$ rpki-client -vvf rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft File: kBqfnorkBi5SGbdlLY6f7n7FrjM.mft (raw, json) Hash identifier: e57n1k3CgO23+vFx7xdmbR4VwwWS+nbVAcZHMiknW7g= Subject key identifier: 6A:03:EF:23:98:73:A2:14:16:77:86:60:D1:E2:0B:80:82:85:37:36 Authority key identifier: 90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 Certificate issuer: /CN=A91F2CE7/serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Certificate serial: BC Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft Manifest number: BA Signing time: Sat 09 Aug 2025 06:19:11 +0000 Manifest this update: Sat 09 Aug 2025 06:19:11 +0000 Manifest next update: Sat 16 Aug 2025 06:19:11 +0000 Files and hashes: 1: kBqfnorkBi5SGbdlLY6f7n7FrjM.crl (hash: vbZYsAWsk2fLC8lfKPRw2OxbzilvNgFoLwA7cQpc2No=) 2: B377200E5ADD11EF9A462440C4F9AE02.roa (hash: ku0nQgImAfjqlfmOWSwIKN/zsrk6kYnMycZSjI2lh3o=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 14 Aug 2025 05:57:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 188 (0xbc) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91F2CE7, serialNumber=901A9F9E8AE4062E5219B7652D8E9FEE7EC5AE33 Validity Not Before: Aug 9 06:19:11 2025 GMT Not After : Aug 16 06:19:11 2025 GMT Subject: CN=6896e85f-af92 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a0:14:9d:a0:68:38:eb:91:de:1c:a8:31:d9:9c: 18:ff:49:c8:e1:c0:1a:c6:c3:23:7f:4e:8b:80:1f: d6:3c:4c:e4:09:61:6d:95:5d:18:20:e2:d3:fa:d2: 79:9a:60:5a:0a:d3:9a:7b:09:18:25:36:70:22:4c: 61:25:29:15:6c:f9:07:dd:74:6d:5a:e8:b3:86:61: 6f:6e:05:92:4a:81:69:fa:d4:18:ce:a9:1e:db:fb: bf:99:72:32:1e:5c:f9:24:47:97:c0:eb:83:9c:58: 5e:08:4a:85:13:ff:75:08:78:ab:76:8f:08:ba:f6: e6:d9:17:01:36:34:3d:a6:6a:de:ca:bf:43:af:98: 0d:f7:d5:30:27:56:72:6d:16:40:27:b9:c2:d3:8f: e1:9a:8a:fa:ed:ff:e0:26:2a:8b:94:95:e1:92:00: 36:0a:85:ae:35:f6:57:97:cb:17:b0:9e:af:eb:0b: 9b:f4:24:d7:76:ee:1e:5a:97:d9:6c:e7:54:82:cd: f5:50:a7:61:c3:44:94:f9:4d:69:00:4d:2d:db:54: 4d:21:b1:fe:b1:7e:b4:71:86:42:12:26:77:05:28: 86:b7:72:66:d6:28:22:09:cf:a4:62:0c:f0:84:17: 3a:d9:87:1f:6f:36:b0:4f:25:ef:6d:c8:2b:e1:d7: 07:c3 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6A:03:EF:23:98:73:A2:14:16:77:86:60:D1:E2:0B:80:82:85:37:36 X509v3 Authority Key Identifier: keyid:90:1A:9F:9E:8A:E4:06:2E:52:19:B7:65:2D:8E:9F:EE:7E:C5:AE:33 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kBqfnorkBi5SGbdlLY6f7n7FrjM.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91F2CE7/72F75B985ADD11EF812C923FC4F9AE02/kBqfnorkBi5SGbdlLY6f7n7FrjM.