$ rpki-client -vvf rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft File: kJUWWXx2-jz_qxUgjArpiGY0qgM.mft (raw, json) Hash identifier: ySJUF2DPUMJJHqWeSCwC4Ogcaw73DQ3os2WwIco2nnA= Subject key identifier: FD:60:94:83:28:0E:B8:33:57:7C:4A:30:77:9F:56:E4:F6:8D:96:EF Authority key identifier: 90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 Certificate issuer: /CN=A91847A2/serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Certificate serial: 0AB3 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft Manifest number: 0AAB Signing time: Wed 18 Jun 2025 19:26:16 +0000 Manifest this update: Wed 18 Jun 2025 19:26:15 +0000 Manifest next update: Wed 25 Jun 2025 19:26:15 +0000 Files and hashes: 1: kJUWWXx2-jz_qxUgjArpiGY0qgM.crl (hash: zM1/i7Q5V7tHXOF5kR5l/Mu6uCGjQzfs0QSf18ZxbwA=) 2: 54EDB8542E1811EBB4E80B1FC4F9AE02.roa (hash: 3V95dG8EwbjGC7EMndTVlVAHQWvt90W2HKQwUZ++P/E=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 25 Jun 2025 19:26:14 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2739 (0xab3) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91847A2, serialNumber=909516597C76FA3CFFAB15208C0AE9886634AA03 Validity Not Before: Jun 18 19:26:15 2025 GMT Not After : Jun 25 19:26:15 2025 GMT Subject: CN=685312d7-3372 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e9:20:8a:4a:44:3e:77:03:54:df:ce:ad:ce:9e: fa:1b:20:d6:7f:b6:75:19:2c:23:54:96:16:b2:1d: b6:1b:71:89:e2:44:f3:8e:b5:14:c1:7a:e2:ff:a7: 38:d8:f8:bf:b0:4a:05:0f:04:cc:b2:41:28:66:4c: 08:f5:2b:d1:ab:85:21:fb:8a:f0:53:da:cb:ad:0b: 62:61:8f:67:97:a1:b1:ef:4d:9c:b0:5d:a6:fb:94: 91:c2:87:4a:0f:6a:59:93:7c:49:ab:08:33:a4:51: 4e:f9:07:41:6a:27:0f:15:85:fb:ac:3d:9b:df:52: 34:66:da:83:72:9e:9e:3e:c6:fb:99:3f:c8:0d:15: 21:7a:61:1b:a8:5c:a9:2f:10:4d:71:d0:4b:92:e5: 6f:39:ca:ba:79:8d:b7:41:76:0b:ec:d1:36:5d:ca: d8:18:95:cf:b6:3d:99:23:cf:d8:61:9d:5e:0b:e7: c9:4f:e2:21:12:e0:1e:81:e8:7f:42:99:bf:8b:0a: 41:76:e6:68:32:51:f0:24:e8:30:d1:0c:ee:2e:40: 2b:b2:8e:4a:d3:6d:b0:04:44:e7:d7:2f:83:a8:db: 94:53:a8:4d:c3:97:c2:c9:0f:bf:4d:70:09:ec:50: 43:8d:c7:fc:31:5c:38:63:ca:3c:6c:77:80:9c:24: 60:11 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: FD:60:94:83:28:0E:B8:33:57:7C:4A:30:77:9F:56:E4:F6:8D:96:EF X509v3 Authority Key Identifier: keyid:90:95:16:59:7C:76:FA:3C:FF:AB:15:20:8C:0A:E9:88:66:34:AA:03 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kJUWWXx2-jz_qxUgjArpiGY0qgM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91847A2/AED3D35E594211EA936FCE43C4F9AE02/kJUWWXx2-jz_qxUgjArpiGY0qgM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9d:7c:5f:ff:7b:91:1b:b1:59:c7:10:6f:b0:de:7c:c6:f0:50: 