$ rpki-client -vvf rpki.apnic.net/member_repository/A91F4F00/3DA69016135711EBA23DA714C4F9AE02/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.mft File: Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.mft (raw, json) Hash identifier: FDv5BZXuJxiPyBigNNqKLA4+CIMH/xVvMZ+SH9J7Sis= Subject key identifier: 8E:7A:10:E3:A0:65:BB:E2:CA:63:81:0A:68:D9:D1:39:5F:90:81:05 Authority key identifier: 2B:3E:E4:4E:A9:CB:5B:81:29:6B:B6:7D:F0:F5:46:F8:AA:C8:A4:B4 Certificate issuer: /CN=A91F4F00/serialNumber=2B3EE44EA9CB5B81296BB67DF0F546F8AAC8A4B4 Certificate serial: 07AD Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F4F00/3DA69016135711EBA23DA714C4F9AE02/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.mft Manifest number: 07A7 Signing time: Fri 22 Aug 2025 21:28:10 +0000 Manifest this update: Fri 22 Aug 2025 21:28:10 +0000 Manifest next update: Fri 29 Aug 2025 21:28:10 +0000 Files and hashes: 1: Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.crl (hash: Mh/uQ2EpWIOhLGCU+t2YFpkytJDke+GpGuIGl4yHzrI=) 2: 395AFD84135811EB942A3E15C4F9AE02.roa (hash: +nVGHDmFpNMeCZK4D+EYT1WCdxSsITi4ixDFG3tX1xc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F4F00/3DA69016135711EBA23DA714C4F9AE02/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.crl rsync://rpki.apnic.net/member_repository/A91F4F00/3DA69016135711EBA23DA714C4F9AE02/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 21:28:09 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1965 (0x7ad) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F4F00, serialNumber=2B3EE44EA9CB5B81296BB67DF0F546F8AAC8A4B4 Validity Not Before: Aug 22 21:28:10 2025 GMT Not After : Aug 29 21:28:10 2025 GMT Subject: CN=68a8e0ea-d6ef Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b9:eb:fb:dd:61:ed:ce:8e:f6:03:66:5b:c5:ce: a2:8f:e5:30:85:cb:7b:6e:11:9a:dd:c1:33:2f:4a: 37:d8:af:e3:16:52:b1:db:a8:bb:bd:71:34:11:ea: 7c:a1:eb:33:15:d3:1c:6b:d7:5b:88:37:dd:7e:26: f9:7c:e4:3a:d7:52:48:e1:32:3a:4b:5d:23:3f:c2: 20:95:2f:8e:b3:59:69:98:2b:50:6f:5f:a6:97:07: f1:ea:a7:ee:36:6b:93:a1:2a:8b:b1:4c:b4:28:5d: cc:fc:40:8f:cb:37:e6:a9:98:ca:46:fa:af:0a:7e: 20:9b:82:66:08:5c:dd:59:62:a8:83:04:d6:e3:aa: 82:a5:04:d4:6f:5c:e0:0e:b3:b8:e0:f0:9e:9c:a1: 76:09:c0:87:91:b2:20:19:7f:1a:46:b7:06:95:51: 01:19:21:0f:e4:fb:58:d1:1f:26:02:4e:7f:2a:b7: 39:ca:11:1e:9a:dc:b4:44:20:53:aa:4e:cd:d1:96: 72:18:c3:6f:14:51:21:bf:8f:f6:cb:b4:1b:34:c2: a8:a9:ca:48:92:c7:6b:2a:e6:d9:40:ff:a2:4e:f2: 40:d0:09:74:9d:26:ae:3a:63:d9:f3:34:36:8f:9b: c8:62:14:1d:7d:20:77:af:60:fc:06:69:8c:e8:b1: b9:af Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8E:7A:10:E3:A0:65:BB:E2:CA:63:81:0A:68:D9:D1:39:5F:90:81:05 X509v3 Authority Key Identifier: keyid:2B:3E:E4:4E:A9:CB:5B:81:29:6B:B6:7D:F0:F5:46:F8:AA:C8:A4:B4 