$ rpki-client -vvf rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft File: KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft (raw, json) Hash identifier: 8yiGa3OH0S3fPPsjyk4VKIUNo5fiI1tSDIj+BCVODbE= Subject key identifier: 76:02:9F:1E:AD:3A:2D:27:68:EF:ED:4F:4C:81:C5:23:78:74:7B:C6 Authority key identifier: 2B:13:1A:A1:0D:7E:6B:FE:A3:67:E8:1B:73:D7:FD:B0:AC:01:D6:78 Certificate issuer: /CN=A912F3B6/serialNumber=2B131AA10D7E6BFEA367E81B73D7FDB0AC01D678 Certificate serial: DD Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.cer Subject info access: rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft Manifest number: D7 Signing time: Wed 03 Sep 2025 06:10:19 +0000 Manifest this update: Wed 03 Sep 2025 06:10:18 +0000 Manifest next update: Wed 10 Sep 2025 06:10:18 +0000 Files and hashes: 1: KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.crl (hash: nwwnaVcv8nYEapgpbD1yaKJIyNwZ8InPzTj27I9otfU=) 2: D91E3ADC498E11EF908FD222C4F9AE02.roa (hash: +ehd8KtxPwFaqFNVmOCKeYgOq8q50OL3e4iQXY+Px88=) 3: D9C5B55A498E11EF908FD222C4F9AE02.roa (hash: IYR9mQ1VQUiO08kcI4RHdp/FLN6UHawsT13ESG27pvs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.crl rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 06:10:18 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 221 (0xdd) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A912F3B6, serialNumber=2B131AA10D7E6BFEA367E81B73D7FDB0AC01D678 Validity Not Before: Sep 3 06:10:18 2025 GMT Not After : Sep 10 06:10:18 2025 GMT Subject: CN=68b7dbcb-be39 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:e0:73:af:70:b0:f2:a7:f8:a8:11:0d:ff:01:b2: ca:e1:a6:44:fa:b1:d3:0a:07:00:14:16:08:dd:62: 33:e6:b3:9c:36:06:fb:7f:bc:17:d0:a8:03:86:24: 3b:cd:bf:01:d8:f8:0d:6b:d6:dd:0d:49:f6:5f:d6: 99:33:7a:60:8a:bc:42:73:9b:42:f9:00:e4:db:56: 64:8a:2e:c0:ec:6d:00:1a:e6:34:e9:c9:b4:6a:b4: 68:b7:35:88:b9:04:f2:7e:2b:12:46:05:69:d8:ef: 0b:4f:f8:0c:6e:75:64:88:e9:c2:33:3c:97:6a:cb: 7d:33:fe:03:7a:ed:26:c4:ba:60:03:1c:2f:92:78: 86:0a:1c:bb:19:24:4a:e6:c7:fd:50:0a:80:20:83: dc:9c:a8:2c:2c:2e:bb:8d:f1:fe:e9:a4:28:28:4b: 45:18:5b:2c:1c:4e:fc:25:66:17:52:4a:1d:92:92: ad:57:96:71:a0:e7:ba:21:8a:a9:9b:be:bb:c1:b3: 3f:46:41:6a:dc:0f:25:7e:11:a6:b2:92:f9:b0:7b: 78:80:84:0e:63:8a:ff:ae:27:a6:26:d8:35:9e:fb: 96:41:8e:fc:79:68:c1:37:ba:fb:b8:c0:21:cb:41: 31:69:8d:f7:72:af:0b:5e:58:e3:9b:11:c5:74:e7: 83:25 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 76:02:9F:1E:AD:3A:2D:27:68:EF:ED:4F:4C:81:C5:23:78:74:7B:C6 X509v3 Authority Key Identifier: keyid:2B:13:1A:A1:0D:7E:6B:FE:A3:67:E8:1B:73:D7:FD:B0:AC:01:D6:78 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A912F3B6/50F011C848BA11EFBD45163DC4F9AE02/KxMaoQ1-a_6jZ-gbc9f9sKwB1ng.