$ rpki-client -vvf rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft File: kDo4Q2eaCxBdykhcPWSPPREnL7c.mft (raw, json) Hash identifier: MSEAfRnglsZhE+sLmhJy+OPFGtptG3foZul8wCnjDTs= Subject key identifier: A3:32:7A:41:C8:19:29:9E:85:B7:8A:0B:1A:C0:C0:E9:D4:D1:95:DD Authority key identifier: 90:3A:38:43:67:9A:0B:10:5D:CA:48:5C:3D:64:8F:3D:11:27:2F:B7 Certificate issuer: /CN=A914E488/serialNumber=903A3843679A0B105DCA485C3D648F3D11272FB7 Certificate serial: 025E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDo4Q2eaCxBdykhcPWSPPREnL7c.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft Manifest number: 025A Signing time: Wed 23 Jul 2025 02:16:14 +0000 Manifest this update: Wed 23 Jul 2025 02:16:13 +0000 Manifest next update: Wed 30 Jul 2025 02:16:13 +0000 Files and hashes: 1: kDo4Q2eaCxBdykhcPWSPPREnL7c.crl (hash: tkaRzQtFK62ttpLUZhXMQBa9C1ocueF7+wu7BsQbwak=) 2: 606EB6AE240911EDBFA59C27C4F9AE02.roa (hash: NNo4SAwO23W3h7iwFhvtQVGgAhn5LQhxSRbEa+xKr7I=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.crl rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDo4Q2eaCxBdykhcPWSPPREnL7c.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 30 Jul 2025 02:16:13 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 606 (0x25e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914E488, serialNumber=903A3843679A0B105DCA485C3D648F3D11272FB7 Validity Not Before: Jul 23 02:16:13 2025 GMT Not After : Jul 30 02:16:13 2025 GMT Subject: CN=688045ee-8052 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b4:7e:44:35:fe:3a:9a:a4:72:a2:94:6d:f7:b8: 20:b9:88:b6:12:fd:ec:be:e8:87:68:c8:cf:5d:ac: 92:3e:e1:e2:90:7f:ac:13:33:a0:c7:bc:d5:05:8a: 57:ca:15:49:b3:eb:45:8d:3a:62:c4:67:f5:df:0f: 89:02:5a:05:98:e5:27:ad:a9:db:17:94:6b:0c:db: a2:93:ea:77:6a:c4:84:fe:b5:40:1b:51:6e:f8:e0: db:fc:54:f4:a4:3e:1a:66:b1:f3:91:32:c4:a0:63: 64:59:7e:8d:03:cd:cd:81:48:8e:9d:6f:14:52:c0: 9c:77:33:55:ac:1b:42:00:ab:d7:7e:b9:c3:06:07: 5f:fc:33:68:38:bf:a3:72:21:e1:5b:64:b6:ba:9f: bf:96:f5:7a:27:22:cd:fb:9b:16:86:4d:b9:65:3e: 9f:ed:da:7a:a9:d6:3a:19:6e:cf:f7:26:1c:46:29: 80:1d:5d:6b:1f:d8:73:37:57:e7:64:45:6c:27:e7: f4:ca:ab:ad:f6:be:ad:d2:25:e6:29:b9:13:b5:cd: 90:a9:5f:f7:87:17:dd:1b:88:d2:e9:b0:d5:6b:29: 76:14:50:26:8c:0e:d6:b1:d9:2a:81:aa:b0:b9:0d: 12:99:b9:35:c4:6c:5e:53:75:2e:1b:84:10:49:49: 3b:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A3:32:7A:41:C8:19:29:9E:85:B7:8A:0B:1A:C0:C0:E9:D4:D1:95:DD X509v3 Authority Key Identifier: keyid:90:3A:38:43:67:9A:0B:10:5D:CA:48:5C:3D:64:8F:3D:11:27:2F:B7 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDo4Q2eaCxBdykhcPWSPPREnL7c.