$ rpki-client -vvf rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft File: kFj-3Oxfh289_hYZQxnBRcnAzLU.mft (raw, json) Hash identifier: VTY670b34FIRLHQSJsSDQZMK4ANX7OjfmkOYLmsv+NA= Subject key identifier: 79:6D:6A:B3:55:B3:99:B7:ED:C4:6C:C2:99:1A:4B:34:B6:FA:4F:DD Authority key identifier: 90:58:FE:DC:EC:5F:87:6F:3D:FE:16:19:43:19:C1:45:C9:C0:CC:B5 Certificate issuer: /CN=A9185B0F/serialNumber=9058FEDCEC5F876F3DFE16194319C145C9C0CCB5 Certificate serial: 0677 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft Manifest number: 0672 Signing time: Tue 22 Jul 2025 22:44:22 +0000 Manifest this update: Tue 22 Jul 2025 22:44:21 +0000 Manifest next update: Tue 29 Jul 2025 22:44:21 +0000 Files and hashes: 1: kFj-3Oxfh289_hYZQxnBRcnAzLU.crl (hash: qsixkc/KT3x8utbvyi6P3dDQYjM6Ql2wv5VY/JTD060=) 2: 25A7FE7E855211EB8DEDD812C4F9AE02.roa (hash: rH99d2UyS2BchbUPUbqFc9GOoYlWGp7hkjxEyr/ZGj0=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.crl rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 29 Jul 2025 22:44:21 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1655 (0x677) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9185B0F, serialNumber=9058FEDCEC5F876F3DFE16194319C145C9C0CCB5 Validity Not Before: Jul 22 22:44:21 2025 GMT Not After : Jul 29 22:44:21 2025 GMT Subject: CN=68801446-a814 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f2:ad:20:1d:29:c2:2c:27:7d:69:1a:f4:cb:f9: 5b:28:df:47:69:ce:3c:9e:92:90:ae:24:2a:1a:e7: 7d:83:7b:76:69:fb:02:9a:03:8b:61:e9:e9:12:9d: 4e:84:7e:0b:46:73:cc:ec:b0:f7:f7:1c:03:b4:75: 95:ef:a4:1d:9f:aa:fa:d1:57:4c:d2:e0:f1:d8:16: 1f:b8:2f:d1:85:f1:f5:c2:1c:fb:5e:9f:1c:76:dc: c8:1f:a3:ea:98:b1:71:9e:96:2c:a2:f0:e2:57:0c: 3e:85:10:25:2d:96:7f:4d:28:43:09:3f:b5:00:2f: 85:b8:bb:02:1b:77:da:9e:ce:70:85:26:92:0a:54: ed:a2:3d:db:6e:7a:ac:3e:91:0d:64:3a:70:36:9c: 4a:f9:a7:f1:18:ee:a7:9d:75:24:ed:70:60:0e:21: 61:c6:d5:1c:85:c4:b9:35:d9:4a:06:53:2a:8e:f4: eb:22:a4:1e:4e:53:20:35:d8:0c:ad:62:c3:27:bc: 92:fa:7e:57:c0:1f:4a:44:32:2d:98:fd:f5:21:80: ba:21:94:3f:5e:d4:2f:ed:fb:3e:b1:ad:4c:27:07: 36:05:8d:0d:e2:ee:b1:b3:25:4c:93:45:f3:b7:29: 17:dd:bc:66:ab:96:8c:a1:83:83:51:b7:a2:49:81: d2:eb Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 79:6D:6A:B3:55:B3:99:B7:ED:C4:6C:C2:99:1A:4B:34:B6:FA:4F:DD X509v3 Authority Key Identifier: keyid:90:58:FE:DC:EC:5F:87:6F:3D:FE:16:19:43:19:C1:45:C9:C0:CC:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kFj-3Oxfh289_hYZQxnBRcnAzLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9185B0F/52D0A120854E11EBB75BB009C4F9AE02/kFj-3Oxfh289_hYZQxnBRcnAzLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:34:6b:cc:d7:82:a3:dc:b8:93:86:00:ef:04:c3:af:2b:c6: 