$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft File: KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft (raw, json) Hash identifier: ztKtBsKl4FczmxAMTI2tifnNprDLl5QyJ+91OGqSxNc= Subject key identifier: 01:42:73:E4:54:53:E3:5B:BC:02:D5:E5:8A:C5:05:E0:B0:5C:AB:66 Authority key identifier: 29:0C:40:10:FA:DC:47:69:47:E0:09:3F:43:F7:00:4F:0D:7C:5C:1C Certificate issuer: /CN=A91A3456/serialNumber=290C4010FADC476947E0093F43F7004F0D7C5C1C Certificate serial: 0B21 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft Manifest number: 0B1B Signing time: Wed 02 Jul 2025 19:28:24 +0000 Manifest this update: Wed 02 Jul 2025 19:28:23 +0000 Manifest next update: Wed 09 Jul 2025 19:28:23 +0000 Files and hashes: 1: KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl (hash: Swbrp10BAyPAp8DjGVzP+s2xzsSmuwCujvwNZRB9cmE=) 2: 496096EE41A311EABAADCE0AC4F9AE02.roa (hash: c6hB6o27DTn4G9KshxwwCrACiildcNHuM9kyD7kWDTE=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 19:28:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2849 (0xb21) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3456, serialNumber=290C4010FADC476947E0093F43F7004F0D7C5C1C Validity Not Before: Jul 2 19:28:23 2025 GMT Not After : Jul 9 19:28:23 2025 GMT Subject: CN=68658857-006a Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:4c:6b:ee:48:ae:a8:ff:9b:40:a5:89:3c:cd: 29:19:4c:5e:e2:65:c0:8b:1b:30:3c:14:b2:4e:b5: 16:85:5e:49:d5:69:d5:5f:c5:08:0e:81:e1:8b:c3: 9c:d0:3b:0b:16:5c:89:0c:4b:5b:21:82:da:f5:8e: 08:9b:95:c1:dd:19:38:e2:f2:eb:cc:e0:a9:c9:72: 4a:6f:45:f7:3a:e3:38:60:f4:bb:3a:26:06:2a:e8: 6a:1a:9f:19:84:59:c2:2b:f0:dd:f3:61:8d:e7:69: d8:fb:05:3e:2c:71:99:8d:d2:49:40:1c:a6:ee:ae: ea:69:52:7d:bb:b7:a8:49:9a:78:77:39:c9:48:17: 89:f3:14:f2:86:42:ef:ab:13:0c:44:14:49:6b:6b: 10:7b:10:79:d9:c4:16:4e:6d:43:68:e5:92:1e:06: 34:c9:1e:de:c7:7d:38:b9:30:20:d5:82:11:a5:9b: 3e:75:c8:e6:34:a7:15:93:bc:da:e8:38:c5:dc:11: 6d:a1:6e:81:63:e2:12:86:fb:4c:22:65:e1:a6:d4: 53:8a:00:3b:84:57:b3:26:ac:72:67:80:19:37:3a: 60:e0:d9:80:19:00:93:db:6f:24:71:5c:01:36:4e: e7:76:75:e8:f0:69:41:ab:ce:cc:b1:62:fd:f5:64: f9:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 01:42:73:E4:54:53:E3:5B:BC:02:D5:E5:8A:C5:05:E0:B0:5C:AB:66 X509v3 Authority Key Identifier: keyid:29:0C:40:10:FA:DC:47:69:47:E0:09:3F:43:F7:00:4F:0D:7C:5C:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 