$ rpki-client -vvf rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft File: KgD9XV6u-B8ysAsuXILF7NrBJpM.mft (raw, json) Hash identifier: eN/iN9sLECXh0MFWsG6U8AVTk/SQgzb4fwGNP8zvOgI= Subject key identifier: 8B:09:36:50:9C:73:1C:E6:5F:85:E8:8A:A0:E6:8B:C5:FE:A9:B7:42 Authority key identifier: 2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 Certificate issuer: /CN=A91B6B4B/serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Certificate serial: 3C Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft Manifest number: 3B Signing time: Sat 23 Aug 2025 07:45:35 +0000 Manifest this update: Sat 23 Aug 2025 07:45:35 +0000 Manifest next update: Sat 30 Aug 2025 07:45:35 +0000 Files and hashes: 1: KgD9XV6u-B8ysAsuXILF7NrBJpM.crl (hash: GghqGk9FM4S/3/2w/J/LtORaRes8WY5xEOdGExpfD+I=) 2: B3F95F9A24C411F0A4C45287C4F9AE02.roa (hash: SpbPHZ/krAG/WpD65rr9pmBtHMuwVfhmB9bAKCP8oRU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 07:45:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 60 (0x3c) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B6B4B, serialNumber=2A00FD5D5EAEF81F32B00B2E5C82C5ECDAC12693 Validity Not Before: Aug 23 07:45:35 2025 GMT Not After : Aug 30 07:45:35 2025 GMT Subject: CN=68a9719f-6a31 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cc:40:b2:c5:b4:d1:70:41:e9:a0:fa:a7:52:b0: 56:1b:a6:ac:ad:2d:48:24:3e:6c:4d:b2:c1:83:84: 96:f2:88:07:5c:09:7c:18:bc:e0:8b:05:42:93:b3: e6:14:0f:d5:d4:8f:9b:5d:b0:ce:65:ec:f4:8e:78: 0e:5a:75:ba:69:1e:7e:46:28:0c:39:81:e3:c8:11: 7f:dd:7a:cc:74:49:88:b8:af:52:32:71:e7:7e:33: 3c:4b:6b:69:36:ad:07:58:8e:1a:63:68:c6:38:80: 75:a6:92:a9:b0:b2:19:b9:3a:8e:14:e1:d3:48:4d: de:34:0c:a5:6a:5c:60:5b:00:db:b0:d8:12:b7:e8: 14:59:92:26:f5:dc:65:fc:45:35:d0:5a:53:58:3d: d4:49:e8:5a:d5:c1:55:8c:05:52:d7:d5:f3:a3:e5: fe:cf:13:7a:f4:d4:df:f8:9b:a7:8a:0d:36:ba:f4: 29:57:8c:87:e3:7f:b5:71:87:63:7d:ed:c1:8f:42: 18:de:50:c5:7d:e0:ed:10:d1:cd:fc:29:4e:89:7d: 52:1d:a1:6f:52:f2:41:54:c5:f8:65:69:cb:34:0e: ff:4a:14:40:ba:1b:e1:c7:6d:92:2c:71:7b:5d:51: eb:a1:45:e1:8f:53:b5:f9:be:e4:cc:1c:8d:57:4d: f4:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8B:09:36:50:9C:73:1C:E6:5F:85:E8:8A:A0:E6:8B:C5:FE:A9:B7:42 X509v3 Authority Key Identifier: keyid:2A:00:FD:5D:5E:AE:F8:1F:32:B0:0B:2E:5C:82:C5:EC:DA:C1:26:93 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KgD9XV6u-B8ysAsuXILF7NrBJpM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B6B4B/BB42C1DE24C311F096C68481C4F9AE02/KgD9XV6u-B8ysAsuXILF7NrBJpM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 