$ rpki-client -vvf rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft File: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft (raw, json) Hash identifier: 81UMGDePfo9sdEawqM5suxM0h91Qa/zjXoyZBaqLiVo= Subject key identifier: 05:6B:61:48:94:23:15:AE:D7:E3:59:8C:F3:46:C8:6A:B5:6B:95:B7 Authority key identifier: 29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 Certificate issuer: /CN=A914F521/serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Certificate serial: 0DD4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer Subject info access: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft Manifest number: 0DB7 Signing time: Sun 20 Jul 2025 17:57:17 +0000 Manifest this update: Sun 20 Jul 2025 17:57:16 +0000 Manifest next update: Sun 27 Jul 2025 17:57:16 +0000 Files and hashes: 1: KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl (hash: aYAoP+XBrmUXHIKM0K23KkSzWVjW+vc132jFKu84z48=) 2: 757320342E4011EEBC464879C4F9AE02.roa (hash: P37lIdcSAoW+RqsdCkFvhSnyXLO3TfyFSiBj1G2ZldU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 17:57:16 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 3540 (0xdd4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A914F521, serialNumber=2976876753D65562A7CA85E3E9E8DF750797C948 Validity Not Before: Jul 20 17:57:16 2025 GMT Not After : Jul 27 17:57:16 2025 GMT Subject: CN=687d2dfc-7389 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d5:f1:6c:7d:c8:f7:80:b1:bb:ee:89:78:e3:7e: d2:c8:a1:92:9a:2c:f1:94:c9:90:15:fa:1d:c0:15: cb:39:6c:70:97:d1:53:88:38:fd:48:3c:45:b8:32: 68:3b:99:f3:27:d4:61:8e:8f:d4:15:52:b8:14:a7: 99:30:72:10:cc:fe:d0:79:fc:f2:f1:80:61:9e:1d: 37:d1:06:ab:30:4b:9d:fe:46:0f:fb:03:02:e6:61: 5c:8a:bc:f7:3f:54:90:c8:64:4d:e2:f4:92:ad:92: 7a:9e:25:2d:66:10:29:a8:c5:9f:e5:e4:c3:dc:48: aa:40:03:da:a8:c9:49:9e:30:a6:1d:51:90:0e:16: f1:2b:47:84:b1:6e:c4:ea:51:f8:8f:a4:c6:8a:3b: 94:c3:ce:2b:88:7b:93:7b:ce:31:ad:9d:d3:41:52: 51:98:d7:a0:db:49:78:00:3e:15:ab:82:c9:4a:62: 10:c0:01:fa:24:75:82:5e:51:5e:b5:cf:77:d5:c9: f5:59:a4:fa:7a:63:83:54:83:9a:e6:1e:ca:2b:67: 6c:31:0c:8c:2f:a4:a0:2e:08:56:cd:fb:bb:0e:bf: 10:4b:be:2c:bc:3a:60:0e:9c:e3:89:00:93:a8:9e: ab:6d:8f:aa:65:5c:b1:8a:c6:5c:0a:a4:fe:cb:21: 46:e9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 05:6B:61:48:94:23:15:AE:D7:E3:59:8C:F3:46:C8:6A:B5:6B:95:B7 X509v3 Authority Key Identifier: keyid:29:76:87:67:53:D6:55:62:A7:CA:85:E3:E9:E8:DF:75:07:97:C9:48 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A914F521/21658820C67E11E9AF3BA765C4F9AE02/KXaHZ1PWVWKnyoXj6ejfdQeXyUg.