$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: PEK7TxWfDbttP1pWTbtXSg8/6ZLn5I8OPhpg8yTdY1Y= Subject key identifier: 3C:98:A3:A1:69:F2:02:7C:98:80:25:B6:90:2D:15:A0:79:70:43:23 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 028F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 0283 Signing time: Sat 23 Aug 2025 01:56:54 +0000 Manifest this update: Sat 23 Aug 2025 01:56:54 +0000 Manifest next update: Sat 30 Aug 2025 01:56:54 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: gzd4LISyK/kFPWYIrSwdoNfQJuBXbDQfkoHMkPU3kCk=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: bzrwDCcFjUbW1ddYfzBH2lmiEyj4Sa0r3rrfjXsh0+Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 01:56:53 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 655 (0x28f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Aug 23 01:56:54 2025 GMT Not After : Aug 30 01:56:54 2025 GMT Subject: CN=68a91fe6-9573 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:43:e4:03:9d:57:e6:aa:24:5e:95:8a:ec:19: c5:57:2b:79:8d:15:41:d8:3c:d9:9f:7b:1a:3a:6d: 0b:96:50:be:d2:72:c8:c9:b0:8a:96:7c:a1:d1:df: 0c:41:c0:b7:e7:fc:74:43:7f:19:8c:df:c2:25:58: 9f:65:48:aa:68:2e:27:47:ea:72:47:67:df:44:f1: f7:ac:90:0b:35:aa:a2:c2:01:ec:dc:2d:c1:2a:fe: c3:20:17:cb:e5:0c:07:2d:79:d0:4f:18:8b:85:69: f6:38:d5:16:fd:c0:85:c7:d6:cd:7e:0c:0a:1a:42: b1:8e:8a:e7:31:a9:0f:b2:92:2d:00:cf:a7:33:4c: 39:3f:5d:17:81:39:46:99:e8:a8:23:35:e2:9e:d0: 00:29:4a:52:0c:70:c2:29:74:ee:7e:24:6f:35:f9: e8:55:99:95:15:7d:b5:55:3a:35:1f:90:df:20:66: f2:a2:4e:19:fa:70:39:4a:39:bc:84:d6:f0:8a:14: fe:a5:95:84:5f:8a:52:9f:71:62:76:88:97:2b:bc: 7b:ea:fd:01:8d:d6:38:46:c9:4b:f6:bc:b0:8c:c7: c6:0a:e2:bb:03:66:22:92:f6:6c:cf:24:dc:46:c1: 9d:ee:bf:dc:4b:60:3e:d0:5a:3b:70:7f:a2:df:f3: dc:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:98:A3:A1:69:F2:02:7C:98:80:25:B6:90:2D:15:A0:79:70:43:23 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 42:be:a2:7e:d4:bb:89:f7:6b:38:d9:d5:e4:23:5c:99:59:ed: 65:5e:fb:e0:d7:3f:98:b3:90:b9:9b:24:f6:97:0c:52:95:73: 3d:70:8e:4c:55:c3:f4:f0:3d:cb:64:21:69:17:cd:1b:1e:fc: d7:92:92:de:4f:75:6e:52:69:7c:f0:29:35:8a:b1:7e:84:f5: b2:4c:bb:cf:fa:6f:65:53:c5:55:af:53:0e:46:c7:e0:a2:dc: 85:a0:84:3f:28:f1:1f:93:90:cc:d5:25:6f:28:da:f9:6a:a1: 49:6b:5a:bd:71:f9:6a:58:65:fe:ca:eb:a9:a8:b5:d0:ba:5d: c2:54:6f:95:b0:86:fe:0f:77:ae:30:99:31:8a:26:f3:0b:b4: c0:93:f5:c2:c4:51:03:0d:2c:ea:ad:62:48:96:db:77:fe:51: 94:df:e5:fe:ad:42:23:f7:f4:d7:3e:46:a2:77:81:31:34:f4: 43:d1:06:4a:3a:b3:30:12:c1:89:b8:8e:02:99:18:c6:7e:fd: 65:58:51:ee:39:c6:13:6c:86:56:b3:f2:26:77:e0:a7:65:08: 8c:e3:60:09:bf:92:b1:ec:e4:e4:02:7a:e9:41:06:01:0f:a7: f6:bc:77:e0:64:dc:31:00:03:c4:96:46:6d:f6:05:c2:7c:06: f1:37:8f:3c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAo8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUwODIzMDE1NjU0WhcNMjUwODMwMDE1NjU0WjAYMRYwFAYD VQQDEw02OGE5MWZlNi05NTczMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtEPkA51X5qokXpWK7BnFVyt5jRVB2DzZn3saOm0LllC+0nLIybCKlnyh0d8M QcC35/x0Q38ZjN/CJVifZUiqaC4nR+pyR2ffRPH3rJALNaqiwgHs3C3BKv7DIBfL 5QwHLXnQTxiLhWn2ONUW/cCFx9bNfgwKGkKxjornMakPspItAM+nM0w5P10XgTlG meioIzXintAAKUpSDHDCKXTufiRvNfnoVZmVFX21VTo1H5DfIGbyok4Z+nA5Sjm8 hNbwihT+pZWEX4pSn3FidoiXK7x76v0BjdY4RslL9rywjMfGCuK7A2YikvZszyTc RsGd7r/cS2A+0Fo7cH+i3/PcWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDyYo6Fp 8gJ8mIAltpAtFaB5cEMjMB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBCvqJ+1LuJ92s42dXkI1yZWe1lXvvg1z+Ys5C5myT2lwxSlXM9cI5M VcP08D3LZCFpF80bHvzXkpLeT3VuUml88Ck1irF+hPWyTLvP+m9lU8VVr1MORsfg otyFoIQ/KPEfk5DM1SVvKNr5aqFJa1q9cflqWGX+yuupqLXQul3CVG+VsIb+D3eu MJkxiibzC7TAk/XCxFEDDSzqrWJIltt3/lGU3+X+rUIj9/TXPkaid4ExNPRD0QZK OrMwEsGJuI4CmRjGfv1lWFHuOcYTbIZWs/Imd+CnZQiM42AJv5Kx7OTkAnrpQQYB D6f2vHfgZNwxAAPElkZt9gXCfAbxN488 -----END CERTIFICATE-----Generated at Sat Aug 23 13:47:04 2025 by rpki-client