$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: n7oy559cG1zfD+YG3Zz6+zFfAepHSJu1/k1hgpiP7Pk= Subject key identifier: EF:4B:E5:12:26:8E:D0:95:CF:18:B9:6D:FA:14:3E:F8:2C:27:1A:D4 Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 0654 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0648 Signing time: Tue 04 Nov 2025 16:07:15 +0000 Manifest this update: Tue 04 Nov 2025 16:07:15 +0000 Manifest next update: Tue 11 Nov 2025 16:07:15 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: sFbW5MAfC/uEVfkn7DBlMUMmciFsUTOkWDYWv6ZNjzY=) 2: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: JYcdT8gc4SSOPp9mZ4cChcf87lzFLOtfwrJ4fYMBet4=) 3: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: eSlTAoQ5k0fFKiHMdeu9X90T/rFtlTnA6Fx/5ofc1sU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 11 Nov 2025 16:07:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1620 (0x654) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Nov 4 16:07:15 2025 GMT Not After : Nov 11 16:07:15 2025 GMT Subject: CN=690a24b3-8e03 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ca:20:31:2a:ed:fa:e3:0d:12:2d:cc:79:47:82: 83:aa:ad:1c:4b:ba:cf:f6:83:9d:45:3a:05:ee:a2: 98:0b:a3:81:1a:17:51:17:ff:23:7c:64:35:39:03: a8:b6:9d:da:0c:4e:d4:79:e7:78:b7:fe:2c:6e:99: 5a:8b:c7:1f:81:ba:16:29:98:9e:b7:ef:34:f6:52: 39:27:5c:d9:12:61:8a:85:b5:19:3c:12:7a:63:d5: 20:33:fc:17:7a:ec:49:8a:06:82:f9:ff:8c:c4:2a: 4e:fa:ac:55:04:7a:4c:1d:50:ed:98:7c:a9:96:14: 1c:18:ba:f9:61:38:8f:13:16:4d:e4:6f:c7:61:67: 92:8f:41:a6:8c:61:79:52:6c:8a:ca:20:86:7d:1e: 94:86:1c:4a:d5:88:b5:d8:7c:be:c3:43:7b:0c:71: cd:f9:d4:bb:7b:40:1d:ac:c8:df:bd:53:c0:40:44: 86:c0:9a:23:a1:e1:93:3e:69:bd:a4:4d:6b:96:9c: 55:46:b7:9c:da:b6:75:ff:ae:08:ef:74:9e:43:de: 2b:b4:95:66:fe:a3:1d:8c:6d:40:b5:51:53:54:fe: ee:fb:ce:07:63:c3:94:81:0d:c1:c7:18:2b:89:52: c8:c7:64:7a:16:a7:5d:02:8f:82:c8:25:4c:6d:fe: ad:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EF:4B:E5:12:26:8E:D0:95:CF:18:B9:6D:FA:14:3E:F8:2C:27:1A:D4 X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 47:0c:df:56:2a:98:cb:31:d1:22:a3:09:01:6d:66:e4:a4:ea: 82:89:03:78:90:ce:2d:f3:cc:0a:fb:e1:a8:2e:0e:e5:a3:c2: 9a:6b:e0:b2:a4:41:5d:e6:33:43:f3:16:9e:b4:59:f5:a0:9e: f2:c2:9d:89:e7:7e:15:bf:2d:9e:d7:cc:09:51:7a:8e:a1:a4: 92:9a:12:cc:a0:72:86:4c:8a:5d:cd:a2:fa:7a:61:1b:01:9f: 33:7b:cc:e9:35:c6:fc:df:06:19:d0:06:7f:b2:77:5a:65:4c: e7:4f:52:d3:c7:88:6b:4d:7e:f3:63:2b:bc:1e:28:da:18:a4: 9d:26:f1:d4:33:40:50:8d:e5:7c:9b:58:cb:d0:6d:ff:7b:ee: 7b:6f:39:ad:a7:1f:92:af:9b:5d:dc:e9:db:cc:bf:ea:a9:6d: 64:98:f0:03:3f:39:eb:30:24:8e:b4:ab:d0:87:a0:de:7d:1f: e8:66:6a:2b:58:0b:69:d6:55:42:d9:5c:fe:fc:18:98:2d:09: cd:db:93:d6:8e:47:4d:92:c9:eb:cb:89:f3:98:36:70:72:e0: 39:98:c8:da:69:09:bb:ac:f8:f0:b2:a8:c4:7e:9f:92:5d:15: b5:c6:83:8d:b0:b8:e4:0b:22:da:5c:45:2d:b0:c6:28:fb:22: 3a:70:ec:ea -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjUxMTA0MTYwNzE1WhcNMjUxMTExMTYwNzE1WjAYMRYwFAYD VQQDEw02OTBhMjRiMy04ZTAzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyiAxKu364w0SLcx5R4KDqq0cS7rP9oOdRToF7qKYC6OBGhdRF/8jfGQ1OQOo tp3aDE7Ueed4t/4sbplai8cfgboWKZiet+809lI5J1zZEmGKhbUZPBJ6Y9UgM/wX euxJigaC+f+MxCpO+qxVBHpMHVDtmHyplhQcGLr5YTiPExZN5G/HYWeSj0GmjGF5 UmyKyiCGfR6UhhxK1Yi12Hy+w0N7DHHN+dS7e0AdrMjfvVPAQESGwJojoeGTPmm9 pE1rlpxVRrec2rZ1/64I73SeQ94rtJVm/qMdjG1AtVFTVP7u+84HY8OUgQ3Bxxgr iVLIx2R6FqddAo+CyCVMbf6t6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO9L5RIm jtCVzxi5bfoUPvgsJxrUMB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBHDN9WKpjLMdEiowkBbWbkpOqCiQN4kM4t88wK++GoLg7lo8Kaa+Cy pEFd5jND8xaetFn1oJ7ywp2J534Vvy2e18wJUXqOoaSSmhLMoHKGTIpdzaL6emEb AZ8ze8zpNcb83wYZ0AZ/sndaZUznT1LTx4hrTX7zYyu8HijaGKSdJvHUM0BQjeV8 m1jL0G3/e+57bzmtpx+Sr5td3OnbzL/qqW1kmPADPznrMCSOtKvQh6DefR/oZmor WAtp1lVC2Vz+/BiYLQnN25PWjkdNksnry4nzmDZwcuA5mMjaaQm7rPjwsqjEfp+S XRW1xoONsLjkCyLaXEUtsMYo+yI6cOzq -----END CERTIFICATE-----Generated at Wed Nov 5 21:10:39 2025 by rpki-client