$ rpki-client -vvf rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft File: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft (raw, json) Hash identifier: xnS8oGMxSO8HTXnExW2RYQ6uzCEkMJVJ5wC5rRgfqcA= Subject key identifier: 9D:61:F1:26:1F:00:D1:2A:43:04:02:A3:A1:40:DC:8B:57:AD:4D:4F Authority key identifier: 91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 Certificate issuer: /CN=A91478C3/serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Certificate serial: 0E74 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft Manifest number: 0E6C Signing time: Tue 22 Jul 2025 17:52:28 +0000 Manifest this update: Tue 22 Jul 2025 17:52:27 +0000 Manifest next update: Tue 29 Jul 2025 17:52:27 +0000 Files and hashes: 1: kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl (hash: hKT1bqScRv9NQGu+Gu119bV9JHKQc9p74vjgmsyTzy8=) 2: 36477FF69D2E11E99A95DC2AC4F9AE02.roa (hash: ZyYqi6bXWhaxHbfmn8t7NJwcl5ydCuydY4LMtE+EeW4=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 17:52:27 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3700 (0xe74) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91478C3, serialNumber=912AB39FC7BBCBEF1CF267E9D3F719C9A4F0A114 Validity Not Before: Jul 22 17:52:27 2025 GMT Not After : Jul 29 17:52:27 2025 GMT Subject: CN=687fcfdb-ffa1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:cf:00:77:bc:e2:8a:b3:07:de:32:ca:bd:a3:c3: 1d:6c:66:c5:3b:c3:bf:d1:1d:e2:92:05:0e:c5:09: 1e:8e:6b:f5:b1:27:1b:92:94:0b:53:be:c0:83:80: 01:00:a8:ee:6b:15:c8:ec:0b:be:2c:5f:35:d6:56: 72:b5:dc:bf:93:a3:31:3e:d8:eb:14:8c:db:62:dd: fc:d0:29:72:60:2e:5e:22:f9:9a:e5:4a:94:e3:b3: 46:93:4a:16:a8:8c:f3:62:96:a7:d5:34:14:a2:cf: 39:40:95:12:31:26:fd:9e:88:31:e6:af:68:df:cc: 68:2f:35:5d:41:06:43:f6:c5:63:01:3d:88:83:a9: e2:3a:ca:ed:df:fa:01:14:66:8c:b9:a6:dc:16:d2: 80:e0:59:91:72:53:25:42:9b:9a:55:28:20:1e:6c: b1:c1:11:a8:61:89:28:61:7c:50:73:b9:ff:95:d2: 7f:2e:4b:76:5a:73:03:0f:d9:88:a2:ca:e4:34:1f: 1e:bb:c4:10:38:ba:2c:58:f6:09:10:3f:b1:2c:4e: c8:56:0f:98:ea:af:f8:28:b0:11:31:c8:5b:4a:dd: 8e:97:46:1d:82:10:e6:4b:d8:f7:28:b2:d4:fe:2f: 3d:39:5c:d0:12:df:79:b3:42:e3:29:2b:a4:40:3b: 73:61 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 9D:61:F1:26:1F:00:D1:2A:43:04:02:A3:A1:40:DC:8B:57:AD:4D:4F X509v3 Authority Key Identifier: keyid:91:2A:B3:9F:C7:BB:CB:EF:1C:F2:67:E9:D3:F7:19:C9:A4:F0:A1:14 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91478C3/E3D9194C9D2C11E980221829C4F9AE02/kSqzn8e7y-8c8mfp0_cZyaTwoRQ.