$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft File: KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft (raw, json) Hash identifier: hvh1XImutmaUbFS16Fw/NI+ZEvvgWxaZ4a3lsPXvQds= Subject key identifier: E6:D8:18:FE:9D:5F:BE:32:8C:52:BF:D4:AA:B1:CA:7B:68:E1:B3:6B Authority key identifier: 28:C0:60:7D:96:83:1A:3D:18:09:33:45:B3:72:58:EE:3B:D7:F3:E7 Certificate issuer: /CN=A91C5AEE/serialNumber=28C0607D96831A3D18093345B37258EE3BD7F3E7 Certificate serial: 0151 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft Manifest number: 014F Signing time: Tue 01 Jul 2025 04:37:15 +0000 Manifest this update: Tue 01 Jul 2025 04:37:15 +0000 Manifest next update: Tue 08 Jul 2025 04:37:15 +0000 Files and hashes: 1: KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl (hash: dVX950PZtTXLdZ0F91EhI5fGPVOIYtvTrF5We2yCGQE=) 2: 21525A1C520B11EE8B79021AC4F9AE02.roa (hash: s8Vu/R6gOMwvLzsGf3nk9tFhiMljx1hOH6LnsMms3Vg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 04:37:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 337 (0x151) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5AEE, serialNumber=28C0607D96831A3D18093345B37258EE3BD7F3E7 Validity Not Before: Jul 1 04:37:15 2025 GMT Not After : Jul 8 04:37:15 2025 GMT Subject: CN=686365fb-01fa Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ac:3c:8c:ac:6a:af:8f:bd:6b:5a:89:5a:44:55: f9:e0:d3:06:31:f5:8d:14:03:9e:5a:e1:bd:99:ca: 17:f8:c7:7c:cb:21:81:86:3d:31:6a:73:75:1a:f5: c6:33:80:c6:f6:4a:fe:72:f5:f5:35:96:07:68:ac: 1d:74:ca:71:fe:d2:ca:51:38:00:8c:4d:ef:aa:83: f0:87:9f:ea:a2:4a:13:49:97:84:b7:53:f1:ad:f9: d6:30:0c:33:04:6d:f6:e4:6a:58:25:af:43:50:50: cd:5f:f0:88:03:b9:3e:c5:c7:ee:72:d8:3b:2b:74: 42:2b:1e:d3:c5:3e:41:24:2c:e7:76:f3:63:40:a2: ea:52:86:f8:99:12:22:45:ca:27:81:db:60:18:06: 9b:23:8a:d8:83:f0:cc:eb:0a:ea:67:81:05:2f:46: d5:d0:f1:bd:2e:ca:c8:50:ee:50:c3:81:d6:0d:2d: a7:8f:53:37:87:de:81:4e:1e:fd:42:e0:ef:0a:5e: 1f:4f:25:a9:03:ff:c0:72:ac:b5:ed:26:ff:e7:12: 42:6f:ba:30:79:e7:0e:01:ed:4c:d0:04:b1:76:fb: 8c:a4:ff:de:d9:6f:a1:30:ac:22:7a:92:98:5a:87: 5d:51:8f:e2:a8:cb:b5:51:00:1b:75:5e:6c:73:b5: ca:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: E6:D8:18:FE:9D:5F:BE:32:8C:52:BF:D4:AA:B1:CA:7B:68:E1:B3:6B X509v3 Authority Key Identifier: keyid:28:C0:60:7D:96:83:1A:3D:18:09:33:45:B3:72:58:EE:3B:D7:F3:E7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KMBgfZaDGj0YCTNFs3JY7jvX8-c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5AEE/3E3901F2520711EEB57B5877C4F9AE02/KMBgfZaDGj0YCTNFs3JY7jvX8-c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:0f:49:98:b7:1b:4f:e5:7f:40:c9:6c:ff:8c:a0:46:49:72: 