$ rpki-client -vvf rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft File: KXr2WH-YpJnreNLMrjYW70KfV1A.mft (raw, json) Hash identifier: 15LKWNoa8/jHVkjRtmBTP/XWyNH9u5wp8+nzvWwOb/8= Subject key identifier: AB:7D:A3:4B:A1:02:5F:FD:83:00:C7:37:65:A8:9B:57:19:83:5A:B9 Authority key identifier: 29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 Certificate issuer: /CN=A91411BC/serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Certificate serial: 134F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft Manifest number: 1347 Signing time: Wed 20 Aug 2025 17:05:32 +0000 Manifest this update: Wed 20 Aug 2025 17:05:32 +0000 Manifest next update: Wed 27 Aug 2025 17:05:32 +0000 Files and hashes: 1: KXr2WH-YpJnreNLMrjYW70KfV1A.crl (hash: VInlHOqSdlLxEgIo4s6H7fX0BgYiWU+ZrGDqPlpNT90=) 2: B4996A22AC3411E88623474BC4F9AE02.roa (hash: Uautv1XlrGIKG3uUq9YoWLtURxeqWmVrl93Jj3fy9ko=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 17:05:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 4943 (0x134f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91411BC, serialNumber=297AF6587F98A499EB78D2CCAE3616EF429F5750 Validity Not Before: Aug 20 17:05:32 2025 GMT Not After : Aug 27 17:05:32 2025 GMT Subject: CN=68a6005c-f8fd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:cd:28:d4:b3:3e:79:2b:e2:09:e5:b7:fc:7b: 8d:a2:4f:4b:0a:e5:a3:ca:d3:4b:b9:77:85:d2:2d: 06:fc:14:e5:78:5e:48:61:56:9e:ec:0f:cc:b8:76: 82:72:05:2b:67:84:81:59:fa:6e:c1:92:03:7a:20: 7f:f9:f1:f4:0b:d2:b9:d5:e3:dc:c8:58:96:7d:2c: d3:3e:0c:a6:84:d2:15:63:3d:43:68:fb:5c:8c:0e: 5c:24:b6:74:6f:af:00:94:0a:20:3c:1c:24:53:3d: bc:b0:a9:81:39:aa:31:96:94:8b:a7:6c:97:f3:5a: 58:4b:20:f2:c5:27:87:2f:3d:01:be:39:b9:b4:49: 07:62:42:90:f3:07:04:6c:f7:7d:2f:36:45:9d:e7: 21:9c:1d:11:36:38:c3:d1:b9:bf:6f:de:62:be:09: ab:57:4e:48:e7:1c:ca:e7:db:97:ae:5d:b1:8d:8d: 79:b1:c3:cf:27:3c:73:55:b5:9f:7c:2e:f1:2b:f1: 74:a1:8c:57:fd:88:69:e9:b0:a1:6a:40:18:b7:b9: cd:da:b1:b3:20:bf:d4:fd:a5:cf:96:39:4a:50:41: 95:ec:46:ef:0b:ea:2f:2f:24:90:fa:ec:30:cc:b4: 81:16:79:fa:ed:e6:9b:2f:60:6e:d6:a7:5e:42:da: a1:0b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: AB:7D:A3:4B:A1:02:5F:FD:83:00:C7:37:65:A8:9B:57:19:83:5A:B9 X509v3 Authority Key Identifier: keyid:29:7A:F6:58:7F:98:A4:99:EB:78:D2:CC:AE:36:16:EF:42:9F:57:50 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KXr2WH-YpJnreNLMrjYW70KfV1A.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91411BC/E3171B02AC3311E8B2069449C4F9AE02/KXr2WH-YpJnreNLMrjYW70KfV1A.