$ rpki-client -vvf rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft File: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft (raw, json) Hash identifier: +lkZEExZT7I+IXsXDsN41w26MOExAGFxtyvZIqusBbo= Subject key identifier: B1:97:6F:ED:47:C1:5F:E7:6E:35:CF:A9:6B:A1:08:FC:BF:3E:D9:5B Authority key identifier: 29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC Certificate issuer: /CN=A9152329/serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Certificate serial: 78 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft Manifest number: 77 Signing time: Thu 03 Jul 2025 07:01:08 +0000 Manifest this update: Thu 03 Jul 2025 07:01:07 +0000 Manifest next update: Thu 10 Jul 2025 07:01:07 +0000 Files and hashes: 1: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl (hash: Yx/L4wR0jufP0wLT3ZGoE124EtTsVXZp7jOAuA30Axc=) 2: 38161248A26911EFBF6D0319C4F9AE02.roa (hash: ask+BZFU8F8z7xA+3YaObHPYrB9zSG3srAnnNSVnzDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 120 (0x78) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152329, serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Validity Not Before: Jul 3 07:01:07 2025 GMT Not After : Jul 10 07:01:07 2025 GMT Subject: CN=68662ab3-885f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a2:8d:4c:1f:88:83:71:02:c1:f4:c9:17:f8:56: d7:0b:2c:ba:68:6c:f6:90:05:6c:61:34:e2:c0:5c: ce:7f:cd:5d:61:b4:f5:21:de:97:79:9d:8d:af:01: 20:6a:7c:dd:22:3e:76:45:9e:a8:7f:c9:f5:41:34: 85:f1:79:2f:82:5b:d9:5f:82:aa:24:e3:2b:ef:ae: ca:05:83:48:4b:3b:92:90:58:1d:79:2a:ce:ca:c2: aa:fe:d6:1a:52:ca:f1:c5:c8:26:3a:1e:9b:bf:39: a9:0b:61:d9:52:f1:e4:51:2e:38:34:d9:07:b1:db: 45:98:9c:89:d6:fc:d6:28:d1:6b:22:06:39:1d:9f: 26:0c:0b:a4:a1:f8:5b:42:92:04:a1:95:a2:b4:78: ab:ae:06:ba:19:1c:e7:54:b9:ea:72:a8:c5:af:62: 67:56:4a:32:b3:8a:7f:e4:da:a3:f7:a5:ce:51:f0: 86:6b:bc:82:bb:3f:cb:fa:00:60:59:73:c6:da:28: 9d:16:4b:20:f9:e2:a6:57:e8:4d:69:2d:d7:ce:b6: 27:2a:ef:ed:4b:f7:32:ec:a4:07:3f:0d:4a:e2:68: ca:53:a0:f5:04:b8:b6:17:68:78:ef:2b:c8:82:ff: c9:8a:59:42:67:13:ca:60:e2:0a:3d:ed:7b:f9:42: 8b:2f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B1:97:6F:ED:47:C1:5F:E7:6E:35:CF:A9:6B:A1:08:FC:BF:3E:D9:5B X509v3 Authority Key Identifier: keyid:29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c7:a1:61:a6:bc:b1:9e:92:02:3d:60:43:99:19:69:71:15:79: 93:f0:72:3f:83:7f:13:3e:54:61:f3:d1:ef:ca:4e:27:dc:c3: b5:dd:7d:6f:e4:4b:b5:c0:67:cf:db:2f:91:24:ce:5a:19:17: e3:38:d7:04:7f:f6:d1:a5:df:74:15:13:d8:a4:46:7d:b9:fa: 82:b3:2c:2b:33:1d:07:b0:ac:11:a5:19:79:bf:87:d3:14:67: 0b:06:34:c7:d6:54:4e:bc:36:9d:c5:f5:ae:b2:5e:4f:02:12: 59:e0:5a:ea:43:b4:42:e5:59:04:2f:04:0a:bd:b1:8c:a9:bc: 65:40:f8:5d:c3:3c:43:cc:ce:2d:b6:6d:06:e0:e8:37:9b:79: 8e:ac:6c:ad:c4:33:13:0d:31:a4:ee:b7:1d:a9:0c:33:6f:76: c0:19:3e:1e:4d:fd:f1:0b:3a:c1:9a:b6:32:10:19:ae:60:f1: 38:f2:25:fa:7c:0a:ac:44:a4:54:0c:c7:73:1f:89:c7:ce:05: 8b:3b:9c:61:50:9a:88:57:5e:af:e6:f1:bd:4f:94:d6:1c:f0: 43:0e:10:6f:fb:32:75:e9:fa:6b:4b:c9:d6:b4:d8:5d:b3:d0: 40:e1:3f:c3:fa:d3:c1:47:63:d1:aa:0a:bd:2c:6e:41:f5:92: 27:dd:97:f5 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBeDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MjMyOTExMC8GA1UEBRMoMjkzQUM2NDA1MzA5REU5NDk1MTY4N0ZFMTcyOTZBRERD RDk1NzJGQzAeFw0yNTA3MDMwNzAxMDdaFw0yNTA3MTAwNzAxMDdaMBgxFjAUBgNV BAMTDTY4NjYyYWIzLTg4NWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCijUwfiINxAsH0yRf4VtcLLLpobPaQBWxhNOLAXM5/zV1htPUh3pd5nY2vASBq fN0iPnZFnqh/yfVBNIXxeS+CW9lfgqok4yvvrsoFg0hLO5KQWB15Ks7Kwqr+1hpS yvHFyCY6Hpu/OakLYdlS8eRRLjg02Qex20WYnInW/NYo0WsiBjkdnyYMC6Sh+FtC kgShlaK0eKuuBroZHOdUuepyqMWvYmdWSjKzin/k2qP3pc5R8IZrvIK7P8v6AGBZ c8baKJ0WSyD54qZX6E1pLdfOticq7+1L9zLspAc/DUriaMpToPUEuLYXaHjvK8iC /8mKWUJnE8pg4go97Xv5QosvAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUsZdv7UfB X+duNc+pa6EI/L8+2VswHwYDVR0jBBgwFoAUKTrGQFMJ3pSVFof+Fylq3c2Vcvww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUyMzI5L0M3RkFEMzY4QTI2 ODExRUY5RDkxNDExOEM0RjlBRTAyL0tUckdRRk1KM3BTVkZvZi1GeWxxM2MyVmN2 dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS1RyR1FGTUozcFNWRm9mLUZ5bHEzYzJWY3Z3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUy MzI5L0M3RkFEMzY4QTI2ODExRUY5RDkxNDExOEM0RjlBRTAyL0tUckdRRk1KM3BT VkZvZi1GeWxxM2MyVmN2dy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAMehYaa8sZ6SAj1gQ5kZaXEVeZPwcj+DfxM+VGHz0e/KTifcw7XdfW/k S7XAZ8/bL5EkzloZF+M41wR/9tGl33QVE9ikRn25+oKzLCszHQewrBGlGXm/h9MU ZwsGNMfWVE68Np3F9a6yXk8CElngWupDtELlWQQvBAq9sYypvGVA+F3DPEPMzi22 bQbg6DebeY6sbK3EMxMNMaTutx2pDDNvdsAZPh5N/fELOsGatjIQGa5g8TjyJfp8 CqxEpFQMx3MficfOBYs7nGFQmohXXq/m8b1PlNYc8EMOEG/7MnXp+mtLyda02F2z 0EDhP8P608FHY9GqCr0sbkH1kifdl/U= -----END CERTIFICATE-----Generated at Thu Jul 3 23:22:39 2025 by rpki-client