$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: uGU7lvWuzpuD2yXSW1NySBExvCBHwGuovzrr9o6jKDw= Subject key identifier: DC:9C:02:32:1F:0F:1D:5A:A6:67:05:9F:4C:A3:00:09:64:2C:7C:DB Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: A9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: A7 Signing time: Thu 03 Jul 2025 06:18:43 +0000 Manifest this update: Thu 03 Jul 2025 06:18:43 +0000 Manifest next update: Thu 10 Jul 2025 06:18:43 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: ylpw4THbp8GwRncyXvN5ftbqvRQEr7xA4PgtZu3URQs=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ku0nQgImAfjqlfmOWSwIKN/zsrk6kYnMycZSjI2lh3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 10 Jul 2025 03:15:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 169 (0xa9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7, serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: Jul 3 06:18:43 2025 GMT Not After : Jul 10 06:18:43 2025 GMT Subject: CN=686620c3-7dcd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:bc:55:da:ce:84:a4:e9:64:a3:3a:25:bb:1b: 3f:86:2a:94:8b:14:9e:c4:03:f9:e0:be:56:e6:2d: a1:59:b2:f9:43:c4:b3:2c:4a:d7:ea:3e:39:bb:83: 05:9c:58:a5:53:bf:a4:02:8a:bd:0a:e2:e9:5a:53: 94:ab:58:32:a0:41:84:fa:7e:e0:b2:09:3f:54:36: f9:02:9c:01:d2:3b:76:71:0b:71:2a:b8:25:8f:14: 5c:df:13:cc:8f:f5:2d:5f:91:17:88:0f:1a:19:47: 60:68:8e:b9:34:70:64:56:52:5e:b8:43:4c:70:b4: 6c:aa:3f:a3:e5:60:9b:00:bb:d9:23:3e:78:87:b6: 6e:72:94:cc:d0:fd:29:a5:81:45:0e:68:e2:ba:df: fa:cf:4a:11:a4:ca:ad:fb:ce:61:77:31:16:35:4a: 4b:93:bf:66:71:70:63:8e:04:c9:26:bc:0b:33:67: 9b:58:f2:1e:01:1e:e3:be:c4:cc:0b:90:f2:a1:c5: 82:9a:81:32:b7:80:9b:f7:05:c0:f9:b5:0d:9d:51: ce:4c:f4:15:9f:b9:57:15:90:2a:f0:6f:8b:27:a4: 26:05:3a:e9:7d:ea:39:98:9d:7c:58:cd:b7:0e:b2: f5:d9:3b:f3:2e:c9:00:3b:ea:96:5b:0e:c0:7a:68: 9e:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:9C:02:32:1F:0F:1D:5A:A6:67:05:9F:4C:A3:00:09:64:2C:7C:DB X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c4:6b:bb:d8:ca:18:8f:e8:0c:c0:d7:5e:74:a6:2c:06:b5:ce: 49:f8:37:be:1a:b9:f3:fa:ca:1a:9b:1e:9a:9e:58:52:14:fd: b6:03:c4:0b:08:39:02:98:9a:79:17:ea:27:51:a5:ba:f4:ad: f5:66:5a:d2:b8:db:0f:74:ec:57:4d:22:2d:0b:5e:9d:d7:60: e8:31:70:8f:43:5e:4e:bd:c2:c0:d8:c4:c9:a0:16:ee:5e:a1: f0:cf:dd:30:99:d3:bd:34:b7:d9:3d:30:b1:66:2a:a6:37:3a: 46:0f:af:79:b4:92:da:2f:50:13:08:f3:c1:56:8f:17:17:79: 3b:54:a0:7e:a4:67:80:81:9c:83:e4:af:74:e4:2d:e1:40:a6: 02:46:51:92:4e:79:f7:55:03:36:87:40:90:7a:6f:89:31:72: 9c:ed:a2:ce:ee:29:b6:19:cb:5d:5e:c2:9b:ad:d2:b5:67:72: 20:5e:fd:2a:4a:c2:03:dd:22:f2:37:d1:1a:ce:eb:d4:d6:76: 38:5e:5c:33:f2:44:f8:b1:94:66:d8:33:09:16:4e:29:b7:7c: 54:78:68:e4:16:bc:ff:00:ba:6e:d7:72:8b:51:cf:55:c2:22: 4b:af:55:c7:0a:b3:7f:10:ca:5f:6d:ae:97:2e:2a:df:55:f2: 1b:7a:13:28 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDRTcxMTAvBgNVBAUTKDkwMUE5RjlFOEFFNDA2MkU1MjE5Qjc2NTJEOEU5RkVF N0VDNUFFMzMwHhcNMjUwNzAzMDYxODQzWhcNMjUwNzEwMDYxODQzWjAYMRYwFAYD VQQDEw02ODY2MjBjMy03ZGNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4LxV2s6EpOlkozoluxs/hiqUixSexAP54L5W5i2hWbL5Q8SzLErX6j45u4MF nFilU7+kAoq9CuLpWlOUq1gyoEGE+n7gsgk/VDb5ApwB0jt2cQtxKrgljxRc3xPM j/UtX5EXiA8aGUdgaI65NHBkVlJeuENMcLRsqj+j5WCbALvZIz54h7ZucpTM0P0p pYFFDmjiut/6z0oRpMqt+85hdzEWNUpLk79mcXBjjgTJJrwLM2ebWPIeAR7jvsTM C5DyocWCmoEyt4Cb9wXA+bUNnVHOTPQVn7lXFZAq8G+LJ6QmBTrpfeo5mJ18WM23 DrL12TvzLskAO+qWWw7AemiecQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNycAjIf Dx1apmcFn0yjAAlkLHzbMB8GA1UdIwQYMBaAFJAan56K5AYuUhm3ZS2On+5+xa4z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNFNy83MkY3NUI5ODVB REQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0JpNVNHYmRsTFk2ZjduN0Zy ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJqTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNFNy83MkY3NUI5ODVBREQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0Jp NVNHYmRsTFk2ZjduN0Zyak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDEa7vYyhiP6AzA1150piwGtc5J+De+Grnz+soamx6anlhSFP22A8QL CDkCmJp5F+onUaW69K31ZlrSuNsPdOxXTSItC16d12DoMXCPQ15OvcLA2MTJoBbu XqHwz90wmdO9NLfZPTCxZiqmNzpGD695tJLaL1ATCPPBVo8XF3k7VKB+pGeAgZyD 5K905C3hQKYCRlGSTnn3VQM2h0CQem+JMXKc7aLO7im2GctdXsKbrdK1Z3IgXv0q SsID3SLyN9EazuvU1nY4Xlwz8kT4sZRm2DMJFk4pt3xUeGjkFrz/ALpu13KLUc9V wiJLr1XHCrN/EMpfba6XLirfVfIbehMo -----END CERTIFICATE-----Generated at Thu Jul 3 08:04:51 2025 by rpki-client