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 65:02:7c:5e:91:62:8c:90:39:e7:c8:2a:1d:db:72:39:e9:98: 02:ca:8e:e1:cc:f8:3a:e2:bd:e7:bd:8c:e9:ca:0b:72:b7:d4: e3:4f:92:25:75:22:ec:f4:52:53:72:89:8a:54:66:fc:6e:93: 54:e5:69:c9:cc:ce:68:7f:96:59:99:39:ec:bd:7f:05:f9:3d: e0:23:c5:14:47:b9:be:3e:c9:d7:fc:d4:1e:c3:49:5e:af:08: 95:9b:79:d8:19:dc:40:55:01:f4:b9:55:f0:5a:88:8b:9d:9b: a2:06:5a:08:2b:8e:7c:63:14:9f:43:66:f3:6e:42:90:62:37: 9e:e3:5e:13:2b:d8:f0:60:5f:28:e7:8f:f1:03:54:bd:8b:43: 03:8f:c7:1f:b1:84:f0:f1:0d:76:f8:fa:89:e1:f4:8a:cd:f5: 62:75:2d:32:17:7d:13:6c:e7:d4:09:09:dc:ca:f5:56:40:63: c7:91:c2:35:71:7b:47:8a:f8:cb:1c:ff:38:06:1c:52:64:ca: 9e:0a:89:10:14:a5:37:06:5e:ae:f9:26:df:81:f3:dc:8f:85: 11:9f:b5:f6:66:30:67:49:0b:e2:d9:7a:7a:3c:07:df:02:10: dc:20:fb:28:4c:95:db:b0:0c:da:ae:08:9f:98:f5:ec:23:e5: e0:1c:11:c2 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICE08wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NDExQkMxMTAvBgNVBAUTKDI5N0FGNjU4N0Y5OEE0OTlFQjc4RDJDQ0FFMzYxNkVG NDI5RjU3NTAwHhcNMjUwODIwMTcwNTMyWhcNMjUwODI3MTcwNTMyWjAYMRYwFAYD VQQDEw02OGE2MDA1Yy1mOGZkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0M0o1LM+eSviCeW3/HuNok9LCuWjytNLuXeF0i0G/BTleF5IYVae7A/MuHaC cgUrZ4SBWfpuwZIDeiB/+fH0C9K51ePcyFiWfSzTPgymhNIVYz1DaPtcjA5cJLZ0 b68AlAogPBwkUz28sKmBOaoxlpSLp2yX81pYSyDyxSeHLz0Bvjm5tEkHYkKQ8wcE bPd9LzZFnechnB0RNjjD0bm/b95ivgmrV05I5xzK59uXrl2xjY15scPPJzxzVbWf fC7xK/F0oYxX/Yhp6bChakAYt7nN2rGzIL/U/aXPljlKUEGV7EbvC+ovLySQ+uww zLSBFnn67eabL2Bu1qdeQtqhCwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFKt9o0uh Al/9gwDHN2Wom1cZg1q5MB8GA1UdIwQYMBaAFCl69lh/mKSZ63jSzK42Fu9Cn1dQ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0MTFCQy9FMzE3MUIwMkFD MzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBKbnJlTkxNcmpZVzcwS2ZW MUEuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tYcjJXSC1ZcEpucmVOTE1yallXNzBLZlYxQS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE0 MTFCQy9FMzE3MUIwMkFDMzMxMUU4QjIwNjk0NDlDNEY5QUUwMi9LWHIyV0gtWXBK bnJlTkxNcmpZVzcwS2ZWMUEubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQBlAnxekWKMkDnnyCod23I56ZgCyo7hzPg64r3nvYzpygtyt9TjT5Il dSLs9FJTcomKVGb8bpNU5WnJzM5of5ZZmTnsvX8F+T3gI8UUR7m+PsnX/NQew0le rwiVm3nYGdxAVQH0uVXwWoiLnZuiBloIK458YxSfQ2bzbkKQYjee414TK9jwYF8o 54/xA1S9i0MDj8cfsYTw8Q12+PqJ4fSKzfVidS0yF30TbOfUCQncyvVWQGPHkcI1 cXtHivjLHP84BhxSZMqeCokQFKU3Bl6u+SbfgfPcj4URn7X2ZjBnSQvi2Xp6PAff AhDcIPsoTJXbsAzargifmPXsI+XgHBHC -----END CERTIFICATE-----Generated at Fri Aug 22 16:36:06 2025 by rpki-client