$ rpki-client -vvf rpki.apnic.net/member_repository/A91393BE/7741614C52D311EFBAEDDC1EC4F9AE02/2kcnine73_Ktn5igEaKnoufNYNg.mft File: 2kcnine73_Ktn5igEaKnoufNYNg.mft (raw, json) Hash identifier: KfshlkpXG0GVAWR64o/+CtdgEQ1Aqhm7Cop5VX6wTbI= Subject key identifier: 43:F7:05:16:3B:B1:D7:E7:C2:1B:31:33:21:53:8A:3F:D2:8F:7F:23 Authority key identifier: DA:47:27:8A:77:BB:DF:F2:AD:9F:98:A0:11:A2:A7:A2:E7:CD:60:D8 Certificate issuer: /CN=A91393BE/serialNumber=DA47278A77BBDFF2AD9F98A011A2A7A2E7CD60D8 Certificate serial: CA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kcnine73_Ktn5igEaKnoufNYNg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91393BE/7741614C52D311EFBAEDDC1EC4F9AE02/2kcnine73_Ktn5igEaKnoufNYNg.mft Manifest number: C7 Signing time: Sat 23 Aug 2025 05:55:08 +0000 Manifest this update: Sat 23 Aug 2025 05:55:07 +0000 Manifest next update: Sat 30 Aug 2025 05:55:07 +0000 Files and hashes: 1: 2kcnine73_Ktn5igEaKnoufNYNg.crl (hash: txh5w5na4hqGk4/sdv884Z3EVe1gT/I3kDZifdXooLM=) 2: 05A966C652DB11EF990CB840C4F9AE02.roa (hash: uXZnZkbG2vzbvvdgakCXJGAe3jQgXul+4/g2eod9UgM=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91393BE/7741614C52D311EFBAEDDC1EC4F9AE02/2kcnine73_Ktn5igEaKnoufNYNg.crl rsync://rpki.apnic.net/member_repository/A91393BE/7741614C52D311EFBAEDDC1EC4F9AE02/2kcnine73_Ktn5igEaKnoufNYNg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kcnine73_Ktn5igEaKnoufNYNg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:55:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 202 (0xca) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91393BE, serialNumber=DA47278A77BBDFF2AD9F98A011A2A7A2E7CD60D8 Validity Not Before: Aug 23 05:55:07 2025 GMT Not After : Aug 30 05:55:07 2025 GMT Subject: CN=68a957bb-177e Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9c:7d:91:63:08:ab:08:54:4f:1d:c7:e7:9c:dd: 91:06:e8:b9:39:ab:35:d7:26:03:0f:01:e5:44:70: 11:47:c4:40:9c:da:45:87:9b:c8:75:85:3f:fb:bf: 4d:a4:3c:b4:50:d2:13:6d:54:42:44:e9:7a:6f:fa: dd:07:a1:51:d8:3b:05:d7:67:48:72:7e:0e:b6:72: ab:d9:37:2a:92:d6:ab:2e:d5:b0:b7:b6:ff:c2:b6: b8:4e:7e:f8:ea:6c:cd:ef:77:19:82:e4:4d:43:1b: ba:ab:01:a5:c1:33:72:b0:52:15:bb:5e:32:4b:0a: ea:b9:29:f7:54:50:46:2b:38:db:ee:f4:6d:37:10: ea:1d:67:b5:c6:7b:58:92:4f:59:f0:21:e4:88:67: bb:bb:b7:bd:bb:3e:0f:89:ee:15:70:4c:db:94:c8: 3f:18:f8:a8:75:77:4e:19:44:5c:35:fa:ea:3c:f1: 8a:47:c6:2f:ee:7f:95:ac:27:6d:4e:09:d6:b5:e6: d4:51:98:5f:11:25:c7:4e:00:4a:80:62:c5:9f:ac: 2f:0c:90:53:8f:da:72:03:83:71:e8:f7:b2:a4:f5: 2f:84:be:91:f5:2c:b7:46:4d:55:d8:52:54:b1:a9: be:db:b1:1e:2c:36:89:e3:fb:ed:38:21:48:68:b3: d0:bb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 43:F7:05:16:3B:B1:D7:E7:C2:1B:31:33:21:53:8A:3F:D2:8F:7F:23 X509v3 Authority Key Identifier: