$ rpki-client -vvf rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft File: kXkVGVyXGrRB_d7eb_PNNy51TLU.mft (raw, json) Hash identifier: bPd/xIwTe35fYCSBk/WDTVUJEacUyeBr1XdrWiuNrqQ= Subject key identifier: DB:98:F5:6A:4E:4E:FD:25:C2:49:E4:3F:0C:59:59:2B:FC:17:4E:1A Authority key identifier: 91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 Certificate issuer: /CN=A91795CA/serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Certificate serial: 065D Authority info access: rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft Manifest number: 0657 Signing time: Wed 20 Aug 2025 22:24:56 +0000 Manifest this update: Wed 20 Aug 2025 22:24:55 +0000 Manifest next update: Wed 27 Aug 2025 22:24:55 +0000 Files and hashes: 1: kXkVGVyXGrRB_d7eb_PNNy51TLU.crl (hash: jerinyueVE3GurwNzWqXRafw3UbbH2ccsvNTuxakhaI=) 2: 2B8D76AE9BB711EBBB7BA02BC4F9AE02.roa (hash: aHkHq3prWV8PYM6R/1n0/cS3AolHN3tQt/aLI9yRoNU=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.crl rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/DPzneFf88B852ZpitKpi5hWedvg.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DPzneFf88B852ZpitKpi5hWedvg.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Wed 27 Aug 2025 22:24:54 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1629 (0x65d) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91795CA, serialNumber=917915195C971AB441FDDEDE6FF3CD372E754CB5 Validity Not Before: Aug 20 22:24:55 2025 GMT Not After : Aug 27 22:24:55 2025 GMT Subject: CN=68a64b37-49dc Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b5:1f:e7:e3:38:27:56:50:a2:dd:4f:b1:1c:27: e3:c1:73:39:a7:ff:5b:aa:5c:b2:a6:a7:3c:76:95: 8c:ed:16:ff:1e:ff:b6:94:03:24:6b:a4:47:ee:cc: cc:95:fe:b4:e9:8e:55:73:99:19:b9:60:59:5a:40: b0:9d:87:79:61:73:ae:e1:4a:8e:b5:47:29:a8:30: 58:f5:b1:8f:b6:50:ac:16:f9:3b:d3:e2:dd:d0:d8: ee:e3:62:f2:23:82:0b:2c:2c:2b:f8:77:72:65:2a: bd:1e:da:1b:8c:3b:23:53:60:d8:99:86:d8:9f:84: b4:77:59:2a:5e:84:ae:a8:0c:35:42:f6:00:65:5d: 68:46:ce:da:f7:60:3f:24:0a:94:1d:1b:1d:4e:67: 1f:72:db:37:df:fb:0b:5f:c4:e5:29:54:eb:c7:e1: 4a:ee:58:23:e2:01:9d:88:de:c2:3f:87:0e:3e:90: 3b:75:17:16:a2:49:20:0c:d9:d9:f4:25:25:9a:7a: 69:29:11:ef:e1:1f:41:18:25:35:e7:08:e4:ec:90: 32:90:31:44:4f:41:03:ac:ab:5c:b4:f9:0c:5e:c0: 8b:5f:c6:cf:99:da:ad:f4:81:a0:c9:6e:6d:85:6b: 33:ab:d1:59:89:b9:38:87:53:4a:72:6b:47:0e:7c: 1a:fd Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: DB:98:F5:6A:4E:4E:FD:25:C2:49:E4:3F:0C:59:59:2B:FC:17:4E:1A X509v3 Authority Key Identifier: keyid:91:79:15:19:5C:97:1A:B4:41:FD:DE:DE:6F:F3:CD:37:2E:75:4C:B5 X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B322A5F41D6611E2A3F27F7C72FD1FF2/kXkVGVyXGrRB_d7eb_PNNy51TLU.