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 03:52:79:d9:78:73:c3:d3:62:da:e0:fc:83:d3:d7:cc:54:f4: ec:a9:1e:6f:da:13:18:0d:c2:c5:63:0f:68:6d:87:f6:7a:29: 7c:d6:b7:c2:12:dc:ff:8b:a1:77:38:b6:83:e0:4f:a6:90:2d: 47:6e:21:45:97:94:2a:a7:16:f9:b0:07:eb:38:63:d9:a1:35: 7c:41:34:bd:80:2e:41:3f:01:18:11:c1:99:dd:23:80:f7:d3: 84:83:0e:9f:e6:94:64:13:31:f3:f3:f5:ea:be:e2:f2:f5:d9: b2:0b:34:ae:dc:3d:22:af:84:e5:fd:4b:10:28:e1:8e:fb:7b: 30:28:84:a5:e1:33:69:75:53:5f:7a:6f:20:28:d8:74:59:4e: a8:d4:74:17:a0:89:5b:ed:e8:88:04:82:d2:fe:3f:a5:a0:b6: 9d:6f:df:84:4f:35:b3:cf:f0:3b:29:af:af:eb:dc:31:9b:b1: a7:4b:fe:db:77:9a:bd:b4:da:5a:4b:d7:a7:67:15:80:41:29: b9:3a:bb:f3:1c:5c:26:78:41:e6:16:70:53:cb:88:b6:45:f0: a2:63:16:6e:88:93:9e:3e:2b:c8:21:76:eb:bd:03:da:ea:37: 61:0c:4c:02:09:21:e2:0d:55:9f:14:04:2c:50:ca:d8:99:cf: 58:d6:eb:c6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDnQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDc4QzMxMTAvBgNVBAUTKDkxMkFCMzlGQzdCQkNCRUYxQ0YyNjdFOUQzRjcxOUM5 QTRGMEExMTQwHhcNMjUwNzIyMTc1MjI3WhcNMjUwNzI5MTc1MjI3WjAYMRYwFAYD VQQDEw02ODdmY2ZkYi1mZmExMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzwB3vOKKswfeMsq9o8MdbGbFO8O/0R3ikgUOxQkejmv1sScbkpQLU77Ag4AB AKjuaxXI7Au+LF811lZytdy/k6MxPtjrFIzbYt380ClyYC5eIvma5UqU47NGk0oW qIzzYpan1TQUos85QJUSMSb9nogx5q9o38xoLzVdQQZD9sVjAT2Ig6niOsrt3/oB FGaMuabcFtKA4FmRclMlQpuaVSggHmyxwRGoYYkoYXxQc7n/ldJ/Lkt2WnMDD9mI osrkNB8eu8QQOLosWPYJED+xLE7IVg+Y6q/4KLARMchbSt2Ol0YdghDmS9j3KLLU /i89OVzQEt95s0LjKSukQDtzYQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFJ1h8SYf ANEqQwQCo6FA3ItXrU1PMB8GA1UdIwQYMBaAFJEqs5/Hu8vvHPJn6dP3Gcmk8KEU MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0NzhDMy9FM0Q5MTk0QzlE MkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3ktOGM4bWZwMF9jWnlhVHdv UlEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tTcXpuOGU3eS04YzhtZnAwX2NaeWFUd29SUS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 NzhDMy9FM0Q5MTk0QzlEMkMxMUU5ODAyMjE4MjlDNEY5QUUwMi9rU3F6bjhlN3kt OGM4bWZwMF9jWnlhVHdvUlEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQADUnnZeHPD02La4PyD09fMVPTsqR5v2hMYDcLFYw9obYf2eil81rfC Etz/i6F3OLaD4E+mkC1HbiFFl5Qqpxb5sAfrOGPZoTV8QTS9gC5BPwEYEcGZ3SOA 99OEgw6f5pRkEzHz8/XqvuLy9dmyCzSu3D0ir4Tl/UsQKOGO+3swKISl4TNpdVNf em8gKNh0WU6o1HQXoIlb7eiIBILS/j+loLadb9+ETzWzz/A7Ka+v69wxm7GnS/7b d5q9tNpaS9enZxWAQSm5OrvzHFwmeEHmFnBTy4i2RfCiYxZuiJOePivIIXbrvQPa 6jdhDEwCCSHiDVWfFAQsUMrYmc9Y1uvG -----END CERTIFICATE-----Generated at Thu Jul 24 03:58:40 2025 by rpki-client