$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft File: KQN7v5LysPTDMKHN1KdiVs16VCI.mft (raw, json) Hash identifier: SXJk8bUIfaKaMVqtu4lHi/c18y5B0z3D+xpIuqwmFHw= Subject key identifier: DB:51:A2:87:7D:8C:B7:BE:C0:F3:2E:1C:F8:25:36:DC:88:D7:88:7E Authority key identifier: 29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 Certificate issuer: /CN=A91E9B89/serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Certificate serial: 9B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft Manifest number: 9A Signing time: Tue 01 Jul 2025 07:04:09 +0000 Manifest this update: Tue 01 Jul 2025 07:04:09 +0000 Manifest next update: Tue 08 Jul 2025 07:04:09 +0000 Files and hashes: 1: KQN7v5LysPTDMKHN1KdiVs16VCI.crl (hash: TkhlHLZhaME7gujhclZvtfqfKob5UHhlnNIGte7727I=) 2: 2025BD6C6C3311EF99E0EF34C4F9AE02.roa (hash: v8gSdO2Oyevi0udRA9oSIzZPAk2F5XphTGY0llKdCYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 08 Jul 2025 07:04:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 155 (0x9b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9B89, serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Validity Not Before: Jul 1 07:04:09 2025 GMT Not After : Jul 8 07:04:09 2025 GMT Subject: CN=68638869-6e2f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:67:5f:a5:9d:43:4a:9a:ff:55:02:72:88:9e: b0:91:b5:45:6d:ac:e4:a7:6a:e1:f2:41:ba:3f:8e: df:fd:45:aa:39:63:1c:31:8c:5f:94:a8:d0:94:31: c6:3e:24:01:ef:ee:3f:a9:98:d5:79:ab:cf:c0:6e: 54:42:ab:ea:be:49:8a:d9:dc:92:87:31:2c:38:1b: ec:2f:14:17:fd:54:f8:58:b4:30:4d:78:2b:3b:c6: dd:be:51:a9:1b:09:de:39:e1:49:fe:ff:08:17:14: c3:7c:68:ee:c7:55:9d:68:ec:bf:a4:56:f3:b6:f0: 19:c9:a9:c8:f7:af:88:bd:db:ac:ca:dc:d6:bc:ff: 38:9c:0a:15:96:7d:58:7b:8a:49:07:dc:d2:d1:f2: 39:d3:ac:cb:16:84:9a:fe:f3:2e:97:1c:94:98:fe: 22:7e:78:27:46:b2:ea:ad:fd:3f:3b:dc:1b:16:62: 92:dc:20:12:73:e4:05:1b:e5:4d:de:20:f6:3d:b5: b7:88:68:02:33:20:07:e4:56:fc:4f:7f:8f:96:48: 3d:4d:0e:a1:9b:74:75:77:cf:c3:8e:fc:90:b0:73: 50:47:70:09:58:63:96:d1:60:17:cd:c8:01:66:5e: 08:a5:27:03:ce:02:ae:29:e2:24:cf:d4:dd:d1:b4: d1:17 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:51:A2:87:7D:8C:B7:BE:C0:F3:2E:1C:F8:25:36:DC:88:D7:88:7E X509v3 Authority Key Identifier: keyid:29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 40:fc:d3:ce:f4:af:b8:bd:b1:e9:af:1e:1b:41:2f:f1:ab:74: ec:08:83:39:89:90:8f:21:82:58:4a:d0:c4:e9:b6:70:dc:92: b3:ba:2f:de:6e:fa:6b:2b:e8:a4:e1:18:a1:1a:93:6a:78:83: 8b:88:7c:41:7e:60:64:ae:ed:f9:d0:8a:ad:4f:c2:07:cc:eb: 05:6e:83:39:df:6a:62:b7:56:ef:c5:e0:4e:ef:57:78:93:6d: d5:7b:95:52:d8:35:89:c9:d1:ff:c8:e5:87:1e:f7:ef:84:6e: fa:43:d6:dd:a6:12:63:3b:07:03:48:c4:70:74:1c:ea:85:f3: d2:b3:b9:1c:a0:3c:6c:0f:00:3d:d0:10:87:19:61:39:ab:9b: 7b:a4:0f:aa:54:16:58:a9:35:96:6b:54:af:50:3d:97:11:9a: 53:98:3c:6e:72:61:38:36:84:e9:aa:4d:93:fd:8e:ca:20:10: f6:84:13:97:d8:4e:03:1d:6b:ff:fc:ad:bd:14:a9:b3:40:f9: b8:f9:b0:91:4e:e9:c4:b0:0b:c8:e7:a6:39:4c:41:17:e1:29: cd:36:dd:60:ed:3d:3b:0f:52:ce:e3:68:7a:21:66:7c:58:5d: 8e:ef:0f:c7:17:32:ad:25:95:14:ca:80:65:97:23:98:8f:de: 4c:c5:b8:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlCODkxMTAvBgNVBAUTKDI5MDM3QkJGOTJGMkIwRjRDMzMwQTFDREQ0QTc2MjU2 Q0Q3QTU0MjIwHhcNMjUwNzAxMDcwNDA5WhcNMjUwNzA4MDcwNDA5WjAYMRYwFAYD VQQDEw02ODYzODg2OS02ZTJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2mdfpZ1DSpr/VQJyiJ6wkbVFbazkp2rh8kG6P47f/UWqOWMcMYxflKjQlDHG PiQB7+4/qZjVeavPwG5UQqvqvkmK2dyShzEsOBvsLxQX/VT4WLQwTXgrO8bdvlGp GwneOeFJ/v8IFxTDfGjux1WdaOy/pFbztvAZyanI96+IvdusytzWvP84nAoVln1Y e4pJB9zS0fI506zLFoSa/vMulxyUmP4ifngnRrLqrf0/O9wbFmKS3CASc+QFG+VN 3iD2PbW3iGgCMyAH5Fb8T3+Plkg9TQ6hm3R1d8/DjvyQsHNQR3AJWGOW0WAXzcgB Zl4IpScDzgKuKeIkz9Td0bTRFwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNtRood9 jLe+wPMuHPglNtyI14h+MB8GA1UdIwQYMBaAFCkDe7+S8rD0wzChzdSnYlbNelQi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUI4OS80MzY3QzIwRTZD MTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQVERNS0hOMUtkaVZzMTZW Q0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRTjd2NUx5c1BURE1LSE4xS2RpVnMxNlZDSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUI4OS80MzY3QzIwRTZDMTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQ VERNS0hOMUtkaVZzMTZWQ0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBA/NPO9K+4vbHprx4bQS/xq3TsCIM5iZCPIYJYStDE6bZw3JKzui/e bvprK+ik4RihGpNqeIOLiHxBfmBkru350IqtT8IHzOsFboM532pit1bvxeBO71d4 k23Ve5VS2DWJydH/yOWHHvfvhG76Q9bdphJjOwcDSMRwdBzqhfPSs7kcoDxsDwA9 0BCHGWE5q5t7pA+qVBZYqTWWa1SvUD2XEZpTmDxucmE4NoTpqk2T/Y7KIBD2hBOX 2E4DHWv//K29FKmzQPm4+bCRTunEsAvI56Y5TEEX4SnNNt1g7T07D1LO42h6IWZ8 WF2O7w/HFzKtJZUUyoBllyOYj95Mxbiq -----END CERTIFICATE-----Generated at Thu Jul 3 07:58:05 2025 by rpki-client