$ rpki-client -vvf rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft File: BKfrBJqTf9nyuG4Vnd310sma1B4.mft (raw, json) Hash identifier: Gvdyv/NO3+Ju6YzP4CFhr7SS6i7bbV/CXBy1UPoJ/sU= Subject key identifier: 70:F8:58:8F:4C:3C:A9:EA:FC:6E:5C:F6:05:C5:59:7A:4A:A9:3F:3D Authority key identifier: 04:A7:EB:04:9A:93:7F:D9:F2:B8:6E:15:9D:DD:F5:D2:C9:9A:D4:1E Certificate issuer: /CN=A91E87AB/serialNumber=04A7EB049A937FD9F2B86E159DDDF5D2C99AD41E Certificate serial: 0509 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKfrBJqTf9nyuG4Vnd310sma1B4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft Manifest number: 0503 Signing time: Sat 28 Jun 2025 23:14:45 +0000 Manifest this update: Sat 28 Jun 2025 23:14:45 +0000 Manifest next update: Sat 05 Jul 2025 23:14:45 +0000 Files and hashes: 1: BKfrBJqTf9nyuG4Vnd310sma1B4.crl (hash: fM01gatJjMc0RBDDgaHTlIZg8R4zHQkXNe/HALUwLCo=) 2: 709F3B2E145C11EC9A902165C4F9AE02.roa (hash: UibVZP54wNfnJM5fmfROJ4sssLQa2oOrL7RimgDBnPw=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.crl rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKfrBJqTf9nyuG4Vnd310sma1B4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 05 Jul 2025 23:14:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1289 (0x509) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E87AB, serialNumber=04A7EB049A937FD9F2B86E159DDDF5D2C99AD41E Validity Not Before: Jun 28 23:14:45 2025 GMT Not After : Jul 5 23:14:45 2025 GMT Subject: CN=68607765-f1ee Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:dd:cb:42:75:7d:45:3a:71:4d:47:a0:93:3b:b1: 18:64:93:c1:1d:10:0d:7b:38:19:1b:d9:17:09:7f: 93:ad:03:cb:26:e6:2f:31:bb:e3:63:89:fb:97:1b: 31:34:8d:85:74:57:5e:38:08:75:9e:7c:38:6a:73: c7:04:68:29:e3:32:0c:fa:64:0f:a4:bf:27:91:e1: 41:a4:8e:ff:b1:04:e5:fe:12:d0:aa:f2:23:50:c9: 4a:80:79:91:cd:5e:59:7c:4c:59:fc:96:db:ee:07: c1:f8:94:95:16:95:94:8b:21:bd:49:94:9c:59:ba: 60:ba:e0:bc:00:96:69:9f:c8:e6:a8:cf:8e:7f:e8: 96:73:e7:ac:f9:06:0c:d0:70:de:10:ba:72:ed:3c: b9:88:ab:ec:6a:68:82:85:06:94:f6:35:f6:aa:21: 5c:21:27:34:01:f9:9d:3c:38:41:e3:f3:79:ed:31: 62:47:9d:69:66:50:f5:f2:69:85:ee:96:e5:ed:dd: 9d:35:84:e0:57:51:05:a2:95:be:ac:15:eb:1b:3e: 12:f3:13:0e:b2:51:d6:a8:23:41:c0:7c:3a:64:2b: 1a:d3:47:cd:fa:e9:eb:1e:b8:94:f0:19:1b:0a:71: 1b:69:be:6f:a5:f3:2f:61:71:bf:d8:f9:d9:d1:a9: aa:f5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 70:F8:58:8F:4C:3C:A9:EA:FC:6E:5C:F6:05:C5:59:7A:4A:A9:3F:3D X509v3 Authority Key Identifier: