$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: YuMgwxJ7oIwX091+RKtuMg8f3WESWCMOhVrIKMw488U= Subject key identifier: D3:6C:BC:7A:11:22:79:AA:06:90:49:9E:2B:4D:D9:FC:04:4A:0A:62 Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 0636 Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 0630 Signing time: Wed 04 Jun 2025 22:19:09 +0000 Manifest this update: Wed 04 Jun 2025 22:19:08 +0000 Manifest next update: Wed 11 Jun 2025 22:19:08 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: kaFWAjEZyCS9dCgBLwUSOrbJy+EKAicmxwNUni1F3CY=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 11 Jun 2025 22:19:08 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1590 (0x636) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Jun 4 22:19:08 2025 GMT Not After : Jun 11 22:19:08 2025 GMT Subject: CN=6840c65c-c1bd Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ce:19:32:17:dc:58:81:16:9a:91:7b:8a:56:58: e1:dc:72:4d:24:db:f8:ff:2f:34:3c:35:b0:54:01: d8:ff:82:b5:35:db:e9:85:1d:ae:e8:26:3c:0e:85: 75:33:38:b3:17:d9:93:70:9d:98:e4:30:94:84:0e: d4:c0:c4:cf:42:90:ee:f8:cd:b3:00:6c:c3:a4:69: 83:22:a9:fc:82:e0:b7:47:f1:d4:25:f9:8c:c8:14: 0d:8a:e9:3a:78:a4:e4:9f:c8:3a:e4:dc:0f:db:29: da:11:76:09:22:32:77:f6:82:6f:fc:e1:f7:29:ff: 21:7b:b4:b8:ee:2a:ec:81:a3:c9:ea:d6:2f:46:3b: 87:a3:f1:92:a4:70:c1:79:03:6f:a2:11:c0:b4:89: 4d:6b:ec:47:ee:78:fb:4b:48:59:2b:1d:b2:d5:71: 28:3a:39:53:ce:0d:b9:db:6c:e5:a9:a2:1f:47:eb: f3:88:11:5e:fd:ef:9a:f7:17:f0:39:98:7c:2e:e0: 7c:da:98:c3:02:e5:0e:a2:4a:6f:95:61:62:d8:63: 7a:2e:08:b6:bf:0e:98:df:3d:15:87:b4:19:40:a6: dc:da:39:b9:8d:99:cc:be:0c:0e:85:a1:b1:1f:6e: 67:5e:11:e7:2f:73:89:c3:e4:57:1b:e0:25:eb:5f: 12:f7 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: D3:6C:BC:7A:11:22:79:AA:06:90:49:9E:2B:4D:D9:FC:04:4A:0A:62 X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 0c:3f:40:8c:bb:6e:12:40:bc:0a:b7:2e:d8:a9:0f:32:fb:88: a7:b9:4d:0d:ff:46:bb:56:ab:14:97:d2:41:0d:f7:64:fb:e6: 4b:3c:a3:b6:83:af:4d:35:2c:92:6e:a4:5e:d1:ac:72:9b:7c: 36:62:72:ea:35:e4:04:97:36:d6:bc:54:f9:4d:03:f6:81:7e: a6:21:82:81:a4:de:a6:02:20:fc:05:7a:b0:66:a7:e3:93:a1: 4b:75:8b:c4:b4:62:77:58:6b:04:b9:f9:96:9b:dc:92:ce:d1: 12:ef:9b:31:21:44:37:e0:4e:7b:a7:a0:f1:44:b2:af:4e:97: d6:1c:b8:d1:08:ab:af:14:98:2f:bc:c0:19:07:07:71:92:1d: 70:59:46:3f:70:0a:92:ed:5a:81:70:ef:f8:71:d5:8a:bc:3b: bf:a4:11:9c:f4:5c:5b:b3:cb:a2:9d:ab:10:26:af:2c:22:9e: 49:05:a2:2e:f7:5c:e3:35:23:d6:18:99:b5:2c:64:34:b1:17: 01:3c:2d:8f:8c:3c:95:b1:2d:3f:fb:9b:2a:cc:7d:85:f7:0a: 5d:05:9e:6c:87:26:84:1e:ea:44:44:00:87:35:af:e4:87:fe: 97:ba:c6:98:4b:d7:6c:3d:7a:4d:69:86:a5:eb:12:dd:c4:ad: da:5a:ac:04 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBjYwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwNjA0MjIxOTA4WhcNMjUwNjExMjIxOTA4WjAYMRYwFAYD VQQDEw02ODQwYzY1Yy1jMWJkMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAzhkyF9xYgRaakXuKVljh3HJNJNv4/y80PDWwVAHY/4K1NdvphR2u6CY8DoV1 MzizF9mTcJ2Y5DCUhA7UwMTPQpDu+M2zAGzDpGmDIqn8guC3R/HUJfmMyBQNiuk6 eKTkn8g65NwP2ynaEXYJIjJ39oJv/OH3Kf8he7S47irsgaPJ6tYvRjuHo/GSpHDB eQNvohHAtIlNa+xH7nj7S0hZKx2y1XEoOjlTzg2522zlqaIfR+vziBFe/e+a9xfw OZh8LuB82pjDAuUOokpvlWFi2GN6Lgi2vw6Y3z0Vh7QZQKbc2jm5jZnMvgwOhaGx H25nXhHnL3OJw+RXG+Al618S9wIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNNsvHoR InmqBpBJnitN2fwESgpiMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAMP0CMu24SQLwKty7YqQ8y+4inuU0N/0a7VqsUl9JBDfdk++ZLPKO2 g69NNSySbqRe0axym3w2YnLqNeQElzbWvFT5TQP2gX6mIYKBpN6mAiD8BXqwZqfj k6FLdYvEtGJ3WGsEufmWm9ySztES75sxIUQ34E57p6DxRLKvTpfWHLjRCKuvFJgv vMAZBwdxkh1wWUY/cAqS7VqBcO/4cdWKvDu/pBGc9Fxbs8uinasQJq8sIp5JBaIu 91zjNSPWGJm1LGQ0sRcBPC2PjDyVsS0/+5sqzH2F9wpdBZ5shyaEHupERACHNa/k h/6XusaYS9dsPXpNaYal6xLdxK3aWqwE -----END CERTIFICATE-----Generated at Fri Jun 6 17:30:57 2025 by rpki-client