$ rpki-client -vvf rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft File: KiZlwxQeS_P9LwBKrimlmHETod8.mft (raw, json) Hash identifier: LEUpbk3Ot3eY6oEGKKUUh88ZpFVq597j0R+SjZvBeas= Subject key identifier: DC:92:38:A9:BD:92:70:61:0B:F3:B6:9A:CB:1A:79:C3:8B:E3:4F:1E Authority key identifier: 2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF Certificate issuer: /CN=A911972D/serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Certificate serial: 038B Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer Subject info access: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft Manifest number: 0386 Signing time: Wed 11 Jun 2025 00:47:29 +0000 Manifest this update: Wed 11 Jun 2025 00:47:28 +0000 Manifest next update: Wed 18 Jun 2025 00:47:28 +0000 Files and hashes: 1: KiZlwxQeS_P9LwBKrimlmHETod8.crl (hash: +th+JXI7MmsDkjV2bZrX84dUEoXX8pYbtvTX5KTlfA8=) 2: B067CCDCA8C511EC8F560C42C4F9AE02.roa (hash: xmdlJLhBfyeauv2Ft4ug73ckVk3r1dVH2Fa5m4Eb/po=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 18 Jun 2025 00:47:28 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 907 (0x38b) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A911972D, serialNumber=2A2665C3141E4BF3FD2F004AAE29A5987113A1DF Validity Not Before: Jun 11 00:47:28 2025 GMT Not After : Jun 18 00:47:28 2025 GMT Subject: CN=6848d220-a355 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:a3:97:e1:8c:b9:26:cd:78:94:7d:39:4a:d1:e2: 6d:36:3b:ed:62:d5:3f:a8:ed:66:77:6c:32:d4:79: d2:84:00:20:70:d0:4b:40:f0:cb:fa:81:28:12:5b: 71:b6:92:96:60:38:d8:87:a2:da:69:7d:e5:76:9c: 3a:59:72:b8:a2:00:7b:ad:13:b4:3a:5d:5d:5d:eb: 46:e5:f8:e3:9b:7b:9b:f8:a2:85:9e:58:f8:b0:3d: 32:c9:53:17:c0:f2:f7:20:27:03:28:61:ba:38:9e: 32:80:3e:b2:eb:1d:e9:32:4c:19:ff:04:de:a1:c9: 36:64:02:1d:ed:64:b9:0e:c3:9f:d1:11:46:be:01: cf:db:52:f8:45:e7:97:7c:f6:3e:b9:f5:4f:35:03: b6:5c:e7:d5:dc:05:6f:64:85:54:d6:fe:fd:dd:1d: e5:ef:5b:b5:81:6a:7b:98:7b:3a:5f:53:e6:7f:e4: ba:e1:e1:59:dd:f7:0d:e1:73:36:04:df:00:ce:a4: b0:2e:5f:be:59:b4:e1:d4:e7:09:6f:03:05:ad:74: 86:ef:bc:f5:e0:0a:04:7f:d0:72:6a:fd:29:73:a5: 6e:d7:15:94:72:51:84:3d:8f:b8:56:10:37:3a:3c: 59:02:43:8f:8b:93:62:df:06:79:a8:37:e1:c9:76: e6:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DC:92:38:A9:BD:92:70:61:0B:F3:B6:9A:CB:1A:79:C3:8B:E3:4F:1E X509v3 Authority Key Identifier: keyid:2A:26:65:C3:14:1E:4B:F3:FD:2F:00:4A:AE:29:A5:98:71:13:A1:DF X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KiZlwxQeS_P9LwBKrimlmHETod8.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A911972D/99EE950CA68211ECB4E3EC3AC4F9AE02/KiZlwxQeS_P9LwBKrimlmHETod8.