4f:6a:64:af:69:e0:fb:a1:d3:5d:05:7a:31:6d:0c:b3:87:a9: 12:7d:a6:41:e9:e1:2e:fc:ef:a0:8d:ac:53:25:40:cc:cb:9b: 08:70:02:20:cf:bc:bb:02:db:cd:af:58:59:46:7a:34:52:63: 52:24:89:72:a9:07:c4:5d:d0:af:a3:06:da:78:0e:c7:79:a8: 5a:e3:cd:76:14:be:0c:c0:fa:87:90:a3:f7:b0:ed:b8:2b:1b: 90:18:b6:52:23:3b:1b:e7:ce:94:8c:44:8a:22:b8:32:af:84: 85:b0:c5:c5:5a:ae:f7:6e:13:a1:22:87:11:7a:52:f3:2a:35: 6e:ee:6b:22:b3:95:51:92:9a:93:bc:40:87:79:d4:92:f4:ff: 63:db:ef:14:4a:ad:4c:40:57:73:8b:34:7f:18:46:df:ca:cb: 46:1b:be:66:65:3f:90:6f:cd:66:b9:30:3c:44:75:48:0e:ae: 81:16:0c:05:2f:ba:f4:07:94:c5:ec:c8:a0:92:c3:5b:5b:17: 9f:b0:91:c8:a3:0f:10:dd:c3:af:c8:7c:ba:98:00:c0:6b:b5: 44:44:e2:79:53:34:f3:90:ab:46:f1:8b:ff:5a:43:11:42:09: 99:a1:2e:ba -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVEwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzVBRUUxMTAvBgNVBAUTKDI4QzA2MDdEOTY4MzFBM0QxODA5MzM0NUIzNzI1OEVF M0JEN0YzRTcwHhcNMjUwNzAxMDQzNzE1WhcNMjUwNzA4MDQzNzE1WjAYMRYwFAYD VQQDEw02ODYzNjVmYi0wMWZhMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArDyMrGqvj71rWolaRFX54NMGMfWNFAOeWuG9mcoX+Md8yyGBhj0xanN1GvXG M4DG9kr+cvX1NZYHaKwddMpx/tLKUTgAjE3vqoPwh5/qokoTSZeEt1PxrfnWMAwz BG325GpYJa9DUFDNX/CIA7k+xcfuctg7K3RCKx7TxT5BJCzndvNjQKLqUob4mRIi RcongdtgGAabI4rYg/DM6wrqZ4EFL0bV0PG9LsrIUO5Qw4HWDS2nj1M3h96BTh79 QuDvCl4fTyWpA//Acqy17Sb/5xJCb7oweecOAe1M0ASxdvuMpP/e2W+hMKwiepKY WoddUY/iqMu1UQAbdV5sc7XK1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFObYGP6d X74yjFK/1Kqxynto4bNrMB8GA1UdIwQYMBaAFCjAYH2Wgxo9GAkzRbNyWO471/Pn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNUFFRS8zRTM5MDFGMjUy MDcxMUVFQjU3QjU4NzdDNEY5QUUwMi9LTUJnZlphREdqMFlDVE5GczNKWTdqdlg4 LWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tNQmdmWmFER2owWUNUTkZzM0pZN2p2WDgtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NUFFRS8zRTM5MDFGMjUyMDcxMUVFQjU3QjU4NzdDNEY5QUUwMi9LTUJnZlphREdq MFlDVE5GczNKWTdqdlg4LWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaD0mYtxtP5X9AyWz/jKBGSXJPamSvaeD7odNdBXoxbQyzh6kSfaZB 6eEu/O+gjaxTJUDMy5sIcAIgz7y7AtvNr1hZRno0UmNSJIlyqQfEXdCvowbaeA7H eaha4812FL4MwPqHkKP3sO24KxuQGLZSIzsb586UjESKIrgyr4SFsMXFWq73bhOh IocRelLzKjVu7msis5VRkpqTvECHedSS9P9j2+8USq1MQFdzizR/GEbfystGG75m ZT+Qb81muTA8RHVIDq6BFgwFL7r0B5TF7MigksNbWxefsJHIow8Q3cOvyHy6mADA a7VEROJ5UzTzkKtG8Yv/WkMRQgmZoS66 -----END CERTIFICATE-----Generated at Tue Jul 1 12:32:04 2025 by rpki-client