03:94:02:37:42:11:92:89:7d:76:83:48:0e:25:84:8a:ce:9c: df:71:eb:e5:fa:e9:12:32:e8:be:20:99:7a:82:18:70:7a:89: 17:36:53:4f:cc:20:ef:d8:d2:cf:fd:58:48:6b:4e:6d:1f:87: d1:33:91:ec:e6:98:52:6f:c0:dd:56:55:75:6b:7e:69:e8:63: 96:1c:1a:83:61:b7:cb:5d:c7:da:f1:85:8b:60:d4:7e:5f:a1: 59:da:cc:06:70:18:d7:7b:03:56:0c:e2:63:fd:2d:3e:f6:b9: 3a:20:67:f8:fe:0a:8a:ea:c4:42:61:34:f3:61:28:47:0e:1e: e6:7a:f9:4d:4f:9b:de:46:34:58:4c:d9:e6:a5:92:20:a4:ea: c2:0c:4b:aa:a7:f9:97:27:58:4b:0f:78:ce:38:55:d3:6d:27: d7:f9:f8:5d:98:fb:de:bf:1a:b1:34:e0:84:a5:ec:fe:bd:3f: ae:9f:68:da:f2:48:c8:63:2d:b0:4f:62:ab:da:16:95:10:4d: 20:73:36:37:a8:ac:6c:45:86:2b:25:f4:b3:85:59:4d:5a:00: 4e:f3:1d:fd:47:3d:74:f5:d0:97:4f:dd:ce:7e:e6:10:84:30: bc:93:8b:69 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBncwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx ODVCMEYxMTAvBgNVBAUTKDkwNThGRURDRUM1Rjg3NkYzREZFMTYxOTQzMTlDMTQ1 QzlDMENDQjUwHhcNMjUwNzIyMjI0NDIxWhcNMjUwNzI5MjI0NDIxWjAYMRYwFAYD VQQDEw02ODgwMTQ0Ni1hODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA8q0gHSnCLCd9aRr0y/lbKN9Hac48npKQriQqGud9g3t2afsCmgOLYenpEp1O hH4LRnPM7LD39xwDtHWV76Qdn6r60VdM0uDx2BYfuC/RhfH1whz7Xp8cdtzIH6Pq mLFxnpYsovDiVww+hRAlLZZ/TShDCT+1AC+FuLsCG3fans5whSaSClTtoj3bbnqs PpENZDpwNpxK+afxGO6nnXUk7XBgDiFhxtUchcS5NdlKBlMqjvTrIqQeTlMgNdgM rWLDJ7yS+n5XwB9KRDItmP31IYC6IZQ/XtQv7fs+sa1MJwc2BY0N4u6xsyVMk0Xz tykX3bxmq5aMoYODUbeiSYHS6wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHltarNV s5m37cRswpkaSzS2+k/dMB8GA1UdIwQYMBaAFJBY/tzsX4dvPf4WGUMZwUXJwMy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4NUIwRi81MkQwQTEyMDg1 NEUxMUVCQjc1QkIwMDlDNEY5QUUwMi9rRmotM094ZmgyODlfaFlaUXhuQlJjbkF6 TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tGai0zT3hmaDI4OV9oWVpReG5CUmNuQXpMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE4 NUIwRi81MkQwQTEyMDg1NEUxMUVCQjc1QkIwMDlDNEY5QUUwMi9rRmotM094Zmgy ODlfaFlaUXhuQlJjbkF6TFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgNGvM14Kj3LiThgDvBMOvK8YDlAI3QhGSiX12g0gOJYSKzpzfcevl +ukSMui+IJl6ghhweokXNlNPzCDv2NLP/VhIa05tH4fRM5Hs5phSb8DdVlV1a35p 6GOWHBqDYbfLXcfa8YWLYNR+X6FZ2swGcBjXewNWDOJj/S0+9rk6IGf4/gqK6sRC YTTzYShHDh7mevlNT5veRjRYTNnmpZIgpOrCDEuqp/mXJ1hLD3jOOFXTbSfX+fhd mPvevxqxNOCEpez+vT+un2ja8kjIYy2wT2Kr2haVEE0gczY3qKxsRYYrJfSzhVlN WgBO8x39Rz109dCXT93OfuYQhDC8k4tp -----END CERTIFICATE-----Generated at Thu Jul 24 12:16:06 2025 by rpki-client