$ rpki-client -vvf rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft File: _-KgNynzLTIiepnJJRWMgspUuVc.mft (raw, json) Hash identifier: ESfl3SMQ9pnS/8Idc7csKJPRJ8hnUkSeuGib4soTXUo= Subject key identifier: 67:9A:21:12:44:91:72:62:6F:73:9B:11:4C:20:22:BF:79:76:50:D0 Authority key identifier: FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 Certificate issuer: /CN=A917225D/serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Certificate serial: 34CF Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer Subject info access: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft Manifest number: 34BE Signing time: Thu 31 Jul 2025 14:23:55 +0000 Manifest this update: Thu 31 Jul 2025 14:23:54 +0000 Manifest next update: Thu 07 Aug 2025 14:23:54 +0000 Files and hashes: 1: _-KgNynzLTIiepnJJRWMgspUuVc.crl (hash: QBgSRnUkoNCpp+5m+b7bSq53HnPEBa3KHceGC7NC1so=) 2: A0121BD4871711EA924C6626C4F9AE02.roa (hash: nOTO05trzCD6uEEv4FInP/xVHgXMSyk7YCzU2yFeaPI=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Thu 07 Aug 2025 14:23:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 13519 (0x34cf) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A917225D, serialNumber=FFE2A03729F32D32227A99C925158C82CA54B957 Validity Not Before: Jul 31 14:23:54 2025 GMT Not After : Aug 7 14:23:54 2025 GMT Subject: CN=688b7c7b-61f8 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:c2:5f:a9:18:b3:e6:6f:06:a5:e5:f6:dd:0a:de: c1:1d:95:00:26:3d:f9:16:7b:35:98:21:4d:98:76: 26:18:ec:3d:68:e2:b8:ae:fa:f7:e3:c4:75:2f:ef: 5f:8a:44:2e:8b:b1:0f:b0:61:78:df:cd:2b:7a:0c: 36:18:f3:5f:87:98:dd:74:73:d7:49:a3:4f:48:0d: db:9a:3f:d1:a5:6a:6a:56:03:16:31:6e:00:5b:2e: 04:13:dc:4c:5d:52:15:69:bc:6f:07:95:87:2d:c0: 28:a9:1e:04:53:4d:4b:ff:0f:50:a1:ca:cd:90:b2: 93:11:3d:d5:84:8b:d0:47:9c:64:f3:23:8a:31:75: 59:b6:61:bd:91:38:90:6a:5d:90:dd:0f:f9:70:2f: 0a:19:7e:00:de:68:13:bd:91:d3:4c:85:14:4f:8d: 9d:0c:d8:14:e9:c9:31:20:05:29:d7:8e:65:80:0a: 5b:86:c8:b6:31:f2:c2:c0:db:d6:06:5d:91:cf:ae: 42:58:a8:4a:cd:89:1e:cf:8b:6c:1e:a6:a9:a9:af: 41:12:25:32:da:a4:50:f0:9e:8b:be:94:4f:97:b8: cb:33:ad:0c:da:bb:b4:19:5d:b6:a9:fe:4d:14:a9: 84:22:0d:f8:c6:3c:8c:2d:97:4c:94:1f:87:69:9f: 24:5d Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 67:9A:21:12:44:91:72:62:6F:73:9B:11:4C:20:22:BF:79:76:50:D0 X509v3 Authority Key Identifier: keyid:FF:E2:A0:37:29:F3:2D:32:22:7A:99:C9:25:15:8C:82:CA:54:B9:57 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/_-KgNynzLTIiepnJJRWMgspUuVc.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A917225D/1F5508301D8411E2917BD0D908B02CD2/_-KgNynzLTIiepnJJRWMgspUuVc.