$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft File: KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft (raw, json) Hash identifier: ios5VeWiOCiSVGRFAHScuCjUIM6L+8heja2phEOh6rw= Subject key identifier: 3F:3D:8C:8E:85:3A:C5:49:70:20:9F:56:AC:BE:CF:40:38:96:15:87 Authority key identifier: 2A:45:A4:1D:60:E2:F1:04:D3:DD:39:C8:6F:14:BC:59:00:88:3F:4B Certificate issuer: /CN=A91A4287/serialNumber=2A45A41D60E2F104D3DD39C86F14BC5900883F4B Certificate serial: 52 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft Manifest number: 51 Signing time: Sat 23 Aug 2025 07:30:56 +0000 Manifest this update: Sat 23 Aug 2025 07:30:56 +0000 Manifest next update: Sat 30 Aug 2025 07:30:56 +0000 Files and hashes: 1: KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl (hash: smO8xd3fzApvCmkbDvOPxTlsgOgApUhoQ9EN3cmBgWQ=) 2: 8CC07FC0047211F0A6541526C4F9AE02.roa (hash: PgYYJ9/o38WTea0u5fJFPWCIw+78oj+kOWm1Hogb3eo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:30:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 82 (0x52) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4287, serialNumber=2A45A41D60E2F104D3DD39C86F14BC5900883F4B Validity Not Before: Aug 23 07:30:56 2025 GMT Not After : Aug 30 07:30:56 2025 GMT Subject: CN=68a96e30-84be Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a1:cf:be:e1:21:48:06:6c:a0:ce:75:17:c3:cd: fa:82:99:bf:72:90:91:10:d1:0b:46:33:74:be:14: c4:00:66:62:9b:98:ce:5d:d0:85:73:db:17:a0:b4: 82:17:72:1e:aa:64:23:71:b4:36:a5:ad:ff:9d:9d: 6b:ae:cf:07:c1:50:c9:9f:bd:75:f6:77:31:74:f3: 37:c4:f5:98:d9:20:36:78:1b:bd:67:87:62:f9:99: 28:dd:6a:f6:1f:8e:ea:2d:b4:78:e9:e1:f3:a7:7c: 8b:15:0b:9f:94:bc:dc:57:c5:28:5c:09:14:74:e7: 48:94:c1:de:b1:ee:4e:5a:d5:7f:34:90:1d:0b:a1: c9:f4:57:ab:b3:ae:6e:76:b5:92:04:34:3d:3a:97: 8c:46:a7:6f:cc:4c:d1:88:43:68:88:37:0f:ea:c9: 57:ef:7b:f5:c1:d0:71:0e:35:0a:f2:60:a1:02:f9: 9e:8a:83:25:10:8b:f4:ea:3d:a8:ea:71:ea:87:42: 68:07:96:ca:02:43:89:db:33:91:75:7d:e7:5a:69: 88:af:90:96:5f:b7:02:3a:23:65:08:ab:3c:04:39: 70:a1:bd:0b:8b:b1:01:d2:43:c3:ca:e6:13:df:98: 8c:d0:59:f0:9d:13:6d:b7:0d:32:4b:d1:22:3b:c2: b7:33 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3F:3D:8C:8E:85:3A:C5:49:70:20:9F:56:AC:BE:CF:40:38:96:15:87 X509v3 Authority Key Identifier: keyid:2A:45:A4:1D:60:E2:F1:04:D3:DD:39:C8:6F:14:BC:59:00:88:3F:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a2:dd:27:4d:84:64:d2:c7:68:f2:88:bd:06:4d:f8:18:60:5c: