$ rpki-client -vvf rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft File: KcmzN9Z7DxREgXmLTVsNc9eIrys.mft (raw, json) Hash identifier: Ni8CkMZ8ohr9FwjMgLz0gQPuZipos3SQ4jvdu+rl+2U= Subject key identifier: 00:AF:F0:38:37:D6:D4:43:77:34:5B:40:9F:4C:61:82:ED:4A:E2:16 Authority key identifier: 29:C9:B3:37:D6:7B:0F:14:44:81:79:8B:4D:5B:0D:73:D7:88:AF:2B Certificate issuer: /CN=A91608B2/serialNumber=29C9B337D67B0F144481798B4D5B0D73D788AF2B Certificate serial: 27 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KcmzN9Z7DxREgXmLTVsNc9eIrys.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft Manifest number: 26 Signing time: Thu 21 Aug 2025 08:02:08 +0000 Manifest this update: Thu 21 Aug 2025 08:02:07 +0000 Manifest next update: Thu 28 Aug 2025 08:02:07 +0000 Files and hashes: 1: KcmzN9Z7DxREgXmLTVsNc9eIrys.crl (hash: nTBo56Rq5mlhclY90SMWjk6ovr0YHzvqrqJXW+NQ0YU=) 2: 13B4125A4A5311F08B06EF0FC4F9AE02.roa (hash: JRzGJdFSse2irDcL+W7kuHv+w+d8AeO+g8YTYnBtHyU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.crl rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KcmzN9Z7DxREgXmLTVsNc9eIrys.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 28 Aug 2025 08:02:07 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 39 (0x27) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91608B2, serialNumber=29C9B337D67B0F144481798B4D5B0D73D788AF2B Validity Not Before: Aug 21 08:02:07 2025 GMT Not After : Aug 28 08:02:07 2025 GMT Subject: CN=68a6d280-2a06 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:da:cc:bd:7d:33:39:77:f5:b2:35:32:17:6d:d2: 05:5f:e0:f3:34:9e:f0:1f:6c:12:86:7d:6b:08:cd: 9f:46:d4:a3:24:ab:13:31:23:f1:c8:5e:b7:6c:e3: 56:70:ad:44:2f:e8:d4:bb:3d:35:ad:a8:ca:a5:39: d3:fe:98:4e:dc:69:14:5c:91:68:f8:c5:8c:44:60: 76:e3:d4:97:ab:5a:c3:09:0e:c4:bd:db:20:e3:c6: 07:5e:43:12:41:ca:47:ed:0d:9a:88:9d:c2:27:7f: f4:e9:7e:91:5a:02:8a:d3:96:d0:cb:ec:31:67:05: cc:b2:d5:3f:5b:ac:c8:d0:0c:c5:b9:16:0e:cf:ad: 64:db:a9:c6:61:90:da:8b:e7:f2:9c:48:2b:82:3a: ac:e1:72:1d:24:0a:45:61:47:56:29:9c:87:83:c6: 66:ed:8c:97:1a:68:ab:b1:91:74:19:f9:45:9f:6e: 28:07:90:8d:ab:82:86:0d:a5:d6:94:17:fb:05:f1: 49:43:78:a4:31:38:d5:15:21:56:0c:a3:f2:2c:98: d8:46:09:01:49:45:48:f1:a8:bd:d8:8a:1b:fc:fd: 6d:fb:36:e7:6b:47:0c:44:fc:5d:f4:d1:d6:12:39: c8:60:9c:db:ca:86:8b:21:16:a4:0b:84:fb:6f:61: 6d:e5 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 00:AF:F0:38:37:D6:D4:43:77:34:5B:40:9F:4C:61:82:ED:4A:E2:16 X509v3 Authority Key Identifier: keyid:29:C9:B3:37:D6:7B:0F:14:44:81:79:8B:4D:5B:0D:73:D7:88:AF:2B X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KcmzN9Z7DxREgXmLTVsNc9eIrys.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91608B2/C95A49AE4A5211F0989D700FC4F9AE02/KcmzN9Z7DxREgXmLTVsNc9eIrys.