$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: 9J1Sm8Mt/5/ZqJJ808b1aRemzLNi7fb68ePnGV/FrfY= Subject key identifier: 29:EF:F8:D2:D3:2A:01:38:68:3B:26:3A:58:18:AF:FD:EC:A5:96:A9 Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 062D Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0621 Signing time: Fri 22 Aug 2025 16:05:11 +0000 Manifest this update: Fri 22 Aug 2025 16:05:10 +0000 Manifest next update: Fri 29 Aug 2025 16:05:10 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: e7e+sQIb8tmX/m+Qo/4We0M0OkmER+Q8Yt/reOFDGOE=) 2: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: JYcdT8gc4SSOPp9mZ4cChcf87lzFLOtfwrJ4fYMBet4=) 3: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: eSlTAoQ5k0fFKiHMdeu9X90T/rFtlTnA6Fx/5ofc1sU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 16:05:10 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1581 (0x62d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Aug 22 16:05:10 2025 GMT Not After : Aug 29 16:05:10 2025 GMT Subject: CN=68a89537-b6bb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c5:2f:a5:75:fe:3b:31:ca:48:3f:e6:a0:c1:e2: 7a:c4:48:65:be:78:f1:e6:c0:91:c5:3f:63:f9:18: 88:ef:5e:71:18:59:b5:1c:af:30:f0:0e:da:0a:6a: fa:a2:ee:e7:f5:c2:9d:11:fd:fb:5f:1b:70:54:ea: 55:cd:b0:a6:2c:68:37:9b:df:8c:75:76:97:f8:09: 13:d1:0a:58:f7:05:ba:9b:fc:61:a8:e3:a4:e8:dc: 02:b5:06:51:39:55:6b:77:8d:3d:37:2f:4a:e2:59: d1:98:83:5c:37:55:86:de:4f:cb:ca:07:ca:98:e6: 3b:34:1e:14:70:46:7d:8e:d8:21:a7:61:6a:77:fe: bb:57:4e:65:e9:3a:3c:0a:43:7b:4b:98:bb:4e:7e: 10:73:58:2c:b1:ab:bf:ac:5b:06:a3:51:57:b7:36: e4:c5:94:03:9c:21:be:fe:b7:6f:f6:3c:c3:1d:99: b2:2c:6f:17:36:1a:1a:b3:64:f7:8a:39:e2:d1:a8: 27:e1:04:1b:70:17:8e:9d:ae:bd:ac:07:26:c6:17: 77:81:18:bb:1c:bb:f5:f6:d7:bb:f6:cb:35:f8:06: 78:2f:c9:b5:c4:b0:7a:fc:b2:6f:24:50:0f:4e:8f: 1a:f9:5d:76:8e:74:43:5b:5f:3a:b5:dd:a6:75:6f: de:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 29:EF:F8:D2:D3:2A:01:38:68:3B:26:3A:58:18:AF:FD:EC:A5:96:A9 X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8d:2d:23:2c:68:99:41:f1:33:38:a3:f0:33:e7:ba:66:ed:32: d2:af:44:59:fb:2a:55:2a:ec:d6:8a:de:3d:dc:91:36:aa:2e: 77:f1:a4:cc:40:df:98:a0:57:1f:56:83:ba:ed:f9:67:84:33: 8e:d3:1e:3f:ef:db:d0:ae:97:d1:09:ba:4a:4d:75:a3:46:eb: 17:78:02:d6:e4:a6:e2:f3:b1:a9:46:5c:5a:ec:bd:cb:75:02: c7:c0:85:8c:7b:0f:6a:06:53:11:84:98:e8:28:f8:3c:73:03: 48:79:ca:ff:76:1a:ed:a2:d3:55:3b:2e:70:4a:a9:66:17:c3: 59:f4:32:d4:39:0b:49:e3:d0:d7:2c:45:8a:dd:dd:2c:9f:94: 03:c5:f0:3f:bd:3b:3e:0f:cf:a2:58:e1:1a:fa:d9:04:2f:89: 92:4a:79:86:16:2d:00:0d:44:81:17:03:fd:44:4b:28:20:e8: ec:70:23:45:6c:a8:13:a8:70:25:e2:d0:13:1a:64:1e:b8:b6: 62:78:98:f0:b2:d4:5c:f6:60:12:d7:80:20:bc:29:30:05:85: e1:46:bc:cd:99:8c:c6:95:f1:2c:58:c7:1e:51:4e:24:61:66: 68:11:70:b3:22:55:a6:03:8b:5f:15:a6:b0:f6:f9:4b:b2:e8: 82:62:5d:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBi0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjUwODIyMTYwNTEwWhcNMjUwODI5MTYwNTEwWjAYMRYwFAYD VQQDEw02OGE4OTUzNy1iNmJiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxS+ldf47McpIP+agweJ6xEhlvnjx5sCRxT9j+RiI715xGFm1HK8w8A7aCmr6 ou7n9cKdEf37XxtwVOpVzbCmLGg3m9+MdXaX+AkT0QpY9wW6m/xhqOOk6NwCtQZR OVVrd409Ny9K4lnRmINcN1WG3k/LygfKmOY7NB4UcEZ9jtghp2Fqd/67V05l6To8 CkN7S5i7Tn4Qc1gssau/rFsGo1FXtzbkxZQDnCG+/rdv9jzDHZmyLG8XNhoas2T3 ijni0agn4QQbcBeOna69rAcmxhd3gRi7HLv19te79ss1+AZ4L8m1xLB6/LJvJFAP To8a+V12jnRDW186td2mdW/e4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCnv+NLT KgE4aDsmOlgYr/3spZapMB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCNLSMsaJlB8TM4o/Az57pm7TLSr0RZ+ypVKuzWit493JE2qi538aTM QN+YoFcfVoO67flnhDOO0x4/79vQrpfRCbpKTXWjRusXeALW5Kbi87GpRlxa7L3L dQLHwIWMew9qBlMRhJjoKPg8cwNIecr/dhrtotNVOy5wSqlmF8NZ9DLUOQtJ49DX LEWK3d0sn5QDxfA/vTs+D8+iWOEa+tkEL4mSSnmGFi0ADUSBFwP9REsoIOjscCNF bKgTqHAl4tATGmQeuLZieJjwstRc9mAS14AgvCkwBYXhRrzNmYzGlfEsWMceUU4k YWZoEXCzIlWmA4tfFaaw9vlLsuiCYl09 -----END CERTIFICATE-----Generated at Sun Aug 24 06:23:15 2025 by rpki-client