$ rpki-client -vvf rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft File: kzrtfDoGQianFEt0eMdAPazdgAU.mft (raw, json) Hash identifier: JPmeLPyTEwxhr8Ts7orN2uBPo6nIZNnsfWMcCTpy0Ow= Subject key identifier: 4D:43:0F:D6:EA:85:A7:B7:93:50:E0:37:19:C4:D3:D0:BC:C1:A0:D6 Authority key identifier: 93:3A:ED:7C:3A:06:42:26:A7:14:4B:74:78:C7:40:3D:AC:DD:80:05 Certificate issuer: /CN=A91A81F7/serialNumber=933AED7C3A064226A7144B7478C7403DACDD8005 Certificate serial: 03AF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft Manifest number: 03AA Signing time: Sat 19 Jul 2025 01:10:35 +0000 Manifest this update: Sat 19 Jul 2025 01:10:35 +0000 Manifest next update: Sat 26 Jul 2025 01:10:35 +0000 Files and hashes: 1: kzrtfDoGQianFEt0eMdAPazdgAU.crl (hash: 2DkJ4YmSYIeEV1pBEUg3l2dj9hKErfRY9b6FB5WxHpM=) 2: 4D7F18D69F8911EC8270CE39C4F9AE02.roa (hash: 0t4pRp/9HpBWWGpsNbOV6QZlF+pCTN3GNbTfKEK0f+Y=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.crl rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 01:10:34 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 943 (0x3af) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A81F7, serialNumber=933AED7C3A064226A7144B7478C7403DACDD8005 Validity Not Before: Jul 19 01:10:35 2025 GMT Not After : Jul 26 01:10:35 2025 GMT Subject: CN=687af08b-237d Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ad:ba:70:56:0f:ae:e6:4d:73:1b:e8:66:09:6a: 2a:db:03:5b:86:27:74:40:cc:7d:47:b8:92:88:e8: 1c:75:77:84:5f:69:e8:d4:ac:7a:e8:0d:a3:89:d1: 3b:31:bd:fe:90:5f:af:1d:4d:c6:95:62:49:7e:4b: 65:c6:08:34:b7:0c:4e:fb:50:58:09:85:c2:4a:67: c7:9b:f9:74:c0:08:3e:41:0c:26:37:72:84:10:7c: 64:0b:8c:b3:f4:12:c9:c2:64:15:d5:23:68:ab:c5: d0:c1:17:80:09:6b:3a:ac:f4:95:97:d6:48:77:9a: f8:6a:d1:9e:df:d6:1d:74:22:f5:a5:04:b9:eb:4d: ad:5d:ee:34:91:75:de:bf:69:56:2f:f8:a4:70:f1: 11:d0:a1:c3:90:93:69:d5:cb:38:bf:c0:d8:d3:fe: 2b:35:d8:78:4c:6b:18:97:70:d5:68:d9:85:d5:6e: ba:b2:ab:2d:15:2f:6b:a8:42:d8:c9:73:81:09:a9: 4e:16:a9:71:b5:9c:2b:a9:f0:f9:96:75:c7:24:c9: 05:17:06:25:83:76:e5:16:d7:65:d0:91:10:8b:54: de:e9:fe:43:c3:3d:87:74:ea:a4:08:ef:b1:1a:cc: d9:71:4f:00:e5:f8:b1:c3:de:8d:72:b9:03:dd:91: 3f:bf Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4D:43:0F:D6:EA:85:A7:B7:93:50:E0:37:19:C4:D3:D0:BC:C1:A0:D6 X509v3 Authority Key Identifier: keyid:93:3A:ED:7C:3A:06:42:26:A7:14:4B:74:78:C7:40:3D:AC:DD:80:05 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/kzrtfDoGQianFEt0eMdAPazdgAU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A81F7/30F46EEE9F8611EC8D9F3F34C4F9AE02/kzrtfDoGQianFEt0eMdAPazdgAU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 