$ rpki-client -vvf rpki.apnic.net/member_repository/A91790EC/24B8BFE03E5811EF996DA321C4F9AE02/KTzh3tGmQEsAssDM-z886vshpQg.mft File: KTzh3tGmQEsAssDM-z886vshpQg.mft (raw, json) Hash identifier: 21YxOsxoyGJ1yi6DrL0BNEHRNmBxK0QXqzE6l4BtJj8= Subject key identifier: 3E:8C:D1:F9:F7:90:86:75:EC:B9:81:9D:F6:C1:6C:16:96:CD:58:64 Authority key identifier: 29:3C:E1:DE:D1:A6:40:4B:00:B2:C0:CC:FB:3F:3C:EA:FB:21:A5:08 Certificate issuer: /CN=A91790EC/serialNumber=293CE1DED1A6404B00B2C0CCFB3F3CEAFB21A508 Certificate serial: D5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTzh3tGmQEsAssDM-z886vshpQg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91790EC/24B8BFE03E5811EF996DA321C4F9AE02/KTzh3tGmQEsAssDM-z886vshpQg.mft Manifest number: D3 Signing time: Sat 23 Aug 2025 05:46:41 +0000 Manifest this update: Sat 23 Aug 2025 05:46:40 +0000 Manifest next update: Sat 30 Aug 2025 05:46:40 +0000 Files and hashes: 1: KTzh3tGmQEsAssDM-z886vshpQg.crl (hash: hIYys8sdLgsUtfnOl1c5TESlkITbzdzIBb6ZbV9Qpic=) 2: 81AA7D1A3E5811EFAE13B943C4F9AE02.roa (hash: WIZmU+L0O9RcMZGa4g5/Y6rLFYKaR2VClhlEkEMS/7E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91790EC/24B8BFE03E5811EF996DA321C4F9AE02/KTzh3tGmQEsAssDM-z886vshpQg.crl rsync://rpki.apnic.net/member_repository/A91790EC/24B8BFE03E5811EF996DA321C4F9AE02/KTzh3tGmQEsAssDM-z886vshpQg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTzh3tGmQEsAssDM-z886vshpQg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 05:46:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 213 (0xd5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91790EC, serialNumber=293CE1DED1A6404B00B2C0CCFB3F3CEAFB21A508 Validity Not Before: Aug 23 05:46:40 2025 GMT Not After : Aug 30 05:46:40 2025 GMT Subject: CN=68a955c0-7449 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a7:1a:67:13:dd:a9:91:05:c8:0d:73:8e:81:0e: d4:a2:f0:e3:b6:4d:ac:63:1e:cb:a9:1c:5e:6a:4b: ad:18:43:18:90:c9:51:5b:a1:44:a2:13:f1:9c:d2: 0f:69:e6:dc:a7:13:ad:01:cf:c9:a4:5f:d9:06:91: 86:39:a4:92:48:96:96:42:99:92:4f:ff:a2:b2:bd: a7:f3:f2:13:db:85:e8:22:8f:05:10:a8:74:86:16: 4d:27:42:60:80:04:3b:5b:e1:35:a5:32:ec:1a:75: 10:77:09:f8:a8:c1:1a:5b:3e:5c:b9:18:0c:b7:b4: e3:50:71:ba:44:83:4c:db:b2:c8:70:63:bd:e7:fc: be:84:ba:04:65:55:74:ed:e8:a2:81:f2:ae:3f:01: ca:f6:1f:1f:cb:8e:9e:16:79:9a:40:65:a1:42:1f: e2:48:37:15:b6:71:91:dd:31:c8:0d:76:cb:0d:70: a6:98:9c:31:0e:a0:2f:d2:ad:9e:d1:09:d3:99:f1: d3:b5:6d:58:31:27:ef:a1:a3:86:5a:d7:62:87:20: df:0e:48:03:be:cd:be:13:ef:29:5f:9b:16:86:fc: 89:85:20:51:c5:13:14:08:76:8b:50:f5:43:94:4e: ae:85:19:b6:bc:09:2c:34:d7:3d:f2:44:9a:15:2a: 41:1b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3E:8C:D1:F9:F7:90:86:75:EC:B9:81:9D:F6:C1:6C:16:96:CD:58:64 X509v3 Authority Key Identifier: keyid:29:3C:E1:DE:D1:A6:40:4B:00:B2:C0:CC:FB:3F:3C:EA:FB:21:A5:08 