$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: bQj7kO8NBzw9c2bHzBnAJd1gEQOQ/EZ/FhXNcT6pPZc= Subject key identifier: 87:AA:79:1E:7F:66:DD:6A:F2:84:5E:41:31:8F:28:3C:E0:55:E2:74 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 063D Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 0637 Signing time: Wed 18 Jun 2025 22:15:48 +0000 Manifest this update: Wed 18 Jun 2025 22:15:47 +0000 Manifest next update: Wed 25 Jun 2025 22:15:47 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: VfuExzJpC0iVVLUQWRWsrwpcpMSEoBc+/gVsrxJY9WM=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 22:15:46 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1597 (0x63d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Jun 18 22:15:47 2025 GMT Not After : Jun 25 22:15:47 2025 GMT Subject: CN=68533a93-db09 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c7:38:68:d1:71:ad:cc:e0:a9:0c:fe:05:97:e8: 33:04:79:fe:f8:60:de:e6:22:84:6a:e1:cd:d9:68: 1f:fa:95:cc:5e:d2:45:46:10:5e:a0:69:35:5f:12: 72:8e:b6:90:31:98:b3:38:aa:24:7b:51:ed:48:7f: fc:4c:e8:e6:00:6c:8d:0f:9d:f6:65:91:9c:36:35: e1:69:6a:00:8c:7b:d4:ef:c0:44:ba:4f:cf:b0:e2: 07:bf:5a:dd:0f:63:0b:ee:c9:8c:99:7d:9d:11:88: 87:e3:45:61:71:3c:b4:42:02:75:f4:70:d0:32:ce: fd:48:82:4e:0e:cd:3b:55:58:d4:5e:d2:c8:71:a1: 09:77:bb:fe:19:6c:25:95:a6:d6:3f:14:25:46:56: 4f:6d:6f:aa:30:f4:d7:ef:8d:8d:df:66:37:ae:fa: e6:4e:48:45:5e:28:10:78:4a:89:71:6f:08:2b:c5: 9a:d0:75:d2:b6:ff:2a:ce:d3:72:96:6e:0a:30:9d: 44:2b:d7:3a:5f:44:c8:50:e4:07:f8:86:50:2c:57: 80:3f:5d:ef:1f:26:49:70:ca:56:67:6f:73:ac:67: 15:cc:11:cb:4d:56:1d:df:7e:cf:b6:4d:56:09:31: 2c:ad:bb:4c:6e:81:b4:97:83:dd:e2:ca:02:3f:9d: fe:a9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 87:AA:79:1E:7F:66:DD:6A:F2:84:5E:41:31:8F:28:3C:E0:55:E2:74 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 5f:db:74:40:2f:d7:59:8d:aa:f9:47:c8:81:0e:ba:1c:58:e3: a6:8b:c0:dc:a9:cc:0b:31:15:c7:2a:ff:2d:c7:6e:2b:b2:2e: b0:49:cb:49:88:42:e9:ff:1d:23:35:e0:93:a1:d9:90:42:a7: 8c:1d:3d:50:64:9c:63:13:5e:13:6f:07:51:cf:a8:76:05:ff: e8:22:a7:d5:d3:fb:dd:84:5a:84:16:07:de:ab:de:32:43:41: 93:bb:e3:44:83:21:f5:6c:b1:c1:7f:c7:6c:35:06:99:83:c9: 48:60:ca:80:88:ea:15:0d:0a:86:0a:63:77:ea:74:26:98:bf: 53:f1:a8:22:0d:aa:5a:dd:3d:f3:c8:41:ee:d1:39:bf:20:94: 7c:b3:1a:4b:2f:68:f6:aa:85:19:17:49:7f:38:48:07:aa:5d: b5:88:b8:3d:bf:b8:f9:27:b0:8a:46:11:45:31:6a:a0:69:62: 80:32:d7:bc:25:da:77:da:53:66:de:45:42:5b:38:ae:07:cf: 4d:3b:2e:6c:93:7c:c3:11:06:7d:27:b2:08:0f:3f:2a:f3:c3: 7d:67:fe:52:a3:53:82:f6:80:c6:22:2a:52:bf:2c:e5:69:3e: fa:da:0e:4a:c0:78:50:b1:56:4b:83:52:d5:12:fa:22:ad:95: c0:ca:36:99 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBj0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwNjE4MjIxNTQ3WhcNMjUwNjI1MjIxNTQ3WjAYMRYwFAYD VQQDEw02ODUzM2E5My1kYjA5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAxzho0XGtzOCpDP4Fl+gzBHn++GDe5iKEauHN2Wgf+pXMXtJFRhBeoGk1XxJy jraQMZizOKoke1HtSH/8TOjmAGyND532ZZGcNjXhaWoAjHvU78BEuk/PsOIHv1rd D2ML7smMmX2dEYiH40VhcTy0QgJ19HDQMs79SIJODs07VVjUXtLIcaEJd7v+GWwl labWPxQlRlZPbW+qMPTX742N32Y3rvrmTkhFXigQeEqJcW8IK8Wa0HXStv8qztNy lm4KMJ1EK9c6X0TIUOQH+IZQLFeAP13vHyZJcMpWZ29zrGcVzBHLTVYd337Ptk1W CTEsrbtMboG0l4Pd4soCP53+qQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIeqeR5/ Zt1q8oReQTGPKDzgVeJ0MB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBf23RAL9dZjar5R8iBDrocWOOmi8DcqcwLMRXHKv8tx24rsi6wSctJ iELp/x0jNeCTodmQQqeMHT1QZJxjE14TbwdRz6h2Bf/oIqfV0/vdhFqEFgfeq94y Q0GTu+NEgyH1bLHBf8dsNQaZg8lIYMqAiOoVDQqGCmN36nQmmL9T8agiDapa3T3z yEHu0Tm/IJR8sxpLL2j2qoUZF0l/OEgHql21iLg9v7j5J7CKRhFFMWqgaWKAMte8 Jdp32lNm3kVCWziuB89NOy5sk3zDEQZ9J7IIDz8q88N9Z/5So1OC9oDGIipSvyzl aT762g5KwHhQsVZLg1LVEvoirZXAyjaZ -----END CERTIFICATE-----Generated at Fri Jun 20 19:35:08 2025 by rpki-client