$ rpki-client -vvf rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft File: KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft (raw, json) Hash identifier: a+SVJSccs/1wg/4nCfZz+xTImm4NfjNXfck2QEcwprw= Subject key identifier: B5:F9:AE:5B:A0:1C:E7:3D:58:C6:4D:26:9B:F2:0A:B2:9B:56:99:A5 Authority key identifier: 2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B Certificate issuer: /CN=A91B7897/serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Certificate serial: 0286 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft Manifest number: 027A Signing time: Tue 05 Aug 2025 02:21:56 +0000 Manifest this update: Tue 05 Aug 2025 02:21:56 +0000 Manifest next update: Tue 12 Aug 2025 02:21:56 +0000 Files and hashes: 1: KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl (hash: DQZj+DWuhvONXjajy86BxTCBO9nqrGxHtEoU4uBK91o=) 2: 6C83604E1E2711EDAA33DF76C4F9AE02.roa (hash: bzrwDCcFjUbW1ddYfzBH2lmiEyj4Sa0r3rrfjXsh0+Q=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 02:21:55 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 646 (0x286) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91B7897, serialNumber=2AA278944B410FA2C83B7C2AF32C66AFA20C127B Validity Not Before: Aug 5 02:21:56 2025 GMT Not After : Aug 12 02:21:56 2025 GMT Subject: CN=68916ac4-083d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e8:36:a3:44:c5:b1:e9:95:e9:c2:0c:f5:3b:3a: d9:e9:56:f0:2d:90:74:1e:c0:34:bc:fa:36:3d:bb: fc:85:6f:a8:a1:8f:87:be:49:f5:2b:96:1b:33:cf: 53:44:fe:85:f5:70:66:02:30:d8:ef:f1:71:fd:33: 09:45:32:db:6e:2e:84:1f:ef:49:ca:f3:64:95:a7: 59:37:52:1d:1f:af:42:72:3b:ac:2a:5a:ad:e8:25: f5:e9:83:21:3c:d0:81:da:88:ee:45:6b:5a:b8:93: 4b:6c:48:21:3f:07:d5:cd:af:91:6d:82:e2:d5:6a: 75:81:90:eb:1c:18:0d:5a:88:84:e8:2d:48:05:8e: f2:d3:67:45:a5:34:e5:cd:a4:d9:73:77:60:51:82: ab:cd:f6:57:68:c2:64:8a:23:00:df:48:98:46:2d: 24:74:30:98:70:e7:73:5a:6d:f3:68:71:64:a6:bc: 31:10:59:e8:0c:41:36:21:a2:32:e1:81:8e:af:dc: a3:f0:03:cd:32:58:43:c9:4a:2f:2c:20:83:89:29: b0:2d:6b:68:35:a6:4b:1e:bb:cd:b5:d9:3f:f2:67: 0e:5d:07:23:5a:64:b9:0d:5d:91:e7:d6:e0:ea:01: 36:89:2a:77:a2:92:f4:b2:48:2d:08:92:5a:13:c9: c3:77 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: B5:F9:AE:5B:A0:1C:E7:3D:58:C6:4D:26:9B:F2:0A:B2:9B:56:99:A5 X509v3 Authority Key Identifier: keyid:2A:A2:78:94:4B:41:0F:A2:C8:3B:7C:2A:F3:2C:66:AF:A2:0C:12:7B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KqJ4lEtBD6LIO3wq8yxmr6IMEns.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91B7897/B6C5941C1D3511EDA5E6307DC4F9AE02/KqJ4lEtBD6LIO3wq8yxmr6IMEns.