$ rpki-client -vvf rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft File: KKyX2Zh-eNvuncufA3NcKDvOGGI.mft (raw, json) Hash identifier: HCWBYg9HcYFfDecJc3mgbx6WdRv/gsMYN7lNPboattI= Subject key identifier: EA:2A:09:B7:BD:8A:B7:9F:AC:AC:72:DB:56:8C:92:93:92:1A:DC:42 Authority key identifier: 28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 Certificate issuer: /CN=A9157BC3/serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Certificate serial: 01EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft Manifest number: 01E8 Signing time: Sat 23 Aug 2025 02:43:41 +0000 Manifest this update: Sat 23 Aug 2025 02:43:41 +0000 Manifest next update: Sat 30 Aug 2025 02:43:41 +0000 Files and hashes: 1: KKyX2Zh-eNvuncufA3NcKDvOGGI.crl (hash: j7Eu1K7aoz4r3ugOlKQA1wZEjs3o+cHNav9T3/UVaD8=) 2: 1FCD9DE2926611EDA99A9419C4F9AE02.roa (hash: RqBWzz5uXzyQ1KueU4cHYCTj7govMSTdgiL2egEdolc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:43:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 491 (0x1eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9157BC3, serialNumber=28AC97D9987E78DBEE9DCB9F03735C283BCE1862 Validity Not Before: Aug 23 02:43:41 2025 GMT Not After : Aug 30 02:43:41 2025 GMT Subject: CN=68a92add-0b62 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:ae:39:d7:87:6c:2a:ae:77:c2:50:a0:46:9f: 89:6e:7f:7e:c5:be:b1:0e:7d:90:9d:e7:a8:fd:3f: 85:c0:d2:05:99:ad:de:bb:de:b5:17:0e:33:16:5d: 50:ea:30:4c:b3:47:7d:a6:61:00:4e:f9:e9:6c:98: 19:31:98:17:88:e9:28:f7:dd:fd:17:42:14:8e:04: 53:ae:d2:56:ca:d8:7d:39:83:32:47:bc:6b:5d:05: 21:a4:eb:fe:64:91:9f:15:61:d3:b3:b0:7c:7c:fd: be:40:d0:99:4c:01:dc:b1:e4:32:cc:22:09:c9:ca: 8d:fa:fd:b4:66:67:c6:0b:e8:c5:77:f4:e9:3f:04: a4:16:a5:a9:9d:9c:5d:6f:21:70:d0:ca:73:be:b7: 6d:ed:52:f1:c5:70:67:70:ff:3c:a5:84:10:54:2c: 9d:b5:45:6e:a2:75:6c:30:80:f0:b3:26:0b:22:9f: c1:60:42:75:c6:6a:b4:95:03:80:d1:3a:53:d4:13: 5a:a0:56:7e:0a:14:6f:1c:f7:08:6e:2a:cf:f9:9e: d7:6d:91:7a:0e:77:a3:74:8a:5c:7f:ab:4b:e4:9d: 88:b0:f7:39:02:69:29:08:ad:67:68:cb:7a:17:c4: ae:d6:e8:80:5d:5d:be:41:dc:04:bc:35:ca:04:42: 6a:ad Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EA:2A:09:B7:BD:8A:B7:9F:AC:AC:72:DB:56:8C:92:93:92:1A:DC:42 X509v3 Authority Key Identifier: keyid:28:AC:97:D9:98:7E:78:DB:EE:9D:CB:9F:03:73:5C:28:3B:CE:18:62 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KKyX2Zh-eNvuncufA3NcKDvOGGI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9157BC3/708E6F68926111EDA5204E64C4F9AE02/KKyX2Zh-eNvuncufA3NcKDvOGGI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 