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91790EC/24B8BFE03E5811EF996DA321C4F9AE02/KTzh3tGmQEsAssDM-z886vshpQg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KTzh3tGmQEsAssDM-z886vshpQg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91790EC/24B8BFE03E5811EF996DA321C4F9AE02/KTzh3tGmQEsAssDM-z886vshpQg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:fe:17:86:2a:38:30:a9:94:a4:1f:39:ee:39:4b:5d:f7:c8: a4:a3:ca:1b:02:62:d9:bb:de:97:5a:97:64:64:6c:a6:8d:a2: 25:14:29:ab:be:9a:54:1f:fc:11:10:44:42:ab:6a:07:eb:97: 92:c3:e3:4b:61:a2:bf:07:1a:2f:90:ec:eb:1c:b4:da:d5:90: 85:ab:d5:f3:cf:1d:cf:ac:d4:36:e2:e9:44:1c:d1:dd:a6:a7: de:64:66:fd:7e:78:a8:ab:d9:54:d0:ba:68:ce:fd:76:f6:4f: 58:23:59:03:bd:69:ed:66:b7:ca:e4:41:a4:ea:5b:d7:9b:05: 81:90:0e:2d:51:57:90:29:ce:0f:15:1e:88:a3:c2:36:a8:15: 32:ca:43:99:37:e8:ec:da:25:ec:d4:6b:ad:86:3b:d5:71:21: 07:28:cc:80:3b:4e:03:e0:f6:df:cb:35:e5:1b:ec:9a:96:31: fe:02:e1:3d:55:2b:cb:6b:6d:c3:3f:8b:46:31:ba:9d:7b:05: ba:e7:62:6d:db:60:8b:66:b2:d2:7b:55:3a:54:7e:2e:d5:44: ac:45:f2:cc:ba:91:7d:0a:28:9b:9c:e4:c4:aa:70:a7:2f:4d: 05:bf:ca:bd:a7:62:0c:63:f9:40:ae:a5:c8:23:11:b4:e5:82: 6a:b8:12:a4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICANUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzkwRUMxMTAvBgNVBAUTKDI5M0NFMURFRDFBNjQwNEIwMEIyQzBDQ0ZCM0YzQ0VB RkIyMUE1MDgwHhcNMjUwODIzMDU0NjQwWhcNMjUwODMwMDU0NjQwWjAYMRYwFAYD VQQDEw02OGE5NTVjMC03NDQ5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApxpnE92pkQXIDXOOgQ7UovDjtk2sYx7LqRxeakutGEMYkMlRW6FEohPxnNIP aebcpxOtAc/JpF/ZBpGGOaSSSJaWQpmST/+isr2n8/IT24XoIo8FEKh0hhZNJ0Jg gAQ7W+E1pTLsGnUQdwn4qMEaWz5cuRgMt7TjUHG6RINM27LIcGO95/y+hLoEZVV0 7eiigfKuPwHK9h8fy46eFnmaQGWhQh/iSDcVtnGR3THIDXbLDXCmmJwxDqAv0q2e 0QnTmfHTtW1YMSfvoaOGWtdihyDfDkgDvs2+E+8pX5sWhvyJhSBRxRMUCHaLUPVD lE6uhRm2vAksNNc98kSaFSpBGwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFD6M0fn3 kIZ17LmBnfbBbBaWzVhkMB8GA1UdIwQYMBaAFCk84d7RpkBLALLAzPs/POr7IaUI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTBFQy8yNEI4QkZFMDNF NTgxMUVGOTk2REEzMjFDNEY5QUUwMi9LVHpoM3RHbVFFc0Fzc0RNLXo4ODZ2c2hw UWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tUemgzdEdtUUVzQXNzRE0tejg4NnZzaHBRZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTBFQy8yNEI4QkZFMDNFNTgxMUVGOTk2REEzMjFDNEY5QUUwMi9LVHpoM3RHbVFF c0Fzc0RNLXo4ODZ2c2hwUWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCg/heGKjgwqZSkHznuOUtd98iko8obAmLZu96XWpdkZGymjaIlFCmr vppUH/wREERCq2oH65eSw+NLYaK/BxovkOzrHLTa1ZCFq9Xzzx3PrNQ24ulEHNHd pqfeZGb9fnioq9lU0Lpozv129k9YI1kDvWntZrfK5EGk6lvXmwWBkA4tUVeQKc4P FR6Io8I2qBUyykOZN+js2iXs1GuthjvVcSEHKMyAO04D4PbfyzXlG+yaljH+AuE9 VSvLa23DP4tGMbqdewW652Jt22CLZrLSe1U6VH4u1USsRfLMupF9CiibnOTEqnCn L00Fv8q9p2IMY/lArqXIIxG05YJquBKk -----END CERTIFICATE-----Generated at Sat Aug 23 20:34:09 2025 by rpki-client