$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: BuBVoqGNtGAxKOFkGO9kSc6xqDK4JRWheeTRBgF8YH0= Subject key identifier: 09:3A:09:ED:F4:24:89:E4:87:98:51:F6:F6:67:E0:9A:48:D4:8F:79 Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0E75 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0E6D Signing time: Thu 24 Jul 2025 17:51:41 +0000 Manifest this update: Thu 24 Jul 2025 17:51:40 +0000 Manifest next update: Thu 31 Jul 2025 17:51:40 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: yhm6tOE0ievGCLzbLzfbLlatDSoIgdvwfvcYjnG2ytg=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 31 Jul 2025 17:51:40 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3701 (0xe75) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Jul 24 17:51:40 2025 GMT Not After : Jul 31 17:51:40 2025 GMT Subject: CN=688272ad-4470 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:be:ce:d5:b5:10:0e:fc:20:72:99:e8:d0:8c:ac: 1e:f0:e3:1c:67:17:e9:70:bb:04:90:8e:da:6a:53: f8:47:2b:aa:fa:54:70:74:c4:c3:9d:74:2c:0d:fa: 88:dc:7d:6c:24:90:91:a9:fe:98:5a:66:40:f9:5f: 1e:1d:54:d9:8c:e2:55:b2:02:7d:fe:33:92:8b:73: 33:11:88:63:04:cf:e5:45:b7:f6:0b:1c:3e:39:b5: c9:2f:d2:d1:b1:34:4d:fd:61:c8:db:ab:01:e1:fe: c1:d1:ba:50:59:c6:ea:b8:d4:4f:74:fe:d2:a6:d6: 41:97:00:f0:7c:50:d8:a4:0f:c9:d2:d2:a1:34:64: 99:4c:86:aa:01:04:9e:96:60:9b:ae:15:2b:5e:03: 21:6b:3b:a9:af:b1:ec:dd:d1:e6:bf:24:f4:8a:69: 24:c7:b6:35:a2:18:f4:18:ad:50:87:38:8c:32:a6: 22:51:ae:ec:dd:5c:7d:c8:e6:3c:52:b5:8f:52:5a: d6:63:f3:ee:aa:95:08:47:8f:fb:3c:40:3f:ca:fc: d9:7a:35:5d:b3:64:cd:15:16:6f:d1:76:d3:c0:9a: 90:56:4c:62:cf:ea:cd:9f:e6:80:e3:13:b1:8c:f8: 6b:14:b7:bb:b2:d4:4c:43:0d:ef:7f:74:98:0f:eb: 79:ab Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 09:3A:09:ED:F4:24:89:E4:87:98:51:F6:F6:67:E0:9A:48:D4:8F:79 X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption b3:72:71:0a:02:81:7d:74:f4:38:f2:c8:c4:21:9d:c3:95:b3: 8b:3b:83:90:bb:2e:a1:62:ec:92:c5:a8:7d:df:4e:99:88:af: 8a:e3:4a:4a:b1:4a:3f:4e:66:16:be:ae:e0:92:d8:91:45:78: 14:30:a1:eb:bb:fd:b2:65:e5:5d:05:4e:aa:8b:90:a1:30:a5: e0:b8:75:23:39:e4:03:d9:4d:02:c5:8b:0f:8e:b8:d2:53:42: c8:c8:e2:b6:64:1e:91:eb:92:bd:74:bc:c8:90:ba:0c:47:e1: 0d:76:ed:c8:8d:9c:7c:64:f1:15:b1:4e:50:c5:d7:5e:e1:3f: 34:77:e9:f3:65:29:86:f5:99:8f:3c:72:0e:c9:6b:20:e0:52: 91:d5:51:b8:b0:40:13:16:27:e8:64:73:d6:2c:62:51:aa:47: 1a:e6:48:87:41:2a:6a:cc:df:16:bd:3b:42:9e:f1:f7:3d:04: c6:58:7c:41:0f:99:31:59:61:00:03:ee:17:a0:99:2f:74:86: 54:d8:df:32:9e:a5:c1:48:ee:30:ac:99:a6:ff:a4:54:8e:bc: 37:97:cf:c1:30:4a:aa:2d:4e:6e:8c:d5:6f:39:c4:95:00:92: 44:bc:90:94:8b:28:f7:4b:a4:1f:9a:75:4c:70:17:a0:6b:ca: f2:e5:db:97 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnUwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUwNzI0MTc1MTQwWhcNMjUwNzMxMTc1MTQwWjAYMRYwFAYD VQQDEw02ODgyNzJhZC00NDcwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvs7VtRAO/CBymejQjKwe8OMcZxfpcLsEkI7aalP4Ryuq+lRwdMTDnXQsDfqI 3H1sJJCRqf6YWmZA+V8eHVTZjOJVsgJ9/jOSi3MzEYhjBM/lRbf2Cxw+ObXJL9LR sTRN/WHI26sB4f7B0bpQWcbquNRPdP7SptZBlwDwfFDYpA/J0tKhNGSZTIaqAQSe lmCbrhUrXgMhazupr7Hs3dHmvyT0imkkx7Y1ohj0GK1QhziMMqYiUa7s3Vx9yOY8 UrWPUlrWY/PuqpUIR4/7PEA/yvzZejVds2TNFRZv0XbTwJqQVkxiz+rNn+aA4xOx jPhrFLe7stRMQw3vf3SYD+t5qwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAk6Ce30 JInkh5hR9vZn4JpI1I95MB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCzcnEKAoF9dPQ48sjEIZ3DlbOLO4OQuy6hYuySxah9306ZiK+K40pK sUo/TmYWvq7gktiRRXgUMKHru/2yZeVdBU6qi5ChMKXguHUjOeQD2U0CxYsPjrjS U0LIyOK2ZB6R65K9dLzIkLoMR+ENdu3IjZx8ZPEVsU5Qxdde4T80d+nzZSmG9ZmP PHIOyWsg4FKR1VG4sEATFifoZHPWLGJRqkca5kiHQSpqzN8WvTtCnvH3PQTGWHxB D5kxWWEAA+4XoJkvdIZU2N8ynqXBSO4wrJmm/6RUjrw3l8/BMEqqLU5ujNVvOcSV AJJEvJCUiyj3S6QfmnVMcBega8ry5duX -----END CERTIFICATE-----Generated at Fri Jul 25 04:04:35 2025 by rpki-client