$ rpki-client -vvf rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft File: KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft (raw, json) Hash identifier: d2oA5lkJr28vx8hfFyXcOqB9Bjb3L58sPIwor0XI4TA= Subject key identifier: 13:A3:67:96:C2:00:70:10:C0:12:E1:59:EA:42:F2:13:84:50:6B:19 Authority key identifier: 28:75:29:DC:20:CA:0E:CE:95:A7:A5:56:E1:0B:CD:FD:72:37:D8:D8 Certificate issuer: /CN=A91602ED/serialNumber=287529DC20CA0ECE95A7A556E10BCDFD7237D8D8 Certificate serial: 0690 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft Manifest number: 068A Signing time: Fri 18 Jul 2025 22:34:01 +0000 Manifest this update: Fri 18 Jul 2025 22:34:01 +0000 Manifest next update: Fri 25 Jul 2025 22:34:01 +0000 Files and hashes: 1: KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl (hash: TWhV7eIAxfqhIYZQfqEK9hdaMRmREyRMDFZYXAV2EXg=) 2: 7883418E943A11EBB6706530C4F9AE02.roa (hash: TnZM67noo4lbQHfXpAgCtw+JAFkneMpGmuhyQRw2ydg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 25 Jul 2025 22:34:00 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1680 (0x690) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91602ED, serialNumber=287529DC20CA0ECE95A7A556E10BCDFD7237D8D8 Validity Not Before: Jul 18 22:34:01 2025 GMT Not After : Jul 25 22:34:01 2025 GMT Subject: CN=687acbd9-d012 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:ce:ef:02:ec:3b:1d:c8:a5:d3:42:7e:34:de: 36:a4:c8:22:08:9e:a6:e4:af:34:3d:c1:a0:df:2f: a8:2c:26:35:93:86:fa:59:e7:84:bf:86:1e:64:06: 9d:05:ff:01:3e:a1:cb:df:13:99:60:ec:cb:c6:87: ca:cb:27:ac:7a:54:3d:aa:82:45:c9:05:ea:35:ca: b7:d3:71:6b:e1:a2:da:b3:de:88:31:b3:d0:93:96: 27:6e:2e:e3:94:c2:2d:16:3f:ba:45:01:29:cd:84: 30:3a:13:da:98:a1:59:6d:41:df:63:6c:7a:f8:88: 23:08:4a:f6:9c:7c:7b:aa:84:6a:d9:0d:80:d1:1a: 78:ec:40:99:15:35:20:83:45:a0:0c:69:e1:7e:8d: 3b:2c:45:db:fe:35:89:63:37:7f:b0:83:22:f5:18: a2:1f:23:ce:f0:cc:51:77:20:e4:a8:8c:7e:c6:78: 0a:fd:08:ac:43:6f:68:2a:28:0a:08:4e:cb:ba:5e: 2d:d9:38:73:cb:f6:c2:68:13:1b:24:84:19:9b:f5: a1:9a:97:ed:62:4c:07:4c:6c:6c:55:44:be:12:f6: f5:cd:cb:2a:71:bb:5e:02:f7:60:de:fe:89:c6:f2: f7:8f:86:49:f4:ce:e0:05:73:ea:bb:a3:ff:60:8f: 5f:6f Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 13:A3:67:96:C2:00:70:10:C0:12:E1:59:EA:42:F2:13:84:50:6B:19 X509v3 Authority Key Identifier: keyid:28:75:29:DC:20:CA:0E:CE:95:A7:A5:56:E1:0B:CD:FD:72:37:D8:D8 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91602ED/167BC63C7C1B11EB9F3F3C65C4F9AE02/KHUp3CDKDs6Vp6VW4QvN_XI32Ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 