$ rpki-client -vvf rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft File: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft (raw, json) Hash identifier: 8sFfUcI2tEOlRa0lfyGCcVrFE8/H6+T42dm+C4H2iyY= Subject key identifier: 7C:EF:0A:25:64:25:26:29:AC:9A:25:A2:13:C9:E5:67:18:2C:B6:83 Authority key identifier: 29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC Certificate issuer: /CN=A9152329/serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Certificate serial: 98 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft Manifest number: 97 Signing time: Wed 03 Sep 2025 07:02:32 +0000 Manifest this update: Wed 03 Sep 2025 07:02:32 +0000 Manifest next update: Wed 10 Sep 2025 07:02:32 +0000 Files and hashes: 1: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl (hash: m4m16f2T3LIBDr4xx5rCGH2MMAaXbls0qj3kYhgA6HM=) 2: 38161248A26911EFBF6D0319C4F9AE02.roa (hash: ask+BZFU8F8z7xA+3YaObHPYrB9zSG3srAnnNSVnzDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 10 Sep 2025 07:02:31 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 152 (0x98) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152329, serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Validity Not Before: Sep 3 07:02:32 2025 GMT Not After : Sep 10 07:02:32 2025 GMT Subject: CN=68b7e808-67b1 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:eb:3f:8c:f7:2a:33:67:31:cd:04:ec:97:6e:0a: aa:58:80:25:cc:58:d1:54:ac:b4:d7:b1:6c:ef:83: 29:12:ed:fb:6a:67:20:40:17:75:9a:79:25:12:e5: ba:6b:92:c1:ed:73:bd:ed:1a:2f:d5:b0:52:ad:fb: e6:e1:4c:8f:70:01:03:d5:59:f7:93:31:cb:aa:98: 91:29:2f:9d:1d:77:8a:69:c1:fa:23:dd:16:c7:59: ec:52:d9:6e:c3:b9:35:1b:cc:7f:e8:de:38:8d:ac: d9:ea:0d:87:62:9a:7f:c6:7d:5d:50:33:0f:d1:55: 02:4e:1b:4f:11:d2:e5:47:21:49:f9:d0:02:32:fb: a3:51:fd:1d:d0:93:d2:e8:54:8e:36:94:56:bb:75: 7d:97:e6:e0:65:d4:f6:e8:29:6c:2c:28:f0:1b:fe: 88:05:53:51:4e:9e:20:e8:6d:6d:37:ca:9c:df:cb: 73:58:ee:76:2e:92:ef:f0:9c:69:83:bf:33:ba:8e: 60:44:56:35:ba:07:48:45:c8:e8:08:2e:f2:85:e6: 9d:90:87:79:d0:57:31:68:4f:13:8b:bf:d7:8e:22: 51:83:de:d6:fa:51:84:cb:2d:f3:67:ad:8a:8f:8b: 15:15:93:99:0e:57:10:04:e1:20:19:b5:36:cf:62: ef:49 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 7C:EF:0A:25:64:25:26:29:AC:9A:25:A2:13:C9:E5:67:18:2C:B6:83 X509v3 Authority Key Identifier: keyid:29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption d0:e6:33:90:2c:90:7b:4f:b0:32:d8:e5:da:d1:d2:90:33:49: bf:9f:08:37:2a:41:d8:fd:ad:78:93:6a:f0:09:09:cd:f2:a0: 12:21:78:b4:0e:ce:99:aa:9a:2e:60:90:8f:d2:39:72:84:83: cf:5f:08:e0:32:f5:72:e4:7d:7e:2c:93:89:5a:ad:b5:be:5b: 3c:a3:bd:cc:40:e5:2f:a1:16:da:b6:91:28:e5:0d:1d:31:da: 61:6c:cd:59:fb:99:dc:7d:23:48:50:5c:28:9a:ba:d2:b7:6c: 1a:a1:11:32:9c:1e:19:08:d4:ae:15:b7:67:c3:ea:68:48:79: 41:a0:41:fd:d6:67:64:d6:78:e8:64:78:53:48:ef:65:c5:1a: c9:81:c2:75:45:36:93:6d:b1:c6:c2:eb:21:bd:ec:84:ab:a8: 58:6d:8a:db:66:46:45:55:b6:e8:b3:bf:24:78:81:24:92:79: 98:63:f3:ea:b9:64:d6:0a:d4:9b:ab:3d:4c:97:14:77:24:96: a6:c2:7e:1f:de:42:92:97:1a:df:83:8e:a9:a5:b4:45:5e:3c: 67:1b:51:6a:31:be:1d:b6:21:c7:4c:50:08:40:7a:11:3d:52: 55:2c:cf:64:7a:64:c9:4d:04:b3:46:37:ce:5a:28:98:3e:65: ba:5c:96:4e -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICAJgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NTIzMjkxMTAvBgNVBAUTKDI5M0FDNjQwNTMwOURFOTQ5NTE2ODdGRTE3Mjk2QURE Q0Q5NTcyRkMwHhcNMjUwOTAzMDcwMjMyWhcNMjUwOTEwMDcwMjMyWjAYMRYwFAYD VQQDEw02OGI3ZTgwOC02N2IxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6z+M9yozZzHNBOyXbgqqWIAlzFjRVKy017Fs74MpEu37amcgQBd1mnklEuW6 a5LB7XO97Rov1bBSrfvm4UyPcAED1Vn3kzHLqpiRKS+dHXeKacH6I90Wx1nsUtlu w7k1G8x/6N44jazZ6g2HYpp/xn1dUDMP0VUCThtPEdLlRyFJ+dACMvujUf0d0JPS 6FSONpRWu3V9l+bgZdT26ClsLCjwG/6IBVNRTp4g6G1tN8qc38tzWO52LpLv8Jxp g78zuo5gRFY1ugdIRcjoCC7yheadkId50FcxaE8Ti7/XjiJRg97W+lGEyy3zZ62K j4sVFZOZDlcQBOEgGbU2z2LvSQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFHzvCiVk JSYprJolohPJ5WcYLLaDMB8GA1UdIwQYMBaAFCk6xkBTCd6UlRaH/hcpat3NlXL8 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1MjMyOS9DN0ZBRDM2OEEy NjgxMUVGOUQ5MTQxMThDNEY5QUUwMi9LVHJHUUZNSjNwU1ZGb2YtRnlscTNjMlZj dncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL0tUckdRRk1KM3BTVkZvZi1GeWxxM2MyVmN2dy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE1 MjMyOS9DN0ZBRDM2OEEyNjgxMUVGOUQ5MTQxMThDNEY5QUUwMi9LVHJHUUZNSjNw U1ZGb2YtRnlscTNjMlZjdncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDQ5jOQLJB7T7Ay2OXa0dKQM0m/nwg3KkHY/a14k2rwCQnN8qASIXi0 Ds6ZqpouYJCP0jlyhIPPXwjgMvVy5H1+LJOJWq21vls8o73MQOUvoRbatpEo5Q0d MdphbM1Z+5ncfSNIUFwomrrSt2waoREynB4ZCNSuFbdnw+poSHlBoEH91mdk1njo ZHhTSO9lxRrJgcJ1RTaTbbHGwushveyEq6hYbYrbZkZFVbbos78keIEkknmYY/Pq uWTWCtSbqz1MlxR3JJamwn4f3kKSlxrfg46ppbRFXjxnG1FqMb4dtiHHTFAIQHoR PVJVLM9kemTJTQSzRjfOWiiYPmW6XJZO -----END CERTIFICATE-----Generated at Thu Sep 4 14:01:35 2025 by rpki-client