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F4F00/3DA69016135711EBA23DA714C4F9AE02/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F4F00/3DA69016135711EBA23DA714C4F9AE02/Kz7kTqnLW4Epa7Z98PVG-KrIpLQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 6e:bf:f7:d5:0f:74:81:82:29:1d:f8:69:c7:27:c4:de:b3:c7: ee:a3:33:95:f2:0b:4b:7a:c9:28:c3:f0:67:b8:99:e3:e7:27: 82:dc:25:74:cd:6d:84:5c:b1:2b:7f:45:1f:b7:4f:b6:da:9d: ec:22:23:88:d6:6e:0a:9f:7c:98:7e:dc:18:7c:b0:e7:d9:b7: 15:66:5d:92:11:06:29:d2:e5:80:af:88:52:8a:6a:bb:d7:f3: 17:3e:e7:7d:b5:57:15:2e:bf:4d:55:84:6f:a4:7b:1a:4a:b3: c1:78:55:b7:97:32:eb:e9:68:c8:6a:23:f2:72:21:a8:74:e8: 87:68:4b:da:79:d2:14:50:a4:1e:01:2c:c3:d2:90:06:4e:38: cc:33:e6:be:e5:be:79:a9:bc:a2:66:89:c4:64:20:b5:9d:be: 3d:9e:97:fa:1e:f9:c4:ab:11:84:fd:b7:e7:dd:e3:65:c7:7b: 36:e7:d1:55:28:8d:f7:79:f8:5e:d8:14:af:bd:6d:12:91:fc: 1c:43:13:1a:3e:df:a0:d4:5a:a8:53:a7:0f:5b:91:a8:ef:a3: 9f:f3:1e:86:77:d4:d6:42:72:97:4c:cb:6a:de:ed:bc:fe:bb: e0:83:f4:c1:47:9c:10:b0:ee:f7:2a:be:59:5f:e0:63:31:db: 94:22:f6:25 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB60wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjRGMDAxMTAvBgNVBAUTKDJCM0VFNDRFQTlDQjVCODEyOTZCQjY3REYwRjU0NkY4 QUFDOEE0QjQwHhcNMjUwODIyMjEyODEwWhcNMjUwODI5MjEyODEwWjAYMRYwFAYD VQQDEw02OGE4ZTBlYS1kNmVmMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuev73WHtzo72A2Zbxc6ij+Uwhct7bhGa3cEzL0o32K/jFlKx26i7vXE0Eep8 oeszFdMca9dbiDfdfib5fOQ611JI4TI6S10jP8IglS+Os1lpmCtQb1+mlwfx6qfu NmuToSqLsUy0KF3M/ECPyzfmqZjKRvqvCn4gm4JmCFzdWWKogwTW46qCpQTUb1zg DrO44PCenKF2CcCHkbIgGX8aRrcGlVEBGSEP5PtY0R8mAk5/Krc5yhEemty0RCBT qk7N0ZZyGMNvFFEhv4/2y7QbNMKoqcpIksdrKubZQP+iTvJA0Al0nSauOmPZ8zQ2 j5vIYhQdfSB3r2D8BmmM6LG5rwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFI56EOOg ZbviymOBCmjZ0TlfkIEFMB8GA1UdIwQYMBaAFCs+5E6py1uBKWu2ffD1RviqyKS0 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNEYwMC8zREE2OTAxNjEz NTcxMUVCQTIzREE3MTRDNEY5QUUwMi9LejdrVHFuTFc0RXBhN1o5OFBWRy1Lcklw TFEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0t6N2tUcW5MVzRFcGE3Wjk4UFZHLUtySXBMUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NEYwMC8zREE2OTAxNjEzNTcxMUVCQTIzREE3MTRDNEY5QUUwMi9LejdrVHFuTFc0 RXBhN1o5OFBWRy1LcklwTFEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBuv/fVD3SBgikd+GnHJ8Tes8fuozOV8gtLeskow/BnuJnj5yeC3CV0 zW2EXLErf0Uft0+22p3sIiOI1m4Kn3yYftwYfLDn2bcVZl2SEQYp0uWAr4hSimq7 1/MXPud9tVcVLr9NVYRvpHsaSrPBeFW3lzLr6WjIaiPyciGodOiHaEvaedIUUKQe ASzD0pAGTjjMM+a+5b55qbyiZonEZCC1nb49npf6HvnEqxGE/bfn3eNlx3s259FV KI33efhe2BSvvW0SkfwcQxMaPt+g1FqoU6cPW5Go76Of8x6Gd9TWQnKXTMtq3u28 /rvgg/TBR5wQsO73Kr5ZX+BjMduUIvYl -----END CERTIFICATE-----Generated at Sat Aug 23 20:24:14 2025 by rpki-client