$ rpki-client -vvf rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft File: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft (raw, json) Hash identifier: urg7kYgVCGocP8uYFgZ37tSukwehtzWfjQYR40TnUFI= Subject key identifier: D4:30:48:53:DA:FF:73:73:84:B3:07:2E:77:09:38:24:C5:CC:52:26 Authority key identifier: 29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC Certificate issuer: /CN=A9152329/serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Certificate serial: 69 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft Manifest number: 68 Signing time: Tue 03 Jun 2025 06:47:45 +0000 Manifest this update: Tue 03 Jun 2025 06:47:45 +0000 Manifest next update: Tue 10 Jun 2025 06:47:45 +0000 Files and hashes: 1: KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl (hash: uVP13Skc5/tMcMMWuMdq2mjcGMCvbaYYWLcGiF+eWBM=) 2: 38161248A26911EFBF6D0319C4F9AE02.roa (hash: ask+BZFU8F8z7xA+3YaObHPYrB9zSG3srAnnNSVnzDc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Tue 10 Jun 2025 06:47:44 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 105 (0x69) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A9152329, serialNumber=293AC6405309DE94951687FE17296ADDCD9572FC Validity Not Before: Jun 3 06:47:45 2025 GMT Not After : Jun 10 06:47:45 2025 GMT Subject: CN=683e9a91-3dff Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:bc:02:87:0e:7c:df:8e:d4:ad:e2:0a:77:78:26: 1b:ae:5d:ba:9a:dc:55:01:41:f1:80:b3:73:7d:14: 05:cd:d2:a6:cf:06:ec:00:56:44:be:ec:a6:a1:31: 40:8d:b5:09:c7:60:93:e1:77:d6:99:58:f5:b6:87: 1c:ab:67:91:ec:aa:07:78:69:06:f2:02:0c:88:ba: 06:04:f5:cc:0d:e5:6d:f2:37:89:18:30:6b:48:26: ea:b5:36:7e:63:5a:15:30:e0:d5:18:33:7f:f9:da: 7d:02:fd:97:bf:e4:4b:56:ec:06:78:bc:43:76:5a: ed:f9:d3:9a:2f:ed:52:64:b3:90:03:b5:c4:69:a0: 10:e1:85:dd:ea:a7:bc:7b:c0:0a:74:f0:91:a8:04: e8:c5:bc:86:ba:46:6a:84:28:c6:9f:f2:b2:19:7a: 89:89:fb:70:03:f7:cc:bc:c5:22:da:1f:a2:93:9e: 71:6c:78:c1:45:48:c3:ef:85:1a:6f:df:9d:36:ac: fc:72:76:b7:1c:44:d0:54:00:b2:b1:8a:83:39:6b: 87:db:f7:8a:59:ec:a4:6a:81:d3:b2:c3:db:fb:dc: 78:de:69:61:68:49:01:41:fa:e1:cd:3d:ce:ab:99: 6e:da:39:7f:fd:d2:fa:19:9f:e5:31:a4:71:7b:c9: 7e:31 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D4:30:48:53:DA:FF:73:73:84:B3:07:2E:77:09:38:24:C5:CC:52:26 X509v3 Authority Key Identifier: keyid:29:3A:C6:40:53:09:DE:94:95:16:87:FE:17:29:6A:DD:CD:95:72:FC X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A9152329/C7FAD368A26811EF9D914118C4F9AE02/KTrGQFMJ3pSVFof-Fylq3c2Vcvw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 