$ rpki-client -vvf rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft File: KQN7v5LysPTDMKHN1KdiVs16VCI.mft (raw, json) Hash identifier: FstrdmpJNigDrRahBedrZcthpXOdejwtjap6nWa1ohc= Subject key identifier: 5D:75:22:E8:C9:ED:9E:BE:DE:5C:9B:E7:94:55:4F:D2:56:28:AB:4B Authority key identifier: 29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 Certificate issuer: /CN=A91E9B89/serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Certificate serial: A4 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft Manifest number: A3 Signing time: Sat 19 Jul 2025 06:27:20 +0000 Manifest this update: Sat 19 Jul 2025 06:27:19 +0000 Manifest next update: Sat 26 Jul 2025 06:27:19 +0000 Files and hashes: 1: KQN7v5LysPTDMKHN1KdiVs16VCI.crl (hash: hmvDvKL7ekG1E4AgivQszkB3ghKS2MaDbvj5WqnDgN4=) 2: 2025BD6C6C3311EF99E0EF34C4F9AE02.roa (hash: v8gSdO2Oyevi0udRA9oSIzZPAk2F5XphTGY0llKdCYI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sat 26 Jul 2025 06:27:19 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 164 (0xa4) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91E9B89, serialNumber=29037BBF92F2B0F4C330A1CDD4A76256CD7A5422 Validity Not Before: Jul 19 06:27:19 2025 GMT Not After : Jul 26 06:27:19 2025 GMT Subject: CN=687b3ac8-8177 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:3a:28:d8:97:f3:2f:ca:9f:0a:f2:26:d6:91: 87:f8:e4:68:f3:7d:84:8d:30:ac:35:08:13:79:4d: 19:75:46:33:18:35:2d:97:4b:c7:77:6d:b4:12:99: 32:4a:1e:2e:7c:0f:24:f0:90:a9:e7:86:13:45:3a: b8:e7:44:10:09:84:02:3c:06:88:f9:4b:5c:77:3b: ab:84:c7:6f:ff:b1:74:3a:08:e3:01:31:05:e1:8a: d6:b1:8c:fd:37:6b:02:90:ea:aa:0e:9c:e6:81:cf: 34:b9:45:25:54:70:55:ff:40:bd:a1:b9:df:4d:3d: 6e:47:7f:91:f1:55:e6:51:5d:83:4a:2b:31:aa:7a: a8:35:c3:02:bd:a0:32:38:08:d7:63:91:23:e9:ed: 66:57:4f:94:5a:97:a1:9c:10:b7:ae:ed:18:2f:0f: 07:00:42:d6:ca:df:60:19:e9:f8:43:f0:64:58:4b: ec:1e:5b:54:4b:bf:58:4e:02:dd:1f:35:04:d0:b8: 04:c5:67:7f:8a:58:81:85:4d:93:09:0c:2c:83:44: f6:c1:92:91:95:76:f5:3e:69:b0:24:a4:a2:d8:e5: 7f:5b:43:91:3a:0c:8a:b1:91:13:5e:63:37:4c:c1: 92:35:50:2a:c6:fc:92:0e:ba:97:5b:0e:09:ba:0a: e7:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 5D:75:22:E8:C9:ED:9E:BE:DE:5C:9B:E7:94:55:4F:D2:56:28:AB:4B X509v3 Authority Key Identifier: keyid:29:03:7B:BF:92:F2:B0:F4:C3:30:A1:CD:D4:A7:62:56:CD:7A:54:22 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQN7v5LysPTDMKHN1KdiVs16VCI.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91E9B89/4367C20E6C1811EFAB6B690CC4F9AE02/KQN7v5LysPTDMKHN1KdiVs16VCI.