$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft File: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft (raw, json) Hash identifier: c2SCkywx59NzvmxFUAoxC12WSvMDOsTW8nEB/unE0I4= Subject key identifier: 2D:80:0C:0F:92:22:10:F1:52:40:AF:F4:6A:E9:AB:3A:7C:07:86:13 Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 Certificate issuer: /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Certificate serial: 074A Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft Manifest number: 0733 Signing time: Mon 30 Jun 2025 22:07:44 +0000 Manifest this update: Mon 30 Jun 2025 22:07:43 +0000 Manifest next update: Mon 07 Jul 2025 22:07:43 +0000 Files and hashes: 1: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl (hash: lG07/tNJxwOdAs54wTTzvIa9+F0L9wf8ZUHXinZkWp4=) 2: C42CEC7ECC3611EF9C79665CC4F9AE02.roa (hash: +9I46oBmobqbn5rox7c5LlYsiP1+hncBa8w/SO0pYyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 22:07:42 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1866 (0x74a) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5021, serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Validity Not Before: Jun 30 22:07:43 2025 GMT Not After : Jul 7 22:07:43 2025 GMT Subject: CN=68630aaf-9e8c Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ba:20:9c:d4:d8:f2:22:49:0c:01:24:19:7e: 4c:b6:b7:da:20:71:42:56:a5:47:9a:69:84:33:81: 4f:2a:18:e3:b0:56:87:cb:bd:51:39:d1:bf:84:7c: f2:40:48:77:bf:85:d3:89:64:89:01:36:14:7e:ec: 18:14:0d:83:35:6c:cc:10:98:7b:d3:9a:d1:15:27: a7:eb:8b:0d:f3:d6:05:7e:db:b0:6c:c0:b7:d3:90: 59:e1:2a:ad:57:24:19:43:19:3f:be:54:30:1a:1c: e2:9b:09:74:28:d0:e2:da:c4:71:73:71:08:6b:77: af:08:6d:16:17:24:92:a7:b9:9f:38:22:3a:b0:31: 22:0d:9e:99:e9:0a:0f:ef:6f:9e:a3:34:d4:12:6f: 05:3f:6a:d3:17:1c:94:a7:bb:6b:c2:a8:9d:a5:52: 7a:d4:19:7c:a2:26:f3:af:58:86:48:12:0c:58:06: 44:ba:f8:51:63:99:a0:ca:b2:0f:7f:e5:b8:e8:db: 9a:79:ac:ba:f1:71:6b:da:28:45:3e:16:c7:f8:4d: 0b:04:e2:18:ce:be:11:16:90:ab:3f:ef:66:21:8f: 98:95:94:f0:71:50:16:c7:52:c7:84:5f:9e:3d:df: cf:b1:69:18:b0:ca:d8:7b:71:9a:bb:46:8f:73:af: 47:5f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 2D:80:0C:0F:92:22:10:F1:52:40:AF:F4:6A:E9:AB:3A:7C:07:86:13 X509v3 Authority Key Identifier: keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 41:f9:a4:dc:12:5a:d2:39:e0:1a:d4:d6:f4:37:c4:57:c7:5c: 05:9b:bb:29:dd:a8:e9:7a:a3:04:b4:a2:9d:c8:7d:ca:30:66: ce:b6:cc:fa:10:be:fa:2b:44:31:8b:d5:c0:6c:b0:af:4b:6b: 82:ad:93:6b:37:0e:a7:d1:5a:11:1a:d3:52:20:bc:74:02:b4: 3f:58:3f:37:b2:0a:2e:81:a5:f0:6d:17:e7:33:fd:bb:20:59: 52:92:50:1c:cc:53:5a:e9:99:3b:a7:b1:be:2f:61:98:8f:db: 1f:5d:e5:d6:87:b3:31:9f:46:ea:01:f9:8f:d7:f1:e4:33:cb: 35:51:aa:0e:d6:d4:79:f5:08:71:91:0f:0e:33:96:d1:b6:d6: 87:97:9e:8f:38:23:75:7f:8a:83:e7:fe:ea:d9:38:a0:63:bd: ff:b8:84:84:9b:7e:37:1d:ea:53:65:a9:b1:87:ea:53:06:fb: 98:34:1a:26:e4:5e:01:2e:96:44:1f:87:21:43:ef:d8:40:01: c3:05:a8:12:cf:f8:09:88:ed:c1:ed:67:c7:82:d5:28:68:d9: 3e:d1:dd:fc:93:09:da:62:43:fc:21:1e:cb:98:ed:19:5a:a8: 83:73:96:1a:6a:b4:9e:8c:a0:4d:1e:21:e6:e8:a2:a1:5c:45: 47:25:92:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB0owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF QjdEM0U5MDIwHhcNMjUwNjMwMjIwNzQzWhcNMjUwNzA3MjIwNzQzWjAYMRYwFAYD VQQDEw02ODYzMGFhZi05ZThjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtLognNTY8iJJDAEkGX5MtrfaIHFCVqVHmmmEM4FPKhjjsFaHy71ROdG/hHzy QEh3v4XTiWSJATYUfuwYFA2DNWzMEJh705rRFSen64sN89YFftuwbMC305BZ4Sqt VyQZQxk/vlQwGhzimwl0KNDi2sRxc3EIa3evCG0WFySSp7mfOCI6sDEiDZ6Z6QoP 72+eozTUEm8FP2rTFxyUp7trwqidpVJ61Bl8oibzr1iGSBIMWAZEuvhRY5mgyrIP f+W46Nuaeay68XFr2ihFPhbH+E0LBOIYzr4RFpCrP+9mIY+YlZTwcVAWx1LHhF+e Pd/PsWkYsMrYe3Gau0aPc69HXwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFC2ADA+S IhDxUkCv9Grpqzp8B4YTMB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2 UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTAyMS85QUZENDg2QzNCQkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhL TzZhanBLaDlhT25yZlQ2UUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBB+aTcElrSOeAa1Nb0N8RXx1wFm7sp3ajpeqMEtKKdyH3KMGbOtsz6 EL76K0Qxi9XAbLCvS2uCrZNrNw6n0VoRGtNSILx0ArQ/WD83sgougaXwbRfnM/27 IFlSklAczFNa6Zk7p7G+L2GYj9sfXeXWh7Mxn0bqAfmP1/HkM8s1UaoO1tR59Qhx kQ8OM5bRttaHl56POCN1f4qD5/7q2TigY73/uISEm343HepTZamxh+pTBvuYNBom 5F4BLpZEH4chQ+/YQAHDBagSz/gJiO3B7WfHgtUoaNk+0d38kwnaYkP8IR7LmO0Z WqiDc5YaarSejKBNHiHm6KKhXEVHJZKq -----END CERTIFICATE-----Generated at Tue Jul 1 22:15:21 2025 by rpki-client