$ rpki-client -vvf rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft File: kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft (raw, json) Hash identifier: PM7Jltt12nKCHKh3fjJhF5IIZLvgqLqYNI4gbJiYI7w= Subject key identifier: DA:30:6D:34:98:B2:75:CC:85:6A:65:9C:6D:97:AE:DC:AC:0E:2B:3E Authority key identifier: 91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 Certificate issuer: /CN=A91BB6E3/serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Certificate serial: 01D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft Manifest number: 01C4 Signing time: Tue 01 Jul 2025 03:34:23 +0000 Manifest this update: Tue 01 Jul 2025 03:34:22 +0000 Manifest next update: Tue 08 Jul 2025 03:34:22 +0000 Files and hashes: 1: kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl (hash: MpbSL2xUllAIgGKuqT8V4OeqWMBYQ2hrrVHWldHT1tE=) 2: F96174ECC27D11EDB8226F2DC4F9AE02.roa (hash: kXeNIsHETQcXUic6LYufG6XvgVMVgH9sGtHQdmkZT90=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 03:34:22 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 473 (0x1d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91BB6E3, serialNumber=919FA819B2FFF145521AF664035278E7E7914A49 Validity Not Before: Jul 1 03:34:22 2025 GMT Not After : Jul 8 03:34:22 2025 GMT Subject: CN=6863573e-eb8b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:4e:d9:89:c0:32:12:3c:b4:a9:ba:22:05:3d: 57:ad:82:23:0b:d0:0e:ce:06:18:d0:92:be:1e:3e: 77:17:d5:43:97:97:cd:3f:e9:54:f4:5c:1d:3e:f5: a6:3f:53:d0:42:76:2f:2d:ab:f8:62:0b:b6:84:ec: 15:68:3c:f6:6f:98:6a:00:6d:f3:99:68:2d:fb:4b: 14:5e:4c:7f:e8:d2:a7:8f:20:dc:ff:14:31:1d:87: f2:5e:57:70:fe:2f:6e:52:da:e4:21:d1:aa:fd:12: b6:26:6b:ec:8b:1a:ef:da:97:70:28:7a:4f:77:79: 56:a0:54:0c:91:4c:40:4e:1b:4f:d8:dc:fa:32:94: 01:d4:00:de:08:ef:36:e3:fa:c5:96:40:e4:e5:49: 93:45:c9:74:75:17:0b:c1:8f:41:d3:8f:a0:5d:c3: a8:2f:06:15:83:d8:38:dd:38:79:9c:b3:6e:81:b5: 48:46:af:33:69:02:cf:9b:e8:38:11:b1:7a:12:2d: c8:a1:26:52:4f:e3:33:2d:9e:18:e1:9d:dc:a7:ba: b1:ae:39:58:9b:40:52:c1:71:c5:a1:c5:c3:01:b0: 41:90:6f:c2:8a:9f:85:80:67:48:34:c1:7a:49:36: 64:61:bf:c5:22:d3:d7:85:fe:01:e0:83:68:3f:db: d9:f9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DA:30:6D:34:98:B2:75:CC:85:6A:65:9C:6D:97:AE:DC:AC:0E:2B:3E X509v3 Authority Key Identifier: keyid:91:9F:A8:19:B2:FF:F1:45:52:1A:F6:64:03:52:78:E7:E7:91:4A:49 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kZ-oGbL_8UVSGvZkA1J45-eRSkk.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91BB6E3/A22C814CC27511EDB3B4D728C4F9AE02/kZ-oGbL_8UVSGvZkA1J45-eRSkk.