$ rpki-client -vvf rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft File: KbaocCpK1kSocQZLZAet5JPmOo0.mft (raw, json) Hash identifier: k8hPY+D0CzWSeUI4kP3rFC/e9UoWCQdzFXyI6BOsacc= Subject key identifier: 05:6D:B1:DF:5A:82:E2:C0:29:B1:BC:A3:F3:C0:9B:1C:02:25:68:B0 Authority key identifier: 29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D Certificate issuer: /CN=A919EAF3/serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Certificate serial: 19E0 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft Manifest number: 19D1 Signing time: Tue 04 Nov 2025 16:28:05 +0000 Manifest this update: Tue 04 Nov 2025 16:28:05 +0000 Manifest next update: Tue 11 Nov 2025 16:28:05 +0000 Files and hashes: 1: KbaocCpK1kSocQZLZAet5JPmOo0.crl (hash: 2A1rTOR4lWjlGj1N75NX8+7odlIeKh+AoJ/ti5LvKaw=) 2: E7729178378211EF822BAA6EC4F9AE02.roa (hash: 9LBAFHVyWvEKSALgxe/WVtOrUQqJ4PPcHQSe6I3XcVM=) 3: 92AEE092378211EFAEB6B36DC4F9AE02.roa (hash: vof6OG8sAX0uHAvhetFYEpdSjwUJhtpp1UkP8lk0Gm0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:28:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 6624 (0x19e0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919EAF3, serialNumber=29B6A8702A4AD644A871064B6407ADE493E63A8D Validity Not Before: Nov 4 16:28:05 2025 GMT Not After : Nov 11 16:28:05 2025 GMT Subject: CN=690a2995-410d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:f9:19:a1:a2:a9:3c:ca:b2:1b:94:62:99:02: 3b:a5:47:da:71:e2:ac:84:c5:2b:a2:53:1e:1d:ba: 00:71:20:43:98:ce:9c:12:68:6f:11:a9:1f:8f:95: b0:3b:c8:e9:08:9d:96:54:9a:66:02:c7:7f:dc:03: a8:1f:b8:be:45:53:30:d4:30:d4:b1:01:44:6b:d6: 7c:09:0f:07:94:41:8f:5e:ff:bf:22:01:6e:76:15: 8f:3d:65:0d:d4:c7:0a:7a:4a:a1:f7:c9:07:3f:f1: 1e:29:72:6b:a8:73:56:9a:89:24:ec:67:8f:9d:e0: 5c:db:ee:e9:43:2c:51:b5:78:1d:72:4b:b0:50:6e: 55:82:f2:c4:de:48:c8:12:77:69:4f:5b:29:b0:c8: 1c:cd:f9:cc:95:59:ea:22:8b:de:38:f9:e5:be:8e: 44:07:e1:9e:fd:49:bd:9c:32:09:7c:18:9d:e0:89: 78:16:18:0d:a1:cd:9d:14:ce:1c:14:9f:35:51:fa: 55:28:b9:61:5c:a0:48:4c:dc:a3:e8:75:ed:45:dc: cc:c4:d4:65:73:14:95:a7:c6:29:35:ed:33:de:08: cc:8e:b7:2a:2c:ee:7e:c4:df:19:cb:8f:81:7a:e2: ef:04:8c:14:be:f7:3e:31:45:b1:a6:57:fd:bd:db: 37:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:6D:B1:DF:5A:82:E2:C0:29:B1:BC:A3:F3:C0:9B:1C:02:25:68:B0 X509v3 Authority Key Identifier: keyid:29:B6:A8:70:2A:4A:D6:44:A8:71:06:4B:64:07:AD:E4:93:E6:3A:8D X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KbaocCpK1kSocQZLZAet5JPmOo0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919EAF3/93BB502E6D1811E7A815DA80C4F9AE02/KbaocCpK1kSocQZLZAet5JPmOo0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 