$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: 9R055GQbRhq9r8pGGYrG2QMFjbLiNLSf3Z2virCw7bY= Subject key identifier: 88:7A:58:1A:56:4E:3F:95:C3:0D:BA:E3:61:BD:E5:B3:6C:03:80:D4 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DE5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DC8 Signing time: Fri 22 Aug 2025 18:01:31 +0000 Manifest this update: Fri 22 Aug 2025 18:01:30 +0000 Manifest next update: Fri 29 Aug 2025 18:01:30 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: +l0DUdJnYg2Rg+ornPNfbKeWG8mVe3KPKzwPpEfulRE=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 18:01:30 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3557 (0xde5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Aug 22 18:01:30 2025 GMT Not After : Aug 29 18:01:30 2025 GMT Subject: CN=68a8b07b-0f77 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:9b:f7:40:5d:fe:db:65:d6:e0:66:a3:70:e5: bf:e9:87:16:e7:30:da:55:d5:6b:89:dd:b2:07:33: e0:69:2e:4a:16:cb:44:82:4d:f9:8a:f3:c9:62:82: 23:46:0a:32:20:a9:1b:c8:b9:51:19:48:44:c9:ff: 0f:71:d0:58:f8:13:e7:2a:90:b6:e1:a1:3f:cb:e0: e6:56:ec:a6:d7:f1:63:7d:0c:d1:c4:f7:ab:a8:ec: 08:ed:f4:32:b8:86:50:e6:a3:69:ce:88:19:fc:c4: 4d:b2:07:00:d9:17:94:72:8d:55:d5:66:38:7d:47: b7:88:a4:c5:16:9d:41:b9:30:be:7a:55:3c:f3:96: 40:8e:b5:ee:59:6d:c8:58:62:e1:35:b7:72:a6:ee: b4:c0:91:e5:b1:ab:7a:7c:94:af:3e:14:50:6d:12: 7e:2d:f9:88:f6:97:a0:70:2c:57:a0:8d:2b:49:fa: c6:34:13:75:36:29:16:5f:8f:c1:9f:d8:1f:55:70: 42:3f:4d:77:c7:96:b3:2f:a7:26:8a:db:75:6c:90: 72:27:39:53:80:8a:d7:72:f3:9a:8a:d3:c3:61:56: 54:41:2a:f5:07:b0:c0:b9:46:ff:18:e6:36:82:e5: e0:07:c1:12:90:f1:ea:56:5e:37:34:27:c0:46:6f: f2:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 88:7A:58:1A:56:4E:3F:95:C3:0D:BA:E3:61:BD:E5:B3:6C:03:80:D4 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 96:58:62:cd:9e:4d:97:77:6f:86:83:9a:05:17:20:b4:ba:14: f4:94:3e:37:29:0f:c8:5b:04:90:fb:43:38:2c:04:b4:0b:89: a7:13:d8:f5:53:52:82:2f:1d:be:e9:68:fb:2c:75:a5:5a:2e: 75:9c:ac:e3:da:df:28:b8:ea:d7:5e:6c:d7:16:5a:87:5d:dd: 1b:03:c5:14:2e:42:06:3d:f0:e3:3d:24:33:24:ce:39:90:57: 46:2a:7d:4f:2f:33:86:06:de:e4:1c:1c:93:f9:69:fc:e0:5c: 84:55:17:de:49:66:dc:45:c7:a8:7f:1f:a0:e4:53:29:1e:aa: 29:36:00:a4:af:9f:2f:7f:e7:dc:04:31:1e:fb:83:2f:43:86: fa:9b:ed:de:ae:cf:a1:2f:4b:47:cf:b1:79:9c:56:7f:f2:69: 19:7b:4e:c1:48:df:0a:a9:fc:0e:cc:99:62:9d:a9:87:6f:bb: c4:1d:75:05:f2:3c:bf:fb:0b:33:df:79:d6:98:5e:6f:67:7f: c2:53:ec:51:73:a8:8d:37:8f:b7:78:c6:32:09:d9:b5:c7:e3: 3c:75:2e:b9:71:a5:75:c4:3a:e0:19:c0:4d:60:11:39:85:40: bf:6a:a4:56:73:8a:d5:10:c9:1c:56:d7:16:77:f2:ba:c8:fc: ea:81:48:a0 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDeUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwODIyMTgwMTMwWhcNMjUwODI5MTgwMTMwWjAYMRYwFAYD VQQDEw02OGE4YjA3Yi0wZjc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA25v3QF3+22XW4GajcOW/6YcW5zDaVdVrid2yBzPgaS5KFstEgk35ivPJYoIj RgoyIKkbyLlRGUhEyf8PcdBY+BPnKpC24aE/y+DmVuym1/FjfQzRxPerqOwI7fQy uIZQ5qNpzogZ/MRNsgcA2ReUco1V1WY4fUe3iKTFFp1BuTC+elU885ZAjrXuWW3I WGLhNbdypu60wJHlsat6fJSvPhRQbRJ+LfmI9pegcCxXoI0rSfrGNBN1NikWX4/B n9gfVXBCP013x5azL6cmitt1bJByJzlTgIrXcvOaitPDYVZUQSr1B7DAuUb/GOY2 guXgB8ESkPHqVl43NCfARm/ybwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIh6WBpW Tj+Vww2642G95bNsA4DUMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCWWGLNnk2Xd2+Gg5oFFyC0uhT0lD43KQ/IWwSQ+0M4LAS0C4mnE9j1 U1KCLx2+6Wj7LHWlWi51nKzj2t8ouOrXXmzXFlqHXd0bA8UULkIGPfDjPSQzJM45 kFdGKn1PLzOGBt7kHByT+Wn84FyEVRfeSWbcRceofx+g5FMpHqopNgCkr58vf+fc BDEe+4MvQ4b6m+3ers+hL0tHz7F5nFZ/8mkZe07BSN8KqfwOzJlinamHb7vEHXUF 8jy/+wsz33nWmF5vZ3/CU+xRc6iNN4+3eMYyCdm1x+M8dS65caV1xDrgGcBNYBE5 hUC/aqRWc4rVEMkcVtcWd/K6yPzqgUig -----END CERTIFICATE-----Generated at Sat Aug 23 20:39:01 2025 by rpki-client