$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: NWcp4/Pu7Or1EQy9LTauWsw8fM5OdWlaiLQP+jL3uvM= Subject key identifier: 20:1F:7E:45:5E:31:6E:90:03:FC:0E:9B:3F:BB:48:6B:AF:B1:18:BC Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DDF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DC2 Signing time: Sun 10 Aug 2025 17:55:22 +0000 Manifest this update: Sun 10 Aug 2025 17:55:22 +0000 Manifest next update: Sun 17 Aug 2025 17:55:22 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: 6Rrd5sxznbgyI3StNvUWHbAMAK0it6UXbztOZ+kADJY=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3551 (0xddf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Aug 10 17:55:22 2025 GMT Not After : Aug 17 17:55:22 2025 GMT Subject: CN=6898dd0a-7465 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b7:d7:44:4f:7c:ec:0c:ee:d5:e2:16:2c:e6:01: 1c:a4:ca:f9:b2:d9:2e:a2:18:9b:2e:a0:e8:2d:c3: d0:f2:21:9c:c9:5b:70:44:eb:ed:b5:d6:c1:f6:79: a7:c8:b4:70:07:e0:8f:01:82:e5:9d:b3:28:5b:43: 1a:08:27:43:a2:77:fa:00:01:45:b3:8d:89:04:4f: 22:76:48:4c:96:05:00:6c:84:93:a5:ce:6d:5d:02: 19:a0:d3:0f:0b:f3:0b:80:cb:3f:e3:0c:a9:2a:a4: 0e:dc:e3:d0:ea:76:4f:48:0e:9e:2e:95:fd:38:59: 5f:a3:e3:f2:1a:f4:69:21:7a:15:ce:a3:da:48:34: fb:87:63:b0:a3:16:91:eb:f2:91:83:e8:04:37:5d: 8a:f2:4b:80:44:ff:72:3c:6b:57:fd:87:4c:ef:16: 8c:56:49:2d:89:8d:59:50:07:08:92:bb:d9:98:02: cb:d1:c5:54:76:96:d1:b6:44:6e:4f:2d:a6:03:bc: fc:1e:4e:6b:69:21:12:23:72:b8:b8:7d:10:0a:01: 60:92:0b:5a:9a:d2:47:dd:10:34:45:e6:3e:78:82: 1e:ec:55:13:2c:e9:7e:91:c6:17:5d:53:6d:94:5e: e1:7a:bd:27:0d:e6:dd:5a:a6:db:a1:42:db:89:9a: 87:13 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 20:1F:7E:45:5E:31:6E:90:03:FC:0E:9B:3F:BB:48:6B:AF:B1:18:BC X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 7e:f4:c5:8b:0b:99:64:2e:06:08:93:25:33:61:cf:5d:9d:eb: 6d:bf:dc:f5:6d:7e:82:6e:73:6b:6f:53:26:95:42:6a:b2:3d: 6f:fb:ec:f0:55:ef:f0:75:f8:0d:83:d7:81:ee:d1:e6:0f:87: 78:3c:9b:4b:71:2b:cb:bb:99:cc:66:7c:0b:2c:57:40:66:25: 2b:ca:84:f3:14:6a:eb:68:a7:d2:81:d7:3e:e1:f6:2a:dd:83: 37:9d:dd:d5:da:52:22:47:49:d4:7b:33:d5:54:c0:f6:19:18: 5a:19:1b:4d:82:a4:d2:88:7e:7b:41:3c:02:93:5b:72:37:92: 46:74:95:a2:0e:0a:fe:9c:99:28:f0:0a:84:3b:d0:be:dd:d0: 65:26:07:3c:7c:9f:a6:8e:39:e0:3a:cb:79:42:c8:c0:91:9b: e6:fa:9c:8d:d9:1f:ee:fb:bb:75:19:dc:ef:8c:69:a7:89:d6: 72:54:73:e3:2f:3a:fc:a7:b7:fb:1c:56:c0:43:bd:29:6b:73: 52:ef:3a:80:08:c6:23:1a:3b:c3:51:3c:f9:e0:55:3b:6c:a7: 1c:92:c0:5b:b4:5e:14:5b:ef:4d:d8:ed:6e:7b:e5:56:3f:32: 19:10:ba:fd:3f:d7:67:70:2d:5a:e0:05:4f:f9:49:d9:ec:9d: ca:81:2f:63 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwODEwMTc1NTIyWhcNMjUwODE3MTc1NTIyWjAYMRYwFAYD VQQDEw02ODk4ZGQwYS03NDY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAt9dET3zsDO7V4hYs5gEcpMr5stkuohibLqDoLcPQ8iGcyVtwROvttdbB9nmn yLRwB+CPAYLlnbMoW0MaCCdDonf6AAFFs42JBE8idkhMlgUAbISTpc5tXQIZoNMP C/MLgMs/4wypKqQO3OPQ6nZPSA6eLpX9OFlfo+PyGvRpIXoVzqPaSDT7h2OwoxaR 6/KRg+gEN12K8kuARP9yPGtX/YdM7xaMVkktiY1ZUAcIkrvZmALL0cVUdpbRtkRu Ty2mA7z8Hk5raSESI3K4uH0QCgFgkgtamtJH3RA0ReY+eIIe7FUTLOl+kcYXXVNt lF7her0nDebdWqbboULbiZqHEwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFCAffkVe MW6QA/wOmz+7SGuvsRi8MB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB+9MWLC5lkLgYIkyUzYc9dnettv9z1bX6CbnNrb1MmlUJqsj1v++zw Ve/wdfgNg9eB7tHmD4d4PJtLcSvLu5nMZnwLLFdAZiUryoTzFGrraKfSgdc+4fYq 3YM3nd3V2lIiR0nUezPVVMD2GRhaGRtNgqTSiH57QTwCk1tyN5JGdJWiDgr+nJko 8AqEO9C+3dBlJgc8fJ+mjjngOst5QsjAkZvm+pyN2R/u+7t1GdzvjGmnidZyVHPj Lzr8p7f7HFbAQ70pa3NS7zqACMYjGjvDUTz54FU7bKccksBbtF4UW+9N2O1ue+VW PzIZELr9P9dncC1a4AVP+UnZ7J3KgS9j -----END CERTIFICATE-----Generated at Mon Aug 11 04:33:56 2025 by rpki-client