$ rpki-client -vvf rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft File: kDfAsp43CSqDhSzkuIW3dqfB47Y.mft (raw, json) Hash identifier: sOpga43+DKf3l0gVUX5CzFGiNqOSR/nIkRmJrjJ3iE8= Subject key identifier: C3:95:9F:5A:04:BB:06:8A:E3:8D:52:53:E8:A8:64:48:03:83:1A:8B Authority key identifier: 90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 Certificate issuer: /CN=A91957D1/serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Certificate serial: 0136 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft Manifest number: 0132 Signing time: Sat 19 Jul 2025 04:47:26 +0000 Manifest this update: Sat 19 Jul 2025 04:47:26 +0000 Manifest next update: Sat 26 Jul 2025 04:47:26 +0000 Files and hashes: 1: kDfAsp43CSqDhSzkuIW3dqfB47Y.crl (hash: +dL0oPLnRx88aHrA1VunthveEbDgWutFeLgKvXCXJns=) 2: 72CE4D80958411EEB3748B58C4F9AE02.roa (hash: GyK0WIBreUywAdxh5kO624MwwPbx0zTO9wpPeKdWbNg=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 04:47:25 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 310 (0x136) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91957D1, serialNumber=9037C0B29E37092A83852CE4B885B776A7C1E3B6 Validity Not Before: Jul 19 04:47:26 2025 GMT Not After : Jul 26 04:47:26 2025 GMT Subject: CN=687b235e-e760 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:f7:e0:a0:6c:7c:6c:fd:0d:8b:2f:6e:21:ee:28: bd:79:3c:46:dc:f3:41:9a:2e:fd:63:85:6a:96:e4: f9:62:4e:05:1d:77:1a:d7:64:44:82:9e:b4:4d:9f: 43:f2:f4:9f:f1:56:33:8b:c7:7c:5a:c9:19:d0:fd: 3b:95:e1:6c:8a:f2:dd:6f:6c:56:b7:2a:82:d8:2a: 9d:b1:42:65:5d:98:ca:b4:34:11:4c:a0:26:25:f1: 62:89:ac:91:45:5f:5f:25:1a:6a:fb:bb:02:b6:28: 69:91:fe:17:26:c0:ae:63:d0:11:7c:41:82:b6:dd: da:39:d9:43:b0:4e:c7:a4:45:6e:00:9c:05:c3:d7: cf:6d:89:af:03:0e:b7:e5:e8:8d:84:a1:5a:d8:07: 09:27:5c:f7:da:43:f5:6b:35:47:be:ec:b9:b8:01: 01:a4:0e:7e:0a:bb:b5:e3:84:80:c6:60:03:75:6a: 6f:be:c1:e9:63:48:e4:5a:c4:27:61:88:1a:66:c1: 19:18:b5:f4:e1:12:09:a2:1e:36:56:17:b3:0c:a4: f0:b6:b1:5f:4c:bd:86:b9:7a:e4:c7:cf:e9:97:73: 23:1d:95:09:58:09:76:74:7b:1c:6c:73:b3:69:05: 41:f5:ef:18:cb:07:bd:99:39:d7:d5:b3:20:eb:32: 71:e1 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: C3:95:9F:5A:04:BB:06:8A:E3:8D:52:53:E8:A8:64:48:03:83:1A:8B X509v3 Authority Key Identifier: keyid:90:37:C0:B2:9E:37:09:2A:83:85:2C:E4:B8:85:B7:76:A7:C1:E3:B6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kDfAsp43CSqDhSzkuIW3dqfB47Y.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91957D1/F053779493BD11EE81F80A52C4F9AE02/kDfAsp43CSqDhSzkuIW3dqfB47Y.