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 9a:43:ef:62:f7:b6:01:f2:b8:27:2b:90:5c:ee:eb:b5:91:81: e0:65:d3:fb:be:50:a2:8a:32:07:32:6d:a7:e1:a6:b4:ce:81: ec:36:a6:a9:ae:9f:df:88:fc:bd:94:53:2b:d4:00:94:9c:5b: fa:15:2c:3d:bd:13:45:ba:82:3f:4b:0f:39:f0:d8:a1:c9:05: 8b:ca:0c:62:a7:13:26:7f:c9:32:9a:37:80:34:6f:f2:1f:47: c1:82:24:0b:f5:a7:09:d0:96:15:b4:2c:8c:99:b3:2f:76:96: ee:58:56:f9:f7:f8:ed:e5:ed:c5:80:7e:ea:10:63:ce:e9:ed: 62:d6:cf:5a:50:a2:37:fd:0c:fd:ab:8c:2c:96:0d:2c:5d:fc: 7c:fa:1d:4d:7e:b8:37:9c:dd:de:3a:b7:09:11:d6:c2:1e:6c: b5:3b:b5:f7:c4:3b:6d:34:b4:d6:5b:25:ae:e3:72:e6:55:df: 18:d1:1a:fe:85:86:2e:19:ad:4a:98:b3:7c:e8:46:e8:8b:11: a8:fe:5f:de:30:0c:2b:b4:85:07:11:e7:3d:8e:ed:2e:94:93: 39:ac:02:fc:bd:8b:6f:aa:de:11:26:19:d9:c9:6c:73:08:b2: 11:d9:0f:93:82:5a:7d:d6:5c:c1:f0:f6:93:2e:36:c2:03:ca: fb:53:f3:67 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAN0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx MkYzQjYxMTAvBgNVBAUTKDJCMTMxQUExMEQ3RTZCRkVBMzY3RTgxQjczRDdGREIw QUMwMUQ2NzgwHhcNMjUwOTAzMDYxMDE4WhcNMjUwOTEwMDYxMDE4WjAYMRYwFAYD VQQDEw02OGI3ZGJjYi1iZTM5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA4HOvcLDyp/ioEQ3/AbLK4aZE+rHTCgcAFBYI3WIz5rOcNgb7f7wX0KgDhiQ7 zb8B2PgNa9bdDUn2X9aZM3pgirxCc5tC+QDk21Zkii7A7G0AGuY06cm0arRotzWI uQTyfisSRgVp2O8LT/gMbnVkiOnCMzyXast9M/4Deu0mxLpgAxwvkniGChy7GSRK 5sf9UAqAIIPcnKgsLC67jfH+6aQoKEtFGFssHE78JWYXUkodkpKtV5ZxoOe6IYqp m767wbM/RkFq3A8lfhGmspL5sHt4gIQOY4r/riemJtg1nvuWQY78eWjBN7r7uMAh y0ExaY33cq8LXljjmxHFdOeDJQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHYCnx6t Oi0naO/tT0yBxSN4dHvGMB8GA1UdIwQYMBaAFCsTGqENfmv+o2foG3PX/bCsAdZ4 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEyRjNCNi81MEYwMTFDODQ4 QkExMUVGQkQ0NTE2M0RDNEY5QUUwMi9LeE1hb1ExLWFfNmpaLWdiYzlmOXNLd0Ix bmcuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0t4TWFvUTEtYV82alotZ2JjOWY5c0t3QjFuZy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTEy RjNCNi81MEYwMTFDODQ4QkExMUVGQkQ0NTE2M0RDNEY5QUUwMi9LeE1hb1ExLWFf NmpaLWdiYzlmOXNLd0IxbmcubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCaQ+9i97YB8rgnK5Bc7uu1kYHgZdP7vlCiijIHMm2n4aa0zoHsNqap rp/fiPy9lFMr1ACUnFv6FSw9vRNFuoI/Sw858NihyQWLygxipxMmf8kymjeANG/y H0fBgiQL9acJ0JYVtCyMmbMvdpbuWFb59/jt5e3FgH7qEGPO6e1i1s9aUKI3/Qz9 q4wslg0sXfx8+h1Nfrg3nN3eOrcJEdbCHmy1O7X3xDttNLTWWyWu43LmVd8Y0Rr+ hYYuGa1KmLN86EboixGo/l/eMAwrtIUHEec9ju0ulJM5rAL8vYtvqt4RJhnZyWxz CLIR2Q+Tglp91lzB8PaTLjbCA8r7U/Nn -----END CERTIFICATE-----Generated at Thu Sep 4 14:01:35 2025 by rpki-client