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption c5:e9:8d:8e:60:fc:8e:d4:b2:8d:5f:df:f4:e8:3a:48:d1:aa: 5b:8f:6d:bf:b5:77:ea:df:1c:83:aa:b5:7d:17:eb:fa:98:7c: cb:ef:f0:cc:b7:40:67:32:f2:49:35:84:09:31:f1:d9:21:bf: 47:04:6b:22:91:60:d0:1e:70:fb:ab:ce:e6:62:46:39:7f:07: 8b:3c:dc:00:9e:43:24:e3:77:3d:d3:4d:67:c2:0c:46:5b:3c: de:3c:06:81:44:b5:ab:62:f7:f6:67:ea:16:85:2c:4c:bf:de: 73:61:f3:2c:6d:32:23:0c:d4:d0:3f:ba:73:c1:4f:5a:30:d9: ad:78:2f:54:f5:a8:40:ea:6d:26:40:d3:10:f8:68:4d:c5:a0: ff:8a:09:35:1b:93:70:70:27:fe:c1:a7:64:53:4b:03:dc:19: 01:c6:ae:5b:fe:e6:1e:d4:d2:fd:c7:ad:96:bc:35:ff:62:db: 49:b2:8c:4b:71:c8:9e:5b:2b:a6:8e:76:e6:57:57:59:b3:52: d8:ce:83:38:17:ba:7d:f0:9e:43:1f:4e:ef:5f:15:3c:b1:99: 3f:af:56:76:6a:62:1a:18:57:71:21:19:4a:62:a5:29:6c:9d: 7d:70:cc:25:ce:2a:f6:91:e6:86:b5:76:d6:74:d1:3f:35:11: a9:13:23:b5 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICNM8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx NzIyNUQxMTAvBgNVBAUTKEZGRTJBMDM3MjlGMzJEMzIyMjdBOTlDOTI1MTU4Qzgy Q0E1NEI5NTcwHhcNMjUwNzMxMTQyMzU0WhcNMjUwODA3MTQyMzU0WjAYMRYwFAYD VQQDEw02ODhiN2M3Yi02MWY4MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAwl+pGLPmbwal5fbdCt7BHZUAJj35Fns1mCFNmHYmGOw9aOK4rvr348R1L+9f ikQui7EPsGF4380regw2GPNfh5jddHPXSaNPSA3bmj/RpWpqVgMWMW4AWy4EE9xM XVIVabxvB5WHLcAoqR4EU01L/w9QocrNkLKTET3VhIvQR5xk8yOKMXVZtmG9kTiQ al2Q3Q/5cC8KGX4A3mgTvZHTTIUUT42dDNgU6ckxIAUp145lgApbhsi2MfLCwNvW Bl2Rz65CWKhKzYkez4tsHqapqa9BEiUy2qRQ8J6LvpRPl7jLM60M2ru0GV22qf5N FKmEIg34xjyMLZdMlB+HaZ8kXQIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGeaIRJE kXJib3ObEUwgIr95dlDQMB8GA1UdIwQYMBaAFP/ioDcp8y0yInqZySUVjILKVLlX MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3MjI1RC8xRjU1MDgzMDFE ODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxUSWllcG5KSlJXTWdzcFV1 VmMuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL18tS2dOeW56TFRJaWVwbkpKUldNZ3NwVXVWYy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 MjI1RC8xRjU1MDgzMDFEODQxMUUyOTE3QkQwRDkwOEIwMkNEMi9fLUtnTnluekxU SWllcG5KSlJXTWdzcFV1VmMubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQDF6Y2OYPyO1LKNX9/06DpI0apbj22/tXfq3xyDqrV9F+v6mHzL7/DM t0BnMvJJNYQJMfHZIb9HBGsikWDQHnD7q87mYkY5fweLPNwAnkMk43c9001nwgxG WzzePAaBRLWrYvf2Z+oWhSxMv95zYfMsbTIjDNTQP7pzwU9aMNmteC9U9ahA6m0m QNMQ+GhNxaD/igk1G5NwcCf+wadkU0sD3BkBxq5b/uYe1NL9x62WvDX/YttJsoxL ccieWyumjnbmV1dZs1LYzoM4F7p98J5DH07vXxU8sZk/r1Z2amIaGFdxIRlKYqUp bJ19cMwlzir2keaGtXbWdNE/NRGpEyO1 -----END CERTIFICATE-----Generated at Sat Aug 2 05:36:55 2025 by rpki-client