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a8:3f:db:82:67:92:27:e7:51:cc:58:d5:3b:28:38:d3:1d:67: 87:d7:eb:8f:c7:04:35:11:0a:3c:d9:26:b2:9d:a4:e8:a0:3f: c2:17:e3:49:a2:85:a3:6f:f5:68:35:28:fc:3d:ca:f7:19:64: fc:41:4d:77:74:0e:4d:d0:68:a5:5c:fa:97:e2:6e:23:b7:f3: b4:78:bb:88:46:34:67:c3:17:8b:86:cf:76:b2:40:48:7f:49: bc:e8:dc:f3:12:40:41:e4:77:6a:f1:4f:c3:44:c8:22:43:16: 12:f6:b1:5e:75:cb:ea:31:14:c3:a0:2f:2b:b5:bd:b3:be:88: ae:19:33:3b:86:d6:0f:27:3d:7a:97:61:1d:57:31:a1:d2:f3: a1:a3:7a:48:26:8d:16:bb:5f:c8:a0:03:5e:90:f5:8f:19:cd: 04:68:ec:8d:49:eb:fe:6d:9f:4d:a9:5d:e1:6e:27:56:32:a6: 8f:88:a9:c7:5c:cf:44:16:e0:6a:ee:de:9b:6d:b2:36:c9:15: db:c4:1d:83:f4:c7:c0:04:59:77:1f:9c:f1:48:3e:c4:cc:36: dc:e5:55:3c:4d:f5:f5:5c:2b:bc:77:c1:1d:ff:d8:b0:0c:14: 93:20:5a:2b:ca:68:c9:31:53:ef:54:4f:34:c3:68:4c:0a:c0: 82:80:9f:5a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QkI2RTMxMTAvBgNVBAUTKDkxOUZBODE5QjJGRkYxNDU1MjFBRjY2NDAzNTI3OEU3 RTc5MTRBNDkwHhcNMjUwNzAxMDMzNDIyWhcNMjUwNzA4MDMzNDIyWjAYMRYwFAYD VQQDEw02ODYzNTczZS1lYjhiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAv07ZicAyEjy0qboiBT1XrYIjC9AOzgYY0JK+Hj53F9VDl5fNP+lU9FwdPvWm P1PQQnYvLav4Ygu2hOwVaDz2b5hqAG3zmWgt+0sUXkx/6NKnjyDc/xQxHYfyXldw /i9uUtrkIdGq/RK2Jmvsixrv2pdwKHpPd3lWoFQMkUxAThtP2Nz6MpQB1ADeCO82 4/rFlkDk5UmTRcl0dRcLwY9B04+gXcOoLwYVg9g43Th5nLNugbVIRq8zaQLPm+g4 EbF6Ei3IoSZST+MzLZ4Y4Z3cp7qxrjlYm0BSwXHFocXDAbBBkG/Cip+FgGdINMF6 STZkYb/FItPXhf4B4INoP9vZ+QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNowbTSY snXMhWplnG2XrtysDis+MB8GA1UdIwQYMBaAFJGfqBmy//FFUhr2ZANSeOfnkUpJ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCQjZFMy9BMjJDODE0Q0My NzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhVVlNHdlprQTFKNDUtZVJT a2suY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2taLW9HYkxfOFVWU0d2WmtBMUo0NS1lUlNray5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC QjZFMy9BMjJDODE0Q0MyNzUxMUVEQjNCNEQ3MjhDNEY5QUUwMi9rWi1vR2JMXzhV VlNHdlprQTFKNDUtZVJTa2subWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCoP9uCZ5In51HMWNU7KDjTHWeH1+uPxwQ1EQo82SaynaTooD/CF+NJ ooWjb/VoNSj8Pcr3GWT8QU13dA5N0GilXPqX4m4jt/O0eLuIRjRnwxeLhs92skBI f0m86NzzEkBB5Hdq8U/DRMgiQxYS9rFedcvqMRTDoC8rtb2zvoiuGTM7htYPJz16 l2EdVzGh0vOho3pIJo0Wu1/IoANekPWPGc0EaOyNSev+bZ9NqV3hbidWMqaPiKnH XM9EFuBq7t6bbbI2yRXbxB2D9MfABFl3H5zxSD7EzDbc5VU8TfX1XCu8d8Ed/9iw DBSTIForymjJMVPvVE80w2hMCsCCgJ9a -----END CERTIFICATE-----Generated at Wed Jul 2 16:10:59 2025 by rpki-client