$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft File: kfPcWc0PodJBy3h1fR2qksKsn2A.mft (raw, json) Hash identifier: VqzxkUtjj9P21cuvV9jjIiaoLikbeJfZs4HUxPe/kMg= Subject key identifier: A5:10:0B:C3:35:AA:0B:BD:C3:1D:C9:FB:2B:3B:95:A6:08:21:BC:FD Authority key identifier: 91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 Certificate issuer: /CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Certificate serial: 03A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft Manifest number: 039D Signing time: Sat 05 Jul 2025 01:20:45 +0000 Manifest this update: Sat 05 Jul 2025 01:20:45 +0000 Manifest next update: Sat 12 Jul 2025 01:20:45 +0000 Files and hashes: 1: kfPcWc0PodJBy3h1fR2qksKsn2A.crl (hash: 54aoanANLDKnZCTtS3sNNCVZJdUOYNp0yi5tJ+qDNFA=) 2: 4114509A597511EFA2B79A84C4F9AE02.roa (hash: 8U+UsiCXDKifnoegufsPJKGalX6CUXoFX96X70pYMYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 932 (0x3a4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0432, serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Validity Not Before: Jul 5 01:20:45 2025 GMT Not After : Jul 12 01:20:45 2025 GMT Subject: CN=68687ded-12e2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:da:83:2d:73:9d:20:f7:7f:68:e1:e3:a1:6b: 0b:01:82:fe:0b:11:ca:b4:74:bf:6e:27:1d:24:49: 43:86:0c:80:54:ec:9f:9e:1c:77:f7:3a:5d:c7:9f: 1e:a0:06:c4:93:83:ad:09:6a:af:fc:a1:6f:34:57: 42:d0:ad:14:4f:76:89:2a:f7:33:a8:6f:93:d0:aa: e7:e7:9d:96:d2:f8:ce:ad:b0:87:03:fc:15:51:13: 12:65:61:97:82:d2:c1:3d:38:4d:c6:ce:6c:bf:ea: 8a:e9:c0:77:bd:11:03:38:e9:e4:e3:f7:aa:eb:a9: 6e:66:ae:a1:d1:55:a1:5f:6f:b6:f0:c6:d8:5d:2b: 49:a6:f1:05:55:d1:98:ff:b9:87:07:49:9b:30:b7: 6e:75:a5:85:a1:41:63:96:cb:82:d5:a3:e6:aa:3f: 82:c5:4b:92:e5:b0:f1:9f:5c:23:84:22:e1:5b:68: 97:b9:01:01:29:eb:8e:1f:c2:66:53:bd:9d:0c:38: f6:22:9a:ac:b2:4f:19:e0:6a:48:48:a7:47:d5:2e: 57:43:f7:95:12:1c:3e:da:0d:ac:d2:0a:62:da:d1: 15:11:79:80:30:82:d1:c0:9f:04:07:da:d0:a9:9d: 97:a0:16:09:e1:f5:fd:97:96:71:ac:f7:d8:e5:cc: a6:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:10:0B:C3:35:AA:0B:BD:C3:1D:C9:FB:2B:3B:95:A6:08:21:BC:FD X509v3 Authority Key Identifier: keyid:91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:07:71:6f:4d:d0:71:c8:6a:7b:42:a3:d0:69:4c:70:61:c4: 5e:8d:2b:d9:a8:73:be:e8:db:ae:4c:2e:51:d7:42:a5:a1:42: 53:e2:c9:aa:85:3f:b8:f4:c1:70:d7:1d:d3:e7:8c:93:f4:2a: 49:61:f3:63:6e:e6:bd:69:62:11:5b:2e:99:be:bd:70:cc:9e: 7c:68:d3:5b:42:b1:c4:34:70:ea:a2:7a:84:6c:4d:0d:ac:3c: 01:b7:fb:bb:4f:51:b6:1b:c3:83:45:89:9f:b1:75:1d:c2:01: 22:07:78:2a:f9:d9:63:12:a4:7e:bc:cd:10:30:66:32:ab:37: f2:8b:ae:57:97:ea:73:bd:57:bc:42:d1:e1:a5:2a:48:5c:ac: 45:67:a0:5e:7f:94:f8:33:d4:61:18:44:7d:c6:01:d2:f9:44: 60:13:a8:0e:c0:6d:a7:e3:f7:cd:7a:04:dc:c4:67:08:ba:8f: ab:46:17:03:d8:f0:3a:37:ae:32:7f:c0:ec:86:9a:19:0c:04: be:87:2c:81:3a:5b:86:38:0e:fa:cd:cf:5c:e6:97:36:f0:e2: ef:c9:73:7c:3e:c1:29:db:ac:76:37:d7:e8:5a:eb:7f:4a:ea: 3e:73:12:6b:d8:3e:86:7a:57:b7:5e:fa:05:f5:b3:8c:be:0d: e0:b4:0d:e1 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA6QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA0MzIxMTAvBgNVBAUTKDkxRjNEQzU5Q0QwRkExRDI0MUNCNzg3NTdEMURBQTky QzJBQzlGNjAwHhcNMjUwNzA1MDEyMDQ1WhcNMjUwNzEyMDEyMDQ1WjAYMRYwFAYD VQQDEw02ODY4N2RlZC0xMmUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1dqDLXOdIPd/aOHjoWsLAYL+CxHKtHS/bicdJElDhgyAVOyfnhx39zpdx58e oAbEk4OtCWqv/KFvNFdC0K0UT3aJKvczqG+T0Krn552W0vjOrbCHA/wVURMSZWGX gtLBPThNxs5sv+qK6cB3vREDOOnk4/eq66luZq6h0VWhX2+28MbYXStJpvEFVdGY /7mHB0mbMLdudaWFoUFjlsuC1aPmqj+CxUuS5bDxn1wjhCLhW2iXuQEBKeuOH8Jm U72dDDj2Ipqssk8Z4GpISKdH1S5XQ/eVEhw+2g2s0gpi2tEVEXmAMILRwJ8EB9rQ qZ2XoBYJ4fX9l5ZxrPfY5cym5QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKUQC8M1 qgu9wx3J+ys7laYIIbz9MB8GA1UdIwQYMBaAFJHz3FnND6HSQct4dX0dqpLCrJ9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9GNUJGNjk5Q0E0 Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9kSkJ5M2gxZlIycWtzS3Nu MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tmUGNXYzBQb2RKQnkzaDFmUjJxa3NLc24yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDQzMi9GNUJGNjk5Q0E0Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9k SkJ5M2gxZlIycWtzS3NuMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMB3FvTdBxyGp7QqPQaUxwYcRejSvZqHO+6NuuTC5R10KloUJT4smq hT+49MFw1x3T54yT9CpJYfNjbua9aWIRWy6Zvr1wzJ58aNNbQrHENHDqonqEbE0N rDwBt/u7T1G2G8ODRYmfsXUdwgEiB3gq+dljEqR+vM0QMGYyqzfyi65Xl+pzvVe8 QtHhpSpIXKxFZ6Bef5T4M9RhGER9xgHS+URgE6gOwG2n4/fNegTcxGcIuo+rRhcD 2PA6N64yf8DshpoZDAS+hyyBOluGOA76zc9c5pc28OLvyXN8PsEp26x2N9foWut/ Suo+cxJr2D6Gele3XvoF9bOMvg3gtA3h -----END CERTIFICATE-----Generated at Sat Jul 5 11:45:13 2025 by rpki-client