$ rpki-client -vvf rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft File: KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft (raw, json) Hash identifier: qPS7vwaXVx05dcU0wp5gisccbGQGm7U7Tddkb9QG+Xs= Subject key identifier: 8A:12:BD:8D:57:A7:E0:6B:C5:9F:73:F2:8F:12:38:0E:EA:87:39:5E Authority key identifier: 29:0C:40:10:FA:DC:47:69:47:E0:09:3F:43:F7:00:4F:0D:7C:5C:1C Certificate issuer: /CN=A91A3456/serialNumber=290C4010FADC476947E0093F43F7004F0D7C5C1C Certificate serial: 0B3F Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft Manifest number: 0B38 Signing time: Sun 24 Aug 2025 19:12:07 +0000 Manifest this update: Sun 24 Aug 2025 19:12:06 +0000 Manifest next update: Sun 31 Aug 2025 19:12:06 +0000 Files and hashes: 1: KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl (hash: t2oHK0S8Wwo3fYYyICw8fq4FRb0ZPApYboc7PU21dLw=) 2: 496096EE41A311EABAADCE0AC4F9AE02.roa (hash: PulA86jFfi+mSmGrurNlPPzi/J9i4GAt5gWrp9tpCBs=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.crl rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/DmWk9f02tb1o6zySNAiXjJB6p58.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/DmWk9f02tb1o6zySNAiXjJB6p58.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 31 Aug 2025 19:03:43 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 2879 (0xb3f) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91A3456, serialNumber=290C4010FADC476947E0093F43F7004F0D7C5C1C Validity Not Before: Aug 24 19:12:06 2025 GMT Not After : Aug 31 19:12:06 2025 GMT Subject: CN=68ab6407-534b Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:ea:d7:cf:1b:76:80:aa:16:fb:d2:c9:d7:ef:30: f1:e1:33:90:bc:a2:39:c3:3f:ec:2f:cd:ac:bd:25: 49:71:83:bf:7e:c5:06:48:f9:f6:d4:36:f2:9d:fe: 33:13:9d:72:84:b8:09:de:e7:59:87:24:f7:cd:79: 99:95:fa:fc:84:cd:69:41:43:ea:94:be:86:e9:19: e3:0a:5b:1f:d2:a8:a4:2c:e0:b7:d2:7e:57:34:4a: 7f:83:5c:54:91:f9:ad:20:e7:6e:37:41:f6:86:2d: d8:1b:9a:3d:7b:d5:96:6e:09:f5:63:17:87:92:57: 2a:94:f4:24:1f:ba:de:78:c8:d4:9a:d4:8a:8a:9f: fb:31:24:f3:29:a0:88:6d:1a:ee:f3:07:65:3b:59: aa:cc:eb:80:85:98:b3:79:b1:ef:8f:f8:d2:99:aa: 4c:89:4d:8a:fa:40:13:ff:56:8d:3d:64:cb:6c:9f: c6:dd:1b:c1:b5:a2:b2:0e:58:4d:3d:d0:c5:f0:1e: e2:ae:13:72:1c:f8:ca:ce:64:fa:ef:7b:95:9e:89: f2:6d:5c:c7:f3:ec:fb:e3:f5:f3:11:62:36:bc:4f: d6:58:fb:3a:6e:a3:54:19:60:10:94:33:da:82:46: 8b:c8:5a:11:aa:e1:96:ac:d2:8c:14:2e:30:1e:e0: 23:5b Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 8A:12:BD:8D:57:A7:E0:6B:C5:9F:73:F2:8F:12:38:0E:EA:87:39:5E X509v3 Authority Key Identifier: keyid:29:0C:40:10:FA:DC:47:69:47:E0:09:3F:43:F7:00:4F:0D:7C:5C:1C X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/KQxAEPrcR2lH4Ak_Q_cATw18XBw.