$ rpki-client -vvf rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft File: kGA-NU21aLPKQpAOcDAR55ZiiS4.mft (raw, json) Hash identifier: r30rCofsJ8I24c3v+lIVAta9cQxtsNqtcoIuIHabvRY= Subject key identifier: 8A:48:D7:6C:A3:2A:12:C9:4E:85:DD:28:6E:EA:2D:FA:73:88:6B:8C Authority key identifier: 90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E Certificate issuer: /CN=A91F731E/serialNumber=90603E354DB568B3CA42900E703011E79662892E Certificate serial: 060F Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft Manifest number: 0605 Signing time: Wed 02 Jul 2025 16:09:32 +0000 Manifest this update: Wed 02 Jul 2025 16:09:32 +0000 Manifest next update: Wed 09 Jul 2025 16:09:32 +0000 Files and hashes: 1: kGA-NU21aLPKQpAOcDAR55ZiiS4.crl (hash: 3lGAEX7/JCrqonS/unaeBT3mkoTPBw1t7UF1YYwbY5k=) 2: 8CD64094BDFE11EBBBB16A42C4F9AE02.roa (hash: EST3lTlCsBscnNbAgJCoSC2X1l7CJ5xbYo0Sib0cuM0=) 3: 30857DB6CBA211ECAE233133C4F9AE02.roa (hash: pliS+rwU3LbaprEyjV5mUgwfJirBs3RzVR6whO1ItwI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 09 Jul 2025 16:09:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1551 (0x60f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F731E, serialNumber=90603E354DB568B3CA42900E703011E79662892E Validity Not Before: Jul 2 16:09:32 2025 GMT Not After : Jul 9 16:09:32 2025 GMT Subject: CN=686559bc-5ee2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d9:ff:5f:06:65:f5:d5:98:ba:23:0c:8d:9c:84: 13:fb:cd:18:e3:3e:87:4b:ec:30:92:a3:ac:1f:24: ca:b1:59:48:86:60:d5:b4:a5:ff:29:23:e9:97:f3: 0a:65:f5:80:2e:5e:ee:48:7a:96:7e:5c:7b:18:e3: 61:65:7e:68:49:6e:2e:d5:96:04:42:00:67:8e:90: bb:3a:cc:41:a6:0d:37:23:d8:32:cc:14:1a:00:95: c3:68:03:b7:35:73:42:bb:85:3d:31:38:59:3d:0d: 27:d8:e2:6b:f5:dc:98:58:14:87:a2:ae:1b:ce:6d: eb:fa:e0:64:bc:b3:ca:79:3a:02:d3:35:64:ac:fa: 47:1e:32:1e:24:9b:ad:ab:fe:87:47:27:57:5b:5c: d3:e4:69:db:67:3a:87:41:6d:d6:f5:1a:e9:f4:68: 68:05:58:94:e6:ab:23:69:23:7a:48:98:60:b2:66: ba:aa:84:24:3c:3c:f6:52:b6:48:5f:db:3d:91:92: ee:ba:dd:33:32:e9:9e:81:6a:1b:59:73:7a:a5:ba: ff:9c:89:60:43:01:bb:4c:52:7d:4c:6b:38:34:b0: f9:e3:82:5a:d0:0e:ae:a3:b7:81:ae:f7:6e:7a:90: d3:3a:52:61:bb:3b:93:f5:6f:f9:13:ee:b0:6a:11: 30:d7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:48:D7:6C:A3:2A:12:C9:4E:85:DD:28:6E:EA:2D:FA:73:88:6B:8C X509v3 Authority Key Identifier: keyid:90:60:3E:35:4D:B5:68:B3:CA:42:90:0E:70:30:11:E7:96:62:89:2E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kGA-NU21aLPKQpAOcDAR55ZiiS4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F731E/EAA19CB4B2DC11EB8621CB56C4F9AE02/kGA-NU21aLPKQpAOcDAR55ZiiS4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a1:44:9d:f6:03:51:5b:51:4f:a8:57:52:05:37:86:b7:4d:27: 