$ rpki-client -vvf rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft File: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft (raw, json) Hash identifier: 3ld+fV6jmcbIuNDZENQzRCYryAfh8ar9e6xu0DpaK+g= Subject key identifier: 92:19:DF:58:40:7B:19:76:DE:04:67:43:BA:8A:C8:EC:B2:89:F5:7C Authority key identifier: 29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC Certificate issuer: /CN=A9152329/serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Certificate serial: 71 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft Manifest number: 70 Signing time: Thu 19 Jun 2025 06:14:52 +0000 Manifest this update: Thu 19 Jun 2025 06:14:51 +0000 Manifest next update: Thu 26 Jun 2025 06:14:51 +0000 Files and hashes: 1: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl (hash: BwapwjE670Q//yqA+voE0q1/qgeguLJXf3DdNAHUz20=) 2: 38161248A26911EFBF6D0319C4F9AE02.roa (hash: ask+BZFU8F8z7xA+3YaObHPYrB9zSG3srAnnNSVnzDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 06:14:51 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 113 (0x71) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152329, serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Validity Not Before: Jun 19 06:14:51 2025 GMT Not After : Jun 26 06:14:51 2025 GMT Subject: CN=6853aadc-fce3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ba:40:52:71:50:29:3d:7d:fb:36:a5:9d:27:b7: 65:bd:50:da:93:22:12:8a:e3:21:b6:27:0b:ea:96: 5d:96:c0:fd:83:6b:1b:70:86:d2:5d:9e:f3:71:60: a7:2b:14:22:c6:74:c8:32:49:a4:dd:c2:9f:fa:e2: f7:91:a0:f2:d2:82:76:f8:c3:f9:be:fe:eb:56:ef: e6:8b:bd:41:0f:7c:38:10:ee:d5:24:17:2a:c0:ca: 72:d4:f2:44:cf:c1:2c:41:6c:39:d7:97:1a:74:79: 82:d3:44:22:d8:70:db:cb:a5:c3:8f:c4:d0:2e:f2: eb:bd:4c:1d:8b:ea:fb:21:9b:23:07:af:ff:59:53: 9e:41:76:42:bf:d0:59:f7:e5:99:f0:59:4a:b1:17: 72:0f:7a:c1:57:78:a5:8e:6f:39:06:61:d7:48:64: 29:f3:cc:33:85:b5:00:3c:c1:2c:af:52:85:52:4b: 7f:51:a4:2e:62:51:0f:de:53:58:c9:12:46:f1:e7: 69:cd:63:6d:33:6a:89:5e:4b:21:61:f2:95:d5:de: 43:92:3d:17:04:ae:61:43:60:36:eb:92:95:c8:ef: 0e:6c:59:15:07:26:e8:4e:b1:3b:84:ae:ec:40:9d: bc:4d:7f:7e:fd:b5:12:ea:11:74:2f:c3:57:d8:13: bd:7f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 92:19:DF:58:40:7B:19:76:DE:04:67:43:BA:8A:C8:EC:B2:89:F5:7C X509v3 Authority Key Identifier: keyid:29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 66:40:98:53:87:d0:2a:0d:c3:cc:2d:04:1a:eb:c0:83:b2:bc: 26:f4:0b:4d:3a:69:08:1c:4c:25:51:b0:6c:c6:ec:35:b5:02: 1e:58:20:16:ab:1b:d5:99:f2:ea:dd:cd:42:61:1c:a1:f2:ca: 21:6a:39:ab:8f:dd:bf:42:59:93:bb:a5:3b:55:89:8c:3f:40: 51:e8:31:43:b6:bc:b8:b6:7e:38:71:8e:6a:71:fc:34:ae:31: 54:13:2d:c9:80:8b:70:12:19:6d:0f:65:b3:e6:aa:3f:3e:f1: 58:5d:76:46:ad:70:a3:8b:7c:a6:57:18:b2:73:1d:89:af:16: 43:51:69:cb:7c:8f:4c:f2:81:b4:a9:1f:ec:04:b0:63:dc:61: f6:b7:5f:c1:2a:97:d9:3d:7d:4f:33:06:fb:6d:a9:01:69:c7: 50:2e:6f:d5:5f:09:4c:d7:29:38:23:4d:58:d2:7f:1c:d1:1c: a6:e1:e9:88:c6:50:70:28:a4:a6:ad:bd:25:c1:f2:d9:53:6c: 56:12:19:ae:59:b7:f7:95:57:3f:46:6c:81:f9:b3:63:41:e5: 2b:1b:41:cd:22:99:67:91:24:d9:20:44:bb:0d:36:84:4a:82: a9:90:3c:51:c4:e8:41:4b:6d:3b:db:2e:22:9e:3c:b7:d7:8c: d7:aa:9c:17 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBcTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MjMyOTExMC8GA1UEBRMoMjkzQUM2NDA1MzA5REU5NDk1MTY4N0ZFMTcyOTZBRERD RDk1NzJGQzAeFw0yNTA2MTkwNjE0NTFaFw0yNTA2MjYwNjE0NTFaMBgxFjAUBgNV BAMTDTY4NTNhYWRjLWZjZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC6QFJxUCk9ffs2pZ0nt2W9UNqTIhKK4yG2Jwvqll2WwP2DaxtwhtJdnvNxYKcr FCLGdMgySaTdwp/64veRoPLSgnb4w/m+/utW7+aLvUEPfDgQ7tUkFyrAynLU8kTP wSxBbDnXlxp0eYLTRCLYcNvLpcOPxNAu8uu9TB2L6vshmyMHr/9ZU55BdkK/0Fn3 5ZnwWUqxF3IPesFXeKWObzkGYddIZCnzzDOFtQA8wSyvUoVSS39RpC5iUQ/eU1jJ Ekbx52nNY20zaoleSyFh8pXV3kOSPRcErmFDYDbrkpXI7w5sWRUHJuhOsTuEruxA nbxNf379tRLqEXQvw1fYE71/AgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUkhnfWEB7 GXbeBGdDuorI7LKJ9XwwHwYDVR0jBBgwFoAUKTrGQFMJ3pSVFof+Fylq3c2Vcvww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUyMzI5L0M3RkFEMzY4QTI2 ODExRUY5RDkxNDExOEM0RjlBRTAyL0tUckdRRk1KM3BTVkZvZi1GeWxxM2MyVmN2 dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS1RyR1FGTUozcFNWRm9mLUZ5bHEzYzJWY3Z3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUy MzI5L0M3RkFEMzY4QTI2ODExRUY5RDkxNDExOEM0RjlBRTAyL0tUckdRRk1KM3BT VkZvZi1GeWxxM2MyVmN2dy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAGZAmFOH0CoNw8wtBBrrwIOyvCb0C006aQgcTCVRsGzG7DW1Ah5YIBar G9WZ8urdzUJhHKHyyiFqOauP3b9CWZO7pTtViYw/QFHoMUO2vLi2fjhxjmpx/DSu MVQTLcmAi3ASGW0PZbPmqj8+8VhddkatcKOLfKZXGLJzHYmvFkNRact8j0zygbSp H+wEsGPcYfa3X8Eql9k9fU8zBvttqQFpx1Aub9VfCUzXKTgjTVjSfxzRHKbh6YjG UHAopKatvSXB8tlTbFYSGa5Zt/eVVz9GbIH5s2NB5SsbQc0imWeRJNkgRLsNNoRK gqmQPFHE6EFLbTvbLiKePLfXjNeqnBc= -----END CERTIFICATE-----Generated at Fri Jun 20 00:28:48 2025 by rpki-client