$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: iGrqutPmEsBjVCTtNTO4ao2tacTfOfP8e4HqMhzQUCE= Subject key identifier: 12:9D:2E:1D:29:DA:D9:4E:94:24:71:E0:84:6D:F4:7F:0B:EE:75:E7 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 0644 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 063E Signing time: Wed 02 Jul 2025 22:42:26 +0000 Manifest this update: Wed 02 Jul 2025 22:42:26 +0000 Manifest next update: Wed 09 Jul 2025 22:42:26 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: at/c/F+zSx4RRG2X96vBOy73ubUzJWLUrs5lR+olRv4=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 22:42:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1604 (0x644) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Jul 2 22:42:26 2025 GMT Not After : Jul 9 22:42:26 2025 GMT Subject: CN=6865b5d2-2e7a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b0:0f:f8:53:34:66:48:1a:9d:a2:59:aa:3a:2d: 69:73:44:b8:e0:5e:3f:99:d6:83:f7:3a:89:f3:17: 5c:d6:c5:68:7c:c7:1e:13:77:21:15:5d:e6:ed:8b: 0b:5b:2d:61:3d:04:89:98:7c:44:72:50:81:b4:30: ff:ca:99:6d:98:d3:7f:ed:ad:c1:c9:59:8c:b0:82: b2:b8:bd:b6:bc:d6:b7:12:92:d2:0d:19:eb:6b:2a: e6:2c:f3:9c:9e:53:65:19:88:c0:9c:12:81:94:5d: fe:67:2f:4f:38:e7:e7:b0:fe:e7:e6:d7:a6:cf:2f: 8f:8b:da:64:20:3e:ea:63:8a:7b:c4:29:59:ad:e5: 0a:77:42:b5:6d:db:5e:b4:c9:de:24:ee:16:f5:c4: 6d:89:5e:07:c9:10:2e:98:e2:ec:39:40:d0:c8:60: 4d:6c:7c:c9:8a:83:dd:4b:66:41:18:cd:73:64:1d: 13:5a:e9:a8:e4:f2:b0:91:a2:1b:95:e5:9a:b8:28: 67:6f:5a:46:4b:e7:5e:51:42:a5:cd:a1:17:88:a8: 8b:d7:2f:39:ce:d0:d6:a9:3b:f2:65:44:f6:5e:a9: c2:91:a4:86:3e:b3:bd:98:31:f2:8b:73:cc:0e:5e: ee:2b:b2:9e:59:ce:80:7f:af:cd:a2:a2:79:f5:c6: 4c:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 12:9D:2E:1D:29:DA:D9:4E:94:24:71:E0:84:6D:F4:7F:0B:EE:75:E7 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a3:52:8d:61:ee:3b:07:1d:f6:6f:50:be:01:8a:4c:46:96:92: cc:8d:fc:04:19:5b:4b:4a:c5:f2:a2:51:4d:1d:96:cd:49:63: bd:e9:d2:dc:6c:8b:81:b7:d8:07:e9:c8:66:74:b7:e3:e0:51: 35:88:e6:52:bb:86:2e:5e:3a:b1:35:9e:fa:3f:8d:4a:84:a5: 9d:51:52:9d:82:81:cc:c7:4e:4d:6a:24:9c:70:b9:3e:b3:8f: 84:74:11:8e:4e:2c:cf:61:f4:d4:a8:6c:0e:26:9f:4c:9e:d8: 09:83:c5:67:ce:5b:c8:33:61:0b:04:55:6e:c1:c7:5c:fb:bb: 30:2f:70:39:5d:38:d2:ba:51:8a:e2:f0:be:29:81:8d:18:6e: 5b:ea:5c:a3:f1:e5:b8:1c:72:bd:10:94:18:a0:8e:d0:1c:8d: 37:e4:61:c3:28:e1:e6:3a:97:bc:b3:7f:77:0d:e3:2f:c1:44: e2:0d:3a:5f:14:7c:f7:c0:ec:e6:90:5f:d0:dd:3a:77:7d:ce: f9:01:f9:2c:83:1a:8a:88:32:7a:ee:3c:c1:3a:7f:7a:59:f2: 78:93:6e:d9:a6:47:4c:d9:e6:4d:89:87:4c:d1:3b:c0:b9:b7: 93:af:e2:a1:f4:dd:d7:50:bd:3d:4a:c8:96:18:c1:85:62:ef: a0:b6:3c:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBkQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwNzAyMjI0MjI2WhcNMjUwNzA5MjI0MjI2WjAYMRYwFAYD VQQDEw02ODY1YjVkMi0yZTdhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAsA/4UzRmSBqdolmqOi1pc0S44F4/mdaD9zqJ8xdc1sVofMceE3chFV3m7YsL Wy1hPQSJmHxEclCBtDD/ypltmNN/7a3ByVmMsIKyuL22vNa3EpLSDRnrayrmLPOc nlNlGYjAnBKBlF3+Zy9POOfnsP7n5temzy+Pi9pkID7qY4p7xClZreUKd0K1bdte tMneJO4W9cRtiV4HyRAumOLsOUDQyGBNbHzJioPdS2ZBGM1zZB0TWumo5PKwkaIb leWauChnb1pGS+deUUKlzaEXiKiL1y85ztDWqTvyZUT2XqnCkaSGPrO9mDHyi3PM Dl7uK7KeWc6Af6/NoqJ59cZMQwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBKdLh0p 2tlOlCRx4IRt9H8L7nXnMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCjUo1h7jsHHfZvUL4BikxGlpLMjfwEGVtLSsXyolFNHZbNSWO96dLc bIuBt9gH6chmdLfj4FE1iOZSu4YuXjqxNZ76P41KhKWdUVKdgoHMx05NaiSccLk+ s4+EdBGOTizPYfTUqGwOJp9MntgJg8VnzlvIM2ELBFVuwcdc+7swL3A5XTjSulGK 4vC+KYGNGG5b6lyj8eW4HHK9EJQYoI7QHI035GHDKOHmOpe8s393DeMvwUTiDTpf FHz3wOzmkF/Q3Tp3fc75AfksgxqKiDJ67jzBOn96WfJ4k27ZpkdM2eZNiYdM0TvA ubeTr+Kh9N3XUL09SsiWGMGFYu+gtjxJ -----END CERTIFICATE-----Generated at Fri Jul 4 01:00:56 2025 by rpki-client