$ rpki-client -vvf rpki.apnic.net/member_repository/A91113A5/E57F35924B7711F0B1CB9E27C4F9AE02/kCG-_ztj7nJIuQ3apd2_p-MSHNk.mft File: kCG-_ztj7nJIuQ3apd2_p-MSHNk.mft (raw, json) Hash identifier: ngyHju8B/4GVHA3UuBkaNTNvOLx3/7jSJA6aG6zPBcA= Subject key identifier: 00:B9:8A:76:15:D3:CD:CA:81:D0:BE:F1:41:71:BB:A3:B8:28:A6:52 Authority key identifier: 90:21:BE:FF:3B:63:EE:72:48:B9:0D:DA:A5:DD:BF:A7:E3:12:1C:D9 Certificate issuer: /CN=A91113A5/serialNumber=9021BEFF3B63EE7248B90DDAA5DDBFA7E3121CD9 Certificate serial: 24 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kCG-_ztj7nJIuQ3apd2_p-MSHNk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91113A5/E57F35924B7711F0B1CB9E27C4F9AE02/kCG-_ztj7nJIuQ3apd2_p-MSHNk.mft Manifest number: 24 Signing time: Sat 23 Aug 2025 08:03:18 +0000 Manifest this update: Sat 23 Aug 2025 08:03:17 +0000 Manifest next update: Sat 30 Aug 2025 08:03:17 +0000 Files and hashes: 1: kCG-_ztj7nJIuQ3apd2_p-MSHNk.crl (hash: QESkswr5f43XIKZzU1ONSQIlb4/QE6HbaEG22gCBFyI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91113A5/E57F35924B7711F0B1CB9E27C4F9AE02/kCG-_ztj7nJIuQ3apd2_p-MSHNk.crl rsync://rpki.apnic.net/member_repository/A91113A5/E57F35924B7711F0B1CB9E27C4F9AE02/kCG-_ztj7nJIuQ3apd2_p-MSHNk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kCG-_ztj7nJIuQ3apd2_p-MSHNk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 08:03:17 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 36 (0x24) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91113A5, serialNumber=9021BEFF3B63EE7248B90DDAA5DDBFA7E3121CD9 Validity Not Before: Aug 23 08:03:17 2025 GMT Not After : Aug 30 08:03:17 2025 GMT Subject: CN=68a975c5-0486 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:37:f1:b7:d9:eb:c8:ff:fa:06:f3:be:27:b2: bd:c3:c8:62:86:46:21:a9:8f:57:d1:31:50:14:e2: 80:98:6a:05:65:6a:f2:45:46:0c:88:63:27:46:d2: a4:6f:8e:15:5a:c0:b4:0b:20:55:57:b1:86:d4:27: 52:cb:04:24:6e:6e:7b:95:da:13:96:13:be:fb:dd: 82:08:b4:e4:36:89:c5:98:11:d9:d5:dc:99:08:ff: dc:23:98:a4:ed:d8:09:8c:bf:60:3f:9e:a9:f8:f9: be:23:2b:cc:52:dc:41:2e:d2:94:26:5d:3a:e7:7e: 01:8e:d9:f5:2a:2f:5d:f2:19:59:99:cd:a1:8b:a8: a4:7e:a2:aa:67:81:9c:d0:d2:6a:05:ae:d2:cc:47: d4:d5:4d:4e:b2:d2:2b:eb:2a:71:a1:f3:df:58:5c: 1d:ff:65:d6:b7:6e:97:d6:0d:25:d4:ab:8d:e1:64: b8:5a:43:3d:8a:88:57:ce:c0:91:81:8f:dd:22:93: 15:80:47:03:c6:cf:f3:69:57:85:11:eb:b0:d1:c8: 8a:52:58:31:ce:8b:e3:13:42:d6:26:81:21:f4:8b: 38:50:3e:66:d3:57:4e:9e:34:63:1b:8d:fe:b8:df: b2:8e:2f:af:75:ff:d6:92:be:1f:e8:e8:c2:62:09: 3e:db Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:B9:8A:76:15:D3:CD:CA:81:D0:BE:F1:41:71:BB:A3:B8:28:A6:52 X509v3 Authority Key Identifier: keyid:90:21:BE:FF:3B:63:EE:72:48:B9:0D:DA:A5:DD:BF:A7:E3:12:1C:D9 