$ rpki-client -vvf rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft File: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft (raw, json) Hash identifier: zVJ4jpb7U15KIhSvqZdlJng8Q4YkgX9VDxjC1+y/ZrQ= Subject key identifier: 41:9F:13:34:A8:0B:3E:D8:7C:58:BD:30:2C:47:5D:4C:D5:80:E9:CF Authority key identifier: 28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B Certificate issuer: /CN=A9158650/serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Certificate serial: 01B7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft Manifest number: 01B3 Signing time: Tue 01 Jul 2025 03:32:26 +0000 Manifest this update: Tue 01 Jul 2025 03:32:25 +0000 Manifest next update: Tue 08 Jul 2025 03:32:25 +0000 Files and hashes: 1: KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl (hash: b/wdst6S+5e+1vOt5dN5L/U+jUwz/XsRtxv5Nu1KPeY=) 2: EA5A9A32BDAA11ED92995562C4F9AE02.roa (hash: la16kPDMZ0PGNGFfbiOJE4nU4r91VONeRM7xfP7lGe4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:32:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 439 (0x1b7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9158650, serialNumber=2817D4A8644AEC419ADCCEE30C4E87A24D2FF57B Validity Not Before: Jul 1 03:32:25 2025 GMT Not After : Jul 8 03:32:25 2025 GMT Subject: CN=686356ca-2730 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:5b:ca:d6:b5:a6:c9:81:78:64:26:6e:42:45: 20:69:8d:5f:87:63:6b:0f:c9:f2:01:49:30:19:d2: 1a:91:c8:0a:17:aa:d5:bd:cc:36:0b:c3:24:58:d0: 7f:e7:aa:79:4f:09:9a:f2:e9:d1:76:b1:cb:e9:f6: 91:7a:f3:5e:f7:34:e9:4d:c0:ff:d9:c0:bb:ae:96: 5b:4b:8b:0c:99:a8:07:33:0a:1b:bc:68:6f:4f:57: ca:15:cc:5e:6d:a3:a8:62:a6:77:18:07:bc:a2:80: 85:3e:3b:9f:d5:57:65:98:f4:31:fa:08:2b:20:74: e4:e8:a0:b8:4b:1b:62:44:1a:8e:57:e9:49:b3:c3: c0:35:cf:3d:80:f7:a0:c9:76:52:7f:c2:40:d1:28: 46:35:ad:18:ed:ff:10:55:c4:a8:aa:eb:0b:6b:e2: d7:07:fa:64:6b:65:4d:72:91:b6:fc:07:e7:62:66: d1:95:27:cf:a9:06:c5:4a:b3:87:d5:ec:8d:f4:31: 89:55:db:c8:f2:9d:5d:a8:3a:11:a6:7a:a8:65:ba: a9:65:25:c4:bf:34:e2:2d:6b:18:b3:ad:5d:26:24: 9e:8d:3d:75:ba:d4:fd:c1:07:8a:dc:90:66:0a:3e: 50:e2:34:f5:9a:e6:39:94:3c:4f:9e:6c:19:c5:ee: cb:b3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 41:9F:13:34:A8:0B:3E:D8:7C:58:BD:30:2C:47:5D:4C:D5:80:E9:CF X509v3 Authority Key Identifier: keyid:28:17:D4:A8:64:4A:EC:41:9A:DC:CE:E3:0C:4E:87:A2:4D:2F:F5:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9158650/7758D2C2BDA711EDAECD4A5DC4F9AE02/KBfUqGRK7EGa3M7jDE6Hok0v9Xs.