$ rpki-client -vvf rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft File: CkMWPL6xv3mMnOQcHF50ociDesY.mft (raw, json) Hash identifier: Kiv47FGUMP0plzqtQq+OoCtoBcTe2MhTPyz7qOHRdSM= Subject key identifier: A5:1E:CA:DB:BC:F9:66:B3:53:78:94:BA:0B:56:4D:64:FA:34:38:FA Authority key identifier: 0A:43:16:3C:BE:B1:BF:79:8C:9C:E4:1C:1C:5E:74:A1:C8:83:7A:C6 Certificate issuer: /CN=A91A95C1/serialNumber=0A43163CBEB1BF798C9CE41C1C5E74A1C8837AC6 Certificate serial: 0293 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft Manifest number: 028E Signing time: Sat 19 Jul 2025 02:04:06 +0000 Manifest this update: Sat 19 Jul 2025 02:04:06 +0000 Manifest next update: Sat 26 Jul 2025 02:04:06 +0000 Files and hashes: 1: CkMWPL6xv3mMnOQcHF50ociDesY.crl (hash: 9XugmeugeeOw8V8Rql84vcYTjZIh+YoHs52iQduZJtY=) 2: DA61302A0F0211EDABBE3C6AC4F9AE02.roa (hash: vW2EZP2Cwb4m+zHwX4dxc62MHLuj24Kv3gEJBseD9aY=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.crl rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 02:04:05 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 659 (0x293) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A95C1, serialNumber=0A43163CBEB1BF798C9CE41C1C5E74A1C8837AC6 Validity Not Before: Jul 19 02:04:06 2025 GMT Not After : Jul 26 02:04:06 2025 GMT Subject: CN=687afd16-8a99 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:df:0c:66:ba:86:45:0a:53:b6:3f:bb:d3:e3:d6: ce:46:39:4b:d9:0c:af:69:81:28:be:a1:41:f8:d4: 21:cc:50:ae:01:27:33:e0:18:67:ea:eb:a2:2f:64: 08:1a:4b:bf:58:9c:f0:d3:19:33:bf:59:c1:70:a3: bb:13:ff:63:05:e2:69:9c:e7:10:d9:87:7b:29:58: b6:21:23:0c:d6:d2:97:f0:d2:5e:fd:b9:f9:5c:43: e8:66:f0:52:19:a8:bc:be:f4:f5:74:6f:87:6c:b3: 2b:3e:f1:b3:eb:d2:04:d7:19:50:40:42:f0:51:0a: 99:ce:54:b5:aa:26:22:3f:2b:ba:84:d2:35:b1:f6: 51:0c:a2:93:f0:60:3b:db:ac:7e:8d:10:f4:03:76: eb:63:b5:98:f4:10:6c:0d:e6:72:9f:af:d6:44:ce: 1b:30:a4:c7:2a:38:a5:1c:7f:e9:3b:a1:a8:47:c1: 1c:9b:6d:8c:cd:d7:e8:93:54:a7:9d:d3:23:3e:b2: 85:06:dc:28:9c:b0:d2:e7:ab:dc:4f:c3:69:2c:92: 6d:5f:0a:47:f7:83:d0:6a:fc:79:f3:01:a4:20:db: ad:1d:1b:a1:22:7f:0e:6d:6d:0f:f3:6d:9d:c9:88: e0:96:ac:82:cf:eb:7b:32:0a:2d:23:71:8e:eb:c8: 6b:71 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: A5:1E:CA:DB:BC:F9:66:B3:53:78:94:BA:0B:56:4D:64:FA:34:38:FA X509v3 Authority Key Identifier: keyid:0A:43:16:3C:BE:B1:BF:79:8C:9C:E4:1C:1C:5E:74:A1:C8:83:7A:C6 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/CkMWPL6xv3mMnOQcHF50ociDesY.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A95C1/CBE6BC740F0011EDA744066AC4F9AE02/CkMWPL6xv3mMnOQcHF50ociDesY.