keyid:DA:47:27:8A:77:BB:DF:F2:AD:9F:98:A0:11:A2:A7:A2:E7:CD:60:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91393BE/7741614C52D311EFBAEDDC1EC4F9AE02/2kcnine73_Ktn5igEaKnoufNYNg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/2kcnine73_Ktn5igEaKnoufNYNg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91393BE/7741614C52D311EFBAEDDC1EC4F9AE02/2kcnine73_Ktn5igEaKnoufNYNg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 02:96:33:71:83:06:28:09:d5:54:0b:7c:11:e3:6f:e1:96:2a: b5:0e:1e:a2:95:ba:33:49:75:57:f4:36:1c:55:46:7f:21:42: 0a:6b:c4:0e:b9:32:b6:6a:35:e2:9b:f9:75:89:b3:d3:09:4b: df:da:d0:76:01:50:51:61:03:60:2f:db:fd:31:8e:16:96:70: e1:d2:cc:f4:99:86:cf:79:f7:82:65:b7:33:00:07:94:14:d4: a0:69:cf:65:8c:4a:7f:4f:6c:4b:1e:38:d2:5c:c2:4d:22:f8: 5b:3e:ec:e6:9d:d4:fe:ad:97:cb:b6:91:9d:a3:55:42:6b:09: 23:aa:4c:f1:da:67:46:9c:fc:58:80:45:01:54:1c:9c:7e:15: 24:43:ca:02:78:7c:73:8e:ec:c2:66:c9:07:12:f2:5c:88:3a: 44:fc:55:60:8b:98:fd:13:3c:3d:91:06:29:77:26:10:97:83: 22:fb:21:e4:8b:ba:fa:a1:8a:65:d5:5f:b8:29:05:4f:0e:cb: 27:59:9e:e4:e7:3f:3e:67:d1:62:78:94:3c:6a:f0:45:b1:9c: 35:d1:0b:3b:c5:09:cc:5c:c1:55:df:56:37:c0:67:81:37:94: f9:b4:45:cd:83:ee:e5:9e:bb:32:27:db:e5:a4:76:51:4b:3c: 90:9a:4c:b4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAMowDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MzkzQkUxMTAvBgNVBAUTKERBNDcyNzhBNzdCQkRGRjJBRDlGOThBMDExQTJBN0Ey RTdDRDYwRDgwHhcNMjUwODIzMDU1NTA3WhcNMjUwODMwMDU1NTA3WjAYMRYwFAYD VQQDEw02OGE5NTdiYi0xNzdlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnH2RYwirCFRPHcfnnN2RBui5Oas11yYDDwHlRHARR8RAnNpFh5vIdYU/+79N pDy0UNITbVRCROl6b/rdB6FR2DsF12dIcn4OtnKr2TcqktarLtWwt7b/wra4Tn74 6mzN73cZguRNQxu6qwGlwTNysFIVu14ySwrquSn3VFBGKzjb7vRtNxDqHWe1xntY kk9Z8CHkiGe7u7e9uz4Pie4VcEzblMg/GPiodXdOGURcNfrqPPGKR8Yv7n+VrCdt TgnWtebUUZhfESXHTgBKgGLFn6wvDJBTj9pyA4Nx6PeypPUvhL6R9Sy3Rk1V2FJU sam+27EeLDaJ4/vtOCFIaLPQuwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEP3BRY7 sdfnwhsxMyFTij/Sj38jMB8GA1UdIwQYMBaAFNpHJ4p3u9/yrZ+YoBGip6LnzWDY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEzOTNCRS83NzQxNjE0QzUy RDMxMUVGQkFFRERDMUVDNEY5QUUwMi8ya2NuaW5lNzNfS3RuNWlnRWFLbm91Zk5Z TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyLzJrY25pbmU3M19LdG41aWdFYUtub3VmTllOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEz OTNCRS83NzQxNjE0QzUyRDMxMUVGQkFFRERDMUVDNEY5QUUwMi8ya2NuaW5lNzNf S3RuNWlnRWFLbm91Zk5ZTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQACljNxgwYoCdVUC3wR42/hliq1Dh6ilbozSXVX9DYcVUZ/IUIKa8QO uTK2ajXim/l1ibPTCUvf2tB2AVBRYQNgL9v9MY4WlnDh0sz0mYbPefeCZbczAAeU FNSgac9ljEp/T2xLHjjSXMJNIvhbPuzmndT+rZfLtpGdo1VCawkjqkzx2mdGnPxY gEUBVBycfhUkQ8oCeHxzjuzCZskHEvJciDpE/FVgi5j9Ezw9kQYpdyYQl4Mi+yHk i7r6oYpl1V+4KQVPDssnWZ7k5z8+Z9FieJQ8avBFsZw10Qs7xQnMXMFV31Y3wGeB N5T5tEXNg+7lnrsyJ9vlpHZRSzyQmky0 -----END CERTIFICATE-----Generated at Sat Aug 23 19:38:41 2025 by rpki-client