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914E488/F88698CA240511EDB987B823C4F9AE02/kDo4Q2eaCxBdykhcPWSPPREnL7c.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 72:b6:ba:0a:f5:62:cc:2a:0c:89:ee:37:ba:55:2b:ea:70:b8: 66:99:96:af:61:77:31:cf:96:b7:e6:d3:38:5a:d9:56:6a:a9: d6:56:02:df:4c:2b:94:39:8b:27:c4:94:3f:6c:11:0a:db:e7: a1:1d:ca:5a:45:db:6f:96:ff:9b:d0:8d:10:c4:15:70:81:93: 80:f0:19:02:0c:e2:59:a0:09:79:e9:c2:b5:d5:cf:1b:42:29: 07:e9:ea:ec:f8:90:fb:99:94:22:92:ee:6a:ab:cb:7e:6a:65: a7:ff:61:9f:d0:a9:09:11:fa:cd:9b:39:f9:31:4a:af:78:ab: fa:d2:fd:98:e4:31:e6:9d:ec:92:0d:60:e9:4d:ad:72:f7:e2: f3:52:21:0d:62:84:3a:32:c7:15:7f:23:16:18:20:55:88:a7: 5c:28:86:9d:69:4b:7b:be:82:6d:c7:22:45:5a:02:a4:7a:2e: 56:bc:35:a0:28:b8:69:19:a0:55:de:29:8d:63:37:47:c5:c3: f6:cf:2d:49:c9:15:9f:10:96:86:e4:50:f5:5a:e3:81:b4:0d: 2e:ff:b4:c3:7a:1e:93:dc:a4:a7:46:a7:07:63:eb:86:9b:b6: e6:41:43:ad:f3:3e:16:f5:51:2f:9c:87:a6:52:ab:b5:4d:89: 9d:91:63:64 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAl4wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEU0ODgxMTAvBgNVBAUTKDkwM0EzODQzNjc5QTBCMTA1RENBNDg1QzNENjQ4RjNE MTEyNzJGQjcwHhcNMjUwNzIzMDIxNjEzWhcNMjUwNzMwMDIxNjEzWjAYMRYwFAYD VQQDEw02ODgwNDVlZS04MDUyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtH5ENf46mqRyopRt97gguYi2Ev3svuiHaMjPXaySPuHikH+sEzOgx7zVBYpX yhVJs+tFjTpixGf13w+JAloFmOUnranbF5RrDNuik+p3asSE/rVAG1Fu+ODb/FT0 pD4aZrHzkTLEoGNkWX6NA83NgUiOnW8UUsCcdzNVrBtCAKvXfrnDBgdf/DNoOL+j ciHhW2S2up+/lvV6JyLN+5sWhk25ZT6f7dp6qdY6GW7P9yYcRimAHV1rH9hzN1fn ZEVsJ+f0yqut9r6t0iXmKbkTtc2QqV/3hxfdG4jS6bDVayl2FFAmjA7Wsdkqgaqw uQ0Smbk1xGxeU3UuG4QQSUk7vwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKMyekHI GSmehbeKCxrAwOnU0ZXdMB8GA1UdIwQYMBaAFJA6OENnmgsQXcpIXD1kjz0RJy+3 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RTQ4OC9GODg2OThDQTI0 MDUxMUVEQjk4N0I4MjNDNEY5QUUwMi9rRG80UTJlYUN4QmR5a2hjUFdTUFBSRW5M N2MuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tEbzRRMmVhQ3hCZHlraGNQV1NQUFJFbkw3Yy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RTQ4OC9GODg2OThDQTI0MDUxMUVEQjk4N0I4MjNDNEY5QUUwMi9rRG80UTJlYUN4 QmR5a2hjUFdTUFBSRW5MN2MubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBytroK9WLMKgyJ7je6VSvqcLhmmZavYXcxz5a35tM4WtlWaqnWVgLf TCuUOYsnxJQ/bBEK2+ehHcpaRdtvlv+b0I0QxBVwgZOA8BkCDOJZoAl56cK11c8b QikH6ers+JD7mZQiku5qq8t+amWn/2Gf0KkJEfrNmzn5MUqveKv60v2Y5DHmneyS DWDpTa1y9+LzUiENYoQ6MscVfyMWGCBViKdcKIadaUt7voJtxyJFWgKkei5WvDWg KLhpGaBV3imNYzdHxcP2zy1JyRWfEJaG5FD1WuOBtA0u/7TDeh6T3KSnRqcHY+uG m7bmQUOt8z4W9VEvnIemUqu1TYmdkWNk -----END CERTIFICATE-----Generated at Thu Jul 24 05:02:10 2025 by rpki-client