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 77:f6:ad:6d:f2:9b:65:9e:48:a9:fa:d8:be:17:df:17:cb:ed: c1:84:f9:28:34:42:b3:ca:a6:8f:6b:02:36:91:56:49:df:71: 3f:86:a9:8b:89:ea:f6:04:95:da:d2:b0:7b:5a:1f:cc:6f:e7: 0a:bc:4f:3e:12:e3:ca:a5:c5:10:85:a2:45:b8:b1:e4:3e:d3: 0c:66:5c:89:7e:4e:b4:02:1d:bc:97:d0:03:74:38:9e:1f:32: 51:fb:94:8c:83:e1:7e:1a:1e:b1:46:34:e7:fa:c6:32:79:73: 6f:5a:79:a7:36:bb:83:a3:dc:b4:e5:23:f7:fe:2d:9a:7b:6b: 32:e4:23:34:68:df:55:d1:4d:50:e3:82:ab:80:ea:a3:64:27: c5:f2:2e:c6:38:e2:10:14:9e:70:66:e7:db:15:66:c7:77:58: 2c:a4:76:cc:28:d7:29:3c:c0:8c:a7:a4:7d:41:04:43:f3:e0: e7:1c:00:76:b8:fa:8b:2b:3c:e3:46:62:7f:ee:f5:0a:6a:02: 7f:79:e8:e5:c1:7e:39:b6:2f:d2:19:09:6d:1d:1e:b8:a4:0c: e9:80:2f:87:73:01:f3:71:a4:19:b4:ce:a5:b4:d2:c3:ea:5d: cb:18:1d:9d:ce:ae:be:21:5e:ee:7b:61:f4:9c:6c:5c:02:f6: 7e:a9:91:76 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAKQwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx RTlCODkxMTAvBgNVBAUTKDI5MDM3QkJGOTJGMkIwRjRDMzMwQTFDREQ0QTc2MjU2 Q0Q3QTU0MjIwHhcNMjUwNzE5MDYyNzE5WhcNMjUwNzI2MDYyNzE5WjAYMRYwFAYD VQQDEw02ODdiM2FjOC04MTc3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtToo2JfzL8qfCvIm1pGH+ORo832EjTCsNQgTeU0ZdUYzGDUtl0vHd220Epky Sh4ufA8k8JCp54YTRTq450QQCYQCPAaI+UtcdzurhMdv/7F0OgjjATEF4YrWsYz9 N2sCkOqqDpzmgc80uUUlVHBV/0C9obnfTT1uR3+R8VXmUV2DSisxqnqoNcMCvaAy OAjXY5Ej6e1mV0+UWpehnBC3ru0YLw8HAELWyt9gGen4Q/BkWEvsHltUS79YTgLd HzUE0LgExWd/iliBhU2TCQwsg0T2wZKRlXb1PmmwJKSi2OV/W0OROgyKsZETXmM3 TMGSNVAqxvySDrqXWw4JugrnXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFF11IujJ 7Z6+3lyb55RVT9JWKKtLMB8GA1UdIwQYMBaAFCkDe7+S8rD0wzChzdSnYlbNelQi MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFFOUI4OS80MzY3QzIwRTZD MTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQVERNS0hOMUtkaVZzMTZW Q0kuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tRTjd2NUx5c1BURE1LSE4xS2RpVnMxNlZDSS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFF OUI4OS80MzY3QzIwRTZDMTgxMUVGQUI2QjY5MENDNEY5QUUwMi9LUU43djVMeXNQ VERNS0hOMUtkaVZzMTZWQ0kubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQB39q1t8ptlnkip+ti+F98Xy+3BhPkoNEKzyqaPawI2kVZJ33E/hqmL ier2BJXa0rB7Wh/Mb+cKvE8+EuPKpcUQhaJFuLHkPtMMZlyJfk60Ah28l9ADdDie HzJR+5SMg+F+Gh6xRjTn+sYyeXNvWnmnNruDo9y05SP3/i2ae2sy5CM0aN9V0U1Q 44KrgOqjZCfF8i7GOOIQFJ5wZufbFWbHd1gspHbMKNcpPMCMp6R9QQRD8+DnHAB2 uPqLKzzjRmJ/7vUKagJ/eejlwX45ti/SGQltHR64pAzpgC+HcwHzcaQZtM6ltNLD 6l3LGB2dzq6+IV7ue2H0nGxcAvZ+qZF2 -----END CERTIFICATE-----Generated at Sun Jul 20 11:30:24 2025 by rpki-client