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 20:82:03:e9:52:40:b4:09:00:05:b4:c4:ed:a1:7e:21:99:62: 97:fa:5b:b7:27:a8:f7:40:56:dc:e1:c2:92:f2:fb:01:02:c6: 7b:41:6e:c6:ba:7b:18:8e:ad:4e:81:a5:36:bd:06:77:d3:8e: 92:65:59:05:39:0f:44:6c:6b:71:9c:a9:7e:e2:68:a0:2c:98: 91:65:f2:6a:ee:bf:f7:4c:39:e5:0f:2f:fa:19:bb:32:3a:73: ab:b4:f6:d1:01:cf:64:e4:ce:d9:68:9e:69:e8:bb:31:fc:8d: 0b:4a:a8:e3:28:d3:98:ec:4c:31:9a:91:d6:ad:59:2a:5e:62: f7:ac:7e:c0:13:6a:a4:32:e0:22:3d:d1:24:6d:c7:fa:09:a9: 92:66:57:1d:53:a7:fd:8d:fe:a5:43:0c:4d:32:8f:67:da:ca: 99:53:df:c5:6b:5b:4b:a1:6a:31:1c:fc:51:7a:b4:e0:9c:b5: e9:e5:d5:6c:35:eb:78:75:bf:e4:43:ea:d7:95:f6:20:7d:53: f4:cc:b8:3e:ef:2c:19:a9:eb:fe:00:b3:d2:5f:f9:3e:ca:5d: 40:32:e6:1f:c5:ca:2f:f8:0a:38:47:45:48:8e:c0:9c:0f:c7: 18:51:4a:90:7d:af:d3:d8:47:61:32:20:b3:4b:dc:d2:f3:1a: f3:e1:f8:16 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICATYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OTU3RDExMTAvBgNVBAUTKDkwMzdDMEIyOUUzNzA5MkE4Mzg1MkNFNEI4ODVCNzc2 QTdDMUUzQjYwHhcNMjUwNzE5MDQ0NzI2WhcNMjUwNzI2MDQ0NzI2WjAYMRYwFAYD VQQDEw02ODdiMjM1ZS1lNzYwMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA9+CgbHxs/Q2LL24h7ii9eTxG3PNBmi79Y4VqluT5Yk4FHXca12REgp60TZ9D 8vSf8VYzi8d8WskZ0P07leFsivLdb2xWtyqC2CqdsUJlXZjKtDQRTKAmJfFiiayR RV9fJRpq+7sCtihpkf4XJsCuY9ARfEGCtt3aOdlDsE7HpEVuAJwFw9fPbYmvAw63 5eiNhKFa2AcJJ1z32kP1azVHvuy5uAEBpA5+Cru144SAxmADdWpvvsHpY0jkWsQn YYgaZsEZGLX04RIJoh42VhezDKTwtrFfTL2GuXrkx8/pl3MjHZUJWAl2dHscbHOz aQVB9e8Yywe9mTnX1bMg6zJx4QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFMOVn1oE uwaK441SU+ioZEgDgxqLMB8GA1UdIwQYMBaAFJA3wLKeNwkqg4Us5LiFt3anweO2 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5NTdEMS9GMDUzNzc5NDkz QkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NTcURoU3prdUlXM2RxZkI0 N1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2tEZkFzcDQzQ1NxRGhTemt1SVczZHFmQjQ3WS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 NTdEMS9GMDUzNzc5NDkzQkQxMUVFODFGODBBNTJDNEY5QUUwMi9rRGZBc3A0M0NT cURoU3prdUlXM2RxZkI0N1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAgggPpUkC0CQAFtMTtoX4hmWKX+lu3J6j3QFbc4cKS8vsBAsZ7QW7G unsYjq1OgaU2vQZ3046SZVkFOQ9EbGtxnKl+4migLJiRZfJq7r/3TDnlDy/6Gbsy OnOrtPbRAc9k5M7ZaJ5p6Lsx/I0LSqjjKNOY7EwxmpHWrVkqXmL3rH7AE2qkMuAi PdEkbcf6CamSZlcdU6f9jf6lQwxNMo9n2sqZU9/Fa1tLoWoxHPxRerTgnLXp5dVs Net4db/kQ+rXlfYgfVP0zLg+7ywZqev+ALPSX/k+yl1AMuYfxcov+Ao4R0VIjsCc D8cYUUqQfa/T2EdhMiCzS9zS8xrz4fgW -----END CERTIFICATE-----Generated at Sun Jul 20 07:56:43 2025 by rpki-client