05:af:0d:5c:43:9f:c6:85:b0:71:59:82:70:6c:eb:30:f4:ea: 8f:89:f2:6e:81:25:69:10:33:15:08:1a:6e:5d:37:c7:a3:ed: 61:8b:53:77:b0:2e:e2:ab:c2:48:8b:70:13:52:99:25:44:74: 05:0f:a0:a1:87:58:50:ea:08:05:88:fa:67:ab:57:78:b5:ff: 41:6a:a5:7b:2d:bc:71:eb:43:3d:05:c4:a0:2b:84:4c:b7:9f: c0:32:8f:ba:d0:09:30:94:2c:3c:84:ed:3b:a2:b6:b5:6b:dc: 12:e6:12:e8:dd:d6:d8:df:93:b6:63:6b:21:f1:71:fd:9c:61: d3:af:a0:1c:24:55:76:f4:8c:18:2f:d1:7c:00:55:dd:a3:8f: 8f:51:90:7c:bb:27:56:42:68:35:95:fd:f0:55:55:ee:b5:3e: dc:a5:04:4f:c1:3a:95:f9:e8:fc:42:92:ef:cf:92:83:8d:27: 10:81:35:11:57:9b:df:03:7d:4e:22:ba:99:59:0a:09:d0:c8: e1:ad:1a:93:98:3f:a4:e4:2f:ee:bf:f7:22:71:a1:1d:82:1f: 99:e8:40:69:0c:42:b6:7c:d0:51:68:d9:ce:30:36:4c:a7:0d: 83:36:22:a4:58:2a:8f:de:cb:90:90:3e:80:5d:33:16:20:96: 80:c8:4d:8a -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPDANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFC NkI0QjExMC8GA1UEBRMoMkEwMEZENUQ1RUFFRjgxRjMyQjAwQjJFNUM4MkM1RUNE QUMxMjY5MzAeFw0yNTA4MjMwNzQ1MzVaFw0yNTA4MzAwNzQ1MzVaMBgxFjAUBgNV BAMTDTY4YTk3MTlmLTZhMzEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDMQLLFtNFwQemg+qdSsFYbpqytLUgkPmxNssGDhJbyiAdcCXwYvOCLBUKTs+YU D9XUj5tdsM5l7PSOeA5adbppHn5GKAw5gePIEX/desx0SYi4r1Iyced+MzxLa2k2 rQdYjhpjaMY4gHWmkqmwshm5Oo4U4dNITd40DKVqXGBbANuw2BK36BRZkib13GX8 RTXQWlNYPdRJ6FrVwVWMBVLX1fOj5f7PE3r01N/4m6eKDTa69ClXjIfjf7Vxh2N9 7cGPQhjeUMV94O0Q0c38KU6JfVIdoW9S8kFUxfhlacs0Dv9KFEC6G+HHbZIscXtd UeuhReGPU7X5vuTMHI1XTfSnAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUiwk2UJxz HOZfheiKoOaLxf6pt0IwHwYDVR0jBBgwFoAUKgD9XV6u+B8ysAsuXILF7NrBJpMw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2QjRCL0JCNDJDMURFMjRD MzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4eXNBc3VYSUxGN05yQkpw TS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS2dEOVhWNnUtQjh5c0FzdVhJTEY3TnJCSnBNLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUI2 QjRCL0JCNDJDMURFMjRDMzExRjA5NkM2ODQ4MUM0RjlBRTAyL0tnRDlYVjZ1LUI4 eXNBc3VYSUxGN05yQkpwTS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAAWvDVxDn8aFsHFZgnBs6zD06o+J8m6BJWkQMxUIGm5dN8ej7WGLU3ew LuKrwkiLcBNSmSVEdAUPoKGHWFDqCAWI+merV3i1/0FqpXstvHHrQz0FxKArhEy3 n8Ayj7rQCTCULDyE7TuitrVr3BLmEujd1tjfk7ZjayHxcf2cYdOvoBwkVXb0jBgv 0XwAVd2jj49RkHy7J1ZCaDWV/fBVVe61PtylBE/BOpX56PxCku/PkoONJxCBNRFX m98DfU4iuplZCgnQyOGtGpOYP6TkL+6/9yJxoR2CH5noQGkMQrZ80FFo2c4wNkyn DYM2IqRYKo/ey5CQPoBdMxYgloDITYo= -----END CERTIFICATE-----Generated at Sat Aug 23 12:50:23 2025 by rpki-client