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption bc:34:1b:aa:c5:1c:b5:d6:54:b3:97:25:6e:85:e9:ad:14:d6: d5:56:04:28:02:1d:85:32:94:4c:01:30:21:9e:f1:6d:e1:fe: a6:a3:70:3d:24:46:af:33:71:0f:a7:bc:de:08:ce:67:14:d7: bc:c7:1d:e7:f3:d8:6d:34:52:46:64:0c:f9:7d:31:f9:2d:67: fc:16:1c:c5:67:02:3e:25:8c:9e:34:32:00:a5:aa:6c:50:ff: 6e:70:75:f5:ed:96:85:5c:d6:a5:09:b6:58:c3:dd:bd:d7:d0: 1e:b0:6f:b0:b0:53:29:90:99:44:d9:ea:5c:c3:dc:f2:59:34: 83:d5:10:67:d0:c8:b6:04:97:9d:fd:e2:f5:72:b4:5d:22:f6: 7c:3f:42:7d:bf:4c:87:a0:61:1d:5c:cd:46:70:97:e7:79:dc: cf:10:90:d6:91:7f:d0:cb:40:ef:2a:c2:f1:c5:c7:e3:d4:f6: 94:fe:11:b9:d4:6f:0d:cd:83:40:b0:0e:d4:e8:d3:2e:e9:f7: bb:dd:28:67:6f:51:61:a2:6f:0b:53:5e:d7:87:dd:8e:97:d0: b8:59:76:5a:de:23:5c:f4:25:c7:92:72:3b:9b:67:90:7c:7b: f2:a9:0a:05:e0:f0:01:02:b7:f4:d7:0d:ed:69:94:4d:0a:0e: 0c:d4:f3:c9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICDdQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NEY1MjExMTAvBgNVBAUTKDI5NzY4NzY3NTNENjU1NjJBN0NBODVFM0U5RThERjc1 MDc5N0M5NDgwHhcNMjUwNzIwMTc1NzE2WhcNMjUwNzI3MTc1NzE2WjAYMRYwFAYD VQQDEw02ODdkMmRmYy03Mzg5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA1fFsfcj3gLG77ol4437SyKGSmizxlMmQFfodwBXLOWxwl9FTiDj9SDxFuDJo O5nzJ9Rhjo/UFVK4FKeZMHIQzP7Qefzy8YBhnh030QarMEud/kYP+wMC5mFcirz3 P1SQyGRN4vSSrZJ6niUtZhApqMWf5eTD3EiqQAPaqMlJnjCmHVGQDhbxK0eEsW7E 6lH4j6TGijuUw84riHuTe84xrZ3TQVJRmNeg20l4AD4Vq4LJSmIQwAH6JHWCXlFe tc931cn1WaT6emODVIOa5h7KK2dsMQyML6SgLghWzfu7Dr8QS74svDpgDpzjiQCT qJ6rbY+qZVyxisZcCqT+yyFG6QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFAVrYUiU IxWu1+NZjPNGyGq1a5W3MB8GA1UdIwQYMBaAFCl2h2dT1lVip8qF4+no33UHl8lI MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0RjUyMS8yMTY1ODgyMEM2 N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZXS255b1hqNmVqZmRRZVh5 VWcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYYUhaMVBXVldLbnlvWGo2ZWpmZFFlWHlVZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 RjUyMS8yMTY1ODgyMEM2N0UxMUU5QUYzQkE3NjVDNEY5QUUwMi9LWGFIWjFQV1ZX S255b1hqNmVqZmRRZVh5VWcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC8NBuqxRy11lSzlyVuhemtFNbVVgQoAh2FMpRMATAhnvFt4f6mo3A9 JEavM3EPp7zeCM5nFNe8xx3n89htNFJGZAz5fTH5LWf8FhzFZwI+JYyeNDIApaps UP9ucHX17ZaFXNalCbZYw92919AesG+wsFMpkJlE2epcw9zyWTSD1RBn0Mi2BJed /eL1crRdIvZ8P0J9v0yHoGEdXM1GcJfnedzPEJDWkX/Qy0DvKsLxxcfj1PaU/hG5 1G8NzYNAsA7U6NMu6fe73Shnb1Fhom8LU17Xh92Ol9C4WXZa3iNc9CXHknI7m2eQ fHvyqQoF4PABArf01w3taZRNCg4M1PPJ -----END CERTIFICATE-----Generated at Mon Jul 21 13:24:53 2025 by rpki-client