$ rpki-client -vvf rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft File: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft (raw, json) Hash identifier: ZgkpmjakPF5Bo8iWQvBW6m52pTMpeYLQHVrQjnwazto= Subject key identifier: 0E:CE:7B:68:C5:26:EE:C3:D9:3B:DC:F0:E9:88:EB:59:0F:1A:A2:0C Authority key identifier: 28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 Certificate issuer: /CN=A9194677/serialNumber=2876825F77C24A167DC41215350F688792981A67 Certificate serial: 015B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft Manifest number: 0158 Signing time: Mon 21 Jul 2025 04:09:34 +0000 Manifest this update: Mon 21 Jul 2025 04:09:34 +0000 Manifest next update: Mon 28 Jul 2025 04:09:34 +0000 Files and hashes: 1: KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl (hash: 8BmjLmK/jRCYKqa4L715C46dcaDlzSPbDtse+CTQY9k=) 2: 759C16DC577711EE96F5F775C4F9AE02.roa (hash: Pojppps22r3xRUUOYA4Lq5WqJQ1e2Svo0KKFdlUH1VY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Mon 28 Jul 2025 04:09:33 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 347 (0x15b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9194677, serialNumber=2876825F77C24A167DC41215350F688792981A67 Validity Not Before: Jul 21 04:09:34 2025 GMT Not After : Jul 28 04:09:34 2025 GMT Subject: CN=687dbd7e-431b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:65:70:44:6e:9a:34:d5:b9:5f:4b:4a:94:21: 7c:a5:74:c3:69:2f:3d:96:72:5d:4a:4b:d6:9d:c7: 89:af:84:5a:7f:4e:b6:73:d6:4f:12:91:a2:a4:e3: a8:52:42:8b:27:f1:67:31:b5:58:29:b2:17:89:85: 54:0a:3a:86:bc:39:c1:82:b3:f9:10:bf:bc:10:8d: 91:2e:2c:46:6f:5e:e7:80:91:6b:d7:e9:60:5b:1a: f2:d0:d8:4c:f8:fc:2e:e3:cc:45:d2:ac:a2:8e:a3: cd:30:57:e3:1f:88:1e:69:16:05:d3:f9:5b:75:69: 4e:6c:8e:83:07:8b:25:54:60:31:93:f1:32:80:54: 7e:1c:b8:6b:22:cc:cb:9f:14:d6:11:6d:8d:d1:e4: 06:cc:21:bf:a6:36:9c:f9:c0:64:59:0c:6f:89:b8: b3:3a:f1:a7:55:f4:07:4a:18:0b:eb:9c:5b:6e:f2: d6:a4:60:8b:d8:53:86:66:f3:11:95:0b:3d:09:2f: 78:9f:d3:0d:0f:3c:b4:06:cb:cd:22:fa:c9:a1:85: e8:22:77:26:88:9a:c4:ab:05:20:65:77:bc:83:1b: 68:60:69:04:44:ac:56:50:11:25:e9:c9:dd:e7:61: 7f:c6:aa:10:e4:e7:c8:e7:2f:e9:73:4a:16:00:33: 98:a1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 0E:CE:7B:68:C5:26:EE:C3:D9:3B:DC:F0:E9:88:EB:59:0F:1A:A2:0C X509v3 Authority Key Identifier: keyid:28:76:82:5F:77:C2:4A:16:7D:C4:12:15:35:0F:68:87:92:98:1A:67 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9194677/0227F786577511EE92ACA759C4F9AE02/KHaCX3fCShZ9xBIVNQ9oh5KYGmc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 