$ rpki-client -vvf rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft File: kfPcWc0PodJBy3h1fR2qksKsn2A.mft (raw, json) Hash identifier: evHi1I0I7UN5GkabpQxaCJ0YSyU99icUm2mbx0h2JpM= Subject key identifier: 60:70:62:E0:F4:E7:C3:F2:65:C6:FE:F1:05:2B:71:06:37:75:01:3A Authority key identifier: 91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 Certificate issuer: /CN=A91A0432/serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Certificate serial: 03BD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft Manifest number: 03B6 Signing time: Sat 23 Aug 2025 00:58:54 +0000 Manifest this update: Sat 23 Aug 2025 00:58:53 +0000 Manifest next update: Sat 30 Aug 2025 00:58:53 +0000 Files and hashes: 1: kfPcWc0PodJBy3h1fR2qksKsn2A.crl (hash: L/KBufqK1T0mnUw97LCOxJ4ELg8cnaUrFTCAV48bs8M=) 2: 4114509A597511EFA2B79A84C4F9AE02.roa (hash: 8U+UsiCXDKifnoegufsPJKGalX6CUXoFX96X70pYMYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 00:58:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 957 (0x3bd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A0432, serialNumber=91F3DC59CD0FA1D241CB78757D1DAA92C2AC9F60 Validity Not Before: Aug 23 00:58:53 2025 GMT Not After : Aug 30 00:58:53 2025 GMT Subject: CN=68a9124e-c889 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bd:3b:cf:a9:c5:c6:70:5f:25:25:3b:90:c4:59: a1:18:f9:75:83:2e:87:80:fc:f3:27:86:ee:24:11: b1:7c:9a:ee:1a:8e:70:6e:fa:e1:43:36:c8:89:b0: 17:65:f0:63:49:25:a6:11:f1:df:48:21:a8:20:6c: ef:ef:f8:9c:80:8b:89:cc:e1:4f:e3:42:ed:81:35: 54:8c:ba:54:ae:ba:ec:48:9e:b6:c9:bb:b0:41:23: 45:9a:3a:15:b9:e4:3f:f8:37:6a:fa:7a:52:28:43: bb:c2:33:0f:fc:4b:2a:38:02:5c:eb:b6:95:3d:87: eb:08:4a:e5:37:26:6e:61:6a:e7:5f:92:e7:42:c6: c0:02:c5:a9:ee:aa:57:18:97:96:37:31:55:72:f2: ab:a9:21:ed:65:34:22:28:d0:e3:f4:21:29:4b:fe: 58:41:34:9c:04:5e:4c:10:67:63:58:dd:67:bc:bc: 7e:24:23:32:26:c7:3f:e6:62:c9:85:4b:5b:7d:c6: 53:38:8d:5a:dc:45:f6:df:c1:1c:e0:71:77:ec:09: 2d:18:31:04:29:b9:0c:63:31:a5:31:6e:eb:06:8b: 9d:de:62:b8:35:f7:43:6f:25:6c:81:bc:af:a9:d6: 00:76:9e:2c:8d:b7:4b:47:fc:49:89:52:3c:74:03: 4a:65 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 60:70:62:E0:F4:E7:C3:F2:65:C6:FE:F1:05:2B:71:06:37:75:01:3A X509v3 Authority Key Identifier: keyid:91:F3:DC:59:CD:0F:A1:D2:41:CB:78:75:7D:1D:AA:92:C2:AC:9F:60 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kfPcWc0PodJBy3h1fR2qksKsn2A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A0432/F5BF699CA4CA11ECAC4E5744C4F9AE02/kfPcWc0PodJBy3h1fR2qksKsn2A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1f:92:bd:21:14:68:b8:93:ef:0b:7c:86:dd:90:00:ef:56:ce: 