$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft File: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft (raw, json) Hash identifier: RtAPmujJru4Xk1tm4TMaMefQCHfV5e/6DNj8bl5FxGk= Subject key identifier: FA:60:7B:09:09:D6:B4:22:85:02:9D:2E:FE:FF:6A:6A:E8:97:9C:52 Authority key identifier: 29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 Certificate issuer: /CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Certificate serial: 10D7 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft Manifest number: 23F8 Signing time: Wed 02 Jul 2025 17:12:29 +0000 Manifest this update: Wed 02 Jul 2025 17:12:29 +0000 Manifest next update: Wed 09 Jul 2025 17:12:29 +0000 Files and hashes: 1: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl (hash: VrK6hyBoBV1IaYvBPqfs/JMzweJ1xrn09OerQEUsi10=) 2: DE0A75A605EB11EA94CD7287C4F9AE02.roa (hash: rQZ+LsPDuc4EXnC/GiBOmzFAxUE3pMz5tb4kdOhgWwA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 17:12:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4311 (0x10d7) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F, serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Validity Not Before: Jul 2 17:12:29 2025 GMT Not After : Jul 9 17:12:29 2025 GMT Subject: CN=6865687d-21ae Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:c8:a9:93:69:b5:24:7b:1c:d1:c4:42:b1:a5: f4:37:ee:d5:97:26:9e:62:99:da:22:22:ed:dd:27: d5:01:7f:58:fb:ef:ca:01:e2:d5:4e:7b:92:b6:d7: d3:7e:f8:dd:02:27:a7:40:74:c1:c7:da:79:7c:9e: c3:90:13:b2:74:89:1c:e1:28:ff:ac:21:e4:9b:22: 82:2d:2b:3a:f9:52:22:84:86:90:19:07:ce:66:44: ac:83:8f:a9:da:10:6b:26:79:c6:9b:e5:56:19:37: e8:be:ca:4e:09:af:f6:a0:52:a5:ff:a7:6c:d7:87: 16:95:dc:1f:ac:31:95:7d:1e:ae:83:c9:3d:22:b5: 67:80:e1:73:b9:88:a6:1a:ef:6f:52:71:dd:f2:23: 2d:9a:ec:60:11:13:93:14:34:91:94:a7:86:fe:28: cf:ae:b2:1e:79:8d:3f:52:ec:32:d4:2c:1a:39:c5: 12:cc:4b:82:8f:15:f2:e5:2f:56:02:4f:8c:60:6a: f2:07:04:31:64:74:ba:4e:e0:0a:26:64:ff:06:66: 73:b5:b7:9d:1a:32:24:a0:12:7e:69:aa:56:ad:61: 51:b4:63:02:d6:08:75:3d:07:bc:3e:0e:81:70:dd: 26:e8:cc:e5:8f:dc:7a:7f:c7:2a:8c:bc:e4:d2:f0: 20:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FA:60:7B:09:09:D6:B4:22:85:02:9D:2E:FE:FF:6A:6A:E8:97:9C:52 X509v3 Authority Key Identifier: keyid:29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 27:c4:f5:b2:61:61:ae:b0:16:70:80:35:f8:57:a4:dc:01:44: bd:1d:92:bb:36:96:91:44:27:12:3a:52:31:e2:46:27:2a:3e: 49:fe:97:84:42:a2:1e:31:62:cf:d5:2e:ef:21:3e:22:6f:6e: fd:b8:d5:54:ff:a2:c8:39:53:ed:cb:25:16:89:93:e3:7f:72: b5:b3:87:df:d7:3c:5a:95:a8:29:4e:07:ca:ac:d6:ba:b2:ec: 03:ec:aa:ea:e0:62:d9:b4:49:4d:01:3d:8b:39:4f:87:1e:5d: 1a:98:1c:ab:da:a3:ad:8d:db:8d:f4:04:41:85:c9:1a:7f:0d: d7:15:bb:16:b3:6a:eb:2a:61:57:c8:34:8a:78:9f:4b:38:77: 5b:4f:64:7b:01:23:a7:b6:9b:a1:25:2b:66:b8:9e:60:1a:44: 5e:3b:da:db:e8:ee:51:8d:1a:20:a5:54:31:01:fc:55:47:97: 51:ac:3a:3f:da:c3:45:59:14:4c:41:f7:58:e5:7d:a2:b6:7d: 48:c5:44:be:24:5a:31:85:09:e9:ec:83:49:ac:bf:d6:83:d5: ba:ee:90:c2:23:f4:70:73:5d:b3:79:f6:0c:ea:6c:27:ae:77: 44:9a:ff:8e:49:91:59:b6:f8:c3:34:29:8c:66:df:10:f6:74: e7:4c:2a:05 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICENcwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDI5RDE2Qzk4REIzRDVCRjY0QjZCOTIwNEMwOTYwMDg2 MENEMjk0NTIwHhcNMjUwNzAyMTcxMjI5WhcNMjUwNzA5MTcxMjI5WjAYMRYwFAYD VQQDEw02ODY1Njg3ZC0yMWFlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzMipk2m1JHsc0cRCsaX0N+7VlyaeYpnaIiLt3SfVAX9Y++/KAeLVTnuSttfT fvjdAienQHTBx9p5fJ7DkBOydIkc4Sj/rCHkmyKCLSs6+VIihIaQGQfOZkSsg4+p 2hBrJnnGm+VWGTfovspOCa/2oFKl/6ds14cWldwfrDGVfR6ug8k9IrVngOFzuYim Gu9vUnHd8iMtmuxgEROTFDSRlKeG/ijPrrIeeY0/Uuwy1CwaOcUSzEuCjxXy5S9W Ak+MYGryBwQxZHS6TuAKJmT/BmZztbedGjIkoBJ+aapWrWFRtGMC1gh1PQe8Pg6B cN0m6Mzlj9x6f8cqjLzk0vAgMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFPpgewkJ 1rQihQKdLv7/amrol5xSMB8GA1UdIwQYMBaAFCnRbJjbPVv2S2uSBMCWAIYM0pRS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdfWkxhNUlFd0pZQWhnelNs RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkRnNtTnM5V19aTGE1SUV3SllBaGd6U2xGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdf WkxhNUlFd0pZQWhnelNsRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAnxPWyYWGusBZwgDX4V6TcAUS9HZK7NpaRRCcSOlIx4kYnKj5J/peE QqIeMWLP1S7vIT4ib279uNVU/6LIOVPtyyUWiZPjf3K1s4ff1zxalagpTgfKrNa6 suwD7Krq4GLZtElNAT2LOU+HHl0amByr2qOtjduN9ARBhckafw3XFbsWs2rrKmFX yDSKeJ9LOHdbT2R7ASOntpuhJStmuJ5gGkReO9rb6O5RjRogpVQxAfxVR5dRrDo/ 2sNFWRRMQfdY5X2itn1IxUS+JFoxhQnp7INJrL/Wg9W67pDCI/Rwc12zefYM6mwn rndEmv+OSZFZtvjDNCmMZt8Q9nTnTCoF -----END CERTIFICATE-----Generated at Thu Jul 3 09:41:04 2025 by rpki-client