92:55:d8:f5:91:70:56:e8:b3:71:e9:d7:34:64:ec:04:53:23: 26:d1:5c:07:55:da:b3:3b:38:a8:0c:e7:0f:05:52:85:10:e1: 0c:33:95:16:95:50:27:29:76:24:21:32:1b:4c:9b:9a:41:c9: 87:d4:b1:9d:bc:c8:7d:12:71:01:e0:2f:9b:09:c9:d0:d0:6c: ad:bf:f3:d1:e1:45:be:65:43:5e:d5:3c:c1:8c:c5:a4:88:94: 37:72:0d:38:4d:d5:c1:d8:b6:79:1c:3c:8c:d1:db:d5:bb:80: 05:36:c6:3f:fe:24:46:d9:28:7d:1f:23:43:49:8b:cb:25:30: 1d:36:1f:04:d0:b3:cd:ac:f6:3e:c1:64:bb:b2:06:62:58:2c: 1d:f7:0a:2e:79:b3:f4:89:3f:38:b0:27:ef:ce:ee:6d:97:d6: 06:3b:e9:52:a9:d2:13:94:f4:d8:b0:e2:cf:87:11:62:a0:61: 69:98:73:28:98:be:4c:47:dc:28:9c:9d:d8:20:f6:a3:32:b2: 1f:53:39:46:83:fe:8e:02:b2:93:7a:e2:ea:46:16:b1:cc:de: ec:d8:d9:86:49:03:c1:a3:8d:5c:28:38:87:5c:9b:7d:cb:be: b7:7c:45:0e:47:2a:60:a3:d0:df:e8:3c:77:82:f4:1f:3d:2b: ee:46:d3:a7 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAVswDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTQ2NzcxMTAvBgNVBAUTKDI4NzY4MjVGNzdDMjRBMTY3REM0MTIxNTM1MEY2ODg3 OTI5ODFBNjcwHhcNMjUwNzIxMDQwOTM0WhcNMjUwNzI4MDQwOTM0WjAYMRYwFAYD VQQDEw02ODdkYmQ3ZS00MzFiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAvGVwRG6aNNW5X0tKlCF8pXTDaS89lnJdSkvWnceJr4Raf062c9ZPEpGipOOo UkKLJ/FnMbVYKbIXiYVUCjqGvDnBgrP5EL+8EI2RLixGb17ngJFr1+lgWxry0NhM +Pwu48xF0qyijqPNMFfjH4geaRYF0/lbdWlObI6DB4slVGAxk/EygFR+HLhrIszL nxTWEW2N0eQGzCG/pjac+cBkWQxvibizOvGnVfQHShgL65xbbvLWpGCL2FOGZvMR lQs9CS94n9MNDzy0BsvNIvrJoYXoIncmiJrEqwUgZXe8gxtoYGkERKxWUBEl6cnd 52F/xqoQ5OfI5y/pc0oWADOYoQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFA7Oe2jF Ju7D2Tvc8OmI61kPGqIMMB8GA1UdIwQYMBaAFCh2gl93wkoWfcQSFTUPaIeSmBpn MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NDY3Ny8wMjI3Rjc4NjU3 NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1NoWjl4QklWTlE5b2g1S1lH bWMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tIYUNYM2ZDU2haOXhCSVZOUTlvaDVLWUdtYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NDY3Ny8wMjI3Rjc4NjU3NzUxMUVFOTJBQ0E3NTlDNEY5QUUwMi9LSGFDWDNmQ1No Wjl4QklWTlE5b2g1S1lHbWMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCSVdj1kXBW6LNx6dc0ZOwEUyMm0VwHVdqzOzioDOcPBVKFEOEMM5UW lVAnKXYkITIbTJuaQcmH1LGdvMh9EnEB4C+bCcnQ0Gytv/PR4UW+ZUNe1TzBjMWk iJQ3cg04TdXB2LZ5HDyM0dvVu4AFNsY//iRG2Sh9HyNDSYvLJTAdNh8E0LPNrPY+ wWS7sgZiWCwd9wouebP0iT84sCfvzu5tl9YGO+lSqdITlPTYsOLPhxFioGFpmHMo mL5MR9wonJ3YIPajMrIfUzlGg/6OArKTeuLqRhaxzN7s2NmGSQPBo41cKDiHXJt9 y763fEUORypgo9Df6Dx3gvQfPSvuRtOn -----END CERTIFICATE-----Generated at Tue Jul 22 05:11:08 2025 by rpki-client