$ rpki-client -vvf rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft File: KHuwzWb71-W3qIumZ4kSTAsExXg.mft (raw, json) Hash identifier: siPh+PzU1L8FddY0nG1DqUmtkGR1OeTkVhfKBBdmJhE= Subject key identifier: EE:FA:D4:B4:64:47:10:EB:B6:9F:33:8F:C3:D9:4B:C8:2B:2E:1F:FE Authority key identifier: 28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 Certificate issuer: /CN=A91EAE25/serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Certificate serial: 0B84 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft Manifest number: 0B7A Signing time: Mon 30 Jun 2025 19:13:02 +0000 Manifest this update: Mon 30 Jun 2025 19:13:01 +0000 Manifest next update: Mon 07 Jul 2025 19:13:01 +0000 Files and hashes: 1: KHuwzWb71-W3qIumZ4kSTAsExXg.crl (hash: P3L+dfctKkzMMGnOAOs+OfOJ7FAcKWiYwI6434l+HxM=) 2: 2BA212DC306D11EA81D19B38C4F9AE02.roa (hash: 3O/Wog4x2tDqfQkXBLn8rR3jiMrnPghGptwvVcI/q+8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 07 Jul 2025 19:13:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2948 (0xb84) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EAE25, serialNumber=287BB0CD66FBD7E5B7A88BA66789124C0B04C578 Validity Not Before: Jun 30 19:13:01 2025 GMT Not After : Jul 7 19:13:01 2025 GMT Subject: CN=6862e1bd-697b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a6:04:e8:06:b1:bd:1b:a1:64:46:22:83:8f:76: 3c:7c:ea:46:2a:88:e2:dc:2c:d1:29:3d:cd:b3:05: 8d:aa:7c:ae:c6:e9:a3:84:ff:9a:0d:69:2d:5b:40: 56:fa:25:15:ac:d5:17:05:3b:76:c3:6b:4b:5f:30: f7:83:c7:0d:b7:c9:f6:60:1c:d8:4e:83:33:3a:a3: 5a:74:3a:21:7e:d0:a0:d8:f5:f3:4a:6d:ef:c9:32: 95:04:bd:c8:e9:be:36:65:b7:69:71:93:bf:96:f7: e4:02:92:59:9c:08:7f:b6:9c:c8:78:15:4e:78:7e: 4f:1d:ee:32:d7:e8:94:78:17:b6:ff:af:54:c5:59: 97:e8:9b:60:07:f9:dc:79:1e:d6:5a:e6:28:96:65: 40:65:52:c1:57:da:6e:38:f7:0d:ab:12:54:eb:d2: 27:0a:75:03:8b:a2:3e:0c:3c:0a:03:42:e2:3b:74: d1:2b:46:43:dc:20:dc:f8:92:1e:8c:ce:45:6a:60: e7:03:31:48:db:07:77:96:30:25:46:b8:a0:12:b2: d8:d6:35:f3:df:56:4b:2c:df:e0:de:60:05:aa:af: 32:4b:f1:2a:31:f7:aa:51:86:ef:ba:89:8f:ef:90: bc:e3:90:bc:a2:93:d5:10:bc:76:61:53:6d:d8:ac: 36:a7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: EE:FA:D4:B4:64:47:10:EB:B6:9F:33:8F:C3:D9:4B:C8:2B:2E:1F:FE X509v3 Authority Key Identifier: keyid:28:7B:B0:CD:66:FB:D7:E5:B7:A8:8B:A6:67:89:12:4C:0B:04:C5:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHuwzWb71-W3qIumZ4kSTAsExXg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EAE25/68E57AEE306811EAA706E32AC4F9AE02/KHuwzWb71-W3qIumZ4kSTAsExXg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 