: 7pUFhzaL877N68i7r/SMPFgHlyRuBwCD5TAmq37oq9E=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: E2MEy59tbIM1Maudg/5GMAqeAqrNk3TYYaN2opqqFDU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 10 Nov 2025 03:30:12 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 404 (0x194) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Nov 3 03:30:13 2025 GMT Not After : Nov 10 03:30:13 2025 GMT Subject: CN=690821c5-c021 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:aa:61:7f:48:99:ff:bc:39:e6:ab:eb:44:25:21: bc:0e:13:f6:f4:bd:5c:89:a3:76:1a:af:2e:b5:43: 1c:a4:c7:a2:b2:3a:49:33:e4:e2:86:c0:c2:ac:25: 06:09:69:85:2d:94:1c:62:f9:c9:c0:42:e2:6a:ef: d5:41:73:a4:2a:83:43:61:e4:f8:8d:02:e1:51:1b: 1b:9c:cb:6d:78:67:a6:e6:93:c3:41:cd:91:92:aa: 53:a7:b8:c5:92:82:b8:e7:94:62:12:25:19:42:f7: 18:58:b6:49:19:ca:82:25:61:9e:27:3f:bf:9e:bc: 7a:fc:18:a1:b3:ab:8e:be:1b:66:7d:f1:74:01:f2: 73:70:9e:a6:73:73:40:e6:dc:2e:a4:ae:63:50:19: 66:4f:29:01:4b:56:12:5d:19:83:e1:13:a8:a1:77: 61:25:d4:1e:d1:39:d8:af:d0:08:39:04:ed:e8:44: f9:eb:21:df:7e:42:bd:c1:44:96:40:71:ee:a2:86: c7:2d:6e:51:a7:97:77:6f:df:80:e4:8b:eb:e2:83: f3:4d:1d:dd:a9:c3:ae:1e:66:04:7e:74:7a:78:d4: 22:85:b2:46:79:90:52:08:7a:a1:63:d4:b0:de:9b: 33:9c:08:05:38:56:32:7b:60:e0:58:4c:ec:60:61: ed:b5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 33:A6:CC:53:FE:89:E1:DE:7C:4C:9D:DC:62:53:78:CA:52:4A:D1:63 X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 91:c6:51:94:e3:ce:8d:bd:68:c1:3c:1e:6a:22:2b:99:a0:46: 10:64:d5:97:07:13:40:e4:2f:63:30:c0:19:d8:55:4b:08:49: c6:a6:b3:90:ab:e8:bc:e0:56:e1:19:d5:3c:12:4a:95:57:00: 8c:ca:40:bf:ea:c7:35:b1:cc:04:5b:62:90:e5:ea:0f:8f:2d: 4b:24:3b:24:bc:ea:e2:3d:fb:82:a7:71:c0:ed:94:9c:0e:d1: d6:54:3e:08:6b:6d:54:b8:4c:27:b1:f0:80:ba:5e:e5:7b:50: fd:e6:07:be:67:14:ef:26:b7:a2:e4:85:89:e4:f1:b3:aa:01: 4e:ee:54:58:ea:76:b9:10:60:37:37:b1:f5:ab:af:22:77:26: e7:2e:7a:e0:2a:46:23:75:71:1d:7d:8e:51:f2:70:de:1c:4f: 3c:1f:33:ad:a0:10:8f:18:7a:49:18:d2:e2:4b:ed:71:4a:ae: e8:ba:97:ef:8c:8a:94:6f:cb:ae:4c:80:8a:da:4f:9f:fc:64: 9a:b3:fe:88:59:b8:de:b6:4e:d3:c4:90:a9:3f:d6:0f:d6:b3: 16:17:40:f1:d8:f5:fe:6f:af:fa:56:d6:9d:43:9a:c8:e2:ae: 14:1d:c7:2f:d9:0f:35:cc:ec:a6:1c:ae:a9:83:8c:fa:d6:13: 45:f9:31:31 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAZQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUxMTAzMDMzMDEzWhcNMjUxMTEwMDMzMDEzWjAYMRYwFAYD VQQDEw02OTA4MjFjNS1jMDIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAqmF/SJn/vDnmq+tEJSG8DhP29L1ciaN2Gq8utUMcpMeisjpJM+TihsDCrCUG CWmFLZQcYvnJwELiau/VQXOkKoNDYeT4jQLhURsbnMtteGem5pPDQc2RkqpTp7jF koK455RiEiUZQvcYWLZJGcqCJWGeJz+/nrx6/Bihs6uOvhtmffF0AfJzcJ6mc3NA 5twupK5jUBlmTykBS1YSXRmD4ROooXdhJdQe0TnYr9AIOQTt6ET56yHffkK9wUSW QHHuoobHLW5Rp5d3b9+A5Ivr4oPzTR3dqcOuHmYEfnR6eNQihbJGeZBSCHqhY9Sw 3psznAgFOFYye2DgWEzsYGHttQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDOmzFP+ ieHefEyd3GJTeMpSStFjMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCRxlGU486NvWjBPB5qIiuZoEYQZNWXBxNA5C9jMMAZ2FVLCEnGprOQ q+i84FbhGdU8EkqVVwCMykC/6sc1scwEW2KQ5eoPjy1LJDskvOriPfuCp3HA7ZSc DtHWVD4Ia21UuEwnsfCAul7le1D95ge+ZxTvJrei5IWJ5PGzqgFO7lRY6na5EGA3 N7H1q68idybnLnrgKkYjdXEdfY5R8nDeHE88HzOtoBCPGHpJGNLiS+1xSq7oupfv jIqUb8uuTICK2k+f/GSas/6IWbjetk7TxJCpP9YP1rMWF0Dx2PX+b6/6VtadQ5rI 4q4UHccv2Q81zOymHK6pg4z61hNF+TEx -----END CERTIFICATE-----Generated at Wed Nov 5 05:17:56 2025 by rpki-client