$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: m7ZtyV1gqDW4I8hLXBni6N4t8/IcONHnbO1YrL6qHE0= Subject key identifier: 0A:33:7A:AC:05:00:FA:DC:54:80:5E:85:C6:22:F0:82:75:8C:A7:63 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DC5 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DA8 Signing time: Fri 20 Jun 2025 18:42:05 +0000 Manifest this update: Fri 20 Jun 2025 18:42:04 +0000 Manifest next update: Fri 27 Jun 2025 18:42:04 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: b9rQX1QTz5jvWINDO3M4U4m4lY/4tCQJBjAxsA00uis=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 27 Jun 2025 18:42:01 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3525 (0xdc5) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Jun 20 18:42:04 2025 GMT Not After : Jun 27 18:42:04 2025 GMT Subject: CN=6855ab7d-6480 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:25:c8:9b:8f:29:79:3b:af:08:3f:b8:7c:3f: dd:64:06:b0:a7:39:e6:66:86:27:c2:cc:9c:b2:63: b4:d8:0c:d3:1b:25:12:a2:be:44:c4:09:00:28:97: f1:aa:97:b0:1d:29:13:64:76:5b:1b:09:c0:37:d7: 9e:d5:5a:b3:65:71:75:48:a4:6e:f8:a1:e9:56:ca: 36:5a:d3:bf:be:fc:2f:af:31:61:33:5e:0e:e6:99: 34:b8:13:27:e7:bc:f2:15:08:ea:50:40:0e:8a:5b: 1e:a4:9f:95:07:c6:96:09:3d:ab:19:f1:b6:f3:fb: 2e:3d:31:58:38:ae:53:d5:cb:41:fc:4a:fe:e9:ec: fa:4a:c7:87:d5:1d:b9:ce:db:74:47:3d:a5:65:8a: 91:e4:63:fd:95:3e:fc:8b:5e:22:50:bb:61:07:20: 39:83:75:b9:ab:8d:96:9e:5d:b2:f1:3d:7a:9b:40: 75:19:1d:28:1d:30:28:86:ff:11:07:20:47:92:a6: 2a:0a:4f:ba:cc:5c:20:05:83:90:38:d1:c8:10:01: 06:f9:11:81:42:4a:1d:3a:e6:0c:81:0a:b7:f3:47: 8a:f3:8b:c6:4d:62:8c:28:85:65:fd:ae:32:ff:39: f9:46:de:c7:b7:9b:7c:20:fc:1c:9b:be:f4:4d:7b: f3:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:33:7A:AC:05:00:FA:DC:54:80:5E:85:C6:22:F0:82:75:8C:A7:63 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 86:c4:c6:f1:34:0a:e1:70:80:4f:d6:16:e2:49:95:18:44:38: 93:9f:fb:93:cb:ec:71:a8:f8:8c:6b:86:f7:f6:91:a2:d4:ce: e0:6a:b5:fc:d3:77:19:bb:f3:b9:43:e1:24:a3:dd:ac:22:68: 08:d7:ab:f7:68:8d:07:2b:14:19:7c:97:dd:52:4c:2b:71:95: 29:d5:8a:bf:7a:de:d4:e2:b2:cd:f0:bf:48:23:49:35:43:01: 26:49:43:78:76:a9:66:bb:e6:98:7a:79:15:1d:40:36:ae:f1: c5:d7:af:64:ec:af:15:b6:36:a7:4e:a3:da:78:34:25:82:22: 26:52:60:76:a7:79:02:a1:7e:1b:12:2b:a3:08:df:b5:b4:87: 28:04:75:ab:12:d9:7f:50:57:25:7a:fd:45:26:21:a1:7d:9d: 40:fe:d1:a0:85:7e:33:15:4a:cf:0a:f7:ce:c2:9c:5c:8a:d1: 43:10:88:29:07:32:dc:39:34:34:92:38:16:32:cc:d1:7c:fa: a9:93:76:48:0e:69:b8:72:40:85:e8:55:7c:5a:2f:73:68:f0: 11:7d:a5:d5:57:a8:82:26:2a:78:8f:70:5a:69:8a:f6:29:9c: 38:66:0e:fa:36:80:60:01:e6:d9:d9:82:32:23:06:6f:2a:b2: 66:00:1d:18 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDcUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwNjIwMTg0MjA0WhcNMjUwNjI3MTg0MjA0WjAYMRYwFAYD VQQDEw02ODU1YWI3ZC02NDgwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtCXIm48peTuvCD+4fD/dZAawpznmZoYnwsycsmO02AzTGyUSor5ExAkAKJfx qpewHSkTZHZbGwnAN9ee1VqzZXF1SKRu+KHpVso2WtO/vvwvrzFhM14O5pk0uBMn 57zyFQjqUEAOilsepJ+VB8aWCT2rGfG28/suPTFYOK5T1ctB/Er+6ez6SseH1R25 ztt0Rz2lZYqR5GP9lT78i14iULthByA5g3W5q42Wnl2y8T16m0B1GR0oHTAohv8R ByBHkqYqCk+6zFwgBYOQONHIEAEG+RGBQkodOuYMgQq380eK84vGTWKMKIVl/a4y /zn5Rt7Ht5t8IPwcm770TXvzJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAozeqwF APrcVIBehcYi8IJ1jKdjMB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCGxMbxNArhcIBP1hbiSZUYRDiTn/uTy+xxqPiMa4b39pGi1M7garX8 03cZu/O5Q+Eko92sImgI16v3aI0HKxQZfJfdUkwrcZUp1Yq/et7U4rLN8L9II0k1 QwEmSUN4dqlmu+aYenkVHUA2rvHF169k7K8VtjanTqPaeDQlgiImUmB2p3kCoX4b EiujCN+1tIcoBHWrEtl/UFclev1FJiGhfZ1A/tGghX4zFUrPCvfOwpxcitFDEIgp BzLcOTQ0kjgWMszRfPqpk3ZIDmm4ckCF6FV8Wi9zaPARfaXVV6iCJip4j3BaaYr2 KZw4Zg76NoBgAebZ2YIyIwZvKrJmAB0Y -----END CERTIFICATE-----Generated at Sun Jun 22 10:38:38 2025 by rpki-client