$ rpki-client -vvf rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft File: KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft (raw, json) Hash identifier: Z4IWmdXsOzsnes+7M9xol0P95Unqg+iMaZaJehBEofw= Subject key identifier: 3C:C5:9C:5B:80:AF:B4:9A:27:6E:D2:B3:2C:D5:6A:4F:91:BB:BF:7B Authority key identifier: 2A:69:D6:99:F1:3C:04:1B:FD:A3:DA:A5:7E:21:FF:AB:3C:53:ED:5F Certificate issuer: /CN=A9171927/serialNumber=2A69D699F13C041BFDA3DAA57E21FFAB3C53ED5F Certificate serial: 01DF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmnWmfE8BBv9o9qlfiH_qzxT7V8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft Manifest number: 01D2 Signing time: Mon 11 Aug 2025 03:00:09 +0000 Manifest this update: Mon 11 Aug 2025 03:00:09 +0000 Manifest next update: Mon 18 Aug 2025 03:00:09 +0000 Files and hashes: 1: KmnWmfE8BBv9o9qlfiH_qzxT7V8.crl (hash: eb0vqIXMN3CmkEPHJec67dueY4aWsyrg1iJUnCmEeY8=) 2: 6AA5FC16905211EE840DED1DC4F9AE02.roa (hash: 7Dqx51HWm5FHrY3yqH5za3wPDKkHA22oTIJYfgHsb38=) 3: FD41FC5EEA6811EDBE3EE23CC4F9AE02.roa (hash: fXQJZHONbxHqV0/XhxdMVhavc2gV0JF7ZuHG+631NZg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.crl rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmnWmfE8BBv9o9qlfiH_qzxT7V8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 479 (0x1df) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9171927, serialNumber=2A69D699F13C041BFDA3DAA57E21FFAB3C53ED5F Validity Not Before: Aug 11 03:00:09 2025 GMT Not After : Aug 18 03:00:09 2025 GMT Subject: CN=68995cb9-18c2 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:21:1d:02:c8:f9:0b:d6:dd:bb:cb:00:52:b2: 76:8a:8c:2a:2c:e2:88:8d:83:41:2a:cc:5f:91:76: b8:4e:d8:68:61:7e:10:f9:f2:8b:75:19:ae:fd:b7: 5a:13:58:6f:1c:2c:73:d7:78:69:d1:d2:7e:2b:90: 78:de:d5:fc:9f:72:4e:ef:29:cc:f4:aa:d8:7f:ed: 09:27:5c:69:7c:36:d2:82:9d:1f:97:8b:3d:90:93: cf:d8:bb:6a:4e:ab:0f:5b:cc:31:a5:52:78:f5:b7: ea:62:cd:31:94:8e:85:74:65:01:a7:4e:41:aa:21: 6f:5e:df:af:36:79:7d:ed:e4:f7:bf:1c:97:f1:f3: 83:90:30:9b:fd:ed:44:06:b0:60:9b:66:16:6e:c9: 3a:d5:c5:1e:c6:66:4a:50:33:e6:5e:c6:46:a1:f0: 34:af:d4:4e:9b:0b:17:f1:10:76:55:20:22:7f:4f: f5:88:e5:79:86:5c:3b:b2:df:7a:b3:72:fc:6e:e0: 4a:27:ca:e7:9f:22:9e:60:80:3f:3f:b7:d2:af:e3: d6:15:5e:c2:33:bb:7d:55:86:c2:0a:d3:76:f2:18: 23:65:f8:5b:35:29:02:19:fc:3a:1f:15:64:5f:39: 26:9f:db:bf:4d:d8:64:cc:95:59:5d:c5:f3:8a:c7: 76:43 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 3C:C5:9C:5B:80:AF:B4:9A:27:6E:D2:B3:2C:D5:6A:4F:91:BB:BF:7B X509v3 Authority Key Identifier: keyid:2A:69:D6:99:F1:3C:04:1B:FD:A3:DA:A5:7E:21:FF:AB:3C:53:ED:5F