$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft File: KKyX2Zh-eNvuncufA3NcKDvOGGI.mft (raw, json) Hash identifier: fJ0ySexDgvbj+9OmCInsnht0LnhhPh4Ek2JUvPjke24= Subject key identifier: 1F:2D:B5:07:75:4A:42:B1:3C:F3:67:B0:00:B3:45:37:8C:BE:76:7A Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 01D0 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft Manifest number: 01CD Signing time: Tue 01 Jul 2025 03:16:53 +0000 Manifest this update: Tue 01 Jul 2025 03:16:52 +0000 Manifest next update: Tue 08 Jul 2025 03:16:52 +0000 Files and hashes: 1: KKyX2Zh-eNvuncufA3NcKDvOGGI.crl (hash: PLmtLs2tzLcnma3rwEFcu3eiXgW6DV7TjStu5sdQ1GE=) 2: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (hash: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:16:52 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 464 (0x1d0) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: Jul 1 03:16:52 2025 GMT Not After : Jul 8 03:16:52 2025 GMT Subject: CN=68635324-1ba7 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d3:77:57:11:76:7f:8a:68:6d:c4:c7:8b:2c:b0: a3:56:65:fd:70:dc:e8:62:5b:1a:21:08:f2:d0:7f: 71:92:fa:6e:4f:bc:d8:7f:62:bc:9c:a4:c2:bc:58: 45:d0:62:b2:74:28:1b:a3:cc:f2:f4:27:c7:b2:22: 96:93:64:cb:4c:fb:84:0f:64:36:7e:8c:cb:ad:bd: 8e:9f:b3:6b:ce:87:c2:6e:c5:c4:1c:b5:36:43:8c: c3:6d:7a:26:ca:c6:07:cf:72:7a:ad:f2:9e:08:88: 5c:a7:1a:8a:ca:b7:8c:74:30:32:b8:57:65:99:fa: 89:c2:ca:c6:9b:2b:e2:b6:50:c0:0d:79:1b:bb:0c: 81:84:ed:84:dc:6f:e7:34:6d:b4:c5:fd:ef:b2:af: 8f:f0:2d:5b:37:26:00:c1:fd:f3:8e:ad:4d:8c:cc: 95:34:4b:54:a6:47:d9:92:c6:ed:63:0c:1c:82:52: cd:17:df:22:a1:95:62:37:5e:0b:67:bd:2d:33:df: 99:af:05:a2:42:51:b4:58:02:25:b0:e2:bd:6d:9c: a9:62:fe:5f:58:0c:de:4e:40:a3:d3:bc:03:6f:ac: cb:6a:a4:f9:c6:a4:4a:59:94:2b:8e:57:c0:07:06: 57:da:32:34:1a:ce:58:1f:2a:e1:b6:c1:bd:81:b1: 90:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 1F:2D:B5:07:75:4A:42:B1:3C:F3:67:B0:00:B3:45:37:8C:BE:76:7A X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 37:a1:11:61:c5:13:3d:6c:81:6d:f7:06:0d:7d:16:19:bc:2c: d2:f7:9d:99:4a:d8:93:e0:36:5b:3a:92:8c:9c:e4:b7:c6:8c: d9:9f:d5:5d:8e:6a:c5:72:ed:da:d5:6b:7d:cd:f1:fb:7a:88: 28:fa:ad:75:81:ac:62:e0:a2:aa:a9:90:3c:fa:15:ed:0a:f4: 25:01:a5:4a:c4:aa:f4:00:93:cf:21:12:fa:96:09:53:84:1b: 66:65:82:63:98:f7:04:2e:ce:c5:36:ef:75:f9:ee:87:f0:4d: fc:9a:87:c1:75:35:67:24:db:b2:40:2e:95:cb:ee:f3:26:e5: 5c:06:3d:54:52:a4:ba:f6:99:f1:6b:b4:2c:8a:4a:11:f3:56: 8b:76:b6:8d:92:c6:73:7a:19:95:1c:71:c4:05:c8:ef:34:6c: d5:45:5e:63:11:c8:41:fe:1b:7f:19:e2:02:42:3d:cb:66:ad: ec:35:bb:ed:b1:36:46:97:c1:25:9a:e6:54:ff:14:40:6c:39: 90:80:f3:93:38:69:b8:63:5e:af:d8:68:ff:84:5f:ef:b0:77: 20:41:cd:89:3f:e3:65:d2:dd:cd:a8:ac:6f:3b:35:1d:8d:54: ce:fa:4b:bf:fc:04:d9:a1:5a:68:bc:5a:df:88:2a:57:61:20: 70:01:ca:b1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUwNzAxMDMxNjUyWhcNMjUwNzA4MDMxNjUyWjAYMRYwFAYD VQQDEw02ODYzNTMyNC0xYmE3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA03dXEXZ/imhtxMeLLLCjVmX9cNzoYlsaIQjy0H9xkvpuT7zYf2K8nKTCvFhF 0GKydCgbo8zy9CfHsiKWk2TLTPuED2Q2fozLrb2On7NrzofCbsXEHLU2Q4zDbXom ysYHz3J6rfKeCIhcpxqKyreMdDAyuFdlmfqJwsrGmyvitlDADXkbuwyBhO2E3G/n NG20xf3vsq+P8C1bNyYAwf3zjq1NjMyVNEtUpkfZksbtYwwcglLNF98ioZViN14L Z70tM9+ZrwWiQlG0WAIlsOK9bZypYv5fWAzeTkCj07wDb6zLaqT5xqRKWZQrjlfA BwZX2jI0Gs5YHyrhtsG9gbGQJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFB8ttQd1 SkKxPPNnsACzRTeMvnZ6MB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0JDMy83MDhFNkY2ODkyNjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVO dnVuY3VmQTNOY0tEdk9HR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQA3oRFhxRM9bIFt9wYNfRYZvCzS952ZStiT4DZbOpKMnOS3xozZn9Vd jmrFcu3a1Wt9zfH7eogo+q11gaxi4KKqqZA8+hXtCvQlAaVKxKr0AJPPIRL6lglT hBtmZYJjmPcELs7FNu91+e6H8E38mofBdTVnJNuyQC6Vy+7zJuVcBj1UUqS69pnx a7QsikoR81aLdraNksZzehmVHHHEBcjvNGzVRV5jEchB/ht/GeICQj3LZq3sNbvt sTZGl8ElmuZU/xRAbDmQgPOTOGm4Y16v2Gj/hF/vsHcgQc2JP+Nl0t3NqKxvOzUd jVTO+ku//ATZoVpovFrfiCpXYSBwAcqx -----END CERTIFICATE-----Generated at Wed Jul 2 20:54:08 2025 by rpki-client