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91A3456/6C27F25A41A111EAA47D1E86C4F9AE02/KQxAEPrcR2lH4Ak_Q_cATw18XBw.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption a9:67:78:f6:96:e7:4f:6f:d7:66:69:64:42:2a:98:2b:f7:a9: 04:dd:3a:15:be:58:45:d4:71:61:36:c8:12:7f:66:55:88:95: 91:2f:f7:f2:ca:71:38:8c:90:88:19:e3:a2:2b:40:75:1d:3b: 4d:44:31:34:28:4c:dc:88:a5:85:9d:a1:de:5f:78:0d:31:d6: 33:01:d4:91:93:ce:b2:4e:bc:31:dd:32:19:b2:d4:d2:83:39: d4:b5:be:3d:42:81:a9:8b:0c:33:c3:02:2a:7c:d4:6d:ac:45: 44:ec:83:2c:21:84:75:f3:88:3d:dd:cc:eb:91:3c:98:59:d8: 89:40:cc:a3:a6:46:d5:5f:69:8d:91:9a:70:5b:00:15:77:8f: 46:cd:3a:20:75:a5:4e:b8:0b:89:31:c0:56:d5:84:b3:e5:47: 71:ae:99:4e:91:c5:b7:2c:97:57:4c:1f:73:75:5d:fd:5c:a5: 45:16:36:13:93:9f:c5:ca:55:25:f5:e2:31:04:c6:cf:a7:a6: c2:b1:0a:e6:1d:8c:ec:86:e9:eb:26:b7:0f:51:78:2e:73:69: c8:7e:32:5a:8c:36:47:88:fe:b5:57:4a:60:36:24:be:81:1a: 64:c0:e2:63:57:90:eb:38:7f:54:09:8c:13:da:ed:cf:46:12: 36:6c:64:f6 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICCz8wDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx QTM0NTYxMTAvBgNVBAUTKDI5MEM0MDEwRkFEQzQ3Njk0N0UwMDkzRjQzRjcwMDRG MEQ3QzVDMUMwHhcNMjUwODI0MTkxMjA2WhcNMjUwODMxMTkxMjA2WjAYMRYwFAYD VQQDEw02OGFiNjQwNy01MzRiMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA6tfPG3aAqhb70snX7zDx4TOQvKI5wz/sL82svSVJcYO/fsUGSPn21Dbynf4z E51yhLgJ3udZhyT3zXmZlfr8hM1pQUPqlL6G6RnjClsf0qikLOC30n5XNEp/g1xU kfmtIOduN0H2hi3YG5o9e9WWbgn1YxeHklcqlPQkH7reeMjUmtSKip/7MSTzKaCI bRru8wdlO1mqzOuAhZizebHvj/jSmapMiU2K+kAT/1aNPWTLbJ/G3RvBtaKyDlhN PdDF8B7irhNyHPjKzmT673uVnonybVzH8+z74/XzEWI2vE/WWPs6bqNUGWAQlDPa gkaLyFoRquGWrNKMFC4wHuAjWwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFIoSvY1X p+BrxZ9z8o8SOA7qhzleMB8GA1UdIwQYMBaAFCkMQBD63EdpR+AJP0P3AE8NfFwc MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFBMzQ1Ni82QzI3RjI1QTQx QTExMUVBQTQ3RDFFODZDNEY5QUUwMi9LUXhBRVByY1IybEg0QWtfUV9jQVR3MThY QncuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3Qzcy RkQxRkYyL0tReEFFUHJjUjJsSDRBa19RX2NBVHcxOFhCdy5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFB MzQ1Ni82QzI3RjI1QTQxQTExMUVBQTQ3RDFFODZDNEY5QUUwMi9LUXhBRVByY1Iy bEg0QWtfUV9jQVR3MThYQncubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQCpZ3j2ludPb9dmaWRCKpgr96kE3ToVvlhF1HFhNsgSf2ZViJWRL/fy ynE4jJCIGeOiK0B1HTtNRDE0KEzciKWFnaHeX3gNMdYzAdSRk86yTrwx3TIZstTS gznUtb49QoGpiwwzwwIqfNRtrEVE7IMsIYR184g93czrkTyYWdiJQMyjpkbVX2mN kZpwWwAVd49GzTogdaVOuAuJMcBW1YSz5UdxrplOkcW3LJdXTB9zdV39XKVFFjYT k5/FylUl9eIxBMbPp6bCsQrmHYzshunrJrcPUXguc2nIfjJajDZHiP61V0pgNiS+ gRpkwOJjV5DrOH9UCYwT2u3PRhI2bGT2 -----END CERTIFICATE-----Generated at Sun Aug 24 21:48:14 2025 by rpki-client