$ rpki-client -vvf rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft File: km2a3G-4c9dlu0EicoDB8RhG7hc.mft (raw, json) Hash identifier: RTQ9sTSax2JOG7tdu8u8rND1OoVayUr6vQjK5yhNrzU= Subject key identifier: 0A:0C:07:DC:21:2F:7F:E0:24:DA:06:73:73:3F:8B:82:0B:28:DA:A3 Authority key identifier: 92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 Certificate issuer: /CN=A91EBA0E/serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Certificate serial: 01D9 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft Manifest number: 01CF Signing time: Tue 05 Aug 2025 03:24:45 +0000 Manifest this update: Tue 05 Aug 2025 03:24:45 +0000 Manifest next update: Tue 12 Aug 2025 03:24:44 +0000 Files and hashes: 1: km2a3G-4c9dlu0EicoDB8RhG7hc.crl (hash: DhOg7e2S+N2Dki7mDGmzO2KWeki+ym18+ydjNvluvBk=) 2: 1B5E26228FA911EF90043A7CC4F9AE02.roa (hash: Kf03AsTj/sjKaJ/vafb1jrYT0WQ+1IyxISSmBFOh+2M=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 12 Aug 2025 03:24:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 473 (0x1d9) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91EBA0E, serialNumber=926D9ADC6FB873D765BB41227280C1F11846EE17 Validity Not Before: Aug 5 03:24:45 2025 GMT Not After : Aug 12 03:24:44 2025 GMT Subject: CN=6891797d-80b3 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bf:14:e1:38:3e:90:80:95:14:f6:ac:36:41:68: d8:57:88:3b:cd:f9:49:18:c5:77:88:e7:4e:fe:bd: 1d:8d:98:80:45:80:87:35:a4:18:89:12:7b:8d:88: 3c:65:c3:16:35:67:79:e4:f5:94:69:10:4f:ed:9b: 99:a2:e3:86:23:46:94:11:41:fc:d9:15:f5:2c:5d: 70:ef:7a:fa:1e:c2:70:ff:43:71:25:42:62:16:51: 0d:cf:96:46:13:ea:6e:29:93:06:ba:ba:f5:1f:9e: 38:9b:49:42:42:5e:79:94:fb:ab:c6:99:f3:82:eb: c6:88:fa:b9:63:52:8d:2e:8f:37:b1:cb:bd:53:31: 0d:3c:11:3c:30:4e:11:5d:ef:b8:4d:f9:c4:24:a3: b6:55:dd:db:ea:82:f2:aa:44:17:75:29:3f:a7:2c: da:a9:22:70:54:b4:d5:80:7d:6a:a0:91:18:ad:e8: 11:d2:ae:ca:ef:38:b3:bc:12:18:2b:da:35:ca:f2: 15:2e:8f:e9:46:0e:24:8c:71:fc:73:f0:9a:af:16: 9e:03:1b:6c:22:14:5c:b8:a1:25:9a:25:37:59:29: 11:a1:d6:63:8c:ed:b9:ef:ed:6a:15:8f:d5:75:2c: b0:57:11:35:08:d9:24:3a:65:a3:24:7a:4c:13:ef: c2:27 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0A:0C:07:DC:21:2F:7F:E0:24:DA:06:73:73:3F:8B:82:0B:28:DA:A3 X509v3 Authority Key Identifier: keyid:92:6D:9A:DC:6F:B8:73:D7:65:BB:41:22:72:80:C1:F1:18:46:EE:17 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/km2a3G-4c9dlu0EicoDB8RhG7hc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91EBA0E/DBBED206C00511EDA255FA10C4F9AE02/km2a3G-4c9dlu0EicoDB8RhG7hc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c8:3f:5d:d1:25:98:93:30:77:75:4c:88:d9:a1:6a:e7:ec:fc: 