$ rpki-client -vvf rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft File: KUrNCNoZE4w376-ydKHndXceRT4.mft (raw, json) Hash identifier: 0lpNZCURBLkFaKN7deeUcR/JXwkjjAc3gu24M/PFI2g= Subject key identifier: 6B:70:CF:DE:B4:F6:51:3B:CD:60:4F:67:D4:74:84:A1:6D:9A:AD:2D Authority key identifier: 29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E Certificate issuer: /CN=A919C8F9/serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Certificate serial: 0558 Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer Subject info access: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft Manifest number: 0552 Signing time: Fri 22 Aug 2025 23:35:37 +0000 Manifest this update: Fri 22 Aug 2025 23:35:36 +0000 Manifest next update: Fri 29 Aug 2025 23:35:36 +0000 Files and hashes: 1: KUrNCNoZE4w376-ydKHndXceRT4.crl (hash: DNplsxnskbIGEZ7y4rqsruf40z03zPvfcQQmuexvxj0=) 2: 2D7BD4EA03DD11ECA448405BC4F9AE02.roa (hash: KKWKrtsh/34nl8r+0Ut1+Gkgstz0StRYtgWm9ide930=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Fri 29 Aug 2025 23:28:47 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 1368 (0x558) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A919C8F9, serialNumber=294ACD08DA19138C37EFAFB274A1E775771E453E Validity Not Before: Aug 22 23:35:36 2025 GMT Not After : Aug 29 23:35:36 2025 GMT Subject: CN=68a8fec8-14a4 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:b8:6d:cc:d9:05:eb:9f:13:d8:0e:5d:f2:96:5b: f9:76:e3:fa:9d:db:1b:a8:ab:14:54:7b:16:14:b7: 73:d3:f9:2c:21:0a:12:75:9e:bb:62:2f:dc:b3:2a: 72:02:89:b4:6a:8c:b6:6c:96:30:bc:c5:b9:fd:ed: 72:77:5f:f1:3e:46:6c:5a:7b:d1:65:eb:fd:1a:ef: f8:7e:4c:19:b5:12:80:0b:36:0f:c3:c0:14:68:03: ea:42:fd:a2:eb:e6:a6:f2:f2:06:58:f3:47:2c:f5: 43:f9:f3:92:1a:06:a4:7c:88:af:eb:fb:7f:af:a1: df:ed:dd:6b:7f:4b:d1:71:e3:5a:a4:6f:40:9b:f8: 72:ce:1e:f5:67:37:00:cd:58:87:ea:e5:6a:78:b9: 30:d1:71:58:50:3a:1c:97:07:03:e9:83:db:96:c0: 5b:10:fe:d3:eb:1f:66:53:e2:e3:76:55:28:51:8a: 60:0a:69:98:f5:87:e3:db:85:1a:ed:7f:96:17:5c: 0e:62:ab:48:08:1d:bb:36:be:a7:6c:ef:6e:5c:84: e7:a7:33:04:bc:30:95:8f:60:f6:b3:7e:fc:14:98: 4e:eb:2a:5e:d1:4f:03:21:70:46:77:ec:24:02:84: b3:ef:98:2c:e0:2b:f5:56:11:1c:32:75:1c:e1:d2: 58:97 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 6B:70:CF:DE:B4:F6:51:3B:CD:60:4F:67:D4:74:84:A1:6D:9A:AD:2D X509v3 Authority Key Identifier: keyid:29:4A:CD:08:DA:19:13:8C:37:EF:AF:B2:74:A1:E7:75:77:1E:45:3E X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KUrNCNoZE4w376-ydKHndXceRT4.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A919C8F9/DC6B3614FE6D11EBB83F2B22C4F9AE02/KUrNCNoZE4w376-ydKHndXceRT4.