$ rpki-client -vvf rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft File: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft (raw, json) Hash identifier: JjAzTyz+LMDZOjF118/nAFh1lJrwH45ToTIkV62iApk= Subject key identifier: AF:D4:5E:5B:46:DD:3C:BC:15:6C:46:01:E8:75:5C:11:BD:64:EA:13 Authority key identifier: 29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC Certificate issuer: /CN=A9152329/serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Certificate serial: 92 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft Manifest number: 91 Signing time: Sat 23 Aug 2025 06:42:26 +0000 Manifest this update: Sat 23 Aug 2025 06:42:25 +0000 Manifest next update: Sat 30 Aug 2025 06:42:25 +0000 Files and hashes: 1: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl (hash: iZKiEr0pYN+NIMGKNZts1PSqTVqX7HUEPV6ALg4fO7k=) 2: 38161248A26911EFBF6D0319C4F9AE02.roa (hash: ask+BZFU8F8z7xA+3YaObHPYrB9zSG3srAnnNSVnzDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 06:42:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 146 (0x92) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152329, serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Validity Not Before: Aug 23 06:42:25 2025 GMT Not After : Aug 30 06:42:25 2025 GMT Subject: CN=68a962d2-33ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a4:6b:ec:bf:50:eb:b6:8a:2d:7a:75:20:6a:d9: 50:46:0c:20:fc:14:86:0f:bc:6d:0f:be:db:3c:4a: d8:bd:f8:56:df:be:8f:97:b7:ee:fd:74:04:18:b1: 5d:15:ee:79:7c:0c:07:72:7e:a0:6d:65:05:26:45: 42:48:7c:9d:4f:86:d1:e9:16:22:52:51:f9:f6:f3: ba:13:c7:6b:1c:47:d2:46:09:d0:0b:55:3f:3f:78: 9a:65:f4:be:83:fe:64:b8:84:a9:91:7b:e0:bc:87: 10:27:58:98:99:10:f2:b1:45:2e:3f:23:76:2b:ae: e2:f2:9c:b5:81:66:f7:ea:3e:37:7a:6d:c4:0b:d8: 80:12:bf:96:2f:af:8c:9d:be:89:22:31:1e:80:40: e9:2f:0a:13:f5:47:dd:9c:28:0a:d3:1e:d2:20:19: 7f:71:83:3e:aa:47:18:7c:0a:85:e4:aa:a6:c5:33: 7d:db:ac:35:32:97:ef:46:cd:ed:17:6c:00:4b:29: 9d:72:40:12:1b:fb:ff:bd:11:da:8f:65:a0:c4:fa: 1d:01:8d:56:33:ba:d5:c8:f6:0a:39:51:29:00:9f: c3:42:0a:cc:db:20:97:02:33:5d:3d:c7:06:e2:58: 49:33:08:ee:7f:07:9d:1d:35:cf:ab:ef:72:b8:3d: 74:87 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AF:D4:5E:5B:46:DD:3C:BC:15:6C:46:01:E8:75:5C:11:BD:64:EA:13 X509v3 Authority Key Identifier: keyid:29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bd:f8:3a:64:af:bd:37:5f:68:67:4e:42:67:d7:55:ca:6e:74: 7e:07:54:cf:1a:a1:e4:98:1b:d4:0d:cf:f2:2d:01:35:11:2a: d0:0d:98:e3:5f:c9:ae:75:91:f8:80:2e:db:75:2c:8a:74:ea: d9:5d:3a:f0:3f:fe:56:03:3d:c1:2e:74:51:0a:69:9f:3a:6e: 73:ee:19:53:90:94:56:29:56:dd:c3:7c:3f:54:1a:fc:9b:10: af:cf:3e:88:b0:cc:d3:e7:3f:cb:ba:1b:0d:44:0a:a8:7d:c9: c2:e1:b1:29:be:a1:2b:61:13:f8:89:61:97:c7:21:3b:60:2c: 27:ce:d8:5a:81:55:9c:03:69:67:54:2a:66:ac:11:3e:e1:dc: 77:e6:2c:6d:f9:4e:9b:ea:fc:c5:29:43:3f:e3:72:41:a3:7d: 1e:f4:cc:ae:fe:a1:f8:db:81:d9:16:2b:62:8d:06:c4:9e:b6: 30:5f:f1:af:8f:2a:14:74:0e:16:70:ae:93:99:8d:06:c8:76: 69:b2:a6:09:8c:10:60:c3:b3:dc:4b:c2:e7:6f:45:e9:03:a1: 45:70:15:e2:01:ae:49:55:2a:9b:da:62:a4:fe:b9:2f:ad:26: 08:a5:63:80:4d:9f:fb:94:46:a0:16:7f:82:39:e5:5a:68:65: 4d:fa:f9:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTIzMjkxMTAvBgNVBAUTKDI5M0FDNjQwNTMwOURFOTQ5NTE2ODdGRTE3Mjk2QURE Q0Q5NTcyRkMwHhcNMjUwODIzMDY0MjI1WhcNMjUwODMwMDY0MjI1WjAYMRYwFAYD VQQDEw02OGE5NjJkMi0zM2VmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApGvsv1DrtootenUgatlQRgwg/BSGD7xtD77bPErYvfhW376Pl7fu/XQEGLFd Fe55fAwHcn6gbWUFJkVCSHydT4bR6RYiUlH59vO6E8drHEfSRgnQC1U/P3iaZfS+ g/5kuISpkXvgvIcQJ1iYmRDysUUuPyN2K67i8py1gWb36j43em3EC9iAEr+WL6+M nb6JIjEegEDpLwoT9UfdnCgK0x7SIBl/cYM+qkcYfAqF5KqmxTN926w1MpfvRs3t F2wASymdckASG/v/vRHaj2WgxPodAY1WM7rVyPYKOVEpAJ/DQgrM2yCXAjNdPccG 4lhJMwjufwedHTXPq+9yuD10hwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFK/UXltG 3Ty8FWxGAeh1XBG9ZOoTMB8GA1UdIwQYMBaAFCk6xkBTCd6UlRaH/hcpat3NlXL8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjMyOS9DN0ZBRDM2OEEy NjgxMUVGOUQ5MTQxMThDNEY5QUUwMi9LVHJHUUZNSjNwU1ZGb2YtRnlscTNjMlZj dncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tUckdRRk1KM3BTVkZvZi1GeWxxM2MyVmN2dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjMyOS9DN0ZBRDM2OEEyNjgxMUVGOUQ5MTQxMThDNEY5QUUwMi9LVHJHUUZNSjNw U1ZGb2YtRnlscTNjMlZjdncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC9+Dpkr703X2hnTkJn11XKbnR+B1TPGqHkmBvUDc/yLQE1ESrQDZjj X8mudZH4gC7bdSyKdOrZXTrwP/5WAz3BLnRRCmmfOm5z7hlTkJRWKVbdw3w/VBr8 mxCvzz6IsMzT5z/LuhsNRAqofcnC4bEpvqErYRP4iWGXxyE7YCwnzthagVWcA2ln VCpmrBE+4dx35ixt+U6b6vzFKUM/43JBo30e9Myu/qH424HZFitijQbEnrYwX/Gv jyoUdA4WcK6TmY0GyHZpsqYJjBBgw7PcS8Lnb0XpA6FFcBXiAa5JVSqb2mKk/rkv rSYIpWOATZ/7lEagFn+COeVaaGVN+vlg -----END CERTIFICATE-----Generated at Sat Aug 23 19:32:47 2025 by rpki-client