$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft File: KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json) Hash identifier: 65AqCmEqga9fnmdCfbAIFO8n6oI/bSXcs/daU+fFI2s= Subject key identifier: D5:4C:BF:5B:71:E2:EA:77:6B:F0:13:13:F2:9E:F0:2C:4F:A7:94:20 Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF Certificate issuer: /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Certificate serial: 0396 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft Manifest number: 0391 Signing time: Thu 03 Jul 2025 01:12:11 +0000 Manifest this update: Thu 03 Jul 2025 01:12:11 +0000 Manifest next update: Thu 10 Jul 2025 01:12:11 +0000 Files and hashes: 1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: eHV8xv0c1THgOobBKo6WUuLvkTJKi6EI28MS9/W8/kk=) 2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: xmdlJLhBfyeauv2Ft4ug73ckVk3r1dVH2Fa5m4Eb/po=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 01:12:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 918 (0x396) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911972D, serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Validity Not Before: Jul 3 01:12:11 2025 GMT Not After : Jul 10 01:12:11 2025 GMT Subject: CN=6865d8eb-88d7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:a8:2f:43:9d:5f:4e:e1:68:2f:71:7f:8d:bc: 6c:e0:c8:f6:e8:5a:26:a9:5f:29:9e:34:fd:2d:c5: 06:47:fc:04:98:fd:a2:02:55:25:1e:12:c1:b9:ea: e3:ee:3b:12:08:fd:9d:98:23:c2:2d:a2:fd:05:d8: c1:5b:47:6b:a9:20:e3:98:81:a4:46:52:39:6e:3d: 1a:c5:91:13:7b:3c:a4:c7:d1:0e:cb:b0:25:b0:eb: a0:b2:c7:56:d0:bc:ff:07:97:61:a4:21:e6:9d:79: 28:15:12:13:9a:c7:21:1b:2c:ff:90:f2:7a:54:b2: 39:d2:c5:2e:0a:55:f6:fa:ea:97:8a:e3:ac:01:b7: 02:a6:09:6a:3b:e4:f4:b4:6e:17:c3:96:25:80:95: 1c:10:6b:e6:f4:6b:d5:39:61:fa:fa:8d:b2:98:cd: de:a5:a4:8a:1b:df:71:32:02:88:8b:52:1b:3d:48: 22:50:22:9b:7a:cd:f2:4c:7c:8f:0d:31:5e:23:83: 41:44:9b:5b:5f:d0:78:e6:ec:58:9b:da:78:93:85: f7:a4:1f:46:43:e3:ee:43:4c:fb:fd:10:cb:09:c1: 54:66:71:90:60:35:9a:0f:fc:f6:84:a1:f0:ce:98: b8:37:2c:5e:f1:c6:6e:c8:66:51:a5:0b:96:c4:f8: 57:53 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D5:4C:BF:5B:71:E2:EA:77:6B:F0:13:13:F2:9E:F0:2C:4F:A7:94:20 X509v3 Authority Key Identifier: keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:ee:e1:03:bd:4e:a4:85:e4:46:90:57:a6:f7:3b:d8:e6:bc: 63:f3:0d:39:b9:26:16:9c:de:34:fd:58:34:07:d6:11:ab:60: 40:20:7f:6b:1f:e2:70:bc:37:d3:ef:c0:ba:21:be:d4:0a:9c: 2b:a9:e4:aa:ad:c9:ee:6d:a6:f1:1f:f7:58:20:36:e4:53:7e: 83:6a:dc:39:90:4f:88:66:49:71:50:a7:99:b8:03:90:37:fd: ef:bc:10:04:f0:cf:49:4e:b4:b0:4e:fc:3e:af:30:81:31:46: f6:ec:53:65:c5:81:78:86:45:6e:f7:e1:d8:6f:1c:45:6d:4e: 34:d3:f9:3c:f6:2d:9d:a3:b1:71:5c:d1:ac:e0:e8:7a:94:1c: af:e6:83:a7:6e:30:5d:c4:96:b4:3d:0a:9c:64:27:3b:69:74: ee:87:c5:b7:f1:03:54:36:7e:a3:44:5a:fa:fa:c3:70:96:b7: 42:9a:d2:ec:b0:5e:49:48:4a:06:99:8e:89:37:c0:ae:b9:45: e9:93:a8:ee:06:ef:bd:54:04:07:fd:ab:ae:d0:ff:2d:3f:85: 6d:3b:7b:5f:1f:1a:69:fc:d0:10:46:9f:b0:fb:98:96:c4:4b: c0:1c:35:4c:4c:2d:91:80:63:ba:8d:97:9a:7c:69:20:a1:1e: 5c:8d:b9:40 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA5YwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4 NzExM0ExREYwHhcNMjUwNzAzMDExMjExWhcNMjUwNzEwMDExMjExWjAYMRYwFAYD VQQDEw02ODY1ZDhlYi04OGQ3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoqgvQ51fTuFoL3F/jbxs4Mj26FomqV8pnjT9LcUGR/wEmP2iAlUlHhLBuerj 7jsSCP2dmCPCLaL9BdjBW0drqSDjmIGkRlI5bj0axZETezykx9EOy7AlsOugssdW 0Lz/B5dhpCHmnXkoFRITmschGyz/kPJ6VLI50sUuClX2+uqXiuOsAbcCpglqO+T0 tG4Xw5YlgJUcEGvm9GvVOWH6+o2ymM3epaSKG99xMgKIi1IbPUgiUCKbes3yTHyP DTFeI4NBRJtbX9B45uxYm9p4k4X3pB9GQ+PuQ0z7/RDLCcFUZnGQYDWaD/z2hKHw zpi4Nyxe8cZuyGZRpQuWxPhXUwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNVMv1tx 4up3a/ATE/Ke8CxPp5QgMB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2 ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAf7uEDvU6kheRGkFem9zvY5rxj8w05uSYWnN40/Vg0B9YRq2BAIH9r H+JwvDfT78C6Ib7UCpwrqeSqrcnubabxH/dYIDbkU36Datw5kE+IZklxUKeZuAOQ N/3vvBAE8M9JTrSwTvw+rzCBMUb27FNlxYF4hkVu9+HYbxxFbU400/k89i2do7Fx XNGs4Oh6lByv5oOnbjBdxJa0PQqcZCc7aXTuh8W38QNUNn6jRFr6+sNwlrdCmtLs sF5JSEoGmY6JN8CuuUXpk6juBu+9VAQH/auu0P8tP4VtO3tfHxpp/NAQRp+w+5iW xEvAHDVMTC2RgGO6jZeafGkgoR5cjblA -----END CERTIFICATE-----Generated at Fri Jul 4 15:56:31 2025 by rpki-client