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption e2:52:c5:58:ae:94:3e:e3:73:f9:2f:00:2a:26:42:77:d2:8a: f9:ba:6a:9f:36:58:0c:69:e1:5d:e5:3f:77:97:9a:80:ce:f4: 88:78:d6:c7:ca:7e:45:d5:fe:63:cd:ee:62:64:da:b2:23:d4: bc:e2:1e:a7:e0:95:78:ac:e3:1f:db:b6:9d:8b:72:50:b2:e8: 74:6a:98:bf:75:87:23:17:64:01:e2:e1:56:f6:f6:cc:72:54: a6:61:71:e9:89:52:7f:5c:e3:f8:dc:42:87:a2:6d:57:cb:11: 95:19:78:47:35:84:ef:ec:57:1c:72:c7:62:e2:1e:59:20:48: ec:13:90:aa:f0:bf:16:50:28:61:f9:53:29:75:0e:44:45:c7: 38:b4:f5:6d:61:e2:39:29:61:69:a5:51:d9:a4:36:e7:91:fa: 6d:33:1a:a1:28:dc:8d:0b:4c:da:73:cd:ea:88:bc:00:6a:7a: 2b:dc:34:2b:71:8a:9d:78:26:2e:4c:75:57:da:1e:e4:60:db: 5e:fc:bc:59:5a:ca:0c:8a:28:f3:f8:c2:84:53:53:4c:fa:e0: c8:00:6d:71:71:50:47:03:5c:60:d0:2d:5a:3f:54:ff:69:a8: c9:91:34:1e:0a:ef:1c:26:7e:f5:b5:2f:bf:1d:c3:4e:ca:64: 74:8b:12:0a -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICApMwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTk1QzExMTAvBgNVBAUTKDBBNDMxNjNDQkVCMUJGNzk4QzlDRTQxQzFDNUU3NEEx Qzg4MzdBQzYwHhcNMjUwNzE5MDIwNDA2WhcNMjUwNzI2MDIwNDA2WjAYMRYwFAYD VQQDEw02ODdhZmQxNi04YTk5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA3wxmuoZFClO2P7vT49bORjlL2QyvaYEovqFB+NQhzFCuAScz4Bhn6uuiL2QI Gku/WJzw0xkzv1nBcKO7E/9jBeJpnOcQ2Yd7KVi2ISMM1tKX8NJe/bn5XEPoZvBS Gai8vvT1dG+HbLMrPvGz69IE1xlQQELwUQqZzlS1qiYiPyu6hNI1sfZRDKKT8GA7 26x+jRD0A3brY7WY9BBsDeZyn6/WRM4bMKTHKjilHH/pO6GoR8Ecm22Mzdfok1Sn ndMjPrKFBtwonLDS56vcT8NpLJJtXwpH94PQavx58wGkINutHRuhIn8ObW0P822d yYjglqyCz+t7MgotI3GO68hrcQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKUeytu8 +WazU3iUugtWTWT6NDj6MB8GA1UdIwQYMBaAFApDFjy+sb95jJzkHBxedKHIg3rG MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBOTVDMS9DQkU2QkM3NDBG MDAxMUVEQTc0NDA2NkFDNEY5QUUwMi9Da01XUEw2eHYzbU1uT1FjSEY1MG9jaURl c1kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0NrTVdQTDZ4djNtTW5PUWNIRjUwb2NpRGVzWS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB OTVDMS9DQkU2QkM3NDBGMDAxMUVEQTc0NDA2NkFDNEY5QUUwMi9Da01XUEw2eHYz bU1uT1FjSEY1MG9jaURlc1kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDiUsVYrpQ+43P5LwAqJkJ30or5umqfNlgMaeFd5T93l5qAzvSIeNbH yn5F1f5jze5iZNqyI9S84h6n4JV4rOMf27adi3JQsuh0api/dYcjF2QB4uFW9vbM clSmYXHpiVJ/XOP43EKHom1XyxGVGXhHNYTv7Fcccsdi4h5ZIEjsE5Cq8L8WUChh +VMpdQ5ERcc4tPVtYeI5KWFppVHZpDbnkfptMxqhKNyNC0zac83qiLwAanor3DQr cYqdeCYuTHVX2h7kYNte/LxZWsoMiijz+MKEU1NM+uDIAG1xcVBHA1xg0C1aP1T/ aajJkTQeCu8cJn71tS+/HcNOymR0ixIK -----END CERTIFICATE-----Generated at Sun Jul 20 07:48:21 2025 by rpki-client