$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: 8WxGjG+DbMELQ5Yi9T/l+h8Bkr/ME7qPSjtPMkUsYUk= Subject key identifier: 28:06:86:22:A8:2C:10:54:5C:41:63:34:E7:DA:8F:B9:87:9D:53:F5 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 065E Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 0658 Signing time: Fri 22 Aug 2025 22:29:35 +0000 Manifest this update: Fri 22 Aug 2025 22:29:35 +0000 Manifest next update: Fri 29 Aug 2025 22:29:35 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: JWLm6HG9NMaAzCY/krmMkVM8Fu1FX7JmIp+W+bD8+eI=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 22:29:35 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1630 (0x65e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Aug 22 22:29:35 2025 GMT Not After : Aug 29 22:29:35 2025 GMT Subject: CN=68a8ef4f-263d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9f:f9:ba:95:9e:ff:64:ad:b2:4a:da:78:91:ce: ed:83:ba:7e:ce:c3:e5:18:0d:53:53:6b:a1:4c:df: c2:5e:9a:06:dd:a9:3e:ce:04:df:3a:cd:8c:c4:9b: 1b:18:94:e5:54:b2:c9:8c:fc:9d:80:56:f4:6f:73: 61:28:d2:2d:f2:91:33:b7:04:be:73:ae:75:85:db: f5:3b:10:3e:6d:10:66:a0:ad:31:74:38:fa:e6:ee: f7:9e:62:66:ca:a1:61:bb:57:8c:18:1e:2f:b3:11: 49:fc:1b:19:e8:27:05:89:2f:d3:d5:2b:ad:af:87: 39:44:30:6a:43:2a:d7:81:a5:d8:ea:f8:51:26:cf: 09:c6:a7:e2:e6:7b:6f:96:28:52:f2:23:78:18:c2: de:13:45:64:8d:2a:23:bc:fd:5a:b5:18:bc:fa:16: 56:af:6b:b5:0e:ac:c0:41:af:f7:e8:cb:30:74:ed: 00:6f:0d:be:db:ef:6c:b4:e4:c5:83:77:da:88:1c: d4:47:66:a3:21:3e:e6:32:79:4a:50:a7:8a:d6:26: 11:56:57:43:b0:f5:ba:35:07:b0:4e:76:4c:63:fd: cf:ff:16:ee:38:1b:6d:7e:3c:60:25:b4:fb:c2:51: 28:43:6e:09:9b:38:43:76:cc:63:cf:5b:af:f5:41: b5:8f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 28:06:86:22:A8:2C:10:54:5C:41:63:34:E7:DA:8F:B9:87:9D:53:F5 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8f:ea:20:68:05:12:db:5e:a1:e2:e5:6f:e0:58:b9:b6:4d:bb: f4:94:bf:42:be:43:2f:24:35:e7:ae:5d:70:e4:1c:02:8d:91: 41:02:d3:44:10:da:e4:26:7a:a6:a5:2c:2f:13:02:8e:fd:1e: 96:22:16:c1:50:94:5e:ac:36:34:25:cf:34:2c:1d:69:17:7b: 51:95:8c:dc:ab:33:20:44:8b:3f:50:f7:62:7b:b6:61:1a:fd: 49:e7:e4:ee:7c:d5:6b:a1:47:52:4a:ed:b6:95:f1:a3:2d:b4: bb:ab:b4:f5:c8:f0:90:4e:45:fb:a9:f2:a8:7b:0f:49:b5:ea: ed:b0:c5:41:d5:82:63:91:ca:ca:f4:47:48:aa:b1:e9:52:17: fa:79:ed:38:05:10:4d:23:93:c8:01:77:49:85:3d:9a:40:6b: 34:1f:f6:e5:e3:f8:43:ea:30:8c:2a:ff:7c:e2:30:ee:24:43: e7:32:96:f4:20:27:ad:1a:9a:da:33:b1:4b:42:e2:ef:7b:7b: a4:51:75:41:da:ee:1d:63:d7:f8:0b:6d:3d:37:05:4f:18:c7: 1b:68:7d:a3:a7:ff:45:15:73:aa:ad:27:e1:e0:6c:df:56:ba: eb:3c:bb:c4:e5:52:f4:d2:79:84:fe:0e:3e:16:c9:ab:91:60: 9e:6f:0e:9a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwODIyMjIyOTM1WhcNMjUwODI5MjIyOTM1WjAYMRYwFAYD VQQDEw02OGE4ZWY0Zi0yNjNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAn/m6lZ7/ZK2yStp4kc7tg7p+zsPlGA1TU2uhTN/CXpoG3ak+zgTfOs2MxJsb GJTlVLLJjPydgFb0b3NhKNIt8pEztwS+c651hdv1OxA+bRBmoK0xdDj65u73nmJm yqFhu1eMGB4vsxFJ/BsZ6CcFiS/T1Sutr4c5RDBqQyrXgaXY6vhRJs8Jxqfi5ntv lihS8iN4GMLeE0VkjSojvP1atRi8+hZWr2u1DqzAQa/36MswdO0Abw2+2+9stOTF g3faiBzUR2ajIT7mMnlKUKeK1iYRVldDsPW6NQewTnZMY/3P/xbuOBttfjxgJbT7 wlEoQ24JmzhDdsxjz1uv9UG1jwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCgGhiKo LBBUXEFjNOfaj7mHnVP1MB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCP6iBoBRLbXqHi5W/gWLm2Tbv0lL9CvkMvJDXnrl1w5BwCjZFBAtNE ENrkJnqmpSwvEwKO/R6WIhbBUJRerDY0Jc80LB1pF3tRlYzcqzMgRIs/UPdie7Zh Gv1J5+TufNVroUdSSu22lfGjLbS7q7T1yPCQTkX7qfKoew9JtertsMVB1YJjkcrK 9EdIqrHpUhf6ee04BRBNI5PIAXdJhT2aQGs0H/bl4/hD6jCMKv984jDuJEPnMpb0 ICetGpraM7FLQuLve3ukUXVB2u4dY9f4C209NwVPGMcbaH2jp/9FFXOqrSfh4Gzf VrrrPLvE5VL00nmE/g4+FsmrkWCebw6a -----END CERTIFICATE-----Generated at Sat Aug 23 20:43:49 2025 by rpki-client