18:82:2a:5c:da:ca:c2:7b:4b:c7:76:68:cd:c9:fb:65:16:46: 50:7d:c9:10:d7:db:01:db:3a:ba:4d:9b:27:65:85:b7:41:9d: 4b:49:ed:aa:28:ef:ce:0f:10:05:f2:ce:59:88:f5:4d:cc:2e: 89:23:04:62:f2:8d:0e:75:37:41:17:54:26:44:06:ba:c8:8f: 07:d0:41:d7:c0:be:a6:4e:78:ba:3e:99:42:3c:6d:89:cd:24: e6:e0:9f:de:cc:c8:a9:95:da:9f:17:e0:e6:83:48:82:f4:2a: f7:f7:3e:00:73:7f:99:6a:bc:c9:30:e6:7d:9d:45:c2:b3:6d: 2b:44:6b:42:33:ab:e4:30:63:72:6e:bc:ba:80:58:ef:5b:9f: fa:ff:47:a0:fc:d1:ed:31:f6:4a:7e:7c:f6:f2:da:f6:03:50: 3d:18:5a:ac:ac:a1:ba:c7:73:0c:c5:cc:ad:13:94:ea:a7:b0: 79:f6:9b:6b:64:2b:dd:79:c4:14:77:6a:1a:d5:48:ec:1b:df: 23:ef:c9:e1:70:bd:42:ab:12:1f:7b:81:97:69:b9:fc:3f:99: 6e:1e:51:d4:e4:21:02:7d:7b:0f:6f:b9:87:6c:ba:b5:60:de: 76:f6:b5:33:0b:6a:09:eb:86:5b:b2:e0:d4:cd:75:79:07:35: 84:d7:49:38 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICGeAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUVBRjMxMTAvBgNVBAUTKDI5QjZBODcwMkE0QUQ2NDRBODcxMDY0QjY0MDdBREU0 OTNFNjNBOEQwHhcNMjUxMTA0MTYyODA1WhcNMjUxMTExMTYyODA1WjAYMRYwFAYD VQQDEw02OTBhMjk5NS00MTBkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyvkZoaKpPMqyG5RimQI7pUfaceKshMUrolMeHboAcSBDmM6cEmhvEakfj5Ww O8jpCJ2WVJpmAsd/3AOoH7i+RVMw1DDUsQFEa9Z8CQ8HlEGPXv+/IgFudhWPPWUN 1McKekqh98kHP/EeKXJrqHNWmokk7GePneBc2+7pQyxRtXgdckuwUG5VgvLE3kjI EndpT1spsMgczfnMlVnqIoveOPnlvo5EB+Ge/Um9nDIJfBid4Il4FhgNoc2dFM4c FJ81UfpVKLlhXKBITNyj6HXtRdzMxNRlcxSVp8YpNe0z3gjMjrcqLO5+xN8Zy4+B euLvBIwUvvc+MUWxplf9vds3uwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAVtsd9a guLAKbG8o/PAmxwCJWiwMB8GA1UdIwQYMBaAFCm2qHAqStZEqHEGS2QHreST5jqN MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5RUFGMy85M0JCNTAyRTZE MTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFrU29jUVpMWkFldDVKUG1P bzAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tiYW9jQ3BLMWtTb2NRWkxaQWV0NUpQbU9vMC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 RUFGMy85M0JCNTAyRTZEMTgxMUU3QTgxNURBODBDNEY5QUUwMi9LYmFvY0NwSzFr U29jUVpMWkFldDVKUG1PbzAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAYgipc2srCe0vHdmjNyftlFkZQfckQ19sB2zq6TZsnZYW3QZ1LSe2q KO/ODxAF8s5ZiPVNzC6JIwRi8o0OdTdBF1QmRAa6yI8H0EHXwL6mTni6PplCPG2J zSTm4J/ezMipldqfF+Dmg0iC9Cr39z4Ac3+ZarzJMOZ9nUXCs20rRGtCM6vkMGNy bry6gFjvW5/6/0eg/NHtMfZKfnz28tr2A1A9GFqsrKG6x3MMxcytE5Tqp7B59ptr ZCvdecQUd2oa1UjsG98j78nhcL1CqxIfe4GXabn8P5luHlHU5CECfXsPb7mHbLq1 YN529rUzC2oJ64ZbsuDUzXV5BzWE10k4 -----END CERTIFICATE-----Generated at Wed Nov 5 15:02:54 2025 by rpki-client