93:5f:20:75:3f:b5:dd:98:99:e1:58:09:fa:9d:a7:13:23:7c: f5:dd:bd:86:fd:6d:f0:fd:43:4e:31:60:13:4b:a3:41:2f:72: c1:a7:a6:e4:aa:fb:02:b0:b6:eb:98:43:3e:b5:4b:76:1a:e5: 86:e3:23:99:72:38:ee:57:68:2b:fc:7d:b1:13:77:2b:70:c4: cf:04:08:89:23:75:be:80:92:e2:ca:aa:73:cc:e6:3b:45:2e: fb:b9:45:30:60:26:7e:7b:2c:fd:b1:10:bd:86:a9:12:42:5a: db:0b:e0:5b:f6:9c:77:b3:a1:c4:db:4a:82:0d:80:e7:0e:79: 4a:44:a1:fd:12:d5:86:67:bc:52:a7:3b:b0:57:38:5f:2e:ed: d0:1f:c4:3d:70:f4:da:ae:b8:7f:0d:1e:8f:61:3d:82:49:da: c6:47:dc:e1:94:c8:72:1a:78:ae:ba:ab:bb:8a:04:33:ad:69: 56:81:52:d2:0e:e8:bf:42:2d:23:3a:ee:2a:04:9f:7a:3b:ae: 33:1f:2e:df:e2:f8:72:5e:9a:1a:ce:98:94:e5:a9:fb:0e:b9: 7a:1b:e3:1f:4a:d8:db:f5:2a:20:c0:4f:89:9a:77:7c:f8:d8: 28:bb:fd:c8:d5:70:a3:f5:1c:05:0b:27:ff:5f:e4:83:38:d5: 23:64:a6:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTdCQzMxMTAvBgNVBAUTKDI4QUM5N0Q5OTg3RTc4REJFRTlEQ0I5RjAzNzM1QzI4 M0JDRTE4NjIwHhcNMjUwODIzMDI0MzQxWhcNMjUwODMwMDI0MzQxWjAYMRYwFAYD VQQDEw02OGE5MmFkZC0wYjYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoK4514dsKq53wlCgRp+Jbn9+xb6xDn2Qneeo/T+FwNIFma3eu961Fw4zFl1Q 6jBMs0d9pmEATvnpbJgZMZgXiOko9939F0IUjgRTrtJWyth9OYMyR7xrXQUhpOv+ ZJGfFWHTs7B8fP2+QNCZTAHcseQyzCIJycqN+v20ZmfGC+jFd/TpPwSkFqWpnZxd byFw0Mpzvrdt7VLxxXBncP88pYQQVCydtUVuonVsMIDwsyYLIp/BYEJ1xmq0lQOA 0TpT1BNaoFZ+ChRvHPcIbirP+Z7XbZF6DnejdIpcf6tL5J2IsPc5AmkpCK1naMt6 F8Su1uiAXV2+QdwEvDXKBEJqrQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFOoqCbe9 irefrKxy21aMkpOSGtxCMB8GA1UdIwQYMBaAFCisl9mYfnjb7p3LnwNzXCg7zhhi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1N0JDMy83MDhFNkY2ODky NjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVOdnVuY3VmQTNOY0tEdk9H R0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tLeVgyWmgtZU52dW5jdWZBM05jS0R2T0dHSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 N0JDMy83MDhFNkY2ODkyNjExMUVEQTUyMDRFNjRDNEY5QUUwMi9LS3lYMlpoLWVO dnVuY3VmQTNOY0tEdk9HR0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCTXyB1P7XdmJnhWAn6nacTI3z13b2G/W3w/UNOMWATS6NBL3LBp6bk qvsCsLbrmEM+tUt2GuWG4yOZcjjuV2gr/H2xE3crcMTPBAiJI3W+gJLiyqpzzOY7 RS77uUUwYCZ+eyz9sRC9hqkSQlrbC+Bb9px3s6HE20qCDYDnDnlKRKH9EtWGZ7xS pzuwVzhfLu3QH8Q9cPTarrh/DR6PYT2CSdrGR9zhlMhyGniuuqu7igQzrWlWgVLS Dui/Qi0jOu4qBJ96O64zHy7f4vhyXpoazpiU5an7Drl6G+MfStjb9SogwE+Jmnd8 +Ngou/3I1XCj9RwFCyf/X+SDONUjZKZp -----END CERTIFICATE-----Generated at Sat Aug 23 19:32:24 2025 by rpki-client