$ rpki-client -vvf rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft File: KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft (raw, json) Hash identifier: 2d7HMTMHGF6+B4uz749906c0fRVEgK4BoNF2ZMo86MM= Subject key identifier: 65:E0:05:72:02:68:A3:6B:85:0D:26:D8:3C:47:EA:AF:6B:BE:DA:AA Authority key identifier: 2A:45:A4:1D:60:E2:F1:04:D3:DD:39:C8:6F:14:BC:59:00:88:3F:4B Certificate issuer: /CN=A91A4287/serialNumber=2A45A41D60E2F104D3DD39C86F14BC5900883F4B Certificate serial: 31 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft Manifest number: 30 Signing time: Thu 19 Jun 2025 07:03:06 +0000 Manifest this update: Thu 19 Jun 2025 07:03:05 +0000 Manifest next update: Thu 26 Jun 2025 07:03:05 +0000 Files and hashes: 1: KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl (hash: CQyMbEhBIB1W/KuH9QqEYjbiFxLrVN1pI1A7J7xGjs0=) 2: 8CC07FC0047211F0A6541526C4F9AE02.roa (hash: PgYYJ9/o38WTea0u5fJFPWCIw+78oj+kOWm1Hogb3eo=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 26 Jun 2025 07:03:04 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 49 (0x31) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A4287, serialNumber=2A45A41D60E2F104D3DD39C86F14BC5900883F4B Validity Not Before: Jun 19 07:03:05 2025 GMT Not After : Jun 26 07:03:05 2025 GMT Subject: CN=6853b629-5bf9 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c1:33:2d:7b:2d:22:f6:b2:d0:b0:48:7b:6c:f1: 26:7e:24:27:8b:65:e2:0a:c5:98:49:39:17:b6:c2: 6e:b0:4e:e6:a7:18:f7:bf:25:ef:e3:b4:0a:9e:27: d4:00:c6:51:40:bb:19:95:d0:1f:0c:29:28:d7:65: fd:7d:33:27:4a:ca:3d:c5:15:73:d4:7b:8e:dc:30: 9a:5d:53:3d:7d:ca:f7:d2:29:90:30:f8:7a:42:b9: 3d:cb:30:f5:0c:a2:7b:fa:9b:a2:9a:0b:c2:82:f4: 9c:48:94:ab:43:55:a9:1a:c3:25:5f:9e:9a:56:66: a3:cd:fa:0a:de:16:b6:47:01:39:b5:a1:12:36:6d: 34:24:b4:b0:18:7d:5f:84:de:f4:c0:7e:bd:c1:77: a6:ee:de:37:93:a0:5b:da:1c:24:3b:77:8b:90:7d: aa:63:91:6a:77:43:a1:1b:b4:7d:a7:fa:a6:f3:e6: 97:73:3f:c5:9a:71:e8:ed:b7:a3:d6:22:e0:8a:6d: 9e:b5:bb:a8:a9:6c:17:78:40:02:93:2d:d8:f5:e3: ce:4d:97:b3:c4:bd:d4:5f:d3:0b:7c:bc:3a:b6:87: 4d:34:69:76:ad:27:f2:da:dd:41:c0:66:a9:a5:d5: 56:ba:38:f3:bc:5f:f4:2d:e9:a2:43:9d:14:e3:8e: 55:ed Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 65:E0:05:72:02:68:A3:6B:85:0D:26:D8:3C:47:EA:AF:6B:BE:DA:AA X509v3 Authority Key Identifier: keyid:2A:45:A4:1D:60:E2:F1:04:D3:DD:39:C8:6F:14:BC:59:00:88:3F:4B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KkWkHWDi8QTT3TnIbxS8WQCIP0s.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A4287/37278C16046D11F0B77D0361C4F9AE02/KkWkHWDi8QTT3TnIbxS8WQCIP0s.