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:b4:98:37:e6:2d:b4:f2:76:cf:bf:75:04:d0:b7:dd:a1:0a: 22:98:f8:68:c0:52:66:48:8b:d4:fa:7d:4c:57:37:e2:64:f7: 19:46:ad:d1:84:d8:d8:a8:50:3d:bb:fd:a1:2a:48:62:4b:da: ba:53:89:bc:f6:f7:eb:be:3b:6b:af:ed:4b:3b:59:b2:63:bd: f4:44:4e:c0:03:32:ac:7a:ca:d8:02:3d:af:f0:1a:a1:14:7c: 05:77:b7:98:e3:66:f2:64:5d:3a:4e:56:72:44:08:36:f9:ca: ea:4b:67:26:82:2a:dc:4d:7f:20:16:78:30:72:f8:98:4f:bc: 48:dd:a3:e9:81:3f:6c:a9:e1:fe:5b:83:69:72:27:26:42:ec: 9e:ce:c5:4f:dc:04:85:a6:69:fb:dc:d0:3d:ac:67:8c:e9:a1: d7:aa:3a:a5:b0:73:aa:3c:11:de:45:0e:45:3b:2e:03:5a:70: 71:a8:f3:3b:4d:22:e8:68:8e:54:a3:01:8d:58:90:0b:87:87: 38:fb:df:3c:19:94:46:56:2e:c0:b9:20:ed:a9:07:6e:c6:b4: a6:f5:ae:d8:20:3d:9e:fb:a1:12:8d:27:07:a1:cf:0d:8d:b1: a0:15:2f:26:ba:41:ce:f3:54:0b:34:ac:a8:ef:4b:f0:7a:62: c6:93:dc:46 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICALwwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RjJDRTcxMTAvBgNVBAUTKDkwMUE5RjlFOEFFNDA2MkU1MjE5Qjc2NTJEOEU5RkVF N0VDNUFFMzMwHhcNMjUwODA5MDYxOTExWhcNMjUwODE2MDYxOTExWjAYMRYwFAYD VQQDEw02ODk2ZTg1Zi1hZjkyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAoBSdoGg465HeHKgx2ZwY/0nI4cAaxsMjf06LgB/WPEzkCWFtlV0YIOLT+tJ5 mmBaCtOaewkYJTZwIkxhJSkVbPkH3XRtWuizhmFvbgWSSoFp+tQYzqke2/u/mXIy Hlz5JEeXwOuDnFheCEqFE/91CHirdo8Iuvbm2RcBNjQ9pmreyr9Dr5gN99UwJ1Zy bRZAJ7nC04/hmor67f/gJiqLlJXhkgA2CoWuNfZXl8sXsJ6v6wub9CTXdu4eWpfZ bOdUgs31UKdhw0SU+U1pAE0t21RNIbH+sX60cYZCEiZ3BSiGt3Jm1igiCc+kYgzw hBc62YcfbzawTyXvbcgr4dcHwwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGoD7yOY c6IUFneGYNHiC4CChTc2MB8GA1UdIwQYMBaAFJAan56K5AYuUhm3ZS2On+5+xa4z MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFGMkNFNy83MkY3NUI5ODVB REQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0JpNVNHYmRsTFk2ZjduN0Zy ak0uY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tCcWZub3JrQmk1U0diZGxMWTZmN243RnJqTS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFG MkNFNy83MkY3NUI5ODVBREQxMUVGODEyQzkyM0ZDNEY5QUUwMi9rQnFmbm9ya0Jp NVNHYmRsTFk2ZjduN0Zyak0ubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMtJg35i208nbPv3UE0LfdoQoimPhowFJmSIvU+n1MVzfiZPcZRq3R hNjYqFA9u/2hKkhiS9q6U4m89vfrvjtrr+1LO1myY730RE7AAzKsesrYAj2v8Bqh FHwFd7eY42byZF06TlZyRAg2+crqS2cmgircTX8gFngwcviYT7xI3aPpgT9sqeH+ W4NpcicmQuyezsVP3ASFpmn73NA9rGeM6aHXqjqlsHOqPBHeRQ5FOy4DWnBxqPM7 TSLoaI5UowGNWJALh4c4+988GZRGVi7AuSDtqQduxrSm9a7YID2e+6ESjScHoc8N jbGgFS8mukHO81QLNKyo70vwemLGk9xG -----END CERTIFICATE-----Generated at Sun Aug 10 13:54:19 2025 by rpki-client