$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: 55wLLquIPBeJ6Trd7PxrWUEYjh9Ig/pHSyvVoGP6I1E= Subject key identifier: 61:FE:74:2C:84:6F:14:58:9F:90:34:12:BB:E9:03:0C:FC:7B:3B:B6 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 0658 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 0652 Signing time: Sun 10 Aug 2025 22:25:44 +0000 Manifest this update: Sun 10 Aug 2025 22:25:44 +0000 Manifest next update: Sun 17 Aug 2025 22:25:44 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: emPAurmbpkn+nGfdJis0eFgyfS7BvZYfP/MsfZDebe0=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1624 (0x658) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Aug 10 22:25:44 2025 GMT Not After : Aug 17 22:25:44 2025 GMT Subject: CN=68991c68-76f5 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c8:f5:9d:ce:72:15:70:4b:1e:fd:d7:6b:57:93: 0a:e4:cc:cb:d5:5d:5d:78:a0:f3:9a:40:5b:81:80: 56:ec:fe:2e:9c:bf:a5:ca:32:09:eb:42:fa:a2:40: d8:06:dc:0a:a0:8f:78:00:7a:de:a0:9b:07:4f:e2: c9:88:09:45:b0:d2:73:8a:75:a3:be:f2:06:7f:41: 10:1e:ac:75:31:4d:e7:c6:bd:ff:0e:38:95:7a:d2: ad:01:31:a0:db:be:98:c7:5a:e9:63:f1:0c:43:94: d9:2e:7e:fb:8e:80:a8:b3:58:92:66:42:97:b1:73: 85:2c:86:6f:52:40:ff:dd:f7:63:b2:0c:7a:42:73: 50:53:8c:97:b6:27:3c:a6:2c:f9:f3:a8:71:61:18: 98:2b:2c:5d:3c:32:fb:0b:f7:99:ab:d2:05:03:ef: a0:9d:34:2b:bc:dd:87:70:48:02:02:67:cc:6a:c9: 6d:7e:44:66:f3:e0:f8:39:b1:82:22:db:b7:ff:34: 40:25:ee:98:e7:1b:6a:b6:a6:c8:ef:f6:7e:19:b6: 94:d6:cf:cc:21:9e:37:31:f8:42:62:a1:14:45:67: 37:00:b0:4c:c1:d7:e2:d1:3f:4a:30:79:7d:6d:60: fe:b2:ea:22:bd:e8:a5:2b:25:20:58:c1:68:f7:c6: 38:45 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 61:FE:74:2C:84:6F:14:58:9F:90:34:12:BB:E9:03:0C:FC:7B:3B:B6 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 8a:75:7b:79:dc:dd:aa:62:f4:81:45:8f:e6:b9:76:94:5f:94: a9:3e:03:fe:a5:32:04:97:f7:5b:08:69:ad:87:f6:1d:25:f4: 85:04:f4:3c:b8:73:17:5f:89:ff:27:67:78:bf:31:99:b8:63: 05:73:db:3f:bb:52:ec:17:87:6d:2a:ea:93:5b:22:ca:31:f9: 84:8e:8e:26:c6:bb:b0:f7:ba:2b:bf:34:a5:c3:65:bf:1d:4b: 26:f0:94:7c:f6:d5:1a:e6:d7:0e:8e:6f:9f:99:ef:0a:77:8b: cf:5b:a6:8f:c4:77:a0:e8:2e:12:85:74:d8:50:7b:74:92:46: cf:a1:7f:c0:77:22:c3:76:df:95:7f:c8:a4:a6:f2:ce:e1:fc: f3:a1:fc:64:0d:83:98:05:77:39:c8:58:10:5c:4b:b9:30:82: 74:a2:01:f9:01:a8:28:c4:4f:e8:cd:19:d9:e0:77:ba:6f:29: 82:c6:11:cf:41:6f:5c:59:2d:f1:16:d1:9b:92:40:63:77:b9: 96:c7:2b:2f:45:e2:b1:63:78:30:4f:d1:e4:4d:13:17:90:06: fb:60:9d:37:dc:32:bb:fe:8d:50:11:dd:2b:06:77:8d:bd:db: 8e:90:1a:14:d8:bc:ed:62:83:99:ae:92:2e:bc:0b:41:a6:4b: a9:92:53:36 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBlgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwODEwMjIyNTQ0WhcNMjUwODE3MjIyNTQ0WjAYMRYwFAYD VQQDEw02ODk5MWM2OC03NmY1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAyPWdznIVcEse/ddrV5MK5MzL1V1deKDzmkBbgYBW7P4unL+lyjIJ60L6okDY BtwKoI94AHreoJsHT+LJiAlFsNJzinWjvvIGf0EQHqx1MU3nxr3/DjiVetKtATGg 276Yx1rpY/EMQ5TZLn77joCos1iSZkKXsXOFLIZvUkD/3fdjsgx6QnNQU4yXtic8 piz586hxYRiYKyxdPDL7C/eZq9IFA++gnTQrvN2HcEgCAmfMasltfkRm8+D4ObGC Itu3/zRAJe6Y5xtqtqbI7/Z+GbaU1s/MIZ43MfhCYqEURWc3ALBMwdfi0T9KMHl9 bWD+suoiveilKyUgWMFo98Y4RQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGH+dCyE bxRYn5A0ErvpAwz8ezu2MB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCKdXt53N2qYvSBRY/muXaUX5SpPgP+pTIEl/dbCGmth/YdJfSFBPQ8 uHMXX4n/J2d4vzGZuGMFc9s/u1LsF4dtKuqTWyLKMfmEjo4mxruw97orvzSlw2W/ HUsm8JR89tUa5tcOjm+fme8Kd4vPW6aPxHeg6C4ShXTYUHt0kkbPoX/AdyLDdt+V f8ikpvLO4fzzofxkDYOYBXc5yFgQXEu5MIJ0ogH5AagoxE/ozRnZ4He6bymCxhHP QW9cWS3xFtGbkkBjd7mWxysvReKxY3gwT9HkTRMXkAb7YJ033DK7/o1QEd0rBneN vduOkBoU2LztYoOZrpIuvAtBpkupklM2 -----END CERTIFICATE-----Generated at Mon Aug 11 12:58:27 2025 by rpki-client