$ rpki-client -vvf rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft File: kDfAsp43CSqDhSzkuIW3dqfB47Y.mft (raw, json) Hash identifier: qW/PmeJFZTV5jgfLkz740FQlHq2bSjWD4UgbFyimPu8= Subject key identifier: 0E:0B:B1:07:8D:57:E7:FE:94:C7:23:37:3D:E7:33:B9:EA:ED:4D:AC Authority key identifier: 90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 Certificate issuer: /CN=A91957D1/serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Certificate serial: 012E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft Manifest number: 012A Signing time: Thu 03 Jul 2025 04:46:54 +0000 Manifest this update: Thu 03 Jul 2025 04:46:53 +0000 Manifest next update: Thu 10 Jul 2025 04:46:53 +0000 Files and hashes: 1: kDfAsp43CSqDhSzkuIW3dqfB47Y.crl (hash: VWM+wsnbUzUlFRV7HP7lw1iW90xGMofdgP8P2f3ZUdQ=) 2: 72CE4D80958411EEB3748B58C4F9AE02.roa (hash: GyK0WIBreUywAdxh5kO624MwwPbx0zTO9wpPeKdWbNg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 302 (0x12e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91957D1, serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Validity Not Before: Jul 3 04:46:53 2025 GMT Not After : Jul 10 04:46:53 2025 GMT Subject: CN=68660b3e-c5b8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:c9:63:9f:dd:9a:2e:9f:88:67:01:aa:a4:89: e0:ba:10:7c:ea:b9:86:85:0c:e6:80:d1:1d:27:95: bb:7c:d4:2e:ba:45:ed:73:7d:6f:43:90:83:d2:ff: d6:58:fc:1c:8c:4c:4e:cd:c8:aa:10:5e:fd:e2:55: f0:ae:a9:47:c8:6b:0e:49:48:89:8c:eb:0b:44:31: 5d:08:d2:c9:aa:66:88:b3:fe:f9:56:29:9f:4d:e6: 20:b5:3f:6b:4b:34:44:8b:e7:3e:c5:45:4f:03:23: 81:f1:39:c6:9f:9c:75:c0:41:cd:96:62:ba:36:83: 3b:cf:5f:ac:20:34:14:eb:83:d7:48:dd:f2:7f:80: 69:92:da:a7:2f:63:a5:09:89:2d:ca:94:bc:a7:aa: a5:b5:6e:09:c0:cf:ae:ee:e9:89:be:be:5a:8c:22: a0:7e:9e:fe:8c:b5:45:ba:75:61:90:5e:f7:02:dc: fb:a8:d0:54:cf:98:5c:1e:af:34:df:95:2c:e1:f4: f6:88:7a:09:a7:36:10:80:3a:c6:63:ad:dd:df:9a: 9f:cd:23:73:14:ca:28:32:52:c4:60:a3:72:77:22: 7a:5f:1a:db:c5:21:d3:71:ef:a8:5e:37:9c:9b:09: ca:56:39:3b:29:4c:bd:f2:db:5c:84:83:3f:99:7b: 1f:15 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:0B:B1:07:8D:57:E7:FE:94:C7:23:37:3D:E7:33:B9:EA:ED:4D:AC X509v3 Authority Key Identifier: keyid:90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c1:7e:a4:36:e8:f7:17:29:d2:70:1d:fd:96:67:3c:03:16:17: 37:e6:16:3c:08:cd:0b:2d:46:6d:f9:85:7e:95:43:6e:2d:35: c8:85:c6:25:b5:0a:4d:bb:67:3f:42:42:06:36:e7:94:44:3d: 1d:77:ba:36:65:b4:76:eb:2c:2d:c2:8f:c0:a3:0e:b0:91:4f: d6:fa:71:d4:07:a6:01:b9:61:f7:ee:23:ef:4e:81:f8:2f:8a: cb:89:46:95:33:b6:3b:e3:0c:c9:7c:cd:53:3a:ad:42:26:17: 21:44:9e:14:d0:4e:2f:d1:28:67:18:89:9b:81:80:61:e1:1d: ad:10:83:da:d0:9b:bc:b0:07:36:ba:2a:c3:ec:e9:7a:b4:8a: 72:a9:cb:16:5d:d3:78:4b:49:59:e9:9e:ad:8d:74:4a:12:a0: 72:0a:43:4b:fd:21:ad:8a:61:1f:0c:c3:3c:41:96:b2:f9:bf: f0:6e:7d:1f:40:5f:93:35:c1:49:e0:8d:af:99:91:aa:8d:17: b2:0a:fc:ea:f3:63:c6:c8:59:4f:ff:34:74:a8:64:a7:08:e4: 3d:30:d2:03:7e:0f:71:f4:5f:6f:e4:33:52:85:25:91:1f:9b: 47:92:22:a7:26:1c:7d:d0:34:29:26:c4:e2:a8:01:27:2d:d0: c9:67:9c:11 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAS4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTU3RDExMTAvBgNVBAUTKDkwMzdDMEIyOUUzNzA5MkE4Mzg1MkNFNEI4ODVCNzc2 QTdDMUUzQjYwHhcNMjUwNzAzMDQ0NjUzWhcNMjUwNzEwMDQ0NjUzWjAYMRYwFAYD VQQDEw02ODY2MGIzZS1jNWI4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA28ljn92aLp+IZwGqpInguhB86rmGhQzmgNEdJ5W7fNQuukXtc31vQ5CD0v/W WPwcjExOzciqEF794lXwrqlHyGsOSUiJjOsLRDFdCNLJqmaIs/75VimfTeYgtT9r SzREi+c+xUVPAyOB8TnGn5x1wEHNlmK6NoM7z1+sIDQU64PXSN3yf4BpktqnL2Ol CYktypS8p6qltW4JwM+u7umJvr5ajCKgfp7+jLVFunVhkF73Atz7qNBUz5hcHq80 35Us4fT2iHoJpzYQgDrGY63d35qfzSNzFMooMlLEYKNydyJ6XxrbxSHTce+oXjec mwnKVjk7KUy98ttchIM/mXsfFQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA4LsQeN V+f+lMcjNz3nM7nq7U2sMB8GA1UdIwQYMBaAFJA3wLKeNwkqg4Us5LiFt3anweO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTdEMS9GMDUzNzc5NDkz QkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NTcURoU3prdUlXM2RxZkI0 N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tEZkFzcDQzQ1NxRGhTemt1SVczZHFmQjQ3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NTdEMS9GMDUzNzc5NDkzQkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NT cURoU3prdUlXM2RxZkI0N1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDBfqQ26PcXKdJwHf2WZzwDFhc35hY8CM0LLUZt+YV+lUNuLTXIhcYl tQpNu2c/QkIGNueURD0dd7o2ZbR26ywtwo/Aow6wkU/W+nHUB6YBuWH37iPvToH4 L4rLiUaVM7Y74wzJfM1TOq1CJhchRJ4U0E4v0ShnGImbgYBh4R2tEIPa0Ju8sAc2 uirD7Ol6tIpyqcsWXdN4S0lZ6Z6tjXRKEqByCkNL/SGtimEfDMM8QZay+b/wbn0f QF+TNcFJ4I2vmZGqjReyCvzq82PGyFlP/zR0qGSnCOQ9MNIDfg9x9F9v5DNShSWR H5tHkiKnJhx90DQpJsTiqAEnLdDJZ5wR -----END CERTIFICATE-----Generated at Thu Jul 3 09:05:12 2025 by rpki-client