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9f:95:aa:7d:dc:16:df:89:c6:bc:24:a3:95:6d:73:2d:4f:4f: b3:28:2c:b5:bc:06:f4:3f:49:ee:c8:bb:87:22:71:53:69:d8: c0:31:74:5e:8d:ce:6c:f5:d9:a5:80:a8:fe:ac:3f:7f:1b:92: 89:95:53:9e:5d:f6:19:4c:0b:69:6b:e6:c0:2b:0e:2e:d3:08: 14:05:53:3c:51:5a:8b:a0:ad:e6:3c:d4:d5:87:2d:83:74:9d: bc:0e:7d:a5:11:9c:33:18:c8:e0:9a:75:82:8f:01:fe:6c:31: e2:86:2f:6a:ed:28:70:99:d4:2f:3f:74:3e:7f:16:5d:da:70: cc:e1:dd:ba:94:0d:f1:58:5c:9c:d0:47:82:4f:5b:ab:66:d5: 45:88:13:ee:20:29:3c:52:ea:ff:05:e9:06:ac:6d:74:66:1b: d6:96:31:82:76:65:fc:5d:2c:af:bc:39:60:df:74:e6:a8:b1: 05:0b:d5:bb:43:88:ea:69:6d:2a:2d:8c:85:0a:7d:dd:7a:68: d5:33:6f:b9:2c:9f:aa:b5:db:b5:e6:39:45:a6:0a:31:d0:2f: 7c:58:8f:a0:80:d9:f0:03:cc:bf:18:10:a2:c4:41:78:07:c5: 08:12:ce:49:cc:dc:c2:21:bb:2b:f0:99:ba:9d:51:9d:8d:52: bf:5c:90:1f -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAoYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Qjc4OTcxMTAvBgNVBAUTKDJBQTI3ODk0NEI0MTBGQTJDODNCN0MyQUYzMkM2NkFG QTIwQzEyN0IwHhcNMjUwODA1MDIyMTU2WhcNMjUwODEyMDIyMTU2WjAYMRYwFAYD VQQDEw02ODkxNmFjNC0wODNkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6DajRMWx6ZXpwgz1OzrZ6VbwLZB0HsA0vPo2Pbv8hW+ooY+Hvkn1K5YbM89T RP6F9XBmAjDY7/Fx/TMJRTLbbi6EH+9JyvNkladZN1IdH69CcjusKlqt6CX16YMh PNCB2ojuRWtauJNLbEghPwfVza+RbYLi1Wp1gZDrHBgNWoiE6C1IBY7y02dFpTTl zaTZc3dgUYKrzfZXaMJkiiMA30iYRi0kdDCYcOdzWm3zaHFkprwxEFnoDEE2IaIy 4YGOr9yj8APNMlhDyUovLCCDiSmwLWtoNaZLHrvNtdk/8mcOXQcjWmS5DV2R59bg 6gE2iSp3opL0skgtCJJaE8nDdwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFLX5rlug HOc9WMZNJpvyCrKbVpmlMB8GA1UdIwQYMBaAFCqieJRLQQ+iyDt8KvMsZq+iDBJ7 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFCNzg5Ny9CNkM1OTQxQzFE MzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2TElPM3dxOHl4bXI2SU1F bnMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0txSjRsRXRCRDZMSU8zd3E4eXhtcjZJTUVucy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFC Nzg5Ny9CNkM1OTQxQzFEMzUxMUVEQTVFNjMwN0RDNEY5QUUwMi9LcUo0bEV0QkQ2 TElPM3dxOHl4bXI2SU1FbnMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCflap93Bbfica8JKOVbXMtT0+zKCy1vAb0P0nuyLuHInFTadjAMXRe jc5s9dmlgKj+rD9/G5KJlVOeXfYZTAtpa+bAKw4u0wgUBVM8UVqLoK3mPNTVhy2D dJ28Dn2lEZwzGMjgmnWCjwH+bDHihi9q7ShwmdQvP3Q+fxZd2nDM4d26lA3xWFyc 0EeCT1urZtVFiBPuICk8Uur/BekGrG10ZhvWljGCdmX8XSyvvDlg33TmqLEFC9W7 Q4jqaW0qLYyFCn3demjVM2+5LJ+qtdu15jlFpgox0C98WI+ggNnwA8y/GBCixEF4 B8UIEs5JzNzCIbsr8Jm6nVGdjVK/XJAf -----END CERTIFICATE-----Generated at Wed Aug 6 11:10:39 2025 by rpki-client