$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft File: kBUoySF5F9lWch0caFZlNFvrVv0.mft (raw, json) Hash identifier: P49qsP3BPXLGtiRWRWt7pamiDheBZMqWfrlLTONnXU4= Subject key identifier: 30:FE:71:EF:B8:24:90:F2:54:6B:29:78:15:E6:E6:62:F0:E4:82:B0 Authority key identifier: 90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD Certificate issuer: /CN=A91CFAB9/serialNumber=901528C9217917D956721D1C685665345BEB56FD Certificate serial: 033F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft Manifest number: 033B Signing time: Tue 01 Jul 2025 01:21:28 +0000 Manifest this update: Tue 01 Jul 2025 01:21:28 +0000 Manifest next update: Tue 08 Jul 2025 01:21:28 +0000 Files and hashes: 1: kBUoySF5F9lWch0caFZlNFvrVv0.crl (hash: qagVPhNTdeZ1QHJIY6zR53R7KAqjkrlTx+fm3NXFSXE=) 2: 39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa (hash: NmvW/sg0pEXjTHBegEg6TihBwGGc4JodMMQnzVosHvc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 00:49:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 831 (0x33f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=901528C9217917D956721D1C685665345BEB56FD Validity Not Before: Jul 1 01:21:28 2025 GMT Not After : Jul 8 01:21:28 2025 GMT Subject: CN=68633818-fc78 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:9e:9a:18:b3:e9:d1:03:f8:16:50:7d:cc:86:1f: ce:50:18:a9:91:ad:9e:9b:c0:7c:99:72:f2:37:52: ea:cf:ff:72:f6:73:99:c0:2e:39:cf:b2:2d:b7:43: 8f:3b:2a:09:5f:72:5e:30:09:6a:43:d5:44:df:22: 90:0f:ec:db:fd:da:7f:eb:d9:e0:9a:d8:20:68:e9: 1d:f6:fe:69:61:08:88:aa:12:98:6d:9b:e2:92:a4: c2:11:e2:3c:ab:75:d9:6e:f7:0e:d8:c8:bd:dd:24: 2a:9f:77:f1:5f:eb:97:92:2b:80:d0:2c:87:be:5d: 7d:8d:73:7a:14:76:25:e2:1c:81:1b:51:de:ae:79: 51:d2:fc:d5:74:3d:d6:4e:38:0a:2d:0e:ef:7f:04: 89:2e:94:e8:0c:75:61:c9:16:2d:74:a7:ab:8a:4f: 4e:4c:cf:8c:e9:4a:85:d4:9e:c0:b7:ca:03:f4:90: 18:46:c3:b9:52:d7:19:6f:01:7b:56:4f:19:7d:de: 0f:67:d5:b1:60:9c:84:2a:aa:ba:d1:f2:23:51:ab: 0f:eb:df:17:70:d4:82:9d:11:6a:d1:97:27:cb:00: 3b:2c:b5:ff:64:78:53:93:be:2a:7a:37:dd:93:64: 38:ec:b7:34:ff:42:9f:bf:19:bd:c1:e0:78:9b:c4: 07:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 30:FE:71:EF:B8:24:90:F2:54:6B:29:78:15:E6:E6:62:F0:E4:82:B0 X509v3 Authority Key Identifier: keyid:90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b0:3a:c9:c9:91:0f:27:4b:c4:2b:1a:b3:31:e3:b4:18:78:2b: ec:71:b8:c9:0a:a8:fe:99:54:9b:2b:e8:3e:82:ef:3c:37:3a: 7e:19:12:9d:31:cb:6f:e5:8c:bb:41:22:27:5b:59:9c:2e:50: 09:7a:71:7b:e4:34:9d:d8:82:df:d1:2a:a3:7a:43:70:a8:29: cd:f5:e2:ae:37:34:bd:86:3a:f2:d4:79:46:68:94:d4:8c:d6: 5c:d6:fb:92:8e:d1:96:19:ca:7b:53:3c:87:c1:cb:68:63:8e: 8e:31:32:57:51:c8:81:22:a3:f2:bf:0f:8f:bf:3b:63:b5:aa: d8:81:96:de:09:f2:03:5c:09:51:11:0b:c4:ec:e3:ac:c5:98: 75:36:bd:1b:82:2f:b1:0b:95:a3:54:d9:c1:b5:df:f4:02:fa: b5:ce:2a:66:bd:65:a0:a3:a2:d7:d5:09:14:37:80:59:53:f9: fb:29:c2:26:ac:4f:df:6f:e9:9e:d8:c2:13:80:81:c6:d2:ee: 50:db:34:56:93:3d:1c:65:eb:0b:15:df:cc:1c:37:5c:f6:db: 57:06:f3:d2:98:1e:a1:0f:2d:a9:5a:8b:bc:b3:9b:b1:9e:4a: a4:f2:c1:54:e5:0a:6b:1b:f8:31:08:56:9a:4c:66:b6:5b:f8: 3c:1e:86:19 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAz8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKDkwMTUyOEM5MjE3OTE3RDk1NjcyMUQxQzY4NTY2NTM0 NUJFQjU2RkQwHhcNMjUwNzAxMDEyMTI4WhcNMjUwNzA4MDEyMTI4WjAYMRYwFAYD VQQDEw02ODYzMzgxOC1mYzc4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAnpoYs+nRA/gWUH3Mhh/OUBipka2em8B8mXLyN1Lqz/9y9nOZwC45z7Itt0OP OyoJX3JeMAlqQ9VE3yKQD+zb/dp/69ngmtggaOkd9v5pYQiIqhKYbZvikqTCEeI8 q3XZbvcO2Mi93SQqn3fxX+uXkiuA0CyHvl19jXN6FHYl4hyBG1HernlR0vzVdD3W TjgKLQ7vfwSJLpToDHVhyRYtdKerik9OTM+M6UqF1J7At8oD9JAYRsO5UtcZbwF7 Vk8Zfd4PZ9WxYJyEKqq60fIjUasP698XcNSCnRFq0ZcnywA7LLX/ZHhTk74qejfd k2Q47Lc0/0Kfvxm9weB4m8QHpwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDD+ce+4 JJDyVGspeBXm5mLw5IKwMB8GA1UdIwQYMBaAFJAVKMkheRfZVnIdHGhWZTRb61b9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS8xQ0Q0NEY5RUM3 N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5bFdjaDBjYUZabE5GdnJW djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tCVW95U0Y1RjlsV2NoMGNhRlpsTkZ2clZ2MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkFCOS8xQ0Q0NEY5RUM3N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5 bFdjaDBjYUZabE5GdnJWdjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCwOsnJkQ8nS8QrGrMx47QYeCvscbjJCqj+mVSbK+g+gu88Nzp+GRKd Mctv5Yy7QSInW1mcLlAJenF75DSd2ILf0SqjekNwqCnN9eKuNzS9hjry1HlGaJTU jNZc1vuSjtGWGcp7UzyHwctoY46OMTJXUciBIqPyvw+PvztjtarYgZbeCfIDXAlR EQvE7OOsxZh1Nr0bgi+xC5WjVNnBtd/0Avq1zipmvWWgo6LX1QkUN4BZU/n7KcIm rE/fb+me2MITgIHG0u5Q2zRWkz0cZesLFd/MHDdc9ttXBvPSmB6hDy2pWou8s5ux nkqk8sFU5QprG/gxCFaaTGa2W/g8HoYZ -----END CERTIFICATE-----Generated at Tue Jul 1 02:43:26 2025 by rpki-client