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1a:c5:3b:67:b8:a4:b1:a3:6f:45:cc:59:6b:05:7e:1f:31:37: 45:b0:03:40:8f:b8:4e:7f:e9:f1:d1:40:09:7d:4b:03:cb:80: 72:ba:82:48:85:9c:95:72:d5:0c:f3:94:43:d8:86:b6:49:16: 27:fb:28:dd:f6:25:e4:96:79:57:b6:f9:24:22:0e:b2:f3:49: 68:fd:30:01:88:b4:d3:38:c4:d2:d1:b4:37:5a:2c:c8:36:ac: fd:af:2d:08:1a:68:f7:89:0b:ab:05:7b:2c:62:07:0e:44:41: 84:ae:ed:aa:5d:05:53:62:45:1e:59:be:da:54:e1:f2:1b:86: 2d:6e:61:87:46:40:b9:51:71:15:af:7a:34:94:d5:e1:50:99: b6:69:c5:0d:f2:71:ce:c8:11:65:5f:d3:6f:81:5f:ba:b5:46: f8:ec:82:dc:b4:36:7f:dd:3a:27:bf:e0:7b:8c:02:87:67:b5: 45:78:c6:42:68:f1:38:15:c3:86:04:fe:8f:61:c8:25:2a:94: bc:9b:72:53:d5:d6:f3:83:7c:bd:00:ef:0f:73:97:d9:ca:3c: 2f:2e:77:b8:69:40:d3:62:fd:89:da:a1:08:9e:fc:01:8a:e4: e0:6d:6d:22:b7:8e:39:c7:6c:fa:c5:b3:47:bb:81:9d:07:ea: 44:dd:77:ec -----BEGIN CERTIFICATE----- MIIFgzCCBGugAwIBAgIBJzANBgkqhkiG9w0BAQsFADBGMREwDwYDVQQDEwhBOTE2 MDhCMjExMC8GA1UEBRMoMjlDOUIzMzdENjdCMEYxNDQ0ODE3OThCNEQ1QjBENzNE Nzg4QUYyQjAeFw0yNTA4MjEwODAyMDdaFw0yNTA4MjgwODAyMDdaMBgxFjAUBgNV BAMTDTY4YTZkMjgwLTJhMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIB AQDazL19Mzl39bI1Mhdt0gVf4PM0nvAfbBKGfWsIzZ9G1KMkqxMxI/HIXrds41Zw rUQv6NS7PTWtqMqlOdP+mE7caRRckWj4xYxEYHbj1JerWsMJDsS92yDjxgdeQxJB ykftDZqIncInf/TpfpFaAorTltDL7DFnBcyy1T9brMjQDMW5Fg7PrWTbqcZhkNqL 5/KcSCuCOqzhch0kCkVhR1YpnIeDxmbtjJcaaKuxkXQZ+UWfbigHkI2rgoYNpdaU F/sF8UlDeKQxONUVIVYMo/IsmNhGCQFJRUjxqL3Yihv8/W37NudrRwxE/F300dYS OchgnNvKhoshFqQLhPtvYW3lAgMBAAGjggKoMIICpDAdBgNVHQ4EFgQUAK/wODfW 1EN3NFtAn0xhgu1K4hYwHwYDVR0jBBgwFoAUKcmzN9Z7DxREgXmLTVsNc9eIrysw DgYDVR0PAQH/BAQDAgeAMIGDBgNVHR8EfDB6MHigdqB0hnJyc3luYzovL3Jwa2ku YXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYwOEIyL0M5NUE0OUFFNEE1 MjExRjA5ODlENzAwRkM0RjlBRTAyL0tjbXpOOVo3RHhSRWdYbUxUVnNOYzllSXJ5 cy5jcmwwfgYIKwYBBQUHAQEEcjBwMG4GCCsGAQUFBzAChmJyc3luYzovL3Jwa2ku YXBuaWMubmV0L3JlcG9zaXRvcnkvQjUyN0VGNTgxRDY2MTFFMkJCNDY4RjdDNzJG RDFGRjIvS2Ntek45WjdEeFJFZ1htTFRWc05jOWVJcnlzLmNlcjBKBgNVHSABAf8E QDA+MDwGCCsGAQUFBw4CMDAwLgYIKwYBBQUHAgEWImh0dHBzOi8vd3d3LmFwbmlj Lm5ldC9SUEtJL0NQUy5wZGYwgcUGCCsGAQUFBwELBIG4MIG1MH4GCCsGAQUFBzAL hnJyc3luYzovL3Jwa2kuYXBuaWMubmV0L21lbWJlcl9yZXBvc2l0b3J5L0E5MTYw OEIyL0M5NUE0OUFFNEE1MjExRjA5ODlENzAwRkM0RjlBRTAyL0tjbXpOOVo3RHhS RWdYbUxUVnNOYzllSXJ5cy5tZnQwMwYIKwYBBQUHMA2GJ2h0dHBzOi8vcnJkcC5h cG5pYy5uZXQvbm90aWZpY2F0aW9uLnhtbDAVBggrBgEFBQcBCAEB/wQGMASgAgUA MCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAwDQYJKoZIhvcNAQEL BQADggEBABrFO2e4pLGjb0XMWWsFfh8xN0WwA0CPuE5/6fHRQAl9SwPLgHK6gkiF nJVy1QzzlEPYhrZJFif7KN32JeSWeVe2+SQiDrLzSWj9MAGItNM4xNLRtDdaLMg2 rP2vLQgaaPeJC6sFeyxiBw5EQYSu7apdBVNiRR5ZvtpU4fIbhi1uYYdGQLlRcRWv ejSU1eFQmbZpxQ3ycc7IEWVf02+BX7q1Rvjsgty0Nn/dOie/4HuMAodntUV4xkJo 8TgVw4YE/o9hyCUqlLybclPV1vODfL0A7w9zl9nKPC8ud7hpQNNi/YnaoQie/AGK 5OBtbSK3jjnHbPrFs0e7gZ0H6kTdd+w= -----END CERTIFICATE-----Generated at Fri Aug 22 16:16:44 2025 by rpki-client