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption be:95:45:aa:19:37:72:ef:8f:a3:f9:a2:38:65:ba:02:ba:52: c0:92:11:44:c6:a7:27:12:77:a1:70:ac:96:2d:1c:11:30:8b: dd:78:0b:1f:cd:83:a6:75:7a:13:7f:c3:4d:3f:28:74:fb:93: ac:cd:7d:20:43:7f:7f:a1:b5:ec:eb:1e:2b:40:c8:4b:b5:8c: a6:bf:b0:a4:2a:0a:9c:6d:99:99:a7:31:f8:05:e2:13:29:c7: db:7d:d1:dc:ed:9a:8e:22:6b:b6:d9:6c:a6:55:99:20:5b:96: 6d:b2:8b:66:70:ef:82:c4:3f:b0:36:51:a3:ef:f1:d3:a6:d1: 65:5b:de:db:83:51:2b:50:fa:21:65:bc:2b:ba:e9:aa:52:ae: 39:c5:14:fe:9c:e9:b6:40:93:9a:a9:57:77:6d:87:97:26:b4: 31:99:20:7e:13:0e:d3:f7:4f:25:ef:90:f1:c3:31:69:41:ce: c8:57:41:ee:37:c1:8e:7e:6d:85:bc:da:09:11:26:45:be:8f: ea:7f:b0:48:54:5e:20:8d:e3:19:79:93:b0:4a:5e:e5:77:3c: b2:38:f9:f2:9b:f6:8f:04:15:72:b7:aa:c2:ad:e7:52:dc:57: 84:b3:5f:20:36:1a:c1:c4:37:94:78:77:62:7f:9d:cb:25:a1: e0:a8:f6:30 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICBVgwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx OUM4RjkxMTAvBgNVBAUTKDI5NEFDRDA4REExOTEzOEMzN0VGQUZCMjc0QTFFNzc1 NzcxRTQ1M0UwHhcNMjUwODIyMjMzNTM2WhcNMjUwODI5MjMzNTM2WjAYMRYwFAYD VQQDEw02OGE4ZmVjOC0xNGE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEAuG3M2QXrnxPYDl3yllv5duP6ndsbqKsUVHsWFLdz0/ksIQoSdZ67Yi/csypy Aom0aoy2bJYwvMW5/e1yd1/xPkZsWnvRZev9Gu/4fkwZtRKACzYPw8AUaAPqQv2i 6+am8vIGWPNHLPVD+fOSGgakfIiv6/t/r6Hf7d1rf0vRceNapG9Am/hyzh71ZzcA zViH6uVqeLkw0XFYUDoclwcD6YPblsBbEP7T6x9mU+LjdlUoUYpgCmmY9Yfj24Ua 7X+WF1wOYqtICB27Nr6nbO9uXITnpzMEvDCVj2D2s378FJhO6ype0U8DIXBGd+wk AoSz75gs4Cv1VhEcMnUc4dJYlwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFGtwz960 9lE7zWBPZ9R0hKFtmq0tMB8GA1UdIwQYMBaAFClKzQjaGROMN++vsnSh53V3HkU+ MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5QzhGOS9EQzZCMzYxNEZF NkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0dzM3Ni15ZEtIbmRYY2VS VDQuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tVck5DTm9aRTR3Mzc2LXlkS0huZFhjZVJUNC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTE5 QzhGOS9EQzZCMzYxNEZFNkQxMUVCQjgzRjJCMjJDNEY5QUUwMi9LVXJOQ05vWkU0 dzM3Ni15ZEtIbmRYY2VSVDQubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQC+lUWqGTdy74+j+aI4ZboCulLAkhFExqcnEnehcKyWLRwRMIvdeAsf zYOmdXoTf8NNPyh0+5OszX0gQ39/obXs6x4rQMhLtYymv7CkKgqcbZmZpzH4BeIT KcfbfdHc7ZqOImu22WymVZkgW5ZtsotmcO+CxD+wNlGj7/HTptFlW97bg1ErUPoh ZbwruumqUq45xRT+nOm2QJOaqVd3bYeXJrQxmSB+Ew7T908l75DxwzFpQc7IV0Hu N8GOfm2FvNoJESZFvo/qf7BIVF4gjeMZeZOwSl7ldzyyOPnym/aPBBVyt6rCredS 3FeEs18gNhrBxDeUeHdif53LJaHgqPYw -----END CERTIFICATE-----Generated at Sat Aug 23 02:05:50 2025 by rpki-client