$ rpki-client -vvf rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft File: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft (raw, json) Hash identifier: 9Xr98u1OW8cIik1psYDspciEFHYyPAERheKhT82Y40U= Subject key identifier: 58:4D:95:51:6B:C3:B7:24:ED:E6:33:0F:AF:B4:4D:AF:C2:4B:03:88 Authority key identifier: 28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 Certificate issuer: /CN=A91C5021/serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Certificate serial: 0743 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft Manifest number: 072C Signing time: Mon 16 Jun 2025 21:33:34 +0000 Manifest this update: Mon 16 Jun 2025 21:33:34 +0000 Manifest next update: Mon 23 Jun 2025 21:33:34 +0000 Files and hashes: 1: KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl (hash: R4zC83z+ppGETqmh7b4uS72Uz3b9zrMW80ifGmG6uSk=) 2: C42CEC7ECC3611EF9C79665CC4F9AE02.roa (hash: +9I46oBmobqbn5rox7c5LlYsiP1+hncBa8w/SO0pYyk=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 23 Jun 2025 21:33:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1859 (0x743) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91C5021, serialNumber=28F07110E43584A3BA6A3A4A87D68E9EB7D3E902 Validity Not Before: Jun 16 21:33:34 2025 GMT Not After : Jun 23 21:33:34 2025 GMT Subject: CN=68508dae-81c3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ee:9d:c8:0e:83:79:01:87:fc:e0:90:a7:fe:a5: 6d:03:53:61:b4:8a:be:cd:83:a5:9b:c2:46:76:f4: 28:65:68:b1:a2:af:87:27:a1:76:c8:50:02:10:17: 10:68:07:a3:75:d8:b6:de:ce:9a:11:42:1f:f5:20: 28:4b:e6:12:5b:d3:99:1b:c3:7e:a9:bc:05:5b:40: 0d:a0:04:8f:58:b6:a8:a8:c0:83:2d:ab:9e:c0:79: 56:ec:ea:dc:b2:a0:7c:9b:c1:d1:cc:f1:9f:14:b1: 41:79:fe:d4:81:3a:71:6d:4f:5d:27:ca:07:2d:bb: bc:ba:f7:13:81:c3:49:64:b9:1b:b7:70:b9:49:21: 68:84:b3:b0:c5:c2:82:9d:58:80:b5:b2:f0:d0:9b: 38:d9:d2:f3:06:3e:a5:24:81:9c:1b:bf:aa:65:10: 3e:fc:88:9a:02:78:a5:be:7d:f3:6e:bf:71:6d:72: b9:e5:14:18:a0:7c:4c:c4:10:81:7a:68:1e:42:35: 67:d6:79:9d:48:df:38:8e:cd:5a:48:23:f7:c9:55: 6b:1a:90:94:9d:af:89:a4:56:b3:0b:16:b5:2c:84: 50:9c:08:1a:ce:f8:02:5d:6e:20:37:c0:e9:8a:55: 83:af:ff:a6:f7:f0:7f:e6:ed:30:8b:6f:eb:20:b8: 66:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 58:4D:95:51:6B:C3:B7:24:ED:E6:33:0F:AF:B4:4D:AF:C2:4B:03:88 X509v3 Authority Key Identifier: keyid:28:F0:71:10:E4:35:84:A3:BA:6A:3A:4A:87:D6:8E:9E:B7:D3:E9:02 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91C5021/9AFD486C3BBC11EBA776F161C4F9AE02/KPBxEOQ1hKO6ajpKh9aOnrfT6QI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0d:e5:fc:36:8d:73:27:d0:b6:18:7c:9e:2f:ab:94:e7:73:f7: 