$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: sQepDG1XnrCHQw/tbIybnFthRwc++CcAUMw3D6fdN88= Subject key identifier: C2:84:0C:38:13:9E:2B:F4:8B:D5:EC:6B:B5:46:E7:27:7B:31:0F:9B Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01E2 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01D8 Signing time: Sat 23 Aug 2025 02:59:07 +0000 Manifest this update: Sat 23 Aug 2025 02:59:07 +0000 Manifest next update: Sat 30 Aug 2025 02:59:07 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: 3i5MlquqUvk4ThuK0rdYTonHigJSO4YJr9EdOUzmxeM=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 30 Aug 2025 02:59:06 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 482 (0x1e2) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Aug 23 02:59:07 2025 GMT Not After : Aug 30 02:59:07 2025 GMT Subject: CN=68a92e7b-af0f Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:09:9a:69:ae:07:ad:47:c4:5a:91:1d:aa:9f: 3b:f7:1d:f9:0f:72:63:11:fc:bc:15:54:a7:e9:ff: 5d:bf:21:1a:d8:ab:83:c6:61:06:08:9f:62:5d:cf: d4:93:d5:4e:74:3a:46:5a:d3:3d:1e:ad:db:55:43: 57:0c:e7:af:89:5f:23:05:cc:bd:c0:4a:19:01:77: e0:9b:8d:38:d4:15:d3:e5:ef:df:32:9f:44:89:de: f3:bf:55:ff:63:a3:c4:57:20:cb:4b:cc:d4:43:e1: 25:0c:64:dd:2d:f4:a5:2f:3b:f1:4d:0c:10:4d:d8: 77:84:68:ee:35:ec:8b:4f:10:41:1e:64:b1:8a:4c: a7:96:f8:5f:db:9e:70:6b:27:95:49:f2:b3:d1:c4: 33:25:90:b8:d2:f1:67:26:24:4f:e0:dd:fd:42:f5: b7:4a:0e:b3:a9:46:9a:3e:4a:9e:bc:0d:c3:fa:65: 7f:88:1b:49:30:0b:99:db:99:c1:d5:48:78:0d:af: 07:97:47:ef:f6:b5:b0:2e:3a:bf:04:a3:fd:52:7e: 4b:47:44:58:85:8e:f4:7c:6e:25:d3:b5:e8:29:c1: 89:6d:5f:4e:88:a2:ad:fb:65:55:43:8f:1f:c3:07: c2:77:d0:79:6f:6a:28:ae:25:d7:e8:cb:0c:3d:99: 76:69 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C2:84:0C:38:13:9E:2B:F4:8B:D5:EC:6B:B5:46:E7:27:7B:31:0F:9B X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4a:95:33:f5:9b:9d:26:fb:68:35:2f:61:68:08:f7:b0:a6:01: 8a:74:4d:ac:b7:1a:3f:94:87:c4:f2:31:8e:56:7c:2b:84:71: 8a:ec:d6:de:0a:80:2c:81:55:9d:c2:4f:fc:4b:5d:ca:ef:17: 24:70:73:e3:1f:80:14:59:1b:4c:b6:a2:00:6f:d4:45:b9:74: 5b:f0:ab:51:86:19:42:ec:da:64:a3:23:f2:2d:23:2e:0a:4e: 18:a3:e5:df:01:69:d1:c5:c0:24:2c:03:8e:29:e7:66:c6:ba: 0c:b6:fd:37:da:06:e1:2b:18:f9:b9:ec:36:09:64:25:ec:8f: c7:27:41:43:48:81:8e:be:70:42:ad:4a:cc:b0:09:01:cd:9f: 07:aa:4e:a8:95:ab:a5:d6:a3:11:df:e8:21:82:41:18:4b:1a: 65:55:0b:67:33:11:d7:cf:86:c8:cf:8e:66:0c:91:5e:a6:bd: 4b:e4:d7:ac:02:ed:61:c5:6a:0d:93:c0:ce:5e:bb:3b:e8:3a: cd:3f:65:71:d3:a5:8c:b8:b1:95:e2:85:a0:44:ab:cb:b9:62: 0e:e6:2f:d7:34:8c:f2:1e:a4:1f:13:63:86:b9:ed:49:e4:f5: bd:79:77:2b:41:de:c9:8c:14:47:85:d4:55:02:18:0b:21:51: b6:87:19:06 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAeIwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwODIzMDI1OTA3WhcNMjUwODMwMDI1OTA3WjAYMRYwFAYD VQQDEw02OGE5MmU3Yi1hZjBmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxwmaaa4HrUfEWpEdqp879x35D3JjEfy8FVSn6f9dvyEa2KuDxmEGCJ9iXc/U k9VOdDpGWtM9Hq3bVUNXDOeviV8jBcy9wEoZAXfgm4041BXT5e/fMp9Eid7zv1X/ Y6PEVyDLS8zUQ+ElDGTdLfSlLzvxTQwQTdh3hGjuNeyLTxBBHmSxikynlvhf255w ayeVSfKz0cQzJZC40vFnJiRP4N39QvW3Sg6zqUaaPkqevA3D+mV/iBtJMAuZ25nB 1Uh4Da8Hl0fv9rWwLjq/BKP9Un5LR0RYhY70fG4l07XoKcGJbV9OiKKt+2VVQ48f wwfCd9B5b2ooriXX6MsMPZl2aQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMKEDDgT niv0i9Xsa7VG5yd7MQ+bMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBKlTP1m50m+2g1L2FoCPewpgGKdE2stxo/lIfE8jGOVnwrhHGK7Nbe CoAsgVWdwk/8S13K7xckcHPjH4AUWRtMtqIAb9RFuXRb8KtRhhlC7NpkoyPyLSMu Ck4Yo+XfAWnRxcAkLAOOKedmxroMtv032gbhKxj5uew2CWQl7I/HJ0FDSIGOvnBC rUrMsAkBzZ8Hqk6olaul1qMR3+ghgkEYSxplVQtnMxHXz4bIz45mDJFepr1L5Nes Au1hxWoNk8DOXrs76DrNP2Vx06WMuLGV4oWgRKvLuWIO5i/XNIzyHqQfE2OGue1J 5PW9eXcrQd7JjBRHhdRVAhgLIVG2hxkG -----END CERTIFICATE-----Generated at Sat Aug 23 15:36:36 2025 by rpki-client