3b:71:45:48:99:18:d9:57:60:c2:58:b7:6d:ce:db:23:f2:e1: ac:ea:ae:db:6b:8a:3b:45:78:aa:e7:ed:4c:63:d9:38:d6:cd: d1:2a:fe:71:fe:94:d3:a8:a6:95:5d:72:d9:cb:03:2f:14:31: 79:11:43:f8:5c:da:5a:ec:a5:1d:9f:29:b5:1b:0c:03:f8:16: dc:59:64:5c:e4:72:56:c6:d4:90:ed:17:7d:8b:bc:27:7d:b4: 18:ea:01:c6:8d:d0:3c:d2:3c:ca:d4:d1:1d:46:a6:11:30:f3: 00:c4:06:bb:3b:5d:6b:3b:8e:9c:32:d7:2d:63:2f:27:da:ab: 31:69:4e:dd:23:de:19:ee:e4:f2:ee:7d:7b:46:89:df:5d:21: 47:b1:b3:0e:6e:6a:b9:de:df:83:79:2e:ca:5d:b6:89:0f:73: e6:3a:c5:6a:3a:6b:19:46:5f:95:90:45:a0:2a:bb:67:5f:1c: 17:dc:e3:36:3c:7a:5d:9f:60:ae:a7:d5:3c:33:8b:94:7b:c3: 29:9b:17:da:9b:36:7d:22:d9:87:19:25:b8:6f:fb:42:78:86: 95:1f:ff:e8:b2:36:32:96:d8:25:01:d4:f6:b1:2d:a1:88:2b: 5f:1f:e0:a5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBg8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjczMUUxMTAvBgNVBAUTKDkwNjAzRTM1NERCNTY4QjNDQTQyOTAwRTcwMzAxMUU3 OTY2Mjg5MkUwHhcNMjUwNzAyMTYwOTMyWhcNMjUwNzA5MTYwOTMyWjAYMRYwFAYD VQQDEw02ODY1NTliYy01ZWUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA2f9fBmX11Zi6IwyNnIQT+80Y4z6HS+wwkqOsHyTKsVlIhmDVtKX/KSPpl/MK ZfWALl7uSHqWflx7GONhZX5oSW4u1ZYEQgBnjpC7OsxBpg03I9gyzBQaAJXDaAO3 NXNCu4U9MThZPQ0n2OJr9dyYWBSHoq4bzm3r+uBkvLPKeToC0zVkrPpHHjIeJJut q/6HRydXW1zT5GnbZzqHQW3W9Rrp9GhoBViU5qsjaSN6SJhgsma6qoQkPDz2UrZI X9s9kZLuut0zMumegWobWXN6pbr/nIlgQwG7TFJ9TGs4NLD544Ja0A6uo7eBrvdu epDTOlJhuzuT9W/5E+6wahEw1wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIpI12yj KhLJToXdKG7qLfpziGuMMB8GA1UdIwQYMBaAFJBgPjVNtWizykKQDnAwEeeWYoku MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGNzMxRS9FQUExOUNCNEIy REMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFMUEtRcEFPY0RBUjU1Wmlp UzQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tHQS1OVTIxYUxQS1FwQU9jREFSNTVaaWlTNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG NzMxRS9FQUExOUNCNEIyREMxMUVCODYyMUNCNTZDNEY5QUUwMi9rR0EtTlUyMWFM UEtRcEFPY0RBUjU1WmlpUzQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQChRJ32A1FbUU+oV1IFN4a3TSc7cUVImRjZV2DCWLdtztsj8uGs6q7b a4o7RXiq5+1MY9k41s3RKv5x/pTTqKaVXXLZywMvFDF5EUP4XNpa7KUdnym1GwwD +BbcWWRc5HJWxtSQ7Rd9i7wnfbQY6gHGjdA80jzK1NEdRqYRMPMAxAa7O11rO46c MtctYy8n2qsxaU7dI94Z7uTy7n17RonfXSFHsbMObmq53t+DeS7KXbaJD3PmOsVq OmsZRl+VkEWgKrtnXxwX3OM2PHpdn2Cup9U8M4uUe8MpmxfamzZ9ItmHGSW4b/tC eIaVH//osjYyltglAdT2sS2hiCtfH+Cl -----END CERTIFICATE-----Generated at Thu Jul 3 23:07:57 2025 by rpki-client