$ rpki-client -vvf rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft File: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft (raw, json) Hash identifier: wgPdCtDw5QgOGxb/5n6iu+ycLgE07yfGT4Lgiw++flY= Subject key identifier: 6C:A5:C0:4C:83:1B:90:EF:1D:F1:E2:92:08:91:88:84:81:AF:9A:F2 Authority key identifier: 29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 Certificate issuer: /CN=A916022F/serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Certificate serial: 10EB Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft Manifest number: 2420 Signing time: Sun 10 Aug 2025 17:00:10 +0000 Manifest this update: Sun 10 Aug 2025 17:00:10 +0000 Manifest next update: Sun 17 Aug 2025 17:00:10 +0000 Files and hashes: 1: KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl (hash: 7bQXedO27heHDVM+U+7e+4+ZHH8y3r6hdt19EDBLc9c=) 2: DE0A75A605EB11EA94CD7287C4F9AE02.roa (hash: rQZ+LsPDuc4EXnC/GiBOmzFAxUE3pMz5tb4kdOhgWwA=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4331 (0x10eb) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A916022F, serialNumber=29D16C98DB3D5BF64B6B9204C09600860CD29452 Validity Not Before: Aug 10 17:00:10 2025 GMT Not After : Aug 17 17:00:10 2025 GMT Subject: CN=6898d01a-c754 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:76:83:70:32:93:a1:32:e1:10:61:99:9e:d5: ad:fd:6f:15:09:5a:4e:e6:ec:94:28:04:16:e5:43: a1:79:2f:da:44:be:14:4f:74:75:c7:d9:2d:00:77: 3b:c7:d6:2b:5b:ec:6c:73:70:a0:4a:22:91:da:0b: 64:07:59:62:0b:2d:19:2a:46:e2:f1:2f:25:4f:8b: 13:0f:27:b2:ce:ac:73:d5:21:64:3b:c7:b4:de:77: de:97:92:20:cd:22:f1:ab:94:a9:ac:7f:2c:4d:66: 17:be:4d:bc:14:8d:de:c7:63:b7:d0:9e:ac:6a:24: 7f:46:93:db:41:67:b1:c3:1d:85:09:30:92:0e:0d: f2:84:58:7e:1f:b0:fd:86:65:ee:38:f9:4d:50:21: d6:79:6b:a2:3e:ae:f5:07:4f:0e:70:a5:1d:f1:09: 2a:c0:53:23:3a:a8:22:46:ee:85:78:53:e4:94:cf: 29:98:f2:bc:2f:aa:c6:21:17:ca:c1:32:fd:63:f6: 07:24:5c:de:3d:76:f7:ad:93:91:13:fb:74:13:d1: 89:86:a1:30:57:44:ce:e9:45:99:2d:06:4d:95:ba: e2:db:d5:dd:b9:94:fb:3c:12:cc:53:93:da:55:b2: 75:b4:65:9d:34:d7:02:46:47:1f:f9:49:35:21:22: da:89 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6C:A5:C0:4C:83:1B:90:EF:1D:F1:E2:92:08:91:88:84:81:AF:9A:F2 X509v3 Authority Key Identifier: keyid:29:D1:6C:98:DB:3D:5B:F6:4B:6B:92:04:C0:96:00:86:0C:D2:94:52 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A916022F/9EC7AFB4AA7D11E886144524C4F9AE02/KdFsmNs9W_ZLa5IEwJYAhgzSlFI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5a:22:4b:27:dc:e5:b8:30:26:08:6f:0a:08:e2:c7:2b:df:f1: c4:4a:55:9c:91:7d:be:71:e0:05:e3:be:11:41:cc:6a:39:fd: 39:99:59:77:1e:bd:c2:ff:04:15:9b:63:79:60:85:57:1b:dd: 0d:44:d6:62:0b:1b:50:6a:bc:23:fc:48:73:06:3a:40:26:df: f7:6d:75:51:d6:75:bb:50:e3:fa:a1:51:04:9f:51:a5:0a:18: 30:4a:f8:0e:b5:bb:a9:9d:8e:6a:a2:32:70:38:35:e1:45:d9: a4:d0:83:30:55:8e:9a:b0:b7:e2:74:8b:28:cc:d6:75:7c:3c: 2a:46:ef:df:52:18:73:cb:a2:a9:4b:2b:a6:c5:ab:76:79:3a: 27:ef:6b:c6:46:1d:37:4b:cb:f8:2b:b6:c4:f6:4a:b0:bb:c0: 25:4e:00:9d:63:a5:a1:d3:88:fb:14:a2:39:46:84:6b:94:f0: ec:32:8d:77:42:09:f7:a7:1e:09:d2:85:8d:07:fc:07:33:a6: ee:5c:f6:db:19:d3:2a:32:bf:3b:56:80:2b:ea:57:75:fa:f1: ae:ae:b1:5d:0c:ff:99:11:7d:f4:5c:68:7c:be:8a:8d:63:ed: 09:c4:88:e5:49:fd:4d:0d:57:8c:b6:b7:68:8c:6e:bf:3c:bf: 12:8f:5b:3d -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICEOswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyMkYxMTAvBgNVBAUTKDI5RDE2Qzk4REIzRDVCRjY0QjZCOTIwNEMwOTYwMDg2 MENEMjk0NTIwHhcNMjUwODEwMTcwMDEwWhcNMjUwODE3MTcwMDEwWjAYMRYwFAYD VQQDEw02ODk4ZDAxYS1jNzU0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoHaDcDKToTLhEGGZntWt/W8VCVpO5uyUKAQW5UOheS/aRL4UT3R1x9ktAHc7 x9YrW+xsc3CgSiKR2gtkB1liCy0ZKkbi8S8lT4sTDyeyzqxz1SFkO8e03nfel5Ig zSLxq5SprH8sTWYXvk28FI3ex2O30J6saiR/RpPbQWexwx2FCTCSDg3yhFh+H7D9 hmXuOPlNUCHWeWuiPq71B08OcKUd8QkqwFMjOqgiRu6FeFPklM8pmPK8L6rGIRfK wTL9Y/YHJFzePXb3rZORE/t0E9GJhqEwV0TO6UWZLQZNlbri29XduZT7PBLMU5Pa VbJ1tGWdNNcCRkcf+Uk1ISLaiQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGylwEyD G5DvHfHikgiRiISBr5ryMB8GA1UdIwQYMBaAFCnRbJjbPVv2S2uSBMCWAIYM0pRS MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDIyRi85RUM3QUZCNEFB N0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdfWkxhNUlFd0pZQWhnelNs RkkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tkRnNtTnM5V19aTGE1SUV3SllBaGd6U2xGSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDIyRi85RUM3QUZCNEFBN0QxMUU4ODYxNDQ1MjRDNEY5QUUwMi9LZEZzbU5zOVdf WkxhNUlFd0pZQWhnelNsRkkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBaIksn3OW4MCYIbwoI4scr3/HESlWckX2+ceAF474RQcxqOf05mVl3 Hr3C/wQVm2N5YIVXG90NRNZiCxtQarwj/EhzBjpAJt/3bXVR1nW7UOP6oVEEn1Gl ChgwSvgOtbupnY5qojJwODXhRdmk0IMwVY6asLfidIsozNZ1fDwqRu/fUhhzy6Kp Syumxat2eTon72vGRh03S8v4K7bE9kqwu8AlTgCdY6Wh04j7FKI5RoRrlPDsMo13 Qgn3px4J0oWNB/wHM6buXPbbGdMqMr87VoAr6ld1+vGurrFdDP+ZEX30XGh8voqN Y+0JxIjlSf1NDVeMtrdojG6/PL8Sj1s9 -----END CERTIFICATE-----Generated at Mon Aug 11 06:00:35 2025 by rpki-client