33:32:30:69:ad:19:34:49:95:c2:54:4b:4e:50:46:4d:f2:59: 81:85:76:7f:38:73:0c:e3:3e:2e:ca:fc:e9:f5:b4:9d:e5:ee: e8:ac:c3:af:1e:66:16:fd:1f:2d:78:9f:10:9b:5a:46:66:78: 1c:04:f4:72:73:9f:a0:5e:e6:52:18:c8:3c:a9:7f:8e:42:00: cf:0c:51:51:2b:ae:86:29:88:33:90:d5:37:0b:07:b9:91:38: a7:e6:43:6a:4c:c3:39:8b:cd:39:f4:5f:2f:c8:a9:60:de:eb: c5:5d:25:fc:f6:72:19:fb:dd:1b:42:15:5e:d5:93:8d:68:74: 52:e6:6e:3b:e1:6f:d3:fc:90:c9:21:9a:c3:42:e7:1d:84:19: cc:51:ef:4b:5c:d5:33:77:c6:2e:a5:4f:88:e6:c2:89:30:6e: 8b:2e:f7:73:1c:ac:71:ac:93:1d:c9:f7:23:22:ec:92:58:9b: bb:62:95:72:c7:c2:2f:cb:92:b2:ec:81:64:ca:67:35:52:f7: 0b:3b:c3:0b:82:bb:7c:6e:09:83:ff:2c:5f:d1:6f:9b:92:f5: ed:44:de:54:8f:37:cb:1b:79:ce:59:a4:fd:5f:0d:f3:1d:a7: 13:1c:8a:61:80:e8:92:c7:b8:02:27:36:7a:ae:55:8a:24:f0: d6:06:bb:56 -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBaTANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE1 MjMyOTExMC8GA1UEBRMoMjkzQUM2NDA1MzA5REU5NDk1MTY4N0ZFMTcyOTZBRERD RDk1NzJGQzAeFw0yNTA2MDMwNjQ3NDVaFw0yNTA2MTAwNjQ3NDVaMBgxFjAUBgNV BAMTDTY4M2U5YTkxLTNkZmYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQC8AocOfN+O1K3iCnd4JhuuXbqa3FUBQfGAs3N9FAXN0qbPBuwAVkS+7KahMUCN tQnHYJPhd9aZWPW2hxyrZ5Hsqgd4aQbyAgyIugYE9cwN5W3yN4kYMGtIJuq1Nn5j WhUw4NUYM3/52n0C/Ze/5EtW7AZ4vEN2Wu3505ov7VJks5ADtcRpoBDhhd3qp7x7 wAp08JGoBOjFvIa6RmqEKMaf8rIZeomJ+3AD98y8xSLaH6KTnnFseMFFSMPvhRpv 3502rPxydrccRNBUALKxioM5a4fb94pZ7KRqgdOyw9v73HjeaWFoSQFB+uHNPc6r mW7aOX/90voZn+UxpHF7yX4xAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQU1DBIU9r/ c3OEswcudwk4JMXMUiYwHwYDVR0jBBgwFoAUKTrGQFMJ3pSVFof+Fylq3c2Vcvww DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUyMzI5L0M3RkFEMzY4QTI2 ODExRUY5RDkxNDExOEM0RjlBRTAyL0tUckdRRk1KM3BTVkZvZi1GeWxxM2MyVmN2 dy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjNBMjRGMjAxRDY2MTFFMjhBQzg4MzdDNzJG RDFGRjIvS1RyR1FGTUozcFNWRm9mLUZ5bHEzYzJWY3Z3LmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTUy MzI5L0M3RkFEMzY4QTI2ODExRUY5RDkxNDExOEM0RjlBRTAyL0tUckdRRk1KM3BT VkZvZi1GeWxxM2MyVmN2dy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBADMyMGmtGTRJlcJUS05QRk3yWYGFdn84cwzjPi7K/On1tJ3l7uisw68e Zhb9Hy14nxCbWkZmeBwE9HJzn6Be5lIYyDypf45CAM8MUVErroYpiDOQ1TcLB7mR OKfmQ2pMwzmLzTn0Xy/IqWDe68VdJfz2chn73RtCFV7Vk41odFLmbjvhb9P8kMkh msNC5x2EGcxR70tc1TN3xi6lT4jmwokwbosu93McrHGskx3J9yMi7JJYm7tilXLH wi/LkrLsgWTKZzVS9ws7wwuCu3xuCYP/LF/Rb5uS9e1E3lSPN8sbec5ZpP1fDfMd pxMcimGA6JLHuAInNnquVYok8NYGu1Y= -----END CERTIFICATE-----Generated at Tue Jun 3 23:56:13 2025 by rpki-client