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:14:b6:ca:bb:92:6a:ec:01:24:9b:df:ae:b4:5c:06:d2:7c: 3a:9a:a6:e6:23:b6:5a:0f:8c:f0:4c:92:49:3c:38:6d:0c:c1: f7:19:63:d5:01:c2:a5:29:7e:98:b0:c1:25:40:38:a8:38:04: 83:7e:10:56:4f:d7:4a:4e:4f:fc:2c:e7:96:48:c4:ad:11:9a: 9d:b5:ec:91:1a:c5:a2:e8:59:78:6c:9c:7b:3c:65:25:09:37: 12:22:b8:27:7f:45:db:40:e0:ce:65:62:52:86:49:3f:b0:90: 63:a1:53:8d:48:dd:99:d5:4b:90:bb:6a:54:6e:59:e4:d0:df: 95:cc:3e:91:5b:c2:87:c9:9f:8d:aa:f1:88:ae:4b:20:8d:56: fb:41:3f:b8:b9:87:fd:56:de:8f:c3:f5:57:a8:9a:75:ef:4e: 5e:69:67:60:57:c9:f7:2b:7f:ec:8b:e6:b1:dc:b6:c7:0c:ed: 93:c4:7f:64:99:7d:03:f4:7b:a7:2b:c3:28:bb:5a:b7:2d:33: 2a:2a:62:9c:20:70:8c:65:80:62:f3:67:c9:7f:37:ab:7e:d2: 7f:50:45:b1:28:1f:7e:e0:c9:69:bc:5b:d1:89:7d:19:a3:0c: c7:e5:fd:c8:84:3f:a4:c3:37:86:c4:1e:eb:74:47:97:7b:49: c5:34:c9:52 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAbcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTg2NTAxMTAvBgNVBAUTKDI4MTdENEE4NjQ0QUVDNDE5QURDQ0VFMzBDNEU4N0Ey NEQyRkY1N0IwHhcNMjUwNzAxMDMzMjI1WhcNMjUwNzA4MDMzMjI1WjAYMRYwFAYD VQQDEw02ODYzNTZjYS0yNzMwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuVvK1rWmyYF4ZCZuQkUgaY1fh2NrD8nyAUkwGdIakcgKF6rVvcw2C8MkWNB/ 56p5Twma8unRdrHL6faRevNe9zTpTcD/2cC7rpZbS4sMmagHMwobvGhvT1fKFcxe baOoYqZ3GAe8ooCFPjuf1VdlmPQx+ggrIHTk6KC4SxtiRBqOV+lJs8PANc89gPeg yXZSf8JA0ShGNa0Y7f8QVcSoqusLa+LXB/pka2VNcpG2/AfnYmbRlSfPqQbFSrOH 1eyN9DGJVdvI8p1dqDoRpnqoZbqpZSXEvzTiLWsYs61dJiSejT11utT9wQeK3JBm Cj5Q4jT1muY5lDxPnmwZxe7LswIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFEGfEzSo Cz7YfFi9MCxHXUzVgOnPMB8GA1UdIwQYMBaAFCgX1KhkSuxBmtzO4wxOh6JNL/V7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1ODY1MC83NzU4RDJDMkJE QTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdFR2EzTTdqREU2SG9rMHY5 WHMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tCZlVxR1JLN0VHYTNNN2pERTZIb2swdjlYcy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 ODY1MC83NzU4RDJDMkJEQTcxMUVEQUVDRDRBNURDNEY5QUUwMi9LQmZVcUdSSzdF R2EzTTdqREU2SG9rMHY5WHMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAFFLbKu5Jq7AEkm9+utFwG0nw6mqbmI7ZaD4zwTJJJPDhtDMH3GWPV AcKlKX6YsMElQDioOASDfhBWT9dKTk/8LOeWSMStEZqdteyRGsWi6Fl4bJx7PGUl CTcSIrgnf0XbQODOZWJShkk/sJBjoVONSN2Z1UuQu2pUblnk0N+VzD6RW8KHyZ+N qvGIrksgjVb7QT+4uYf9Vt6Pw/VXqJp1705eaWdgV8n3K3/si+ax3LbHDO2TxH9k mX0D9HunK8Mou1q3LTMqKmKcIHCMZYBi82fJfzerftJ/UEWxKB9+4MlpvFvRiX0Z owzH5f3IhD+kwzeGxB7rdEeXe0nFNMlS -----END CERTIFICATE-----Generated at Tue Jul 1 08:15:08 2025 by rpki-client