$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft File: KHuwzWb71-W3qIumZ4kSTAsExXg.mft (raw, json) Hash identifier: y1rCVWa/woH9gho34u2xlb3yHdXoMe7Y1DvygtPrGnU= Subject key identifier: 95:DB:66:A5:AE:76:92:F6:69:16:1C:35:80:45:A8:A3:30:AB:5A:16 Authority key identifier: 28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 Certificate issuer: /CN=A91EAE25/serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Certificate serial: 0BAA Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft Manifest number: 0B9D Signing time: Fri 22 Aug 2025 19:07:45 +0000 Manifest this update: Fri 22 Aug 2025 19:07:45 +0000 Manifest next update: Fri 29 Aug 2025 19:07:45 +0000 Files and hashes: 1: KHuwzWb71-W3qIumZ4kSTAsExXg.crl (hash: jzaiwgfwkfE+/Kuxg8bOBONoROuAw7ZbB2yiZEmWO/4=) 2: 2BA212DC306D11EA81D19B38C4F9AE02.roa (hash: t1CbmrYkwmBmGPrreNUR9MWvKRnTUYs/Z13bobbplHk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 19:07:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2986 (0xbaa) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE25, serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Validity Not Before: Aug 22 19:07:45 2025 GMT Not After : Aug 29 19:07:45 2025 GMT Subject: CN=68a8c001-49bf Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:b6:a6:e7:a0:2e:1b:cc:6b:fa:02:5e:7c:6c: 20:df:eb:9f:94:96:f9:25:6d:a8:1c:84:89:b1:87: 24:88:32:9d:58:a4:3a:0e:64:17:5c:3f:ab:44:3a: b9:15:72:60:f1:01:78:4a:be:f2:d8:54:c3:89:c1: 84:7e:5c:4c:b0:f1:b9:44:0f:12:89:6f:29:4a:bd: 56:07:e8:cd:18:9f:3e:ff:ae:4b:3e:dc:3a:45:64: 33:25:73:c7:ef:c0:c7:0e:fa:e6:fe:a6:e1:4c:4d: c7:87:34:ff:24:a0:65:6c:48:c2:17:01:9a:56:2e: 59:e5:96:7d:71:55:a0:db:1a:dc:2b:aa:b7:93:a8: fd:e6:6e:3d:f1:70:91:6b:d6:cd:3b:1a:b4:2d:63: 66:1b:2a:4e:b3:e2:cf:fa:d5:61:eb:40:37:38:ef: 4e:ca:87:92:81:15:b9:df:e2:1d:f0:2a:39:7d:9e: 6c:6b:9a:26:7d:95:6e:62:0c:05:07:52:a0:02:cb: a0:70:f2:67:ec:26:f4:dd:95:80:00:c4:0e:5d:60: 84:d4:6f:d7:1a:19:c0:88:6a:a4:f5:5c:55:08:48: 68:81:bb:8a:50:a5:c9:fa:66:3e:b9:84:ac:3f:d8: 88:2e:d7:0c:96:3e:2f:28:10:40:05:e2:54:a4:43: 18:4b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:DB:66:A5:AE:76:92:F6:69:16:1C:35:80:45:A8:A3:30:AB:5A:16 X509v3 Authority Key Identifier: keyid:28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7b:64:1f:d4:5b:b9:fd:7a:75:b8:46:da:44:96:5c:89:15:3e: 5b:e2:f5:87:4f:46:2e:ae:81:91:28:5b:c0:ac:88:4e:94:d0: fd:80:7e:91:67:05:48:59:24:b3:89:f9:8e:53:49:61:b4:69: 54:5c:1b:3e:f4:26:aa:5c:57:66:06:58:1e:b9:b2:25:1d:05: ae:d6:50:23:dd:32:52:11:84:3c:67:e3:1c:0d:96:42:77:36: e6:d5:5c:28:57:c1:2e:51:b2:7b:86:43:ed:bc:4d:23:84:1b: ce:0a:e5:cc:ca:4c:ab:dc:e7:76:83:45:fd:d3:0b:04:7f:fd: 2b:ec:e1:bb:a8:5b:a9:35:30:80:a9:a5:da:16:81:53:e4:2b: f6:7b:e9:25:1b:92:ad:36:64:8f:0b:81:b1:e0:e8:b0:ec:e5: 6b:84:11:47:f5:3d:d0:d3:53:47:5d:06:a6:6d:99:47:38:8b: 2d:3d:d6:71:6b:58:3b:a8:d9:7c:59:38:1a:28:87:eb:4f:2a: 7b:1f:f3:79:67:f9:23:15:24:df:d8:97:4f:0f:13:75:2e:87: dc:2b:6f:96:7e:ed:99:39:6f:0c:86:c3:31:9c:bf:77:6d:09: 47:68:c3:65:ed:28:59:0e:aa:30:43:d8:1f:95:10:13:b6:4a: c6:87:e3:9d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC6owDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFMjUxMTAvBgNVBAUTKDI4N0JCMENENjZGQkQ3RTVCN0E4OEJBNjY3ODkxMjRD MEIwNEM1NzgwHhcNMjUwODIyMTkwNzQ1WhcNMjUwODI5MTkwNzQ1WjAYMRYwFAYD VQQDEw02OGE4YzAwMS00OWJmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0Lam56AuG8xr+gJefGwg3+uflJb5JW2oHISJsYckiDKdWKQ6DmQXXD+rRDq5 FXJg8QF4Sr7y2FTDicGEflxMsPG5RA8SiW8pSr1WB+jNGJ8+/65LPtw6RWQzJXPH 78DHDvrm/qbhTE3HhzT/JKBlbEjCFwGaVi5Z5ZZ9cVWg2xrcK6q3k6j95m498XCR a9bNOxq0LWNmGypOs+LP+tVh60A3OO9OyoeSgRW53+Id8Co5fZ5sa5omfZVuYgwF B1KgAsugcPJn7Cb03ZWAAMQOXWCE1G/XGhnAiGqk9VxVCEhogbuKUKXJ+mY+uYSs P9iILtcMlj4vKBBABeJUpEMYSwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJXbZqWu dpL2aRYcNYBFqKMwq1oWMB8GA1UdIwQYMBaAFCh7sM1m+9flt6iLpmeJEkwLBMV4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUyNS82OEU1N0FFRTMw NjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEtVzNxSXVtWjRrU1RBc0V4 WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIdXd6V2I3MS1XM3FJdW1aNGtTVEFzRXhYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUyNS82OEU1N0FFRTMwNjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEt VzNxSXVtWjRrU1RBc0V4WGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB7ZB/UW7n9enW4RtpEllyJFT5b4vWHT0YuroGRKFvArIhOlND9gH6R ZwVIWSSzifmOU0lhtGlUXBs+9CaqXFdmBlgeubIlHQWu1lAj3TJSEYQ8Z+McDZZC dzbm1VwoV8EuUbJ7hkPtvE0jhBvOCuXMykyr3Od2g0X90wsEf/0r7OG7qFupNTCA qaXaFoFT5Cv2e+klG5KtNmSPC4Gx4Oiw7OVrhBFH9T3Q01NHXQambZlHOIstPdZx a1g7qNl8WTgaKIfrTyp7H/N5Z/kjFSTf2JdPDxN1LofcK2+Wfu2ZOW8MhsMxnL93 bQlHaMNl7ShZDqowQ9gflRATtkrGh+Od -----END CERTIFICATE-----Generated at Sat Aug 23 18:21:57 2025 by rpki-client