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a0:47:a5:1c:88:ed:ba:e3:f0:c9:81:80:1e:0d:9c:7d:e2:81: e3:75:83:9b:19:30:6d:de:da:0f:d5:2b:8a:f2:06:db:f5:90: bc:5e:92:e6:ff:e5:51:b1:c7:ec:a9:d2:a6:1d:32:1a:81:84: 3a:62:ac:57:54:1a:8c:dc:89:40:03:53:19:89:02:3e:1c:24: 67:a7:68:f8:1e:5e:47:54:d5:5c:8d:33:98:53:a0:ac:cb:c4: e2:52:7c:a3:de:d5:af:61:8e:5b:59:9b:7d:73:93:8a:ad:7d: f8:ba:4d:9c:b2:ea:dd:d2:01:c3:04:b6:1f:8f:1f:e8:64:a5: 1d:e6:e0:25:b9:66:1c:c9:5b:14:04:88:32:2a:9e:2a:46:f0: e3:40:07:6b:01:7e:b4:80:48:36:c5:6c:ec:54:ff:a5:07:e5: 4f:6f:26:d3:ab:6c:8a:15:c8:db:a5:94:12:44:f8:20:ba:62: af:c8:44:18:1b:7b:84:81:68:85:b1:59:82:31:72:6a:5f:18: 9e:35:80:bc:91:cd:6e:27:b3:35:f7:f7:71:63:66:db:44:2e: 03:b4:67:67:61:c5:28:e0:6b:dd:8e:89:8d:bd:ff:77:56:bb: c4:7b:af:3a:5b:1e:f8:28:85:02:de:30:df:df:64:58:ad:01: a7:98:81:7c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBMTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTFB NDI4NzExMC8GA1UEBRMoMkE0NUE0MUQ2MEUyRjEwNEQzREQzOUM4NkYxNEJDNTkw MDg4M0Y0QjAeFw0yNTA2MTkwNzAzMDVaFw0yNTA2MjYwNzAzMDVaMBgxFjAUBgNV BAMTDTY4NTNiNjI5LTViZjkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDBMy17LSL2stCwSHts8SZ+JCeLZeIKxZhJORe2wm6wTuanGPe/Je/jtAqeJ9QA xlFAuxmV0B8MKSjXZf19MydKyj3FFXPUe47cMJpdUz19yvfSKZAw+HpCuT3LMPUM onv6m6KaC8KC9JxIlKtDVakawyVfnppWZqPN+greFrZHATm1oRI2bTQktLAYfV+E 3vTAfr3Bd6bu3jeToFvaHCQ7d4uQfapjkWp3Q6EbtH2n+qbz5pdzP8Wacejtt6PW IuCKbZ61u6ipbBd4QAKTLdj1485Nl7PEvdRf0wt8vDq2h000aXatJ/La3UHAZqml 1Va6OPO8X/Qt6aJDnRTjjlXtAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUZeAFcgJo o2uFDSbYPEfqr2u+2qowHwYDVR0jBBgwFoAUKkWkHWDi8QTT3TnIbxS8WQCIP0sw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0Mjg3LzM3Mjc4QzE2MDQ2 RDExRjBCNzdEMDM2MUM0RjlBRTAyL0trV2tIV0RpOFFUVDNUbklieFM4V1FDSVAw cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2tXa0hXRGk4UVRUM1RuSWJ4UzhXUUNJUDBzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MUE0 Mjg3LzM3Mjc4QzE2MDQ2RDExRjBCNzdEMDM2MUM0RjlBRTAyL0trV2tIV0RpOFFU VDNUbklieFM4V1FDSVAwcy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBAKBHpRyI7brj8MmBgB4NnH3igeN1g5sZMG3e2g/VK4ryBtv1kLxekub/ 5VGxx+yp0qYdMhqBhDpirFdUGozciUADUxmJAj4cJGenaPgeXkdU1VyNM5hToKzL xOJSfKPe1a9hjltZm31zk4qtffi6TZyy6t3SAcMEth+PH+hkpR3m4CW5ZhzJWxQE iDIqnipG8ONAB2sBfrSASDbFbOxU/6UH5U9vJtOrbIoVyNullBJE+CC6Yq/IRBgb e4SBaIWxWYIxcmpfGJ41gLyRzW4nszX393FjZttELgO0Z2dhxSjga92OiY29/3dW u8R7rzpbHvgohQLeMN/fZFitAaeYgXw= -----END CERTIFICATE-----Generated at Fri Jun 20 08:09:56 2025 by rpki-client