$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: 9UaTvnxR//IMl57bxQbomUmHZfksTa6AQt64hW+faLQ= Subject key identifier: 39:4A:83:A2:B5:7B:85:EA:A7:C8:2B:30:4C:84:A1:D9:CD:75:6B:47 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 1350 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 1348 Signing time: Fri 22 Aug 2025 17:08:15 +0000 Manifest this update: Fri 22 Aug 2025 17:08:14 +0000 Manifest next update: Fri 29 Aug 2025 17:08:14 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: VmRnidfSqCkLpfI0SI7/clVd5OdbDngEs90xiXg/HU8=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: Uautv1XlrGIKG3uUq9YoWLtURxeqWmVrl93Jj3fy9ko=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 17:08:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4944 (0x1350) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC, serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: Aug 22 17:08:14 2025 GMT Not After : Aug 29 17:08:14 2025 GMT Subject: CN=68a8a3ff-38e9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:53:55:f5:47:f8:2b:cd:e4:b0:4d:73:6c:85: 3f:8c:c4:33:0f:75:52:d1:14:6b:1f:71:35:02:6b: 60:1c:46:e6:19:e8:73:c5:d9:f6:83:f7:2f:8a:ef: 61:b6:f4:8b:f3:92:17:a6:ba:da:ed:9c:96:86:85: d6:00:8e:a7:c8:f6:71:d7:dc:29:88:b9:1d:07:21: a7:99:79:aa:7e:37:0e:c5:e7:0c:d0:bc:53:43:6a: 72:26:70:96:dc:ad:ac:e6:5b:82:54:ee:1c:48:20: 45:91:1d:6e:79:58:fb:88:3a:86:66:87:b1:2c:07: 0c:c2:48:51:79:18:28:07:c7:2f:b1:44:7a:dc:02: b2:46:ef:21:1e:6d:85:d7:fe:61:36:bc:34:0e:4d: a2:d9:21:4a:69:fc:4a:59:0d:4d:19:d4:10:23:41: 38:9c:11:ff:db:ba:ed:2d:b8:41:73:88:50:7e:13: 04:39:71:9f:8a:b7:be:df:aa:37:c7:ac:8a:ff:bd: 78:0b:78:4c:21:70:6a:e8:27:80:3f:27:ec:c3:36: d3:05:3c:cf:23:26:04:1d:3c:13:89:f8:db:01:ea: a9:1b:1c:31:18:31:08:68:47:01:7e:9e:93:32:a7: 80:23:45:1e:2b:d4:9d:00:de:e4:58:ba:50:5d:a6: 4b:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 39:4A:83:A2:B5:7B:85:EA:A7:C8:2B:30:4C:84:A1:D9:CD:75:6B:47 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7d:5e:f1:1f:d2:52:9d:f0:d0:0b:bf:94:f4:0c:10:34:66:e8: 68:76:8a:82:c7:ad:92:b6:75:56:e3:45:6f:01:da:df:1f:7b: a4:f6:a5:d1:49:94:2b:dc:54:a7:62:84:52:59:1c:12:f5:2b: c3:5f:d1:fa:cd:6d:ae:7c:a3:f7:4b:30:b0:84:67:d7:a6:43: 9f:4d:1a:a3:ac:a4:fb:c9:66:db:c8:f5:db:5b:b0:33:17:96: 54:80:31:30:e4:2b:40:42:95:67:8f:6b:8e:aa:6a:3a:c3:91: 68:18:53:74:95:11:f3:ca:be:07:1c:41:15:3e:c0:e4:bb:d4: 82:67:28:c6:7b:eb:41:f6:91:dd:d5:a7:e1:62:fb:c3:ac:9c: ed:e7:7a:06:4e:09:47:ad:b6:36:c3:c5:6c:54:f0:01:01:70: 2c:02:da:fd:be:2e:28:71:a3:c1:44:03:03:34:ee:a4:e6:13: 05:fc:6d:f3:9c:4e:2f:9f:e2:47:68:05:53:6b:58:c7:2b:a4: 5b:de:e0:6f:ea:99:a4:1f:21:49:9e:4c:24:1c:72:33:6c:17: 8d:f7:dc:15:76:52:10:db:8c:3c:f0:f2:d4:7d:86:ba:e3:68: 3e:d2:63:c5:3a:6e:3d:dd:09:01:34:d5:6b:46:fd:a4:83:a6: 96:4f:a4:55 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE1AwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjUwODIyMTcwODE0WhcNMjUwODI5MTcwODE0WjAYMRYwFAYD VQQDEw02OGE4YTNmZi0zOGU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoVNV9Uf4K83ksE1zbIU/jMQzD3VS0RRrH3E1AmtgHEbmGehzxdn2g/cviu9h tvSL85IXprra7ZyWhoXWAI6nyPZx19wpiLkdByGnmXmqfjcOxecM0LxTQ2pyJnCW 3K2s5luCVO4cSCBFkR1ueVj7iDqGZoexLAcMwkhReRgoB8cvsUR63AKyRu8hHm2F 1/5hNrw0Dk2i2SFKafxKWQ1NGdQQI0E4nBH/27rtLbhBc4hQfhMEOXGfire+36o3 x6yK/714C3hMIXBq6CeAPyfswzbTBTzPIyYEHTwTifjbAeqpGxwxGDEIaEcBfp6T MqeAI0UeK9SdAN7kWLpQXaZL7QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDlKg6K1 e4Xqp8grMEyEodnNdWtHMB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB9XvEf0lKd8NALv5T0DBA0ZuhodoqCx62StnVW40VvAdrfH3uk9qXR SZQr3FSnYoRSWRwS9SvDX9H6zW2ufKP3SzCwhGfXpkOfTRqjrKT7yWbbyPXbW7Az F5ZUgDEw5CtAQpVnj2uOqmo6w5FoGFN0lRHzyr4HHEEVPsDku9SCZyjGe+tB9pHd 1afhYvvDrJzt53oGTglHrbY2w8VsVPABAXAsAtr9vi4ocaPBRAMDNO6k5hMF/G3z nE4vn+JHaAVTa1jHK6Rb3uBv6pmkHyFJnkwkHHIzbBeN99wVdlIQ24w88PLUfYa6 42g+0mPFOm493QkBNNVrRv2kg6aWT6RV -----END CERTIFICATE-----Generated at Sat Aug 23 22:22:14 2025 by rpki-client