77:aa:fa:8c:8b:22:be:ed:60:c0:87:42:b2:74:42:9b:ed:d0: 47:ec:2a:60:90:e1:09:7a:a7:b0:1d:3c:95:58:47:71:69:06: dd:47:5b:b4:d5:91:12:b2:9b:3d:66:27:85:b2:09:97:c7:94: 7f:d5:59:d5:11:42:cc:36:8d:dd:10:0f:28:09:a6:c1:d7:42: 55:3e:ca:5a:c6:e0:63:d4:bb:20:ac:0d:7a:2a:7d:84:e7:80: f3:5d:fe:1f:57:8b:1a:95:4a:90:2a:81:bf:70:f0:ed:3e:e8: 82:23:01:6b:ff:95:34:96:fa:f4:dd:ac:2f:47:d6:f2:84:75: 46:5e:4d:ca:6f:4c:4b:af:84:0a:f6:7d:3b:91:0f:44:ad:18: 8f:05:0f:f4:83:a2:60:21:0f:b6:ee:ef:39:b3:d0:98:4e:36: 9d:ef:e4:94:be:0a:0d:f7:d0:a9:5a:57:5f:6d:d2:c6:76:00: 26:63:3c:0d:76:d7:b0:37:16:aa:9c:1d:08:42:e4:6f:73:03: a4:27:1e:d6:65:8e:b6:87:6a:48:78:a0:50:29:f3:34:5c:28: 8b:e2:0e:53:de:bc:82:b2:2a:cf:97:1c:24:cc:3b:e6:2d:76: 1e:c9:db:2a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA70wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTA0MzIxMTAvBgNVBAUTKDkxRjNEQzU5Q0QwRkExRDI0MUNCNzg3NTdEMURBQTky QzJBQzlGNjAwHhcNMjUwODIzMDA1ODUzWhcNMjUwODMwMDA1ODUzWjAYMRYwFAYD VQQDEw02OGE5MTI0ZS1jODg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvTvPqcXGcF8lJTuQxFmhGPl1gy6HgPzzJ4buJBGxfJruGo5wbvrhQzbIibAX ZfBjSSWmEfHfSCGoIGzv7/icgIuJzOFP40LtgTVUjLpUrrrsSJ62ybuwQSNFmjoV ueQ/+Ddq+npSKEO7wjMP/EsqOAJc67aVPYfrCErlNyZuYWrnX5LnQsbAAsWp7qpX GJeWNzFVcvKrqSHtZTQiKNDj9CEpS/5YQTScBF5MEGdjWN1nvLx+JCMyJsc/5mLJ hUtbfcZTOI1a3EX238Ec4HF37AktGDEEKbkMYzGlMW7rBoud3mK4NfdDbyVsgbyv qdYAdp4sjbdLR/xJiVI8dANKZQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGBwYuD0 58PyZcb+8QUrcQY3dQE6MB8GA1UdIwQYMBaAFJHz3FnND6HSQct4dX0dqpLCrJ9g MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMDQzMi9GNUJGNjk5Q0E0 Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9kSkJ5M2gxZlIycWtzS3Nu MkEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tmUGNXYzBQb2RKQnkzaDFmUjJxa3NLc24yQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MDQzMi9GNUJGNjk5Q0E0Q0ExMUVDQUM0RTU3NDRDNEY5QUUwMi9rZlBjV2MwUG9k SkJ5M2gxZlIycWtzS3NuMkEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAfkr0hFGi4k+8LfIbdkADvVs53qvqMiyK+7WDAh0KydEKb7dBH7Cpg kOEJeqewHTyVWEdxaQbdR1u01ZESsps9ZieFsgmXx5R/1VnVEULMNo3dEA8oCabB 10JVPspaxuBj1LsgrA16Kn2E54DzXf4fV4salUqQKoG/cPDtPuiCIwFr/5U0lvr0 3awvR9byhHVGXk3Kb0xLr4QK9n07kQ9ErRiPBQ/0g6JgIQ+27u85s9CYTjad7+SU vgoN99CpWldfbdLGdgAmYzwNdtewNxaqnB0IQuRvcwOkJx7WZY62h2pIeKBQKfM0 XCiL4g5T3ryCsirPlxwkzDvmLXYeydsq -----END CERTIFICATE-----Generated at Sun Aug 24 06:47:47 2025 by rpki-client