21:19:78:e0:1d:08:7c:3d:ed:39:bc:7d:f6:de:4d:fc:ca:d3: 8a:58:7c:28:4d:ea:28:0d:23:4e:e6:70:48:f5:5a:00:24:ad: 37:89:10:47:eb:27:ea:28:3a:22:b6:2f:62:90:af:16:aa:dc: 3e:dd:1b:4d:cd:38:de:4c:60:ca:72:48:e2:95:90:b4:db:f8: e4:ee:d8:4e:13:c0:2e:6e:06:36:65:6d:1e:e4:7b:ef:42:5b: f4:cb:a4:26:fc:1b:e3:6c:c4:19:d1:78:38:8e:44:9b:08:20: 69:ae:d3:78:e7:0c:8e:12:94:40:80:41:a0:37:9c:9e:d4:1c: e0:a6:cd:61:62:41:16:27:47:52:6f:7d:e6:ce:d2:7a:3e:bf: 95:d1:6b:d6:c1:fd:0d:24:ac:e2:f0:a0:12:9b:1d:62:2e:16: ac:c0:66:1f:5d:3f:9b:78:ef:97:19:c7:d6:7b:cf:45:1f:1e: f1:50:5d:a9:98:38:70:81:09:8c:c5:5c:67:d3:5e:38:26:89: eb:fe:08:b9:74:4b:5f:96:98:4f:30:c2:d4:e6:a3:a4:19:67: 01:81:0d:2a:42:31:e6:ad:26:97:5c:c6:38:56:87:57:16:87: fc:2e:ba:ec:f8:ea:fa:09:ed:e2:14:c4:98:f3:1e:f0:5a:d5: ff:8a:aa:b6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICC4QwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUFFMjUxMTAvBgNVBAUTKDI4N0JCMENENjZGQkQ3RTVCN0E4OEJBNjY3ODkxMjRD MEIwNEM1NzgwHhcNMjUwNjMwMTkxMzAxWhcNMjUwNzA3MTkxMzAxWjAYMRYwFAYD VQQDEw02ODYyZTFiZC02OTdiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEApgToBrG9G6FkRiKDj3Y8fOpGKoji3CzRKT3NswWNqnyuxumjhP+aDWktW0BW +iUVrNUXBTt2w2tLXzD3g8cNt8n2YBzYToMzOqNadDohftCg2PXzSm3vyTKVBL3I 6b42ZbdpcZO/lvfkApJZnAh/tpzIeBVOeH5PHe4y1+iUeBe2/69UxVmX6JtgB/nc eR7WWuYolmVAZVLBV9puOPcNqxJU69InCnUDi6I+DDwKA0LiO3TRK0ZD3CDc+JIe jM5FamDnAzFI2wd3ljAlRrigErLY1jXz31ZLLN/g3mAFqq8yS/EqMfeqUYbvuomP 75C845C8opPVELx2YVNt2Kw2pwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFO761LRk RxDrtp8zj8PZS8grLh/+MB8GA1UdIwQYMBaAFCh7sM1m+9flt6iLpmeJEkwLBMV4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQUUyNS82OEU1N0FFRTMw NjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEtVzNxSXVtWjRrU1RBc0V4 WGcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIdXd6V2I3MS1XM3FJdW1aNGtTVEFzRXhYZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QUUyNS82OEU1N0FFRTMwNjgxMUVBQTcwNkUzMkFDNEY5QUUwMi9LSHV3eldiNzEt VzNxSXVtWjRrU1RBc0V4WGcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAhGXjgHQh8Pe05vH323k38ytOKWHwoTeooDSNO5nBI9VoAJK03iRBH 6yfqKDoiti9ikK8Wqtw+3RtNzTjeTGDKckjilZC02/jk7thOE8AubgY2ZW0e5Hvv Qlv0y6Qm/BvjbMQZ0Xg4jkSbCCBprtN45wyOEpRAgEGgN5ye1Bzgps1hYkEWJ0dS b33mztJ6Pr+V0WvWwf0NJKzi8KASmx1iLhaswGYfXT+beO+XGcfWe89FHx7xUF2p mDhwgQmMxVxn0144Jonr/gi5dEtflphPMMLU5qOkGWcBgQ0qQjHmrSaXXMY4VodX Fof8Lrrs+Or6Ce3iFMSY8x7wWtX/iqq2 -----END CERTIFICATE-----Generated at Tue Jul 1 21:09:01 2025 by rpki-client