$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: ORZ9Y0VKa3do9cZheWJa05bXFU2SqBCynjpd3crxqL8= Subject key identifier: 7B:94:3C:A0:0F:EC:40:65:C8:20:97:4A:F6:AD:DD:E3:D0:03:5A:F8 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 0274 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 0268 Signing time: Tue 01 Jul 2025 02:29:41 +0000 Manifest this update: Tue 01 Jul 2025 02:29:40 +0000 Manifest next update: Tue 08 Jul 2025 02:29:40 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: i8OpANgauofrq8U0ZdNnPK/hpkCYFMkejG8dPm9GuGk=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: bzrwDCcFjUbW1ddYfzBH2lmiEyj4Sa0r3rrfjXsh0+Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 02:29:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 628 (0x274) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Jul 1 02:29:40 2025 GMT Not After : Jul 8 02:29:40 2025 GMT Subject: CN=68634815-aa7d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:db:92:62:2f:fa:10:b1:26:2d:a8:8a:e7:9e:ea: 21:c6:c1:d6:b8:77:6d:ca:50:10:7f:9e:43:c8:42: c6:24:47:7a:c9:34:f7:c5:0c:c7:df:f6:74:92:71: 37:42:00:f7:a5:5c:b5:22:59:1f:d8:ec:1e:46:19: 13:68:d9:eb:ed:47:57:6d:36:c8:cb:49:54:e0:97: e4:a6:b7:de:cb:fe:e1:58:35:37:30:93:4c:0c:9e: 49:70:62:9f:82:f3:e5:00:d5:f3:9d:25:48:e9:e2: 5d:43:92:82:95:7e:88:cd:5b:fc:b7:37:9e:ea:4d: f1:68:fb:69:95:f4:83:2a:09:63:b2:1b:1b:10:2c: 9d:f5:be:08:7d:f5:a6:f0:39:b8:b6:63:35:bd:5b: 93:19:6f:51:f7:f7:bc:c3:14:b0:d5:66:a4:69:77: bb:51:ff:0c:e8:61:ed:ad:24:a9:44:0a:79:f6:86: 67:24:65:06:a7:e9:c4:11:16:82:f7:38:85:c6:16: 15:69:90:67:78:ac:ed:13:1f:ed:a8:3c:fe:b7:c1: 78:8e:06:da:61:00:e2:88:5a:14:05:80:96:b6:cb: d6:cf:d0:48:02:3a:c0:4f:43:9c:a9:e9:31:ca:25: a1:95:42:cd:af:a3:0d:6f:97:0d:4b:00:96:d5:ab: 73:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7B:94:3C:A0:0F:EC:40:65:C8:20:97:4A:F6:AD:DD:E3:D0:03:5A:F8 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:e2:3f:8b:af:27:1b:03:c3:d4:e1:9b:65:e6:06:c7:3b:62: 17:d4:c7:d4:d0:b0:d1:f3:6d:c4:1b:f1:4c:25:ef:cf:a0:76: 86:dc:e9:fb:d6:1e:48:7a:61:46:fa:ad:4f:ae:db:2d:8c:a6: 87:f7:60:49:16:bb:c7:90:09:7d:be:db:d2:3c:fd:30:dd:85: 7b:29:fd:2c:98:42:26:36:fa:c4:c3:56:3f:41:a8:b1:94:dd: 23:91:50:7e:4f:9f:19:9b:81:ff:75:b1:2d:da:1b:6f:75:04: e0:46:42:0d:6b:b5:f5:72:4e:31:fb:3a:9c:f8:57:ff:26:99: 26:4e:e6:36:03:88:70:08:b8:53:7d:d8:53:52:05:b7:1a:d2: da:bd:8e:5d:e4:be:78:b2:dc:e0:d1:7b:25:cf:af:b3:23:46: 24:80:d1:77:d1:5b:89:cd:37:69:4f:5a:f6:99:50:53:2d:42: 92:c8:1f:5f:08:9c:cf:96:36:53:7c:be:15:29:ec:08:da:2d: 72:fc:d4:d2:a6:ce:48:55:dd:ce:a9:13:e7:65:e9:2c:83:d6: 38:90:1e:2a:c3:66:29:b3:ef:60:47:cc:dd:e4:62:9c:cf:37: 59:f5:a6:03:5a:10:12:0f:e7:d1:73:db:2e:5c:18:da:9e:e3: 4f:26:bf:6f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUwNzAxMDIyOTQwWhcNMjUwNzA4MDIyOTQwWjAYMRYwFAYD VQQDEw02ODYzNDgxNS1hYTdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA25JiL/oQsSYtqIrnnuohxsHWuHdtylAQf55DyELGJEd6yTT3xQzH3/Z0knE3 QgD3pVy1Ilkf2OweRhkTaNnr7UdXbTbIy0lU4Jfkprfey/7hWDU3MJNMDJ5JcGKf gvPlANXznSVI6eJdQ5KClX6IzVv8tzee6k3xaPtplfSDKgljshsbECyd9b4IffWm 8Dm4tmM1vVuTGW9R9/e8wxSw1WakaXe7Uf8M6GHtrSSpRAp59oZnJGUGp+nEERaC 9ziFxhYVaZBneKztEx/tqDz+t8F4jgbaYQDiiFoUBYCWtsvWz9BIAjrAT0Ocqekx yiWhlULNr6MNb5cNSwCW1atzpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHuUPKAP 7EBlyCCXSvat3ePQA1r4MB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAg4j+LrycbA8PU4Ztl5gbHO2IX1MfU0LDR823EG/FMJe/PoHaG3On7 1h5IemFG+q1PrtstjKaH92BJFrvHkAl9vtvSPP0w3YV7Kf0smEImNvrEw1Y/Qaix lN0jkVB+T58Zm4H/dbEt2htvdQTgRkINa7X1ck4x+zqc+Ff/JpkmTuY2A4hwCLhT fdhTUgW3GtLavY5d5L54stzg0Xslz6+zI0YkgNF30VuJzTdpT1r2mVBTLUKSyB9f CJzPljZTfL4VKewI2i1y/NTSps5IVd3OqRPnZeksg9Y4kB4qw2Yps+9gR8zd5GKc zzdZ9aYDWhASD+fRc9suXBjanuNPJr9v -----END CERTIFICATE-----Generated at Wed Jul 2 14:38:52 2025 by rpki-client