$ rpki-client -vvf rpki.apnic.net/member_repository/A918AB7E/F759796E088111F0BAC3413EC4F9AE02/KmvwVK0j6tLbOVMbZGcmypRaxJI.mft File: KmvwVK0j6tLbOVMbZGcmypRaxJI.mft (raw, json) Hash identifier: hy6kr8hZWPfYp8lg7oAUdHUiUMcT0Bv17HIW5+hW8lQ= Subject key identifier: 95:20:1C:34:6D:A2:4D:DF:BB:33:01:5A:34:E9:9D:DB:72:C5:09:9C Authority key identifier: 2A:6B:F0:54:AD:23:EA:D2:DB:39:53:1B:64:67:26:CA:94:5A:C4:92 Certificate issuer: /CN=A918AB7E/serialNumber=2A6BF054AD23EAD2DB39531B646726CA945AC492 Certificate serial: 3E Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmvwVK0j6tLbOVMbZGcmypRaxJI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A918AB7E/F759796E088111F0BAC3413EC4F9AE02/KmvwVK0j6tLbOVMbZGcmypRaxJI.mft Manifest number: 3D Signing time: Sat 19 Jul 2025 07:47:30 +0000 Manifest this update: Sat 19 Jul 2025 07:47:30 +0000 Manifest next update: Sat 26 Jul 2025 07:47:30 +0000 Files and hashes: 1: KmvwVK0j6tLbOVMbZGcmypRaxJI.crl (hash: PjJgb+ZOYAprNlkL8OtR/IFFZRjRerMO11Eocs4uSY4=) 2: 3CF5A86C088211F0BB90C23EC4F9AE02.roa (hash: WjhNkxKHghzjWbpSoIkFccSDxcFZFh5y2Re0ypkmeM8=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A918AB7E/F759796E088111F0BAC3413EC4F9AE02/KmvwVK0j6tLbOVMbZGcmypRaxJI.crl rsync://rpki.apnic.net/member_repository/A918AB7E/F759796E088111F0BAC3413EC4F9AE02/KmvwVK0j6tLbOVMbZGcmypRaxJI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmvwVK0j6tLbOVMbZGcmypRaxJI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 07:47:29 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 62 (0x3e) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A918AB7E, serialNumber=2A6BF054AD23EAD2DB39531B646726CA945AC492 Validity Not Before: Jul 19 07:47:30 2025 GMT Not After : Jul 26 07:47:30 2025 GMT Subject: CN=687b4d92-38cb Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b2:b2:7e:2f:aa:c9:78:dd:06:4d:fc:68:be:ae: 60:ce:ba:04:92:7f:55:65:7e:8e:b9:c1:83:9d:f5: 57:80:72:95:ee:fd:cc:6f:73:70:4f:99:fd:e4:4e: 69:44:7c:1b:07:ee:c8:8f:3b:0f:9c:83:08:7b:db: 0e:2c:6a:fb:be:e8:55:28:dc:f5:10:57:f1:22:4e: a3:51:43:9c:08:6f:95:2e:17:e6:3e:ee:e3:f0:23: 26:48:69:d8:b8:1a:de:17:3a:a1:7a:c9:bc:41:03: d5:e3:cd:e1:83:13:12:f2:0b:04:10:bb:45:83:a3: a8:cf:48:b1:70:5d:e5:55:c0:13:da:4b:1a:dc:d1: 04:45:46:42:40:51:db:fe:21:fc:53:85:a2:89:b8: 4b:9e:06:ce:a5:64:e0:7d:b1:65:50:e2:f4:cd:9c: 9e:5d:67:b2:9f:32:64:55:28:4b:7a:33:67:93:9c: 65:b6:08:2f:e1:be:c6:97:3b:7e:7b:d2:af:03:14: b4:8a:bd:dd:4f:8c:e6:46:77:a7:95:84:98:16:d9: 3a:6c:82:fe:97:7b:a5:e4:74:e6:81:1d:a3:cf:2b: 61:28:9e:9c:cd:d0:d4:aa:a0:55:7c:16:1e:cd:65: 07:7c:93:06:d5:d6:83:1f:dc:ee:fe:89:19:2b:a2: 60:c9 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 95:20:1C:34:6D:A2:4D:DF:BB:33:01:5A:34:E9:9D:DB:72:C5:09:9C X509v3 Authority Key Identifier: keyid:2A:6B:F0:54:AD:23:EA:D2:DB:39:53:1B:64:67:26:CA:94:5A:C4:92 