$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: ZO8/gRPcZen9YvW6/gN8Lrph5td18whwU1II68MTHzI= Subject key identifier: 6F:63:3D:A5:E2:09:F0:41:AE:68:8C:75:DB:1A:1F:FA:4B:70:2B:37 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0E64 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0E5C Signing time: Fri 20 Jun 2025 17:42:35 +0000 Manifest this update: Fri 20 Jun 2025 17:42:35 +0000 Manifest next update: Fri 27 Jun 2025 17:42:35 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: s3doJXDfjuedQMJHz/sxfuzzr1C812PTdAwMGPfmZN4=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Jun 2025 17:42:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3684 (0xe64) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Jun 20 17:42:35 2025 GMT Not After : Jun 27 17:42:35 2025 GMT Subject: CN=68559d8b-3e71 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:ab:48:1a:47:de:1f:66:b3:89:9c:ed:19:c9: e2:57:0d:60:78:eb:31:82:0b:10:5d:74:37:9d:f4: 77:d1:f3:33:26:56:7d:b4:08:55:d1:14:35:f5:64: a3:69:51:f4:b5:1f:14:37:7c:7d:e8:46:51:af:39: 60:1d:a6:42:ed:98:dd:4e:18:60:71:66:3c:24:76: 28:4e:e7:0d:08:fa:63:3f:9a:13:d8:09:be:da:02: ec:24:f5:57:37:fb:39:8d:bf:97:15:c5:4c:80:e2: 2a:9b:f7:cb:d1:7d:2a:af:4b:3b:aa:48:2b:85:ca: 1b:8d:d8:b6:8b:d7:7a:02:be:9b:a9:c3:4e:7e:70: 56:5c:f1:3a:20:bf:69:57:82:ed:6a:55:7a:5f:0e: ba:57:08:d2:db:b6:88:b2:77:f3:bc:3b:df:ef:ec: ea:26:e1:01:42:75:ac:b0:cd:2a:17:32:8b:08:1d: 92:d7:b8:4d:b9:f5:90:0a:1f:43:b8:a2:dd:67:39: 62:a0:2d:86:46:4a:bc:41:91:1d:46:86:0d:4c:bb: 4b:55:17:dd:09:36:5b:d0:29:25:71:a9:76:4d:ee: a7:cb:7e:7f:5f:64:b5:35:b9:46:2d:2f:e6:ef:47: e2:55:c9:f7:e2:6a:2c:3e:c5:22:35:7b:52:0e:c4: ca:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6F:63:3D:A5:E2:09:F0:41:AE:68:8C:75:DB:1A:1F:FA:4B:70:2B:37 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption aa:46:e1:3d:08:07:80:bb:37:e9:3b:de:54:81:54:26:fb:ff: 73:97:0d:26:59:d3:aa:4c:28:19:2e:43:15:7d:01:6e:a3:4a: 14:d3:64:10:77:b5:b5:81:18:a1:41:8a:9c:47:64:91:b6:d2: 13:0b:e7:14:4e:84:3d:36:69:63:38:85:c4:46:ed:0f:3f:5d: e8:01:ca:57:75:9c:cc:2b:3b:d3:fd:1e:53:55:8c:24:61:62: 1a:49:ee:df:dd:cd:49:bc:3e:57:b5:83:e5:de:50:b5:92:d4: 85:7a:fb:9b:6a:44:d7:55:8a:2d:9d:77:b7:d0:eb:97:5d:a4: 26:e5:c8:4b:3a:04:9c:a0:8e:f2:d1:6d:ce:09:f4:49:c9:1e: d8:50:46:91:e4:57:a4:64:a9:11:b7:d1:b5:a1:d8:1a:50:e1: c5:94:af:f8:ab:3c:bf:0b:93:7c:be:93:a9:0f:de:fa:17:4b: f8:e1:4e:0d:56:a9:3a:86:42:3e:ed:35:e5:51:95:aa:97:1d: b6:a9:b2:a9:ef:4f:75:22:4d:0c:6a:95:49:32:d5:3a:b5:93: a7:96:3e:ce:e3:ed:05:ba:2f:ec:f3:b7:52:c9:30:19:1c:7f: 1b:aa:b9:8d:8e:3a:33:97:5a:07:ec:07:a2:12:ad:9f:54:a2: ec:17:f6:49 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDmQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUwNjIwMTc0MjM1WhcNMjUwNjI3MTc0MjM1WjAYMRYwFAYD VQQDEw02ODU1OWQ4Yi0zZTcxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtKtIGkfeH2aziZztGcniVw1geOsxggsQXXQ3nfR30fMzJlZ9tAhV0RQ19WSj aVH0tR8UN3x96EZRrzlgHaZC7ZjdThhgcWY8JHYoTucNCPpjP5oT2Am+2gLsJPVX N/s5jb+XFcVMgOIqm/fL0X0qr0s7qkgrhcobjdi2i9d6Ar6bqcNOfnBWXPE6IL9p V4LtalV6Xw66VwjS27aIsnfzvDvf7+zqJuEBQnWssM0qFzKLCB2S17hNufWQCh9D uKLdZzlioC2GRkq8QZEdRoYNTLtLVRfdCTZb0Cklcal2Te6ny35/X2S1NblGLS/m 70fiVcn34mosPsUiNXtSDsTKMQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFG9jPaXi CfBBrmiMddsaH/pLcCs3MB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCqRuE9CAeAuzfpO95UgVQm+/9zlw0mWdOqTCgZLkMVfQFuo0oU02QQ d7W1gRihQYqcR2SRttITC+cUToQ9NmljOIXERu0PP13oAcpXdZzMKzvT/R5TVYwk YWIaSe7f3c1JvD5XtYPl3lC1ktSFevubakTXVYotnXe30OuXXaQm5chLOgScoI7y 0W3OCfRJyR7YUEaR5FekZKkRt9G1odgaUOHFlK/4qzy/C5N8vpOpD976F0v44U4N Vqk6hkI+7TXlUZWqlx22qbKp7091Ik0MapVJMtU6tZOnlj7O4+0Fui/s87dSyTAZ HH8bqrmNjjozl1oH7AeiEq2fVKLsF/ZJ -----END CERTIFICATE-----Generated at Fri Jun 20 20:56:41 2025 by rpki-client