$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft File: KgD9XV6u-B8ysAsuXILF7NrBJpM.mft (raw, json) Hash identifier: /XTYj4FN2u1p3wiNB64ik9NWJm0T6F2MUsN6Gh0zMQM= Subject key identifier: D6:B7:3B:0A:1F:A6:F6:83:6D:F8:B7:22:5C:BD:A6:D6:05:17:B7:57 Authority key identifier: 2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 Certificate issuer: /CN=A91B6B4B/serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Certificate serial: 22 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft Manifest number: 21 Signing time: Thu 03 Jul 2025 08:06:37 +0000 Manifest this update: Thu 03 Jul 2025 08:06:37 +0000 Manifest next update: Thu 10 Jul 2025 08:06:37 +0000 Files and hashes: 1: KgD9XV6u-B8ysAsuXILF7NrBJpM.crl (hash: /19dtALiW895eK/Pcqy3NLlJbCz2CA94IICopFb2kU8=) 2: B3F95F9A24C411F0A4C45287C4F9AE02.roa (hash: SpbPHZ/krAG/WpD65rr9pmBtHMuwVfhmB9bAKCP8oRU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 34 (0x22) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6B4B, serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Validity Not Before: Jul 3 08:06:37 2025 GMT Not After : Jul 10 08:06:37 2025 GMT Subject: CN=68663a0d-1ef4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:38:73:3e:cd:3f:76:fc:47:f2:19:5b:38:6d: 75:b7:51:fd:56:fa:1a:58:e9:4c:ef:b4:09:09:65: 0d:ca:85:65:f1:57:ce:94:56:3a:ca:1e:45:d3:c2: ec:8a:eb:10:d7:4f:58:83:cb:a9:34:88:38:c0:25: ab:91:c2:98:12:4d:d6:39:2d:75:9b:0f:58:bc:20: 3d:1b:f2:15:27:8b:c4:56:f1:ff:83:5f:d1:51:fc: e2:a2:65:7e:dc:73:5a:bc:85:c6:ff:95:18:13:7a: fc:bc:27:55:39:d6:4e:e2:33:0e:3c:b7:16:28:fd: 45:9b:de:98:cb:ae:7b:73:64:6e:3f:0c:4c:14:1b: b5:c9:0b:29:62:dc:17:06:38:c5:c4:75:3d:bc:d2: b8:99:89:20:ee:65:c6:c9:a0:80:a2:95:2f:36:65: 59:03:ce:d2:4e:0f:e8:94:f2:9e:78:f5:96:00:2e: 20:e4:2f:35:c5:0f:e9:28:b5:d7:b5:8d:93:ce:75: 42:18:96:88:8c:61:ca:69:07:27:9d:6b:f1:45:13: 5a:10:cf:4f:d5:9b:f9:2f:a9:f2:df:7d:17:06:c5: 39:16:02:0c:45:e1:4b:dd:2f:c8:b5:62:92:bb:b0: bb:af:2e:2e:4e:e0:30:22:68:d4:5d:86:b5:b1:e5: ad:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D6:B7:3B:0A:1F:A6:F6:83:6D:F8:B7:22:5C:BD:A6:D6:05:17:B7:57 X509v3 Authority Key Identifier: keyid:2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7c:fe:a9:08:81:9f:a3:0b:d6:18:b4:de:bf:0e:92:7f:53:15: 0c:d2:14:48:1c:f4:a7:ec:46:25:e2:3a:e6:14:e3:c2:1a:8d: 5d:c3:f0:26:ed:10:61:9e:5c:77:a3:84:36:e8:ed:0b:d7:08: 77:a4:9c:93:bf:f0:b9:6a:de:d1:3c:5d:a6:42:fb:91:fc:83: e7:41:02:61:f8:26:3b:d8:d3:d3:26:83:a2:03:a6:98:aa:84: c9:74:ba:67:54:73:3f:a8:5e:64:e8:d7:fa:01:1b:5b:a1:35: 59:bf:e6:51:2b:b6:89:5b:37:3f:87:aa:44:6d:e1:c3:32:7f: 38:6d:3a:20:30:48:d5:3c:7f:fe:d2:88:37:34:f2:ba:03:43: 8d:ab:6a:cf:7e:17:1f:8d:89:5a:b3:9c:1c:c2:20:3d:b0:d7: 7c:55:92:8a:ce:d5:ff:2c:ad:ff:f9:d9:28:c6:eb:f9:30:a8: 3f:bc:f8:b5:70:70:64:d9:81:d5:d3:be:20:79:47:53:57:b8: 4f:27:d3:6c:5a:4f:88:9d:99:96:2c:79:87:e6:0d:6c:11:20: b2:b1:7e:66:ae:76:e0:ad:b8:a2:57:7b:0a:96:a2:94:9e:8f: 01:8d:a7:b8:cd:30:39:8a:2f:18:69:f7:b7:f7:17:0b:08:39: ec:36:44:6f -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBIjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NkI0QjExMC8GA1UEBRMoMkEwMEZENUQ1RUFFRjgxRjMyQjAwQjJFNUM4MkM1RUNE QUMxMjY5MzAeFw0yNTA3MDMwODA2MzdaFw0yNTA3MTAwODA2MzdaMBgxFjAUBgNV BAMTDTY4NjYzYTBkLTFlZjQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDFOHM+zT92/EfyGVs4bXW3Uf1W+hpY6UzvtAkJZQ3KhWXxV86UVjrKHkXTwuyK 6xDXT1iDy6k0iDjAJauRwpgSTdY5LXWbD1i8ID0b8hUni8RW8f+DX9FR/OKiZX7c c1q8hcb/lRgTevy8J1U51k7iMw48txYo/UWb3pjLrntzZG4/DEwUG7XJCyli3BcG OMXEdT280riZiSDuZcbJoICilS82ZVkDztJOD+iU8p549ZYALiDkLzXFD+kotde1 jZPOdUIYloiMYcppByeda/FFE1oQz0/Vm/kvqfLffRcGxTkWAgxF4UvdL8i1YpK7 sLuvLi5O4DAiaNRdhrWx5a0jAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1rc7Ch+m 9oNt+LciXL2m1gUXt1cwHwYDVR0jBBgwFoAUKgD9XV6u+B8ysAsuXILF7NrBJpMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2QjRCL0JCNDJDMURFMjRD MzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4eXNBc3VYSUxGN05yQkpw TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS2dEOVhWNnUtQjh5c0FzdVhJTEY3TnJCSnBNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2 QjRCL0JCNDJDMURFMjRDMzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4 eXNBc3VYSUxGN05yQkpwTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAHz+qQiBn6ML1hi03r8Okn9TFQzSFEgc9KfsRiXiOuYU48IajV3D8Cbt EGGeXHejhDbo7QvXCHeknJO/8Llq3tE8XaZC+5H8g+dBAmH4JjvY09Mmg6IDppiq hMl0umdUcz+oXmTo1/oBG1uhNVm/5lErtolbNz+HqkRt4cMyfzhtOiAwSNU8f/7S iDc08roDQ42ras9+Fx+NiVqznBzCID2w13xVkorO1f8srf/52SjG6/kwqD+8+LVw cGTZgdXTviB5R1NXuE8n02xaT4idmZYseYfmDWwRILKxfmauduCtuKJXewqWopSe jwGNp7jNMDmKLxhp97f3FwsIOew2RG8= -----END CERTIFICATE-----Generated at Fri Jul 4 14:59:53 2025 by rpki-client