$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: rBSQJKaYtVt4u47YKVf0GzBCY4Up8nO5iGZn0LbF2xA= Subject key identifier: BD:8A:72:68:08:FF:9E:88:5D:75:65:3A:0B:AA:40:16:0B:BD:EC:80 Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 0165 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 0162 Signing time: Sat 09 Aug 2025 04:21:08 +0000 Manifest this update: Sat 09 Aug 2025 04:21:07 +0000 Manifest next update: Sat 16 Aug 2025 04:21:07 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: PmM0wPJBOi4pv23enAFYnVyyb8HE75bvNWkRBDMnek4=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: Pojppps22r3xRUUOYA4Lq5WqJQ1e2Svo0KKFdlUH1VY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 357 (0x165) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Aug 9 04:21:07 2025 GMT Not After : Aug 16 04:21:07 2025 GMT Subject: CN=6896ccb4-8a7b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:b7:d4:a9:a4:5c:19:39:14:df:93:85:f3:11: 3e:8e:b2:a2:a9:0c:3b:e5:08:be:43:d3:0d:0d:95: ed:af:3a:35:7c:02:9d:40:66:a7:77:8d:32:82:df: d8:28:3a:2c:5c:c8:06:55:e5:d3:cf:c2:29:4b:cf: 10:81:6c:99:16:01:db:fe:2a:8b:9e:fd:f2:e2:9e: 7c:0b:de:f2:24:94:2c:7e:96:8b:c8:94:3f:bb:91: b0:33:39:43:e1:fc:14:22:46:3d:dc:16:55:cd:ac: 40:ea:8e:13:a4:9d:c1:35:de:92:05:83:dc:c8:2b: d8:10:c5:a4:f4:b6:a9:ff:8e:3f:08:7e:f6:c9:a3: f4:e9:21:a9:e6:84:35:31:50:bd:71:4c:13:92:4c: 34:68:8f:65:59:ce:24:e1:b4:5d:c8:c9:e8:60:6f: 80:c7:58:3e:9d:75:7e:c2:5a:18:22:15:78:83:98: 38:e8:2d:ea:12:4e:a1:26:bd:c4:06:c7:8d:d1:18: 1c:57:a7:59:28:89:1a:1c:f5:4f:21:41:05:a6:43: b6:5f:5a:79:c9:b2:af:da:39:8e:b9:64:2c:a4:25: e0:11:3f:d0:de:08:6f:64:1d:8d:d3:11:f7:33:68: 5f:ab:03:60:0c:bf:9e:55:dd:28:21:96:45:2b:1b: 8e:d1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: BD:8A:72:68:08:FF:9E:88:5D:75:65:3A:0B:AA:40:16:0B:BD:EC:80 X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:d7:cc:f8:28:0d:1e:6c:6f:a2:a9:ad:78:d8:a5:ea:46:b8: d6:0e:8f:e6:33:ea:47:ee:04:4a:e6:9b:7f:0f:4d:c9:63:ac: 0f:fc:d0:55:d2:d7:06:ed:da:fe:f9:bc:77:5b:51:a1:21:bd: f8:9f:80:ab:19:a7:33:ad:91:97:db:34:71:e3:ff:e5:dc:ba: 3d:e1:96:0c:e4:7a:e4:ce:36:a0:d3:6a:b0:19:4d:a2:f0:4d: 20:2b:73:18:4e:c3:6b:9d:7f:30:f7:10:f3:82:5c:85:0c:df: da:43:f8:d2:a4:c8:1e:b9:31:38:10:3a:c2:ee:00:97:cb:6a: 5f:4f:e6:e0:77:14:b2:32:ae:8a:2a:86:0c:05:2b:b9:3d:5d: 13:97:ed:18:85:95:ce:68:52:1a:ef:a1:bd:7a:93:25:b6:0d: fe:a4:0c:78:32:e1:5f:14:0f:88:67:15:9c:fe:9c:7a:91:c2: d6:78:c0:67:75:06:d2:26:0b:92:6a:0b:69:a3:12:7c:94:f0: 2e:12:de:62:5e:4c:f0:cf:5e:66:44:cc:4e:2f:91:e6:a8:f7: 90:f2:9c:52:e9:33:3c:cf:8c:77:50:df:19:62:a2:46:07:2b: c4:fb:01:be:e9:59:cd:5a:bd:46:ee:92:dc:8d:c9:2a:a5:f8: b5:0d:0d:cd -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAWUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUwODA5MDQyMTA3WhcNMjUwODE2MDQyMTA3WjAYMRYwFAYD VQQDEw02ODk2Y2NiNC04YTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAx7fUqaRcGTkU35OF8xE+jrKiqQw75Qi+Q9MNDZXtrzo1fAKdQGand40ygt/Y KDosXMgGVeXTz8IpS88QgWyZFgHb/iqLnv3y4p58C97yJJQsfpaLyJQ/u5GwMzlD 4fwUIkY93BZVzaxA6o4TpJ3BNd6SBYPcyCvYEMWk9Lap/44/CH72yaP06SGp5oQ1 MVC9cUwTkkw0aI9lWc4k4bRdyMnoYG+Ax1g+nXV+wloYIhV4g5g46C3qEk6hJr3E BseN0RgcV6dZKIkaHPVPIUEFpkO2X1p5ybKv2jmOuWQspCXgET/Q3ghvZB2N0xH3 M2hfqwNgDL+eVd0oIZZFKxuO0QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFL2KcmgI /56IXXVlOguqQBYLveyAMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAa18z4KA0ebG+iqa142KXqRrjWDo/mM+pH7gRK5pt/D03JY6wP/NBV 0tcG7dr++bx3W1GhIb34n4CrGaczrZGX2zRx4//l3Lo94ZYM5Hrkzjag02qwGU2i 8E0gK3MYTsNrnX8w9xDzglyFDN/aQ/jSpMgeuTE4EDrC7gCXy2pfT+bgdxSyMq6K KoYMBSu5PV0Tl+0YhZXOaFIa76G9epMltg3+pAx4MuFfFA+IZxWc/px6kcLWeMBn dQbSJguSagtpoxJ8lPAuEt5iXkzwz15mRMxOL5HmqPeQ8pxS6TM8z4x3UN8ZYqJG ByvE+wG+6VnNWr1G7pLcjckqpfi1DQ3N -----END CERTIFICATE-----Generated at Sun Aug 10 19:00:02 2025 by rpki-client