$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft File: KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json) Hash identifier: RFoBeH9zOx/mgHUnB1db275/Lin8YtiB9H/BrYrfWlI= Subject key identifier: F0:54:63:8A:6E:47:36:C0:AB:AD:62:E7:89:81:3F:05:58:8B:A8:93 Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF Certificate issuer: /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Certificate serial: 03B3 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft Manifest number: 03AD Signing time: Sat 23 Aug 2025 01:00:11 +0000 Manifest this update: Sat 23 Aug 2025 01:00:11 +0000 Manifest next update: Sat 30 Aug 2025 01:00:11 +0000 Files and hashes: 1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: JPw7HkbEFxkVvipb2QczaJfNvA+TWnIBg819mBpgPEM=) 2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: 3k13Zb4rUCPiQVhmHXmV79sBuRx9W6om0fkw2CRWuLk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:00:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 947 (0x3b3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911972D, serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Validity Not Before: Aug 23 01:00:11 2025 GMT Not After : Aug 30 01:00:11 2025 GMT Subject: CN=68a9129b-17d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:63:1d:34:b3:ef:fd:00:e4:a8:44:59:8e:36: 72:28:4d:14:78:17:3a:cc:ad:2e:97:b4:14:f0:2b: 55:13:91:df:d1:b4:bb:40:7e:4b:cb:fd:0a:71:03: 29:00:cc:a8:c3:81:31:03:93:9b:9c:3b:3d:4f:83: 25:56:39:26:ae:0a:0b:0d:d0:35:b6:78:6b:ee:c0: 55:a1:e1:97:81:d7:24:bd:99:8f:72:7f:e0:25:85: dd:fa:e7:35:d3:64:a7:df:6c:bd:32:20:53:b5:20: 9b:36:91:83:14:93:49:28:2b:08:53:76:75:b7:cb: f9:85:92:94:a6:2e:2b:d2:91:d8:c3:3a:35:ae:44: 29:fa:c2:7c:82:05:ad:49:de:0d:d3:ea:e9:f1:92: 51:d0:32:40:18:44:bf:40:0d:a1:c3:e8:16:b5:47: ed:0d:93:19:0c:34:53:d3:f5:d8:2d:0e:56:7d:ee: 25:9c:c7:8d:73:79:77:96:fd:20:94:7f:33:29:4a: ae:af:55:2f:5d:ba:4a:a0:5f:28:48:18:a9:b7:ec: 05:85:2d:6b:47:20:b2:a0:c4:22:33:6b:c3:c5:9d: b7:92:b3:ee:8b:aa:fb:91:7d:41:5c:5f:c7:a6:02: 19:13:c2:5b:83:46:7c:bd:3b:d8:5a:f9:eb:c4:dc: cb:01 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: F0:54:63:8A:6E:47:36:C0:AB:AD:62:E7:89:81:3F:05:58:8B:A8:93 X509v3 Authority Key Identifier: keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:0a:34:e6:aa:8f:c8:3c:59:38:50:f8:30:77:91:0f:0d:15: 82:ce:8a:da:02:a8:e7:b3:35:d3:23:74:59:52:a4:ec:0d:03: 45:3c:8c:b6:8d:2a:58:4e:56:4b:22:43:6e:b6:04:aa:5b:13: 42:5c:90:9b:fa:9f:ff:ad:db:5d:f6:f5:de:80:8d:af:cd:12: 76:d1:2b:3f:a5:0c:6b:f2:a3:0f:bd:0f:3e:18:46:3d:a7:14: fd:dd:b3:6c:90:0c:5c:97:00:8f:1b:f7:2d:7e:2a:30:bf:c8: 4c:21:5b:48:26:4e:ab:77:8c:5e:2e:b7:aa:d4:5a:0b:88:a3: 61:1f:bb:6d:f6:87:10:f8:e9:d0:80:be:b8:db:1e:13:fa:6c: 33:c3:5d:89:d9:cd:02:82:92:b1:7d:61:5b:38:fc:86:22:19: 6e:26:df:ae:a6:01:5e:11:c0:03:3d:8c:f8:59:4e:cc:c4:dd: 85:82:7d:a4:ca:13:2c:26:3f:c5:21:93:8d:9e:fa:8f:3a:be: 84:9c:42:8b:5d:ca:3b:06:ed:70:58:83:14:49:d4:84:1a:2a: b7:27:15:d2:d2:8d:f2:9c:17:fc:a1:a1:17:33:94:d3:5d:4a: 0f:b3:b9:5e:fb:9a:7d:76:1a:fc:cb:05:2e:80:eb:c9:1b:06: 80:4c:97:de -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA7MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4 NzExM0ExREYwHhcNMjUwODIzMDEwMDExWhcNMjUwODMwMDEwMDExWjAYMRYwFAYD VQQDEw02OGE5MTI5Yi0xN2Q3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsGMdNLPv/QDkqERZjjZyKE0UeBc6zK0ul7QU8CtVE5Hf0bS7QH5Ly/0KcQMp AMyow4ExA5ObnDs9T4MlVjkmrgoLDdA1tnhr7sBVoeGXgdckvZmPcn/gJYXd+uc1 02Sn32y9MiBTtSCbNpGDFJNJKCsIU3Z1t8v5hZKUpi4r0pHYwzo1rkQp+sJ8ggWt Sd4N0+rp8ZJR0DJAGES/QA2hw+gWtUftDZMZDDRT0/XYLQ5Wfe4lnMeNc3l3lv0g lH8zKUqur1UvXbpKoF8oSBipt+wFhS1rRyCyoMQiM2vDxZ23krPui6r7kX1BXF/H pgIZE8Jbg0Z8vTvYWvnrxNzLAQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPBUY4pu RzbAq61i54mBPwVYi6iTMB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2 ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9CjTmqo/IPFk4UPgwd5EPDRWCzoraAqjnszXTI3RZUqTsDQNFPIy2 jSpYTlZLIkNutgSqWxNCXJCb+p//rdtd9vXegI2vzRJ20Ss/pQxr8qMPvQ8+GEY9 pxT93bNskAxclwCPG/ctfiowv8hMIVtIJk6rd4xeLreq1FoLiKNhH7tt9ocQ+OnQ gL642x4T+mwzw12J2c0CgpKxfWFbOPyGIhluJt+upgFeEcADPYz4WU7MxN2Fgn2k yhMsJj/FIZONnvqPOr6EnEKLXco7Bu1wWIMUSdSEGiq3JxXS0o3ynBf8oaEXM5TT XUoPs7le+5p9dhr8ywUugOvJGwaATJfe -----END CERTIFICATE-----Generated at Sat Aug 23 20:37:36 2025 by rpki-client