4c:22:57:d9:db:39:8b:04:9a:28:7e:2d:8c:d1:f1:3d:58:4a: f6:06:cd:18:e2:c4:73:59:67:1f:2e:4f:cb:41:c5:b8:d9:f4: 5b:42:2c:1c:31:3d:39:35:b7:ee:55:ff:a2:b3:5c:66:90:ea: 18:91:d9:5a:d3:33:6f:52:9c:b3:26:b4:f9:db:d4:a7:34:91: 22:b4:36:30:36:38:99:00:a9:f5:c8:37:b8:15:de:00:73:4e: 92:d0:58:8d:94:ee:f8:36:d9:27:2c:38:d0:16:36:d2:0f:2f: b3:55:93:2b:f4:ed:03:d1:8c:4b:9b:aa:53:27:3b:28:9a:4b: 86:c4:6a:de:f4:a6:6a:8e:65:ed:f9:26:35:fd:87:b4:36:cf: 17:38:22:30:86:d8:ee:e0:6f:3d:b1:5f:c7:ee:59:f0:8a:de: cc:60:60:00:3a:2c:48:a8:31:4e:bc:53:22:66:05:4f:ac:29: 7c:15:17:31:b7:97:85:6d:08:07:7e:b8:e2:f4:bd:7e:1e:af: 9b:e0:43:9e:be:86:58:64:ba:12:b0:dc:3d:99:08:10:ca:30: ef:f9:b7:ee:c2:d1:79:39:6d:ee:fb:7b:8a:88:9b:db:ba:bb: 00:2b:2e:3a:80:84:00:10:e5:c7:3f:ef:88:fc:ff:ad:b3:e5: e4:19:2b:60 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBpAwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NjAyRUQxMTAvBgNVBAUTKDI4NzUyOURDMjBDQTBFQ0U5NUE3QTU1NkUxMEJDREZE NzIzN0Q4RDgwHhcNMjUwNzE4MjIzNDAxWhcNMjUwNzI1MjIzNDAxWjAYMRYwFAYD VQQDEw02ODdhY2JkOS1kMDEyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtc7vAuw7Hcil00J+NN42pMgiCJ6m5K80PcGg3y+oLCY1k4b6WeeEv4YeZAad Bf8BPqHL3xOZYOzLxofKyyeselQ9qoJFyQXqNcq303Fr4aLas96IMbPQk5Ynbi7j lMItFj+6RQEpzYQwOhPamKFZbUHfY2x6+IgjCEr2nHx7qoRq2Q2A0Rp47ECZFTUg g0WgDGnhfo07LEXb/jWJYzd/sIMi9RiiHyPO8MxRdyDkqIx+xngK/QisQ29oKigK CE7Lul4t2Thzy/bCaBMbJIQZm/WhmpftYkwHTGxsVUS+Evb1zcsqcbteAvdg3v6J xvL3j4ZJ9M7gBXPqu6P/YI9fbwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFBOjZ5bC AHAQwBLhWepC8hOEUGsZMB8GA1UdIwQYMBaAFCh1Kdwgyg7OlaelVuELzf1yN9jY MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2MDJFRC8xNjdCQzYzQzdD MUIxMUVCOUYzRjNDNjVDNEY5QUUwMi9LSFVwM0NES0RzNlZwNlZXNFF2Tl9YSTMy TmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIVXAzQ0RLRHM2VnA2Vlc0UXZOX1hJMzJOZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE2 MDJFRC8xNjdCQzYzQzdDMUIxMUVCOUYzRjNDNjVDNEY5QUUwMi9LSFVwM0NES0Rz NlZwNlZXNFF2Tl9YSTMyTmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBMIlfZ2zmLBJoofi2M0fE9WEr2Bs0Y4sRzWWcfLk/LQcW42fRbQiwc MT05NbfuVf+is1xmkOoYkdla0zNvUpyzJrT529SnNJEitDYwNjiZAKn1yDe4Fd4A c06S0FiNlO74NtknLDjQFjbSDy+zVZMr9O0D0YxLm6pTJzsomkuGxGre9KZqjmXt +SY1/Ye0Ns8XOCIwhtju4G89sV/H7lnwit7MYGAAOixIqDFOvFMiZgVPrCl8FRcx t5eFbQgHfrji9L1+Hq+b4EOevoZYZLoSsNw9mQgQyjDv+bfuwtF5OW3u+3uKiJvb ursAKy46gIQAEOXHP++I/P+ts+XkGStg -----END CERTIFICATE-----Generated at Sun Jul 20 07:34:19 2025 by rpki-client