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 64:2d:83:51:85:e0:26:0d:86:2d:89:c2:16:41:a0:bd:ae:52: 10:dd:e4:cb:3f:12:4d:03:3b:00:c2:49:3e:1a:19:85:03:08: 4f:7b:28:cf:31:53:51:81:5f:72:e9:2e:e5:f2:90:df:c9:98: dc:ba:dc:d8:3e:ab:11:d6:fe:78:5d:7a:e6:15:4c:e8:80:80: dc:88:ac:11:ae:fd:71:af:22:ed:30:1d:f8:6d:bd:94:bd:8c: a8:3c:db:dd:15:8a:96:1d:18:d8:8f:54:02:f4:b7:56:e9:29: 4d:55:aa:ec:3b:7d:eb:8b:a2:2a:6e:50:dc:3e:26:c9:60:77: f2:63:c5:33:1a:bd:43:e0:74:92:4f:d3:d1:9b:78:49:13:e5: 1f:dd:f5:c3:2b:dd:6b:c2:60:db:e9:96:58:91:15:3d:4c:ae: 04:43:0c:ed:7a:d0:bf:19:bb:fc:52:89:36:19:6d:1d:e7:c8: e2:8c:19:38:f7:28:9c:cd:3c:09:8d:13:d6:77:9a:89:e8:52: e2:8d:70:d0:fb:2a:a6:44:44:54:1f:a2:7d:65:62:de:4f:a2: 2f:55:22:c0:62:cb:95:34:7f:a3:c3:9e:c7:80:86:47:c6:e2: 72:85:2d:8e:f6:2b:e8:f1:b6:79:6d:1e:ff:a9:10:0c:67:d9: 5c:40:43:aa -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA4swDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MTk3MkQxMTAvBgNVBAUTKDJBMjY2NUMzMTQxRTRCRjNGRDJGMDA0QUFFMjlBNTk4 NzExM0ExREYwHhcNMjUwNjExMDA0NzI4WhcNMjUwNjE4MDA0NzI4WjAYMRYwFAYD VQQDEw02ODQ4ZDIyMC1hMzU1MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAo5fhjLkmzXiUfTlK0eJtNjvtYtU/qO1md2wy1HnShAAgcNBLQPDL+oEoEltx tpKWYDjYh6LaaX3ldpw6WXK4ogB7rRO0Ol1dXetG5fjjm3ub+KKFnlj4sD0yyVMX wPL3ICcDKGG6OJ4ygD6y6x3pMkwZ/wTeock2ZAId7WS5DsOf0RFGvgHP21L4ReeX fPY+ufVPNQO2XOfV3AVvZIVU1v793R3l71u1gWp7mHs6X1Pmf+S64eFZ3fcN4XM2 BN8AzqSwLl++WbTh1OcJbwMFrXSG77z14AoEf9Byav0pc6Vu1xWUclGEPY+4VhA3 OjxZAkOPi5Ni3wZ5qDfhyXbm9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNySOKm9 knBhC/O2mssaecOL408eMB8GA1UdIwQYMBaAFComZcMUHkvz/S8ASq4ppZhxE6Hf MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTExOTcyRC85OUVFOTUwQ0E2 ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNfUDlMd0JLcmltbG1IRVRv ZDguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tpWmx3eFFlU19QOUx3QktyaW1sbUhFVG9kOC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEx OTcyRC85OUVFOTUwQ0E2ODIxMUVDQjRFM0VDM0FDNEY5QUUwMi9LaVpsd3hRZVNf UDlMd0JLcmltbG1IRVRvZDgubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBkLYNRheAmDYYticIWQaC9rlIQ3eTLPxJNAzsAwkk+GhmFAwhPeyjP MVNRgV9y6S7l8pDfyZjcutzYPqsR1v54XXrmFUzogIDciKwRrv1xryLtMB34bb2U vYyoPNvdFYqWHRjYj1QC9LdW6SlNVarsO33ri6IqblDcPibJYHfyY8UzGr1D4HSS T9PRm3hJE+Uf3fXDK91rwmDb6ZZYkRU9TK4EQwztetC/Gbv8Uok2GW0d58jijBk4 9yiczTwJjRPWd5qJ6FLijXDQ+yqmRERUH6J9ZWLeT6IvVSLAYsuVNH+jw57HgIZH xuJyhS2O9ivo8bZ5bR7/qRAMZ9lcQEOq -----END CERTIFICATE-----Generated at Wed Jun 11 08:08:29 2025 by rpki-client