28:a1:be:63:31:bd:34:a7:14:24:0e:44:f7:8d:aa:70:d1:6a: c0:46:bb:11:ea:d4:ec:d0:82:39:24:e6:ba:0f:cd:5f:84:aa: a2:54:0c:67:25:16:b2:5d:c4:a6:8a:36:db:cb:88:09:13:01: 90:d3:d6:04:b4:1f:17:fe:a8:e6:19:66:c3:f1:a5:07:4e:8c: cb:ba:8a:e6:bb:3c:60:43:82:be:5e:c5:b2:5c:16:5f:72:53: 2a:be:ba:df:96:09:34:24:d9:a8:0a:2c:88:29:43:1a:91:e8: 85:67:a7:10:be:48:12:ae:94:5d:09:7b:24:3f:30:ac:aa:5f: a6:67:53:26:ec:74:da:fc:68:b6:6a:46:62:1d:38:fb:ac:b3: dd:84:73:8e:35:21:57:82:ad:48:b9:16:71:8f:04:6b:d8:a6: 01:b6:ef:07:25:12:52:26:d9:27:12:d7:89:fd:0d:bb:57:97: 41:2e:a9:26:97:41:05:c0:4c:57:cd:81:98:64:53:79:34:c7: f1:00:c2:5c:40:89:e1:44:83:cc:7c:24:11:c4:b4:b0:45:6c: 94:5b:f9:44:54:0f:1b:45:a4:48:7f:69:3e:21:66:ad:07:fe: f5:ac:50:44:71:e4:64:87:e3:92:a0:8b:0c:ad:c7:fc:26:1d: 34:40:9b:b2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA68wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTgxRjcxMTAvBgNVBAUTKDkzM0FFRDdDM0EwNjQyMjZBNzE0NEI3NDc4Qzc0MDNE QUNERDgwMDUwHhcNMjUwNzE5MDExMDM1WhcNMjUwNzI2MDExMDM1WjAYMRYwFAYD VQQDEw02ODdhZjA4Yi0yMzdkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEArbpwVg+u5k1zG+hmCWoq2wNbhid0QMx9R7iSiOgcdXeEX2no1Kx66A2jidE7 Mb3+kF+vHU3GlWJJfktlxgg0twxO+1BYCYXCSmfHm/l0wAg+QQwmN3KEEHxkC4yz 9BLJwmQV1SNoq8XQwReACWs6rPSVl9ZId5r4atGe39YddCL1pQS5602tXe40kXXe v2lWL/ikcPER0KHDkJNp1cs4v8DY0/4rNdh4TGsYl3DVaNmF1W66sqstFS9rqELY yXOBCalOFqlxtZwrqfD5lnXHJMkFFwYlg3blFtdl0JEQi1Te6f5Dwz2HdOqkCO+x GszZcU8A5fixw96NcrkD3ZE/vwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE1DD9bq hae3k1DgNxnE09C8waDWMB8GA1UdIwQYMBaAFJM67Xw6BkImpxRLdHjHQD2s3YAF MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBODFGNy8zMEY0NkVFRTlG ODYxMUVDOEQ5RjNGMzRDNEY5QUUwMi9renJ0ZkRvR1FpYW5GRXQwZU1kQVBhemRn QVUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL2t6cnRmRG9HUWlhbkZFdDBlTWRBUGF6ZGdBVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB ODFGNy8zMEY0NkVFRTlGODYxMUVDOEQ5RjNGMzRDNEY5QUUwMi9renJ0ZkRvR1Fp YW5GRXQwZU1kQVBhemRnQVUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAoob5jMb00pxQkDkT3japw0WrARrsR6tTs0II5JOa6D81fhKqiVAxn JRayXcSmijbby4gJEwGQ09YEtB8X/qjmGWbD8aUHTozLuormuzxgQ4K+XsWyXBZf clMqvrrflgk0JNmoCiyIKUMakeiFZ6cQvkgSrpRdCXskPzCsql+mZ1Mm7HTa/Gi2 akZiHTj7rLPdhHOONSFXgq1IuRZxjwRr2KYBtu8HJRJSJtknEteJ/Q27V5dBLqkm l0EFwExXzYGYZFN5NMfxAMJcQInhRIPMfCQRxLSwRWyUW/lEVA8bRaRIf2k+IWat B/71rFBEceRkh+OSoIsMrcf8Jh00QJuy -----END CERTIFICATE-----Generated at Sun Jul 20 06:24:37 2025 by rpki-client