48:3d:b5:07:29:2a:7c:45:13:66:8b:a6:78:79:e5:c8:05:ad: 32:36:1d:84:44:d7:e1:9d:53:5b:2a:46:79:32:8f:36:e4:0d: b4:98:ae:17:7a:e8:5b:a0:77:8a:64:ed:1e:7d:82:e4:11:dd: f4:44:e6:7f:af:38:e3:36:ef:1c:d6:f4:0b:da:d4:c6:cd:21: 3f:0b:c7:ef:77:e7:af:d8:e4:8a:f9:7d:32:f3:df:a4:e8:d6: d9:18:e7:1e:42:20:6c:66:ba:0d:70:66:4e:8e:22:53:3a:0a: 13:4c:a2:5b:d6:48:8c:fd:c2:c8:ef:e9:81:5f:95:db:ff:2e: 61:0f:21:10:b5:82:6d:0c:b1:0b:91:1f:a3:41:58:f5:e1:48: ef:c0:fe:ca:47:21:8d:33:39:69:92:69:5b:5d:5a:36:3f:69: 48:48:57:e7:46:72:c6:af:76:be:20:81:93:d3:c7:33:96:96: 8b:2c:c9:8f:30:68:ae:4a:82:5f:8f:97:4d:4b:ff:b6:0e:64: 68:4a:53:2c:70:e4:ee:38:55:af:6c:5a:7e:95:bc:1a:3a:12: f5:80:63:b7:fe:89:ff:95:b7:45:8f:46:d6:a7:8a:b4:ef:6c: 48:7e:f2:15 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAdkwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RUJBMEUxMTAvBgNVBAUTKDkyNkQ5QURDNkZCODczRDc2NUJCNDEyMjcyODBDMUYx MTg0NkVFMTcwHhcNMjUwODA1MDMyNDQ1WhcNMjUwODEyMDMyNDQ0WjAYMRYwFAYD VQQDEw02ODkxNzk3ZC04MGIzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvxThOD6QgJUU9qw2QWjYV4g7zflJGMV3iOdO/r0djZiARYCHNaQYiRJ7jYg8 ZcMWNWd55PWUaRBP7ZuZouOGI0aUEUH82RX1LF1w73r6HsJw/0NxJUJiFlENz5ZG E+puKZMGurr1H544m0lCQl55lPurxpnzguvGiPq5Y1KNLo83scu9UzENPBE8ME4R Xe+4TfnEJKO2Vd3b6oLyqkQXdSk/pyzaqSJwVLTVgH1qoJEYregR0q7K7zizvBIY K9o1yvIVLo/pRg4kjHH8c/CarxaeAxtsIhRcuKElmiU3WSkRodZjjO257+1qFY/V dSywVxE1CNkkOmWjJHpME+/CJwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAoMB9wh L3/gJNoGc3M/i4ILKNqjMB8GA1UdIwQYMBaAFJJtmtxvuHPXZbtBInKAwfEYRu4X MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFQkEwRS9EQkJFRDIwNkMw MDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5ZGx1MEVpY29EQjhSaEc3 aGMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2ttMmEzRy00YzlkbHUwRWljb0RCOFJoRzdoYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF QkEwRS9EQkJFRDIwNkMwMDUxMUVEQTI1NUZBMTBDNEY5QUUwMi9rbTJhM0ctNGM5 ZGx1MEVpY29EQjhSaEc3aGMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDIP13RJZiTMHd1TIjZoWrn7PxIPbUHKSp8RRNmi6Z4eeXIBa0yNh2E RNfhnVNbKkZ5Mo825A20mK4XeuhboHeKZO0efYLkEd30ROZ/rzjjNu8c1vQL2tTG zSE/C8fvd+ev2OSK+X0y89+k6NbZGOceQiBsZroNcGZOjiJTOgoTTKJb1kiM/cLI 7+mBX5Xb/y5hDyEQtYJtDLELkR+jQVj14UjvwP7KRyGNMzlpkmlbXVo2P2lISFfn RnLGr3a+IIGT08czlpaLLMmPMGiuSoJfj5dNS/+2DmRoSlMscOTuOFWvbFp+lbwa OhL1gGO3/on/lbdFj0bWp4q072xIfvIV -----END CERTIFICATE-----Generated at Wed Aug 6 12:33:52 2025 by rpki-client