$ rpki-client -vvf rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft File: kBUoySF5F9lWch0caFZlNFvrVv0.mft (raw, json) Hash identifier: 6CRevt0CglcKaBs14rsw6nTLFUQh2nYaTSYsBocNJOk= Subject key identifier: 4F:29:5B:AA:6E:58:61:3C:06:F8:D1:50:6D:5B:3B:92:5E:9A:B4:10 Authority key identifier: 90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD Certificate issuer: /CN=A91CFAB9/serialNumber=901528C9217917D956721D1C685665345BEB56FD Certificate serial: 0349 Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer Subject info access: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft Manifest number: 0345 Signing time: Mon 21 Jul 2025 00:59:37 +0000 Manifest this update: Mon 21 Jul 2025 00:59:36 +0000 Manifest next update: Mon 28 Jul 2025 00:59:36 +0000 Files and hashes: 1: kBUoySF5F9lWch0caFZlNFvrVv0.crl (hash: qXyBaS+iaLSllZql8lzltSq1K/eE/wPO2IOMF7ILpTk=) 2: 39A335D6CB3F11ECBEBC9A1DC4F9AE02.roa (hash: NmvW/sg0pEXjTHBegEg6TihBwGGc4JodMMQnzVosHvc=) Validation: OK Signature path: rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.crl rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/dAFlqA0QcZcKvAnAK3HBrHwdbg4.mft rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/dAFlqA0QcZcKvAnAK3HBrHwdbg4.cer rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.crl rsync://rpki.apnic.net/repository/980652E0B77E11E7A96A39521A4F4FB4/mBQsnQtBo7n7YD12mEgjb9HzGSQ.mft rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/mBQsnQtBo7n7YD12mEgjb9HzGSQ.cer rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.crl rsync://rpki.apnic.net/repository/838DB214166511E2B3BC286172FD1FF2/C5zKkN0Neoo3ZmsZIX_g2EA3t6I.mft rsync://rpki.apnic.net/repository/apnic-rpki-root-iana-origin.cer Signature path expires: Sun 27 Jul 2025 19:22:38 +0000 Certificate: Data: Version: 3 (0x2) Serial Number: 841 (0x349) Signature Algorithm: sha256WithRSAEncryption Issuer: CN=A91CFAB9, serialNumber=901528C9217917D956721D1C685665345BEB56FD Validity Not Before: Jul 21 00:59:36 2025 GMT Not After : Jul 28 00:59:36 2025 GMT Subject: CN=687d90f8-ed26 Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public-Key: (2048 bit) Modulus: 00:d0:12:f0:34:2e:33:cb:4e:cc:73:d4:32:07:be: ab:28:8a:5c:f4:94:61:85:1e:f8:60:8c:d5:99:18: 6f:e6:d1:cf:3a:81:b5:66:39:f1:81:ef:96:12:04: 8c:69:02:f1:63:5d:6d:61:1e:63:01:35:b1:6a:2c: 94:4b:fb:f0:86:c6:90:12:9a:5a:fd:17:ce:91:4e: 63:22:49:5e:46:31:01:de:b6:58:b4:5a:ea:a6:b5: 64:c0:e9:9a:74:5e:88:4e:b7:5d:2a:d7:92:6d:24: cd:97:d1:eb:73:ad:86:b0:8b:32:b3:ea:c4:6f:ca: 70:af:bc:2c:a1:7d:59:fc:ad:8e:54:5d:19:3c:96: 88:74:60:11:14:03:2d:b3:9f:47:14:d3:ff:be:5d: 43:da:d6:8b:25:73:f8:9d:b1:4b:08:ab:4d:5e:97: 4d:b0:aa:91:e6:2e:37:ba:00:d1:75:41:09:3c:2f: 29:03:d8:33:05:60:ca:2b:e7:3c:e5:be:51:a6:4e: ce:da:cb:60:99:4f:7b:7d:53:20:a5:98:59:5e:54: cb:30:58:30:b5:d7:de:b1:7f:fb:e8:ed:2f:93:a6: f5:11:8e:67:eb:2e:29:81:ea:eb:27:4f:b7:75:78: 53:12:1f:1d:de:7d:8e:43:72:a9:45:d1:a3:e0:4e: 0d:23 Exponent: 65537 (0x10001) X509v3 extensions: X509v3 Subject Key Identifier: 4F:29:5B:AA:6E:58:61:3C:06:F8:D1:50:6D:5B:3B:92:5E:9A:B4:10 X509v3 Authority Key Identifier: keyid:90:15:28:C9:21:79:17:D9:56:72:1D:1C:68:56:65:34:5B:EB:56:FD X509v3 Key Usage: critical Digital Signature X509v3 CRL Distribution Points: Full Name: URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.crl Authority Information Access: CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/kBUoySF5F9lWch0caFZlNFvrVv0.cer X509v3 Certificate Policies: critical Policy: ipAddr-asNumber CPS: https://www.apnic.net/RPKI/CPS.pdf Subject Information Access: Signed Object - URI:rsync://rpki.apnic.net/member_repository/A91CFAB9/1CD44F9EC77A11ECB9434C2CC4F9AE02/kBUoySF5F9lWch0caFZlNFvrVv0.mft RPKI Notify - URI:https://rrdp.apnic.net/notification.xml sbgp-autonomousSysNum: critical Autonomous System Numbers: inherit sbgp-ipAddrBlock: critical IPv4: inherit IPv6: inherit Signature Algorithm: sha256WithRSAEncryption 1b:ba:16:64:2a:fb:6d:ee:b6:f5:36:d6:08:d7:6c:ca:5f:15: d8:3d:63:6d:99:d1:6a:25:59:41:9a:05:b3:c6:50:ba:cf:43: 45:41:0f:15:88:74:4f:c7:c7:72:d9:9e:09:13:eb:6d:56:89: 2d:62:39:c4:e9:1e:e4:4d:d8:d3:12:2d:36:87:af:e4:d2:38: 75:81:7b:90:5d:2d:02:ac:22:13:c0:7f:7b:95:c1:25:26:de: b6:83:fa:3a:fa:37:73:9b:62:56:bc:19:71:9b:95:48:b7:82: 7b:c3:a1:f8:fd:b4:15:22:b0:d7:2e:8d:d3:9a:ca:95:74:25: 0b:ee:94:a4:6a:51:4b:91:da:cb:eb:b3:84:c3:e1:af:cf:e2: 16:f2:66:99:a3:ae:ea:12:2d:b7:a6:fc:49:a9:2f:44:f8:05: 06:71:ee:3b:a8:50:9e:16:67:cb:3d:3d:21:0a:47:0b:be:94: ca:5f:5a:42:08:0d:02:b9:5a:7a:47:a5:15:61:25:52:90:87: e4:ba:0e:f4:89:f2:bd:be:f4:9d:eb:46:c5:ca:b4:0e:7d:5f: 11:8c:cb:6f:af:59:d2:3a:e1:4a:88:49:b5:e5:29:e7:1f:c0: eb:aa:46:33:e5:84:93:ff:fc:94:72:d9:f3:77:94:8e:db:76: 18:ff:32:53 -----BEGIN CERTIFICATE----- MIIFhDCCBGygAwIBAgICA0kwDQYJKoZIhvcNAQELBQAwRjERMA8GA1UEAxMIQTkx Q0ZBQjkxMTAvBgNVBAUTKDkwMTUyOEM5MjE3OTE3RDk1NjcyMUQxQzY4NTY2NTM0 NUJFQjU2RkQwHhcNMjUwNzIxMDA1OTM2WhcNMjUwNzI4MDA1OTM2WjAYMRYwFAYD VQQDEw02ODdkOTBmOC1lZDI2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC AQEA0BLwNC4zy07Mc9QyB76rKIpc9JRhhR74YIzVmRhv5tHPOoG1Zjnxge+WEgSM aQLxY11tYR5jATWxaiyUS/vwhsaQEppa/RfOkU5jIkleRjEB3rZYtFrqprVkwOma dF6ITrddKteSbSTNl9Hrc62GsIsys+rEb8pwr7wsoX1Z/K2OVF0ZPJaIdGARFAMt s59HFNP/vl1D2taLJXP4nbFLCKtNXpdNsKqR5i43ugDRdUEJPC8pA9gzBWDKK+c8 5b5Rpk7O2stgmU97fVMgpZhZXlTLMFgwtdfesX/76O0vk6b1EY5n6y4pgerrJ0+3 dXhTEh8d3n2OQ3KpRdGj4E4NIwIDAQABo4ICqDCCAqQwHQYDVR0OBBYEFE8pW6pu WGE8BvjRUG1bO5JemrQQMB8GA1UdIwQYMBaAFJAVKMkheRfZVnIdHGhWZTRb61b9 MA4GA1UdDwEB/wQEAwIHgDCBgwYDVR0fBHwwejB4oHagdIZycnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFDRkFCOS8xQ0Q0NEY5RUM3 N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5bFdjaDBjYUZabE5GdnJW djAuY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtp LmFwbmljLm5ldC9yZXBvc2l0b3J5L0IzQTI0RjIwMUQ2NjExRTI4QUM4ODM3Qzcy RkQxRkYyL2tCVW95U0Y1RjlsV2NoMGNhRlpsTkZ2clZ2MC5jZXIwSgYDVR0gAQH/ BEAwPjA8BggrBgEFBQcOAjAwMC4GCCsGAQUFBwIBFiJodHRwczovL3d3dy5hcG5p Yy5uZXQvUlBLSS9DUFMucGRmMIHFBggrBgEFBQcBCwSBuDCBtTB+BggrBgEFBQcw C4ZycnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9tZW1iZXJfcmVwb3NpdG9yeS9BOTFD RkFCOS8xQ0Q0NEY5RUM3N0ExMUVDQjk0MzRDMkNDNEY5QUUwMi9rQlVveVNGNUY5 bFdjaDBjYUZabE5GdnJWdjAubWZ0MDMGCCsGAQUFBzANhidodHRwczovL3JyZHAu YXBuaWMubmV0L25vdGlmaWNhdGlvbi54bWwwFQYIKwYBBQUHAQgBAf8EBjAEoAIF ADAhBggrBgEFBQcBBwEB/wQSMBAwBgQCAAEFADAGBAIAAgUAMA0GCSqGSIb3DQEB CwUAA4IBAQAbuhZkKvtt7rb1NtYI12zKXxXYPWNtmdFqJVlBmgWzxlC6z0NFQQ8V iHRPx8dy2Z4JE+ttVoktYjnE6R7kTdjTEi02h6/k0jh1gXuQXS0CrCITwH97lcEl Jt62g/o6+jdzm2JWvBlxm5VIt4J7w6H4/bQVIrDXLo3TmsqVdCUL7pSkalFLkdrL 67OEw+Gvz+IW8maZo67qEi23pvxJqS9E+AUGce47qFCeFmfLPT0hCkcLvpTKX1pC CA0CuVp6R6UVYSVSkIfkug70ifK9vvSd60bFyrQOfV8RjMtvr1nSOuFKiEm15Snn H8DrqkYz5YST//yUctnzd5SO23YY/zJT -----END CERTIFICATE-----Generated at Mon Jul 21 02:14:25 2025 by rpki-client