36:df:cd:f3:88:36:71:53:d6:fc:4f:eb:19:2b:60:67:ae:75: 01:32:aa:ac:9e:83:99:25:24:a1:fa:2f:a9:62:fc:52:c2:7a: 9c:04:6f:09:ae:f2:7b:fd:ce:73:07:01:3c:31:0d:92:7a:36: 00:89:20:47:60:15:e6:c9:da:5d:02:9a:e2:89:e0:72:63:b0: 59:19:2b:7d:1d:8d:c1:b2:0f:34:e8:ab:f5:d3:e1:66:9e:0c: 82:10:f7:89:95:46:89:7d:c6:6f:5c:51:36:cf:cf:f0:aa:17: ab:88:08:a4:f9:30:84:5f:5e:31:b4:64:3c:c3:a7:dd:3a:b0: 1d:57:f4:ec:c8:b6:3a:29:28:f3:7b:71:7a:cc:cb:c0:84:c4: 21:7c:0d:dd:4d:a2:c0:6f:d3:62:3b:90:37:d6:a1:8e:08:a6: b5:d5:d9:3d:d3:a9:08:70:36:87:4e:35:95:48:81:0c:a8:6d: 6e:bd:8f:a9:3b:e3:d6:3c:82:e5:d6:14:23:4b:72:bf:f1:09: 2f:f0:f7:b0:15:98:97:80:76:70:42:20:e8:c5:21:58:5e:65: 42:7b:07:51:14:07:09:be:c3:71:2c:2e:10:0b:ed:db:94:c5: 55:50:58:08 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICB0MwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QzUwMjExMTAvBgNVBAUTKDI4RjA3MTEwRTQzNTg0QTNCQTZBM0E0QTg3RDY4RTlF QjdEM0U5MDIwHhcNMjUwNjE2MjEzMzM0WhcNMjUwNjIzMjEzMzM0WjAYMRYwFAYD VQQDEw02ODUwOGRhZS04MWMzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA7p3IDoN5AYf84JCn/qVtA1NhtIq+zYOlm8JGdvQoZWixoq+HJ6F2yFACEBcQ aAejddi23s6aEUIf9SAoS+YSW9OZG8N+qbwFW0ANoASPWLaoqMCDLauewHlW7Orc sqB8m8HRzPGfFLFBef7UgTpxbU9dJ8oHLbu8uvcTgcNJZLkbt3C5SSFohLOwxcKC nViAtbLw0Js42dLzBj6lJIGcG7+qZRA+/IiaAnilvn3zbr9xbXK55RQYoHxMxBCB emgeQjVn1nmdSN84js1aSCP3yVVrGpCUna+JpFazCxa1LIRQnAgazvgCXW4gN8Dp ilWDr/+m9/B/5u0wi2/rILhmJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFFhNlVFr w7ck7eYzD6+0Ta/CSwOIMB8GA1UdIwQYMBaAFCjwcRDkNYSjumo6SofWjp630+kC MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDNTAyMS85QUZENDg2QzNC QkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhLTzZhanBLaDlhT25yZlQ2 UUkuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tQQnhFT1ExaEtPNmFqcEtoOWFPbnJmVDZRSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD NTAyMS85QUZENDg2QzNCQkMxMUVCQTc3NkYxNjFDNEY5QUUwMi9LUEJ4RU9RMWhL TzZhanBLaDlhT25yZlQ2UUkubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAN5fw2jXMn0LYYfJ4vq5Tnc/c2383ziDZxU9b8T+sZK2BnrnUBMqqs noOZJSSh+i+pYvxSwnqcBG8JrvJ7/c5zBwE8MQ2SejYAiSBHYBXmydpdApriieBy Y7BZGSt9HY3Bsg806Kv10+FmngyCEPeJlUaJfcZvXFE2z8/wqheriAik+TCEX14x tGQ8w6fdOrAdV/TsyLY6KSjze3F6zMvAhMQhfA3dTaLAb9NiO5A31qGOCKa11dk9 06kIcDaHTjWVSIEMqG1uvY+pO+PWPILl1hQjS3K/8Qkv8PewFZiXgHZwQiDoxSFY XmVCewdRFAcJvsNxLC4QC+3blMVVUFgI -----END CERTIFICATE-----Generated at Wed Jun 18 15:59:59 2025 by rpki-client