98:6f:13:00:56:9e:b4:b3:e7:7f:7a:a5:0f:65:e5:4c:59:a8: 57:6b:7c:6f:bf:a4:df:30:64:50:60:48:68:18:ab:2f:3b:5d: fd:58:cc:06:b9:a0:13:b3:57:cf:ab:99:1a:e7:5a:0f:dd:69: 2b:de:c5:b3:42:05:49:14:ec:90:53:c6:ec:9e:89:a4:ab:ee: 52:33:50:c1:d0:a6:60:c9:4a:7c:08:bd:e8:10:7d:00:fc:a3: 81:b2:14:85:6d:e9:e5:20:81:a6:67:77:23:77:23:cb:b0:41: 76:5b:d4:6d:56:00:bd:f1:9e:1d:86:e5:cc:04:6f:0e:8d:99: 08:f3:07:f9:ef:6c:c6:51:4e:5a:b4:ea:fd:4a:25:52:0d:cc: 56:d3:78:02:62:3e:c2:71:7e:a9:24:8a:e0:12:1c:15:af:59: 6b:8b:46:a6:1c:5f:49:44:0b:8b:3e:78:86:85:34:fd:36:d9: 00:1b:cf:9a:56:bb:5c:bd:6a:61:d5:04:23:7c:0c:05:f9:fb: 53:f9:69:21:13:5f:56:9f:62:ed:ac:51:f0:2a:cf:c9:79:ce: 88:f9:5f:88:18:85:2c:04:d7:3c:f4:3c:6c:13:fc:c3:36:66: 23:ea:59:ff -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCrMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODQ3QTIxMTAvBgNVBAUTKDkwOTUxNjU5N0M3NkZBM0NGRkFCMTUyMDhDMEFFOTg4 NjYzNEFBMDMwHhcNMjUwNjE4MTkyNjE1WhcNMjUwNjI1MTkyNjE1WjAYMRYwFAYD VQQDEw02ODUzMTJkNy0zMzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6SCKSkQ+dwNU386tzp76GyDWf7Z1GSwjVJYWsh22G3GJ4kTzjrUUwXri/6c4 2Pi/sEoFDwTMskEoZkwI9SvRq4Uh+4rwU9rLrQtiYY9nl6Gx702csF2m+5SRwodK D2pZk3xJqwgzpFFO+QdBaicPFYX7rD2b31I0ZtqDcp6ePsb7mT/IDRUhemEbqFyp LxBNcdBLkuVvOcq6eY23QXYL7NE2XcrYGJXPtj2ZI8/YYZ1eC+fJT+IhEuAegeh/ Qpm/iwpBduZoMlHwJOgw0QzuLkArso5K022wBETn1y+DqNuUU6hNw5fCyQ+/TXAJ 7FBDjcf8MVw4Y8o8bHeAnCRgEQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFP1glIMo DrgzV3xKMHefVuT2jZbvMB8GA1UdIwQYMBaAFJCVFll8dvo8/6sVIIwK6YhmNKoD MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NDdBMi9BRUQzRDM1RTU5 NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rSlVXV1h4Mi1qel9xeFVnakFycGlHWTBx Z00uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tKVVdXWHgyLWp6X3F4VWdqQXJwaUdZMHFnTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NDdBMi9BRUQzRDM1RTU5NDIxMUVBOTM2RkNFNDNDNEY5QUUwMi9rSlVXV1h4Mi1q el9xeFVnakFycGlHWTBxZ00ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCdfF//e5EbsVnHEG+w3nzG8FCYbxMAVp60s+d/eqUPZeVMWahXa3xv v6TfMGRQYEhoGKsvO139WMwGuaATs1fPq5ka51oP3Wkr3sWzQgVJFOyQU8bsnomk q+5SM1DB0KZgyUp8CL3oEH0A/KOBshSFbenlIIGmZ3cjdyPLsEF2W9RtVgC98Z4d huXMBG8OjZkI8wf572zGUU5atOr9SiVSDcxW03gCYj7CcX6pJIrgEhwVr1lri0am HF9JRAuLPniGhTT9NtkAG8+aVrtcvWph1QQjfAwF+ftT+WkhE19Wn2LtrFHwKs/J ec6I+V+IGIUsBNc89DxsE/zDNmYj6ln/ -----END CERTIFICATE-----Generated at Fri Jun 20 17:01:58 2025 by rpki-client