keyid:04:A7:EB:04:9A:93:7F:D9:F2:B8:6E:15:9D:DD:F5:D2:C9:9A:D4:1E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/BKfrBJqTf9nyuG4Vnd310sma1B4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E87AB/916B0666145811EC9ED6C73BC4F9AE02/BKfrBJqTf9nyuG4Vnd310sma1B4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:72:f3:b5:f2:d1:c6:df:93:22:fd:d0:73:8d:cb:3c:6a:73: 7d:d8:94:ac:3a:d8:05:9c:be:52:f6:8f:82:4a:06:71:b2:f4: 66:ae:ef:9d:21:b5:c8:60:ea:63:08:de:52:32:88:fe:fc:8b: d3:ad:54:54:36:c4:ef:f1:d6:77:f5:67:4e:2b:d9:dc:6a:8c: 3b:c7:e1:0b:8b:4e:3c:8c:e5:86:c1:6b:77:62:56:80:86:3c: 2b:3a:8b:32:8c:04:a4:5f:de:ce:84:a4:53:b8:c1:54:8e:a9: 51:57:80:bc:e1:93:8f:06:85:a4:ac:2e:00:fb:cb:22:75:1c: 60:c9:09:39:39:ae:7d:38:99:58:a9:ab:a2:eb:d1:d0:b1:30: 77:b3:14:87:be:88:b7:14:29:bd:63:8c:ba:4c:8b:23:55:ad: 66:25:31:92:9b:6b:0f:03:18:d7:f3:b3:39:80:fb:b5:68:93: 82:9f:7d:86:18:aa:e2:ee:c0:e6:d2:8c:d1:1d:a9:cd:72:d1: 5a:f8:63:29:bf:2f:78:60:25:2f:a1:80:9e:82:af:d5:0b:37: 8f:16:7e:e3:6d:ff:25:99:58:d9:4d:6d:2e:bb:cc:0e:31:bb: af:e7:13:54:f2:33:8b:66:35:50:af:42:3a:ea:da:66:8d:11: 7c:9d:bc:f4 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBQkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTg3QUIxMTAvBgNVBAUTKDA0QTdFQjA0OUE5MzdGRDlGMkI4NkUxNTlERERGNUQy Qzk5QUQ0MUUwHhcNMjUwNjI4MjMxNDQ1WhcNMjUwNzA1MjMxNDQ1WjAYMRYwFAYD VQQDEw02ODYwNzc2NS1mMWVlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3ctCdX1FOnFNR6CTO7EYZJPBHRANezgZG9kXCX+TrQPLJuYvMbvjY4n7lxsx NI2FdFdeOAh1nnw4anPHBGgp4zIM+mQPpL8nkeFBpI7/sQTl/hLQqvIjUMlKgHmR zV5ZfExZ/Jbb7gfB+JSVFpWUiyG9SZScWbpguuC8AJZpn8jmqM+Of+iWc+es+QYM 0HDeELpy7Ty5iKvsamiChQaU9jX2qiFcISc0AfmdPDhB4/N57TFiR51pZlD18mmF 7pbl7d2dNYTgV1EFopW+rBXrGz4S8xMOslHWqCNBwHw6ZCsa00fN+unrHriU8Bkb CnEbab5vpfMvYXG/2PnZ0amq9QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHD4WI9M PKnq/G5c9gXFWXpKqT89MB8GA1UdIwQYMBaAFASn6wSak3/Z8rhuFZ3d9dLJmtQe MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFODdBQi85MTZCMDY2NjE0 NTgxMUVDOUVENkM3M0JDNEY5QUUwMi9CS2ZyQkpxVGY5bnl1RzRWbmQzMTBzbWEx QjQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0JLZnJCSnFUZjlueXVHNFZuZDMxMHNtYTFCNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF ODdBQi85MTZCMDY2NjE0NTgxMUVDOUVENkM3M0JDNEY5QUUwMi9CS2ZyQkpxVGY5 bnl1RzRWbmQzMTBzbWExQjQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChcvO18tHG35Mi/dBzjcs8anN92JSsOtgFnL5S9o+CSgZxsvRmru+d IbXIYOpjCN5SMoj+/IvTrVRUNsTv8dZ39WdOK9ncaow7x+ELi048jOWGwWt3YlaA hjwrOosyjASkX97OhKRTuMFUjqlRV4C84ZOPBoWkrC4A+8sidRxgyQk5Oa59OJlY qaui69HQsTB3sxSHvoi3FCm9Y4y6TIsjVa1mJTGSm2sPAxjX87M5gPu1aJOCn32G GKri7sDm0ozRHanNctFa+GMpvy94YCUvoYCegq/VCzePFn7jbf8lmVjZTW0uu8wO Mbuv5xNU8jOLZjVQr0I66tpmjRF8nbz0 -----END CERTIFICATE-----Generated at Sun Jun 29 13:43:52 2025 by rpki-client