f2:f1:30:a7:9a:ad:fc:e0:f5:a8:8e:93:85:b8:8b:b5:c2:2e: 3d:f2:bb:23:24:fd:c7:f9:f3:dd:86:78:25:c3:a9:de:0e:af: 78:d3:54:e1:d9:08:b1:fd:02:2a:fb:68:95:36:13:af:29:ed: 4d:68:0b:a8:96:5b:89:2e:88:1f:09:16:61:f2:2f:d8:3e:52: 74:e9:d6:07:37:5a:cd:fc:08:19:5f:e9:99:81:e1:64:92:01: dd:2f:e6:a1:e4:da:49:28:fc:45:3c:a6:86:36:43:12:9d:28: 64:35:a7:12:2c:71:c5:6d:81:34:61:d8:f6:e3:87:39:48:63: b1:f9:72:18:ea:f7:6b:a6:c8:74:06:35:17:15:15:36:11:9c: 4c:19:dd:c3:92:59:21:be:82:7c:d9:f3:78:49:ce:a4:fa:43: f0:99:c3:a3:0d:30:b7:22:9c:0a:57:7b:ab:dc:40:63:03:e7: 31:62:37:77:3c:ab:3f:fe:48:81:52:e0:40:9d:58:6a:1d:07: b2:e7:0c:ed:60:ea:ec:2e:6b:e0:aa:41:f3:27:5e:eb:df:3b: 8b:d8:e0:7f:3e:ef:7e:46:96:8d:14:5f:e4:be:9e:c8:5e:3d: 2f:84:0f:06 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBUjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDI4NzExMC8GA1UEBRMoMkE0NUE0MUQ2MEUyRjEwNEQzREQzOUM4NkYxNEJDNTkw MDg4M0Y0QjAeFw0yNTA4MjMwNzMwNTZaFw0yNTA4MzAwNzMwNTZaMBgxFjAUBgNV BAMTDTY4YTk2ZTMwLTg0YmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQChz77hIUgGbKDOdRfDzfqCmb9ykJEQ0QtGM3S+FMQAZmKbmM5d0IVz2xegtIIX ch6qZCNxtDalrf+dnWuuzwfBUMmfvXX2dzF08zfE9ZjZIDZ4G71nh2L5mSjdavYf juottHjp4fOnfIsVC5+UvNxXxShcCRR050iUwd6x7k5a1X80kB0Locn0V6uzrm52 tZIEND06l4xGp2/MTNGIQ2iINw/qyVfve/XB0HEONQryYKEC+Z6KgyUQi/TqPajq ceqHQmgHlsoCQ4nbM5F1fedaaYivkJZftwI6I2UIqzwEOXChvQuLsQHSQ8PK5hPf mIzQWfCdE223DTJL0SI7wrczAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUPz2MjoU6 xUlwIJ9WrL7PQDiWFYcwHwYDVR0jBBgwFoAUKkWkHWDi8QTT3TnIbxS8WQCIP0sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0Mjg3LzM3Mjc4QzE2MDQ2 RDExRjBCNzdEMDM2MUM0RjlBRTAyL0trV2tIV0RpOFFUVDNUbklieFM4V1FDSVAw cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2tXa0hXRGk4UVRUM1RuSWJ4UzhXUUNJUDBzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0 Mjg3LzM3Mjc4QzE2MDQ2RDExRjBCNzdEMDM2MUM0RjlBRTAyL0trV2tIV0RpOFFU VDNUbklieFM4V1FDSVAwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKLdJ02EZNLHaPKIvQZN+BhgXPLxMKearfzg9aiOk4W4i7XCLj3yuyMk /cf5892GeCXDqd4Or3jTVOHZCLH9Air7aJU2E68p7U1oC6iWW4kuiB8JFmHyL9g+ UnTp1gc3Ws38CBlf6ZmB4WSSAd0v5qHk2kko/EU8poY2QxKdKGQ1pxIsccVtgTRh 2PbjhzlIY7H5chjq92umyHQGNRcVFTYRnEwZ3cOSWSG+gnzZ83hJzqT6Q/CZw6MN MLcinApXe6vcQGMD5zFiN3c8qz/+SIFS4ECdWGodB7LnDO1g6uwua+CqQfMnXuvf O4vY4H8+735Glo0UX+S+nshePS+EDwY= -----END CERTIFICATE-----Generated at Sat Aug 23 20:26:02 2025 by rpki-client