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91795CA/63473756980611EBA87E2765C4F9AE02/kXkVGVyXGrRB_d7eb_PNNy51TLU.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 22:0e:9f:47:57:1a:d5:80:73:95:d7:cd:f1:0a:33:e5:84:a2: 75:ff:79:9f:c3:34:47:b8:65:e0:60:e0:27:49:bb:0f:8a:57: 72:e0:88:37:89:7b:59:1a:3c:49:e8:53:ca:f3:48:64:de:ce: 0b:84:3c:50:77:8b:fe:a4:f4:52:a0:40:05:13:78:3b:1c:1f: d0:d4:c5:5d:97:a1:12:66:92:90:c5:96:7d:79:88:1c:39:50: bc:dc:5a:31:46:54:5b:ae:b4:eb:45:cf:70:05:82:97:01:54: 8d:c9:b0:cf:82:3c:29:ad:35:e3:92:b2:d3:4d:8a:2a:04:ec: e5:33:90:b6:3f:4e:50:79:aa:78:dd:83:2d:3e:92:ac:cf:45: 69:66:c0:6e:28:f5:0c:58:15:a5:a3:b2:31:b4:72:db:9f:37: cb:4e:64:d2:0e:e8:0f:a1:27:4e:ed:12:98:d0:24:4b:48:90: 12:ba:2a:0c:b7:49:fc:db:d9:73:55:40:91:f0:ba:7d:74:6b: f1:a4:59:7e:f3:c8:c8:3b:6d:88:7e:6f:fd:de:e8:f7:59:4e: 24:0c:11:16:fb:d9:37:2b:d3:9d:6e:a9:1c:65:70:d1:d3:11: 2c:86:55:a2:8f:0b:96:ff:5e:2e:6a:67:8f:23:09:cf:00:11: 18:16:6d:b9 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBl0wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Nzk1Q0ExMTAvBgNVBAUTKDkxNzkxNTE5NUM5NzFBQjQ0MUZEREVERTZGRjNDRDM3 MkU3NTRDQjUwHhcNMjUwODIwMjIyNDU1WhcNMjUwODI3MjIyNDU1WjAYMRYwFAYD VQQDEw02OGE2NGIzNy00OWRjMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAtR/n4zgnVlCi3U+xHCfjwXM5p/9bqlyypqc8dpWM7Rb/Hv+2lAMka6RH7szM lf606Y5Vc5kZuWBZWkCwnYd5YXOu4UqOtUcpqDBY9bGPtlCsFvk70+Ld0Nju42Ly I4ILLCwr+HdyZSq9HtobjDsjU2DYmYbYn4S0d1kqXoSuqAw1QvYAZV1oRs7a92A/ JAqUHRsdTmcfcts33/sLX8TlKVTrx+FK7lgj4gGdiN7CP4cOPpA7dRcWokkgDNnZ 9CUlmnppKRHv4R9BGCU15wjk7JAykDFET0EDrKtctPkMXsCLX8bPmdqt9IGgyW5t hWszq9FZibk4h1NKcmtHDnwa/QIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFNuY9WpO Tv0lwknkPwxZWSv8F04aMB8GA1UdIwQYMBaAFJF5FRlclxq0Qf3e3m/zzTcudUy1 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3OTVDQS82MzQ3Mzc1Njk4 MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdyUkJfZDdlYl9QTk55NTFU TFUuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzMjJBNUY0MUQ2NjExRTJBM0YyN0Y3Qzcy RkQxRkYyL2tYa1ZHVnlYR3JSQl9kN2ViX1BOTnk1MVRMVS5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE3 OTVDQS82MzQ3Mzc1Njk4MDYxMUVCQTg3RTI3NjVDNEY5QUUwMi9rWGtWR1Z5WEdy UkJfZDdlYl9QTk55NTFUTFUubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAiDp9HVxrVgHOV183xCjPlhKJ1/3mfwzRHuGXgYOAnSbsPildy4Ig3 iXtZGjxJ6FPK80hk3s4LhDxQd4v+pPRSoEAFE3g7HB/Q1MVdl6ESZpKQxZZ9eYgc OVC83FoxRlRbrrTrRc9wBYKXAVSNybDPgjwprTXjkrLTTYoqBOzlM5C2P05Qeap4 3YMtPpKsz0VpZsBuKPUMWBWlo7IxtHLbnzfLTmTSDugPoSdO7RKY0CRLSJASuioM t0n829lzVUCR8Lp9dGvxpFl+88jIO22Ifm/93uj3WU4kDBEW+9k3K9OdbqkcZXDR 0xEshlWijwuW/14uamePIwnPABEYFm25 -----END CERTIFICATE-----Generated at Thu Aug 21 07:02:46 2025 by rpki-client