X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmnWmfE8BBv9o9qlfiH_qzxT7V8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9171927/FD8B22B0BC2F11EDA8F7653EC4F9AE02/KmnWmfE8BBv9o9qlfiH_qzxT7V8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 53:be:84:43:bf:33:8b:de:75:08:5b:8a:08:04:4e:ce:32:37: a3:77:49:58:57:e9:26:8e:9c:26:70:33:c4:e2:a0:be:02:ed: 76:3b:b9:96:fc:01:ed:3f:04:bd:af:7c:46:64:36:11:dd:7a: 91:1e:05:9b:71:6f:1a:b4:7e:51:5a:04:b1:18:37:a5:a1:a3: 67:97:67:9e:f6:6c:6e:5e:40:42:e4:93:5c:47:b1:ac:80:45: 58:4e:6f:4c:bc:be:13:96:af:63:7d:61:5b:fa:b5:45:08:3a: e7:83:fa:4d:c1:c5:06:42:34:3b:0d:d4:c9:3a:0d:66:2e:40: 5e:01:7f:89:1b:fe:29:fd:70:65:82:bf:ff:24:bd:9a:79:b0: 81:53:08:31:40:06:c7:b4:76:3b:c2:1e:21:63:72:dd:2e:9a: 78:0e:24:51:8b:81:aa:e9:2d:f4:90:42:3d:97:d1:6c:d6:d3: 1a:11:f1:d4:d6:9f:52:ea:63:35:40:24:27:ef:10:9e:a4:dc: f5:b9:63:8a:53:04:72:3a:db:c3:9b:65:e7:fe:94:b7:f0:98: 02:4c:73:44:29:c9:6f:d3:3d:ea:1e:e4:0e:e7:5e:5e:61:28: 45:2f:49:d7:01:b5:6a:2d:50:97:f4:b7:ad:2e:0f:3b:cc:2c: 6a:c2:9f:4c -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAd8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzE5MjcxMTAvBgNVBAUTKDJBNjlENjk5RjEzQzA0MUJGREEzREFBNTdFMjFGRkFC M0M1M0VENUYwHhcNMjUwODExMDMwMDA5WhcNMjUwODE4MDMwMDA5WjAYMRYwFAYD VQQDEw02ODk5NWNiOS0xOGMyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAziEdAsj5C9bdu8sAUrJ2iowqLOKIjYNBKsxfkXa4TthoYX4Q+fKLdRmu/bda E1hvHCxz13hp0dJ+K5B43tX8n3JO7ynM9KrYf+0JJ1xpfDbSgp0fl4s9kJPP2Ltq TqsPW8wxpVJ49bfqYs0xlI6FdGUBp05BqiFvXt+vNnl97eT3vxyX8fODkDCb/e1E BrBgm2YWbsk61cUexmZKUDPmXsZGofA0r9ROmwsX8RB2VSAif0/1iOV5hlw7st96 s3L8buBKJ8rnnyKeYIA/P7fSr+PWFV7CM7t9VYbCCtN28hgjZfhbNSkCGfw6HxVk Xzkmn9u/TdhkzJVZXcXzisd2QwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFDzFnFuA r7SaJ27SsyzVak+Ru797MB8GA1UdIwQYMBaAFCpp1pnxPAQb/aPapX4h/6s8U+1f MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MTkyNy9GRDhCMjJCMEJD MkYxMUVEQThGNzY1M0VDNEY5QUUwMi9LbW5XbWZFOEJCdjlvOXFsZmlIX3F6eFQ3 VjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0ttbldtZkU4QkJ2OW85cWxmaUhfcXp4VDdWOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MTkyNy9GRDhCMjJCMEJDMkYxMUVEQThGNzY1M0VDNEY5QUUwMi9LbW5XbWZFOEJC djlvOXFsZmlIX3F6eFQ3VjgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBTvoRDvzOL3nUIW4oIBE7OMjejd0lYV+kmjpwmcDPE4qC+Au12O7mW /AHtPwS9r3xGZDYR3XqRHgWbcW8atH5RWgSxGDeloaNnl2ee9mxuXkBC5JNcR7Gs gEVYTm9MvL4Tlq9jfWFb+rVFCDrng/pNwcUGQjQ7DdTJOg1mLkBeAX+JG/4p/XBl gr//JL2aebCBUwgxQAbHtHY7wh4hY3LdLpp4DiRRi4Gq6S30kEI9l9Fs1tMaEfHU 1p9S6mM1QCQn7xCepNz1uWOKUwRyOtvDm2Xn/pS38JgCTHNEKclv0z3qHuQO515e YShFL0nXAbVqLVCX9LetLg87zCxqwp9M -----END CERTIFICATE-----Generated at Mon Aug 11 05:24:18 2025 by rpki-client