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A918AB7E/F759796E088111F0BAC3413EC4F9AE02/KmvwVK0j6tLbOVMbZGcmypRaxJI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KmvwVK0j6tLbOVMbZGcmypRaxJI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A918AB7E/F759796E088111F0BAC3413EC4F9AE02/KmvwVK0j6tLbOVMbZGcmypRaxJI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 14:a5:c8:c7:07:6c:0b:a5:b1:ab:a5:86:1b:6b:a1:c9:07:af: 3c:51:c9:8a:ba:dd:68:3a:a0:8e:00:ab:f4:6e:9b:8c:fc:ef: 47:5b:e2:5c:79:bb:fe:66:bd:c3:20:86:f0:96:89:d1:51:d6: 6c:0e:2a:d3:8b:e5:a9:80:d9:96:f1:a4:aa:8f:d6:ff:e4:d1: 46:4c:44:88:64:dc:5e:fb:ff:af:02:12:ef:bc:8d:58:57:d8: ab:e3:fa:49:cd:50:55:05:70:71:3e:cf:5b:48:e2:c5:ad:1b: 87:91:03:a0:1a:5a:a8:f2:8c:c5:8c:df:d5:19:fa:5e:25:8d: 26:76:4b:60:b4:10:e3:f5:88:2b:b8:69:9e:a5:2b:5e:25:83: f8:b3:f3:f6:7f:ec:24:31:80:aa:b2:95:a8:2b:64:fd:ed:78: 97:e7:56:5c:30:5a:b2:2f:50:36:e2:b5:a8:cb:41:8b:16:82: a5:c0:bd:fd:4e:bf:36:62:d5:4d:4e:d6:5e:be:30:f4:29:da: 1f:1c:1a:d0:ed:44:e7:42:f4:b0:c7:b0:c5:6d:26:cf:d8:2f: 0e:87:d0:d3:50:f1:4c:c6:56:ba:27:ba:f1:2c:7d:fb:0b:34: 2b:c7:c8:32:6a:9f:66:dc:9b:d9:70:d5:0c:c0:92:d9:e7:ce: 4d:fd:65:0c -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBPjANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE4 QUI3RTExMC8GA1UEBRMoMkE2QkYwNTRBRDIzRUFEMkRCMzk1MzFCNjQ2NzI2Q0E5 NDVBQzQ5MjAeFw0yNTA3MTkwNzQ3MzBaFw0yNTA3MjYwNzQ3MzBaMBgxFjAUBgNV BAMTDTY4N2I0ZDkyLTM4Y2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQCysn4vqsl43QZN/Gi+rmDOugSSf1Vlfo65wYOd9VeAcpXu/cxvc3BPmf3kTmlE fBsH7siPOw+cgwh72w4savu+6FUo3PUQV/EiTqNRQ5wIb5UuF+Y+7uPwIyZIadi4 Gt4XOqF6ybxBA9XjzeGDExLyCwQQu0WDo6jPSLFwXeVVwBPaSxrc0QRFRkJAUdv+ IfxThaKJuEueBs6lZOB9sWVQ4vTNnJ5dZ7KfMmRVKEt6M2eTnGW2CC/hvsaXO357 0q8DFLSKvd1PjOZGd6eVhJgW2Tpsgv6Xe6XkdOaBHaPPK2EonpzN0NSqoFV8Fh7N ZQd8kwbV1oMf3O7+iRkromDJAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUlSAcNG2i Td+7MwFaNOmd23LFCZwwHwYDVR0jBBgwFoAUKmvwVK0j6tLbOVMbZGcmypRaxJIw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThBQjdFL0Y3NTk3OTZFMDg4 MTExRjBCQUMzNDEzRUM0RjlBRTAyL0ttdndWSzBqNnRMYk9WTWJaR2NteXBSYXhK SS5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS212d1ZLMGo2dExiT1ZNYlpHY215cFJheEpJLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MThB QjdFL0Y3NTk3OTZFMDg4MTExRjBCQUMzNDEzRUM0RjlBRTAyL0ttdndWSzBqNnRM Yk9WTWJaR2NteXBSYXhKSS5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABSlyMcHbAulsaulhhtrockHrzxRyYq63Wg6oI4Aq/Rum4z870db4lx5 u/5mvcMghvCWidFR1mwOKtOL5amA2ZbxpKqP1v/k0UZMRIhk3F77/68CEu+8jVhX 2Kvj+knNUFUFcHE+z1tI4sWtG4eRA6AaWqjyjMWM39UZ+l4ljSZ2S2C0EOP1iCu4 aZ6lK14lg/iz8/Z/7CQxgKqylagrZP3teJfnVlwwWrIvUDbitajLQYsWgqXAvf1O vzZi1U1O1l6+MPQp2h8cGtDtROdC9LDHsMVtJs/YLw6H0NNQ8UzGVronuvEsffsL NCvHyDJqn2bcm9lw1QzAktnnzk39ZQw= -----END CERTIFICATE-----Generated at Sun Jul 20 02:25:33 2025 by rpki-client