80:6d:36:92:f9:d3:9f:24:90:c3:4a:1f:2e:08:02:eb:05:27: 31:97:52:14:a9:ce:ad:7b:ea:b6:05:83:22:54:fc:d8:b7:2a: 7b:5f:72:5b:a5:3c:79:09:35:c0:f3:d0:06:3d:74:23:3d:e8: e9:f6:ba:d9:90:ff:77:f7:99:92:8c:55:6f:41:c7:3a:3a:4d: 7e:a9:81:a4:89:d7:7e:5f:05:6d:02:a6:cf:e5:29:95:20:74: c1:93:a3:6b:64:7e:bd:0a:3b:f1:32:6d:d5:ce:08:68:93:82: a4:cc:19:73:d6:3d:08:2c:1f:a5:ef:b7:44:0a:ab:32:21:c9: 27:79:f5:7a:80:fa:cf:09:ed:8e:37:50:b4:b3:e6:f0:81:a4: a1:77:32:93:5d:a8:30:93:2e:e8:08:71:e1:4f:c2:a4:be:a1: a1:84:4a:d2:04:27:1f:3b:8d:65:a5:2f:3d:35:70:f5:0c:65: 11:44:4f:20:d3:0f:f7:a5:9a:a4:22:69:79:5d:a0:55:51:73: 2b:ed:fc:ca:7e:3e:03:b3:7f:95:81:70:2f:bb:51:29:84:1d: 86:fa:e5:99:09:90:fd:02:ec:56:f8:66:51:72:78:30:71:7a: f3:81:b0:b0:1f:6a:d2:8f:96:f8:43:84:93:68:e1:b3:6f:d6: 0a:46:6f:47 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCyEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM0NTYxMTAvBgNVBAUTKDI5MEM0MDEwRkFEQzQ3Njk0N0UwMDkzRjQzRjcwMDRG MEQ3QzVDMUMwHhcNMjUwNzAyMTkyODIzWhcNMjUwNzA5MTkyODIzWjAYMRYwFAYD VQQDEw02ODY1ODg1Ny0wMDZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt0xr7kiuqP+bQKWJPM0pGUxe4mXAixswPBSyTrUWhV5J1WnVX8UIDoHhi8Oc 0DsLFlyJDEtbIYLa9Y4Im5XB3Rk44vLrzOCpyXJKb0X3OuM4YPS7OiYGKuhqGp8Z hFnCK/Dd82GN52nY+wU+LHGZjdJJQBym7q7qaVJ9u7eoSZp4dznJSBeJ8xTyhkLv qxMMRBRJa2sQexB52cQWTm1DaOWSHgY0yR7ex304uTAg1YIRpZs+dcjmNKcVk7za 6DjF3BFtoW6BY+IShvtMImXhptRTigA7hFezJqxyZ4AZNzpg4NmAGQCT228kcVwB Nk7ndnXo8GlBq87MsWL99WT5SwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAFCc+RU U+NbvALV5YrFBeCwXKtmMB8GA1UdIwQYMBaAFCkMQBD63EdpR+AJP0P3AE8NfFwc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzQ1Ni82QzI3RjI1QTQx QTExMUVBQTQ3RDFFODZDNEY5QUUwMi9LUXhBRVByY1IybEg0QWtfUV9jQVR3MThY QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tReEFFUHJjUjJsSDRBa19RX2NBVHcxOFhCdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MzQ1Ni82QzI3RjI1QTQxQTExMUVBQTQ3RDFFODZDNEY5QUUwMi9LUXhBRVByY1Iy bEg0QWtfUV9jQVR3MThYQncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCAbTaS+dOfJJDDSh8uCALrBScxl1IUqc6te+q2BYMiVPzYtyp7X3Jb pTx5CTXA89AGPXQjPejp9rrZkP9395mSjFVvQcc6Ok1+qYGkidd+XwVtAqbP5SmV IHTBk6NrZH69CjvxMm3Vzghok4KkzBlz1j0ILB+l77dECqsyIcknefV6gPrPCe2O N1C0s+bwgaShdzKTXagwky7oCHHhT8KkvqGhhErSBCcfO41lpS89NXD1DGURRE8g 0w/3pZqkIml5XaBVUXMr7fzKfj4Ds3+VgXAvu1EphB2G+uWZCZD9AuxW+GZRcngw cXrzgbCwH2rSj5b4Q4STaOGzb9YKRm9H -----END CERTIFICATE-----Generated at Thu Jul 3 10:21:14 2025 by rpki-client