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91113A5/E57F35924B7711F0B1CB9E27C4F9AE02/kCG-_ztj7nJIuQ3apd2_p-MSHNk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kCG-_ztj7nJIuQ3apd2_p-MSHNk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91113A5/E57F35924B7711F0B1CB9E27C4F9AE02/kCG-_ztj7nJIuQ3apd2_p-MSHNk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:98:7d:01:12:f2:05:43:6e:9d:b7:e4:5e:b3:aa:b7:08:0a: bc:c9:07:5c:0f:77:e5:ad:5d:8f:46:64:82:c7:6e:41:dc:b9: 64:8a:cb:f0:eb:df:75:35:80:57:fd:ab:2a:ac:a2:7e:9b:4f: 8d:10:fc:53:3e:ac:f1:b9:41:89:0b:89:92:aa:c0:2f:1b:63: 57:8d:3e:58:25:2c:7f:6e:a9:b9:67:9b:b7:de:b1:84:82:0d: 4e:ab:08:de:20:25:9a:d1:76:62:bb:b4:a0:1b:ee:35:ae:3f: ee:86:23:33:8d:73:76:34:05:e5:25:e1:2a:b9:9b:c6:be:7a: 47:e2:85:37:06:96:95:d3:80:7c:65:17:dd:f4:c3:25:36:66: a2:17:18:0b:33:b3:f7:f3:f5:56:85:9a:20:3b:d6:50:5b:45: a1:b2:26:42:4a:f2:4e:d3:d6:79:4e:ee:80:81:43:80:f8:58: 2a:ab:89:13:23:c9:1e:fa:9c:48:a9:16:e6:a1:61:c2:be:4e: ad:6e:74:27:79:5b:50:33:d7:b5:42:18:36:83:d2:c3:d8:ad: 3f:ad:ed:27:6d:70:dc:32:43:27:aa:fe:57:be:06:79:1b:a6: 65:7c:c7:d4:bc:48:68:b7:bb:ad:b0:ec:d4:06:8b:de:a1:d4: fb:19:85:c2 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTEx MTNBNTExMC8GA1UEBRMoOTAyMUJFRkYzQjYzRUU3MjQ4QjkwRERBQTVEREJGQTdF MzEyMUNEOTAeFw0yNTA4MjMwODAzMTdaFw0yNTA4MzAwODAzMTdaMBgxFjAUBgNV BAMTDTY4YTk3NWM1LTA0ODYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCnN/G32evI//oG874nsr3DyGKGRiGpj1fRMVAU4oCYagVlavJFRgyIYydG0qRv jhVawLQLIFVXsYbUJ1LLBCRubnuV2hOWE7773YIItOQ2icWYEdnV3JkI/9wjmKTt 2AmMv2A/nqn4+b4jK8xS3EEu0pQmXTrnfgGO2fUqL13yGVmZzaGLqKR+oqpngZzQ 0moFrtLMR9TVTU6y0ivrKnGh899YXB3/Zda3bpfWDSXUq43hZLhaQz2KiFfOwJGB j90ikxWARwPGz/NpV4UR67DRyIpSWDHOi+MTQtYmgSH0izhQPmbTV06eNGMbjf64 37KOL691/9aSvh/o6MJiCT7bAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUALmKdhXT zcqB0L7xQXG7o7goplIwHwYDVR0jBBgwFoAUkCG+/ztj7nJIuQ3apd2/p+MSHNkw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTExM0E1L0U1N0YzNTkyNEI3 NzExRjBCMUNCOUUyN0M0RjlBRTAyL2tDRy1fenRqN25KSXVRM2FwZDJfcC1NU0hO ay5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIva0NHLV96dGo3bkpJdVEzYXBkMl9wLU1TSE5rLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTEx M0E1L0U1N0YzNTkyNEI3NzExRjBCMUNCOUUyN0M0RjlBRTAyL2tDRy1fenRqN25K SXVRM2FwZDJfcC1NU0hOay5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBACeYfQES8gVDbp235F6zqrcICrzJB1wPd+WtXY9GZILHbkHcuWSKy/Dr 33U1gFf9qyqson6bT40Q/FM+rPG5QYkLiZKqwC8bY1eNPlglLH9uqblnm7fesYSC DU6rCN4gJZrRdmK7tKAb7jWuP+6GIzONc3Y0BeUl4Sq5m8a+ekfihTcGlpXTgHxl F930wyU2ZqIXGAszs/fz9VaFmiA71lBbRaGyJkJK8k7T1nlO7oCBQ4D4WCqriRMj yR76nEipFuahYcK+Tq1udCd5W1Az17VCGDaD0sPYrT+t7SdtcNwyQyeq/le+Bnkb pmV8x9S8SGi3u62w7NQGi96h1PsZhcI= -----END CERTIFICATE-----Generated at Sat Aug 23 20:24:10 2025 by rpki-client